v5.42.0 4 June 2026 Improvement

Tenant isolation, now structural

Every organisation’s books in SpeyBooks are isolated from every other organisation’s. Until today that isolation was enforced by access policy — which depends on every connection being correctly configured, every time. Today it became structural: the database itself now refuses to create any financial line whose account belongs to a different organisation, regardless of how the write arrives (Class M, migration 097).

In support of the same guarantee, every account lookup across the import pipelines now carries an explicit organisation scope rather than relying on connection context, and a standing verification runs at every deployment proving that no cross-organisation references exist anywhere in the data — thirteen separate relationship checks, all required to be zero, forever.

A small number of historical internal test records from the pre-hardening era were found referencing another test organisation’s account and were repaired; no customer data has ever existed in the system, and no customer organisation was or could have been affected.

This is the final item of the kernel hardening programme that began with the audit. The next release notes you read will be about features.