NopeSight Release History

Version 3.6.11

Released: 2025-11-26

Monitor and Peripheral Device Tracking

🖥️ External Monitor Tracking: Comprehensive lifecycle tracking for external monitors
- Automatic detection and creation of Monitor CIs for external displays
- Serial number-based tracking enables monitor reuse across workstations
- Smart filtering excludes built-in laptop displays from tracking
- Monitor CIs searchable by serial number across tenants for global asset tracking
⌨️ Peripheral Device Discovery: Track keyboards, mice, and docking stations
- Automatic discovery of USB peripheral devices connected to workstations
- Intelligent filtering excludes virtual/software devices for accurate inventory
- Real-time tracking of physical hardware assets
🔗 Enhanced Asset Relationships: "Uses" relationship type
- Visualize which monitors are connected to which workstations
- Track monitor lifecycle independently from workstation lifecycle
- Support for shared monitors across multiple systems
📊 Hardware Collections: ServerMonitor and ServerPeripheral collections
- View connected monitors and peripherals for each workstation
- Collection data automatically updated during discovery scans
- Complete hardware inventory for compliance and asset management
🔧 Performance Optimization: Cleaner system logs
- Removed verbose event plugin debug logs for improved readability
- Reduced log volume for better monitoring and troubleshooting

Version 3.6.10

Released: 2025-11-18

Production Deployment Fixes

🐛 Worker Service Fix: Resolved Redis authentication issues in production
- Fixed worker initialization failures due to Redis connection problems
- Enhanced module initialization to handle ECS secrets properly
🔒 Security Enhancements: Strengthened authentication security
- Upgraded JWT_SECRET from 22 to 128 characters for enhanced security
- Fixed Bull Board default password vulnerability with secure 64-character password
🚀 Deployment Improvements: Enhanced deployment process
- Added task definition files for automated deployment scripts
- Ensured all required environment variables present in production containers

Version 3.6.9

Released: 2025-11-15

Minor Improvements and Bug Fixes

Performance optimizations and stability improvements
Enhanced error handling for edge cases
UI refinements and user experience improvements

Version 3.6.8

Released: 2025-11-13

Event AI Analysis Queue Processor

🤖 AI Analysis Worker: Implemented Event AI Analysis Queue Processor for automated event analysis
- Created eventAIAnalysisQueueProcessor.js following event correlation pattern
- Integrated AI analysis queue processor into worker.js for background processing
- Added event-ai-analysis queue to Bull Board dashboard for real-time monitoring
🧠 Intelligent Event Analysis: Critical and major events automatically analyzed by Claude AI
- Anomaly Scoring: AI calculates anomaly scores (0-100) based on event patterns
- Root Cause Analysis: Identifies causes, contributing factors, and evidence
- Suggested Actions: Generates prioritized, actionable remediation steps with time estimates
- Pattern Detection: Identifies related patterns and recurring issues across infrastructure
🔧 Queue Management: Enhanced worker integration and monitoring
- AI analysis queue processor runs in worker process with configurable concurrency
- Proper shutdown handlers for graceful AI analysis queue cleanup
- Created queue-ai-analysis.js script for manually triggering AI analysis on existing events
🐛 Bug Fixes: Event enrichment and queue processing improvements
- Fixed Map/Object type mismatch in event ingestion CI enrichment
- Fixed missing process handler for AI analysis queue jobs
- Resolved job type requirement issue in queue processor

Version 3.6.7

Released: 2025-11-11

Business Service Analyzer SSE Fixes

🐛 SSE Connection Fix: Fixed Business Service Analyzer SSE connections in production
- Updated SSE URL construction to use API base URL (api.nopesight.com)
- Fixed SSE connections failing in production environment
🔐 Menu Access: Fixed menu access control for users without roles
🗄️ Table Schema: Fixed CI table schema lookup case sensitivity
📊 OS Reports: Optimized Server and Workstation OS Distribution reports
- Simplified OS distribution aggregation pipelines
🏢 Tenant Fix: Corrected Koctas tenant association with proper CRM account

