60 lines
2.9 KiB
Markdown
60 lines
2.9 KiB
Markdown
# Changelog
|
|
|
|
## v1.0.0 — 2026-05-01
|
|
|
|
First official release. Consolidates all features developed since initial commit into a stable, documented, deployment-ready package.
|
|
|
|
### Core Platform
|
|
- CVE tracking with multi-vendor support, document storage, and NVD API auto-fill
|
|
- Session-based authentication with four user groups (Admin, Standard_User, Leadership, Read_Only)
|
|
- Full audit logging of all state-changing actions
|
|
- Dark tactical intelligence UI theme with monospace typography
|
|
|
|
### Ivanti Integration
|
|
- Live sync of open host findings from Ivanti/RiskSense API (auto-sync every 24h)
|
|
- Reporting page with donut metric charts, advanced per-column filtering, inline editing
|
|
- FP workflow submission directly to Ivanti API with file attachments
|
|
- Ivanti Queue — personal staging list for batch FP, Archer, CARD, and Granite workflows
|
|
- Queue item redirect between workflow types after completion
|
|
- Row visibility controls with localStorage persistence
|
|
|
|
### Archive and Anomaly Tracking
|
|
- Automatic detection of disappeared and returned findings across syncs
|
|
- BU drift checker — classifies archived findings by reason (BU reassignment, severity drift, closed on platform, decommissioned)
|
|
- Return classification — explains why findings came back (BU reassigned back, severity re-escalated, etc.)
|
|
- Findings Trend chart with archive activity sparkline and shift reason tooltips
|
|
- Anomaly banner for significant archive events
|
|
|
|
### Compliance (AEO Posture)
|
|
- Weekly NTS_AEO xlsx upload with diff preview (new, resolved, recurring)
|
|
- Schema drift detection with breaking/silent-miss/cosmetic classification
|
|
- Admin config reconciliation for parser updates
|
|
- Per-team metric health cards with grouped categories and variant pills
|
|
- Device-level violation tracking with timestamped notes history
|
|
- Multi-metric note grouping
|
|
- Upload rollback support
|
|
|
|
### Integrations
|
|
- Jira Data Center — create, sync, and track tickets linked to CVE/vendor pairs
|
|
- Archer — risk acceptance exception tracking (EXC numbers)
|
|
- Atlas InfoSec — action plan cache, bulk creation from row selection, metrics reporting
|
|
- CARD API — Granite/CARD asset lookup for network device workflows
|
|
- NVD API — auto-fill CVE metadata with bulk sync support
|
|
|
|
### Knowledge Base
|
|
- Internal document library with inline PDF and Markdown rendering
|
|
- Category-based browsing and search
|
|
|
|
### Admin
|
|
- Full-page admin panel with user management, audit log, and system info tabs
|
|
- Themed confirm modals replacing browser dialogs
|
|
- User profile panel with self-service password change
|
|
|
|
### Infrastructure
|
|
- Consolidated `setup.js` with complete database schema (27 tables, all indexes and triggers)
|
|
- systemd service files for persistent deployment
|
|
- GitLab CI/CD pipeline (install, lint, test, build, deploy)
|
|
- GPG-signed commits for code provenance
|
|
- Organized documentation structure (api, design, guides, security, testing, troubleshooting)
|
|
- Migration scripts documented and retained for existing deployment upgrades
|