jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a72300475b375fe0f15938d394efd630bf74675a
cve-dashboard/CHANGELOG.md

2.9 KiB
Raw Blame History

Changelog

v1.0.0 — 2026-05-01

First official release. Consolidates all features developed since initial commit into a stable, documented, deployment-ready package.

Core Platform

  • CVE tracking with multi-vendor support, document storage, and NVD API auto-fill
  • Session-based authentication with four user groups (Admin, Standard_User, Leadership, Read_Only)
  • Full audit logging of all state-changing actions
  • Dark tactical intelligence UI theme with monospace typography

Ivanti Integration

  • Live sync of open host findings from Ivanti/RiskSense API (auto-sync every 24h)
  • Reporting page with donut metric charts, advanced per-column filtering, inline editing
  • FP workflow submission directly to Ivanti API with file attachments
  • Ivanti Queue — personal staging list for batch FP, Archer, CARD, and Granite workflows
  • Queue item redirect between workflow types after completion
  • Row visibility controls with localStorage persistence

Archive and Anomaly Tracking

  • Automatic detection of disappeared and returned findings across syncs
  • BU drift checker — classifies archived findings by reason (BU reassignment, severity drift, closed on platform, decommissioned)
  • Return classification — explains why findings came back (BU reassigned back, severity re-escalated, etc.)
  • Findings Trend chart with archive activity sparkline and shift reason tooltips
  • Anomaly banner for significant archive events

Compliance (AEO Posture)

  • Weekly NTS_AEO xlsx upload with diff preview (new, resolved, recurring)
  • Schema drift detection with breaking/silent-miss/cosmetic classification
  • Admin config reconciliation for parser updates
  • Per-team metric health cards with grouped categories and variant pills
  • Device-level violation tracking with timestamped notes history
  • Multi-metric note grouping
  • Upload rollback support

Integrations

  • Jira Data Center — create, sync, and track tickets linked to CVE/vendor pairs
  • Archer — risk acceptance exception tracking (EXC numbers)
  • Atlas InfoSec — action plan cache, bulk creation from row selection, metrics reporting
  • CARD API — Granite/CARD asset lookup for network device workflows
  • NVD API — auto-fill CVE metadata with bulk sync support

Knowledge Base

  • Internal document library with inline PDF and Markdown rendering
  • Category-based browsing and search

Admin

  • Full-page admin panel with user management, audit log, and system info tabs
  • Themed confirm modals replacing browser dialogs
  • User profile panel with self-service password change

Infrastructure

  • Consolidated setup.js with complete database schema (27 tables, all indexes and triggers)
  • systemd service files for persistent deployment
  • GitLab CI/CD pipeline (install, lint, test, build, deploy)
  • GPG-signed commits for code provenance
  • Organized documentation structure (api, design, guides, security, testing, troubleshooting)
  • Migration scripts documented and retained for existing deployment upgrades
Reference in New Issue View Git Blame Copy Permalink