Version 3.6.6

Released: 2025-10-29

AI Insights Response Quality Fix

🐛 Critical Fix: Fixed markdown extraction not triggering for Claude responses
- Fixed JSON response detection condition that was too restrictive
- Changed from checking for BOTH "Return ONLY" AND "JSON format" to checking for ANY JSON-related keyword
- Now properly detects "Return ONLY", "JSON", or "json" in system prompts
📊 Enhanced Markdown Extraction: Improved handling of markdown-wrapped JSON responses
- Added comprehensive logging to track when markdown extraction occurs
- Enhanced regex patterns to handle various markdown code block formats
- Logs now show whether extraction was triggered and what the extracted JSON looks like
- Proper handling of malformed or truncated markdown-wrapped responses
✅ Validation: Verified AI insights quality improvements
- Claude responses now properly stripped of markdown for clean JSON output
- System prompt CRITICAL instructions confirmed being sent to Claude
- Tenant/customer metrics tracking confirmed working in aiUsageMetrics
- Generated AI insights produce valid, parseable JSON without markdown wrapping
🔧 Logging Improvements: Better visibility into response processing
- Added logs showing JSON detection conditions
- Added logs showing markdown extraction attempts and success
- Added logs showing response characteristics (starts with brace, length, etc.)
- Improved debugging for JSON parsing issues

Version 3.6.4

Released: 2025-10-28

Service Pattern Library Management System

🎯 Pattern Library Database Architecture: Migrated hardcoded service discovery patterns to MongoDB
- ServicePattern Model: Complete schema with pattern matching criteria (software keywords, hostname patterns, process patterns, port ranges)
- Multi-Tenant Support: Patterns can be global (tenant=null) or tenant-specific
- Priority-Based Matching: Patterns sorted by priority to ensure specific patterns match before generic ones
- Pattern Statistics: Automatic tracking of match counts and last matched timestamps
- System vs Custom Patterns: System patterns cannot be deleted (only disabled), custom patterns fully manageable
🔧 Pattern Management API: Full CRUD operations for service patterns
- List Patterns: GET /api/service-patterns with filtering by category, enabled status, and type
- Pattern CRUD: Create, read, update, delete operations with tenant validation
- Pattern Testing: POST /api/service-patterns/test to preview matches before saving
- Pattern Cloning: POST /api/service-patterns/:id/clone to duplicate patterns
- Pattern Statistics: GET /api/service-patterns/statistics for usage analytics
- Authentication & Authorization: Full auth and tenant validation on all endpoints
🖥️ Pattern Library Management UI: Comprehensive interface at /cmdb/service-patterns
- Statistics Dashboard: Real-time cards showing total, enabled, disabled, system, custom patterns and match counts
- Advanced Filtering: Filter by category (Healthcare, Enterprise, Web & API, etc.), status, and type
- Search Functionality: Full-text search across pattern name, description, and category
- Inline Actions: Toggle enable/disable, clone, edit, test, and delete patterns
- Protected Operations: System patterns cannot be deleted, only disabled
- Responsive Design: Material-UI based interface with proper loading states and error handling
🚀 Infrastructure Analysis Integration: Dynamic pattern loading from database
- Runtime Pattern Loading: ServicePattern.getActivePatterns(tenant) loads patterns during analysis
- Automatic Match Statistics: Updates pattern match count and timestamp on successful matches
- No Code Deployment: Pattern changes take effect immediately on next analysis run
- Backward Compatibility: Old hardcoded patterns deprecated but preserved in comments
- 14 Migrated Patterns: Healthcare (4), Enterprise (3), Web & API (3), Database (2), Communication (2), Monitoring (1), Security (1)
📊 Pattern Categories & Matching Logic:
- Categories: Healthcare, Enterprise, Web & API, Infrastructure, Communication, Database, Security, Monitoring, Custom
- Matching Criteria: Software keywords, hostname patterns, process patterns, port ranges
- Matching Logic: ANY (match any criteria) or ALL (match all criteria)
- Criticality Levels: Critical, High, Medium, Low
- Business Service Categories: ERP, Email, Database, Web Application, Authentication, Monitoring, Custom

Migration & Data Management

📦 Pattern Migration Script: backend/scripts/migrate-service-patterns.js
- Successfully migrated 14 hardcoded patterns to database
- Created system user for pattern ownership
- Marked all migrated patterns as system patterns
- Added migration notes and metadata
- Safe re-run protection with existing pattern detection

