Changelog

Everything trueno has shipped.

Past tense only. Each entry is a phase that landed in production. Roadmap items don't appear here until they ship.

  1. Account Security

    Account security, MFA, and a hardened web layer

    Hardened the front door. Workspaces now support Google and GitHub OAuth, TOTP multi-factor with one-time recovery codes, and step-up verification before sensitive actions. The authenticated app moved to a per-request nonce Content-Security-Policy, and Slack alerting gained a one-click "Add to Slack" connector. The public API also picked up a compliance endpoint.

    • Google and GitHub OAuth sign-in alongside email + password
    • TOTP multi-factor authentication with one-time recovery codes
    • Step-up verification before sensitive actions (e.g. connecting an AWS account)
    • Per-request nonce Content-Security-Policy on all authenticated routes
    • One-click "Add to Slack" OAuth for channel alerts and assignment DMs
    • Added a /compliance endpoint (CIS / FSBP posture) to the public REST API
  2. Open Source

    Open-sourced the AWS rule catalog

    The rule catalog that powers every trueno scan is now an open-source, MIT-licensed npm package: trueno-aws-rules. It's pure and dependency-free — feed it AWS resources you've already discovered and it returns findings. The scanners, assume-role/session handling, and persistence stay private by design; only the rule judgement is public, so anyone can audit exactly what trueno flags and why.

    • Published trueno-aws-rules to npm (MIT, zero runtime dependencies)
    • 58 service evaluators spanning ~140 findings across cost, security, governance, performance, and compliance
    • Pure and deterministic — same resources in, same findings out; runs anywhere
    • Source on GitHub: github.com/hawa-dizeyi/trueno-aws-rules
  3. Cloud Intelligence

    Cloud Intelligence modules and production dashboard restructure

    trueno graduates from a Cost Analyzer + Resources surface into a full AWS cloud intelligence platform. The dashboard is reorganized around Command Center, Cloud Intelligence, Workflows, and Admin, with eight dedicated module pages. Cost Analyzer gains real filters and CSV/PDF exports. Automation gets a Create Automation flow with templates. Billing surfaces real usage against plan limits. Public marketing adds AWS Coverage, Use Cases, and Demo pages.

    • Rebuilt dashboard navigation around Command Center, Cloud Intelligence, Workflows, and Admin
    • Added dedicated module pages for Resource Inventory, Cost Analyzer, Identity & Access, Network Exposure, Containers & Serverless, Audit & Compliance, Operations & Reliability, and Enterprise Intel
    • Added module-aware findings, module scan actions, scan freshness, and improved empty states
    • Added Cost Analyzer filters plus CSV and PDF exports
    • Added automation templates and Create Automation flow
    • Added plan usage visibility in Billing
    • Updated pricing around Free, Command, Control, and Enterprise module access
    • Added public AWS Coverage, Use Cases, and Demo pages
  4. 14D

    Homepage positioning and enterprise trust

    Rewrote the marketing homepage for AWS-only positioning, honest scoping, and concrete trust signals. Added persona chips, expanded the security pillars, and introduced an honest "this is not built for" section that explicitly rules trueno out of scope for non-AWS, SIEM, observability, and multi-cloud abstraction use cases.

    • New hero with AWS-only positioning, persona chips, and read-only IAM trust microcopy
    • Three-pain problem section replaces single-paragraph framing
    • Continuous workflow band (Connect → Inventory → Findings → Assign → Resolve)
    • Security pillars expanded from 6 to 8 (added least-privilege IAM + data boundaries)
    • Single primary CTA across the homepage, removed competing secondary CTAs
    • Inside-the-workspace screenshot section renders only when real captures exist
  5. 14C

    Workflow coherence: Finding → Resource → Recommendation → Resolution

    Connected the operational surfaces into one lifecycle. Findings rows became navigable: lifecycle badges (Detected / Assigned / Ignored / Resolved), recency timestamps, resource cross-links, and inline status mutations. Cross-page deep-links from activity, notifications, and assignments now carry the specific entity id instead of dumping users on a generic list page.

