Turboship v1.2.0 Release Notes

This release represents a significant milestone in the development of Turboship, compiling 194 commits since version v1.1.482 (released April 15, 2026). The scope of this release spans major architectural refactoring, physical sandbox isolation, robust address validation workflows, a custom fraud rules engine, and transition to a strictly-typed codebase utilizing Effect schema and static build-time pipeline linters.


Release Metadata

Attribute Value
Release Version v1.2.0
Release Date June 6, 2026
Commit Count 194 commits
Core Frameworks AWS CDK v2, TypeScript v5.4, Effect v3.17, Vitest v4.0
Target AWS Accounts Physical Sandbox/UAT (410883543979), PROD

1. Executive Summary

Over the last 7 weeks, the Turboship engineering team has focused on three core objectives:

  1. Security & Sandbox Isolation: Eliminating sandbox/production environment bleed by provisioning physically separate AWS accounts and hardening identity, secrets management, and custom domain CORS boundaries.
  2. Operational Resilience & Automation: Automating order address correction, validating customer addresses before shipping costs are incurred, and implementing a highly-configurable custom fraud evaluation engine.
  3. Build-Time Quality Controls: Completely excising Zod in favor of Effect Schema, implementing a static linter to catch JSONPath mapping errors in Step Functions before deployment, and introducing a deterministic code thumbprinting system.

2. Core Epics & New Features

2.1 Custom Fraud Detection Rules Engine

A fully configurable custom fraud rules engine has been designed to supplement Shopify's native fraud warnings. The rules engine evaluates incoming orders and flags them based on risk factors, pausing workflow orchestration for manual review or secondary verification.

Turboship Settings & Fraud Rules Configuration

2.2 Geocoding & Address Validation Workflow

To prevent shipping label failures, a new verification chain has been integrated prior to printing.

Turboship Web Portal & Address Validation View

2.3 Physical UAT Sandbox Isolation

To eliminate cross-environment database and queue pollution, the UAT environment was physically migrated to a separate, isolated AWS account.

2.4 Stateful Storage Stack Decoupling & Continuous Backups

To protect persistent client order data during iterative infrastructure deployments, all storage resources were separated from ephemeral compute resources.


3. Engineering Quality & Schema Safety (The Type-Safety Epic)

This release represents the culmination of a major type-safety initiative originally started 8 months ago. Over the last month, we resolved the remaining hurdles to enforce 100% strict data modeling, which has permanently eradicated the category of runtime data-mapping and serialization errors that historically occurred during every workflow modification.

3.1 Strict Model-to-Model Transformations & Effect Schema

All validation has been refactored around Effect Schema (@effect/schema), replacing legacy Zod validation.

3.2 Build-Time ASL and JSONPath Dataflow Linter

Step Function CDK task constructs historically utilized manual, string-based JSONPath parameters, which was a frequent source of runtime crashes. We replaced this with build-time contract alignment:

3.3 Deterministic Code Thumbprint System

To solve the "Is my local code actually running in UAT/PROD?" problem, a deterministic build thumbprint system was implemented.


4. Developer Experience & Tooling Updates

This release introduces an array of utility tools to streamline daily developer tasks:

Turboheat Homepage Interface