jacob-bd
diff --git a/‎CHANGELOG.md‎
Lines changed: 7 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 7 additions & 0 deletions
@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.5.21] - 2026-04-11
+
+### Fixed
+- **HTTP 400 bad request causing silent auth failures (Issue #147)** — Google returns `400 Bad Request` instead of `401` or `403` when the internal CSRF token expires. Added 400 to the retryable auth status codes, which fixes auth recovery failures and prevents tracebacks (PR #148).
+- **WSL CDP failures breaking auth (Issue #138, #144)** — Native WSL connectivity has been fully added. `nlm login --wsl` securely launches and channels DevTools via `0.0.0.0` to safely bridge the WSL network boundary.
+- **Pass Build Label in login check** — The `nlm login --check` command was initiating a client without passing the configured build label, unnecessarily triggering a three-month backward fallback.
+
 ## [0.5.20] - 2026-04-10
 
 ### Fixed