    • Findings table: lifecycle badge column, recency labels, resource cross-link
    • Inline Resolve / Ignore actions on open findings (admin-only)
    • Cross-page deep-links use ?id=<findingId> so navigation lands on the right row
    • Resource detail header shows open findings + recommendations count with one-click drill-in
    • Scan history rows link to the findings each scan produced
    • Free-text q filter on /dashboard/findings (matches ARN, resource id, title, description)
  6. 14B

    Action-oriented dashboard with automation health

    Reordered the dashboard around urgency. The priority queue moved above the executive KPI band so action precedes metrics. Added an automation-health tile (failed schedules + failed scan jobs in last 24h) and an inline AutomationHealthCard in the trends/automation row. Onboarding became persistent across stages — new users see guided next steps until findings actually exist.

    • Priority queue (Needs Attention) moved to the top of the dashboard
    • Operations Hero tile mix: Risk / Savings / Accounts / Automation health (replaced freshness)
    • Seven new insight rules: failedAutomations, failedScanJobs, openCostAnomalies, myOverdueAssignments, pendingHighPriorityRecommendations, unhealthyAccounts, staleScans
    • Persistent onboarding hero through stages 1–3 (no accounts → no scans → no findings)
    • Priority queue overflow indicator ("+N more operational alerts") so urgency is never silently hidden
    • Dropped duplicate widget grid + roadmap section from overview
  7. 14A

    Navigation IA + dedicated Findings route

    Restructured the sidebar around user intent: Operate (Overview / Assignments / Notifications / Activity / Saved views) → Analyze (Findings / Recommendations / Trends / Cost Analyzer) → Inventory (Resources / AWS Accounts) → Automate (Automation). Created /dashboard/findings as a first-class surface for triage. Coming-soon modules left the primary navigation; they remain discoverable via the Overview roadmap section, the command palette, and the marketing site.

    • Sidebar grouped into 4 intent-driven sections
    • New /dashboard/findings route — workspace-level findings list with severity/status filters
    • Command palette expanded with all live pages + shortcut hints (G F, G R, G T, G C, G A)
    • Coming-soon modules removed from sidebar; roadmap surfaces preserved elsewhere
    • Cross-page links from activity / assignments / notifications repointed to /dashboard/findings
  8. 13.5

    Premium UI refinement and reliable hash scrolling

    Tightened the visual system to look like a serious enterprise SaaS, not a hobby project. Refined the radius scale, unified status colors, switched to hairline borders, removed decorative glows, and built shared PageHeader + SummaryTile primitives. Replaced the unreliable browser hash-scroll with a HashScroll client component that retries until the destination section paints in — so deep-links from the dashboard, notifications, activity, and assignments actually land on the right anchor.

    • Hairline borders, flat surfaces, mono-accent color system
    • Shared PageHeader and SummaryTile primitives across 9 dashboard pages
    • HashScroll component owns scroll behavior on hash-targeted navigation
    • All status badge tones standardized: queued/running/completed/partial/failed
    • Empty states tone-corrected — filter-no-results no longer reads as success
  9. 13

    Collaboration layer: comments, assignments, saved views, activity

    Added the workspace collaboration primitives. Comment threads scoped to resources, findings, recommendations, and anomalies. Assignments with owners, status transitions, due dates, and overdue detection. Saved views for curated filtered lists. A workspace-wide activity feed that records every mutation as a single source of truth.

    • Comments service + UI panel (currently wired on resource detail)
    • Assignments with target-entity polymorphism (resource / finding / recommendation / anomaly)
    • Saved views per entity type with shared/private scopes
    • Activity feed records every status change, comment, assignment, and admin action
    • Row-level security on every new table — workspace isolation enforced at the database