pozylon pushed updates adding ACL audit events: permission denials now emit an ACL_DENIED event, and granted checks for “sensitive” actions (e.g., manage/login/reset/create/update) emit ACL_GRANTED_SENSITIVE, with tests updated to register and tolerate the new events. The same push also hardens the email worker’s browser preview by HTML-escaping headers/links/text to prevent injection, and extends the PricingCalculation type with optional discount/tax/pricing fields.