Changelog_

Appwrite Auth now lets you enforce Password strength on your project. Set a minimum length and require any combination of an uppercase letter, a lowercase letter, a number, and a special character, so passwords that are too weak are rejected when users sign up or change their password.

Password strength is configured from the Auth > Security tab in the Appwrite Console, alongside password history and the password dictionary. Existing users keep their current password and only need to meet the new rules the next time they change it.

The Appwrite plugin for Claude Code is now listed in the official Claude marketplace. Adding the Appwrite marketplace as a separate step is no longer required, so a single command installs the plugin along with its agent skills and MCP servers for the Appwrite API and documentation:

claude plugin install appwrite@claude-plugins-official

Appwrite now supports Git deployment triggers for Functions and Sites. Use branch filters and path filters to control which Git pushes and pull requests create automatic deployments.

• Branch filters match branch names, such as main, staging, or preview/**.
• Path filters match changed files, such as apps/web/**, functions/api/**, or packages/shared/**.

You can prefix a pattern with ! to exclude matching branches or paths.

This is especially useful for monorepos, staging branches, preview workflows, and projects where a change to one folder should not rebuild every connected Function or Site.

We just added support for two runtimes:

• Functions: Dart 3.12
• Sites: Flutter 3.44

Pick Dart 3.12 in the runtime dropdown when creating or updating a Function, or pick Flutter 3.44 under your Site’s Runtime settings. The change applies to the next deployment, your active deployment is not affected until you redeploy.

Appwrite now ships a first-class Presences API for short-lived user statuses like online, away, editing, or typing. Each presence is a small record attached to a user, with a status string, optional metadata, an expiresAt timestamp (up to 30 days), and the same permissions model as the rest of the platform.

Presences broadcast every change over dedicated Realtime channels (presences and presences.<ID>) as upsert, update, and delete events, so an "online now" list, a typing indicator, or a "viewing this page" cue is a single Channel.presences() subscription away. Stale records emit delete events automatically when they expire, no cleanup job required.

Combine it with Realtime queries and a client only receives the presence events its UI actually needs to render, which makes the API a fit for multiplayer games and live movement tracking as much as for online indicators.