Technical Improvements

🔧 Pattern Model Methods:
- matches(ci, ciSoftware, ciProcesses): Test if pattern matches a CI
- getActivePatterns(tenantId): Get all enabled patterns for tenant (global + tenant-specific)
- testPattern(patternData, tenantId): Test pattern against infrastructure without saving
- Indexes: Optimized queries with compound indexes on tenant, enabled, priority, and name
🔒 Security & Validation:
- Tenant isolation throughout pattern operations
- System pattern protection (cannot be deleted)
- User authentication required for all operations
- Proper ObjectId validation and conversion

Bug Fixes

🐛 Fixed duplicate delete method in businessServiceAnalyzerService.ts
🐛 Fixed auth middleware import in servicePattern.js routes
🐛 Fixed API base URL in servicePatternService.ts (removed duplicate /api prefix)

Version 3.6.3

Released: 2025-10-25

Software Lifecycle Management Enhancements

🔄 Lifecycle Status Filtering: Comprehensive EOL/EOS lifecycle filtering across software management
- Software Catalog Filter: Added lifecycle status filter widget to /cmdb/software-catalog sidebar
- Software Inventory Filter: Added lifecycle status filter widget to /cmdb/software-inventory sidebar
- Filter Options: EOL (End of Life), EOS (End of Support), LTS (Long Term Support), Active, Unknown
- $lookup Join Integration: Uses MongoDB aggregation pipeline with $lookup from CIs to software_catalog
- CatalogId References: Filters based on lifecycle data in global software catalog via customFields.catalogId
- Consistent Experience: Same filtering interface and behavior across both catalog and inventory views
🎯 Backend Lifecycle Support: Enhanced controllers with lifecycle filtering logic
- Software Catalog Controller: Added lifecycle filter with switch logic for all status types
- Software Inventory Controller: Implemented aggregation pipeline with $lookup for tenant-specific filtering
- Performance Optimization: Standard queries used when no lifecycle filter, aggregation only when needed
- Tenant Isolation: Complete tenant filtering throughout lifecycle query pipelines
- Type Safety: Proper ObjectId conversion and comparison for catalog references
📊 Report Category Enhancement: Added 'software' category for software lifecycle reports
- Report Template Model: Added 'software' to category enum
- Frontend Support: Updated ReportTemplateList with software category display and filtering
- 6 EOL Reports: Categorized existing lifecycle reports under software category
- Collection Mapping: Added software_catalog to reportingservice collection mappings

Integration Improvements

🔗 CMDB Integration: Seamless integration with software catalog and CI infrastructure
- Dynamic Filter Updates: Lifecycle filters update immediately as catalog data changes
- Reference Resolution: Automatic resolution of catalogId references during queries
- Catalog Enrichment: Future-ready for automated lifecycle data enrichment from endoflife.date
- Data Consistency: Single source of truth for lifecycle data in software_catalog collection

User Experience Enhancements

🎨 Enhanced Filter Widgets: Improved sidebar filter interface
- Badge Indicators: Shows active filter count in badge on Schedule icon
- Collapsible Sections: Lifecycle filter section expands/collapses like other filters
- Clear All Filters: Lifecycle filter included in "Clear All" functionality
- Filter Persistence: Lifecycle filter state maintained during page navigation
- Visual Feedback: Loading states and proper error handling for filter operations

Technical Implementation

🏗️ Aggregation Pipeline: Advanced MongoDB queries for lifecycle filtering
- Conditional Aggregation: Only uses aggregation when lifecycle filter is active
- $match Stages: Proper ordering of match stages for optimal query performance
- $project Optimization: Minimal field projection for better memory usage
- Count Optimization: Separate count pipeline for accurate pagination
- Index Support: Leverages existing indexes on customFields.catalogId
🔧 Service Layer Updates: Enhanced frontend services for lifecycle filtering
- ciService: Added lifecycleFilter parameter to getSoftwareInventory
- softwareCatalogService: Added lifecycle parameter to getAllCatalogItems
- TypeScript Types: Updated interfaces to include lifecycle filter options
- API Integration: Proper query parameter serialization for lifecycle filters

Benefits

Better Software Visibility: Quickly identify EOL and EOS software across infrastructure
Risk Management: Easy filtering to find software requiring updates or replacement
Compliance Support: Helps meet compliance requirements for software lifecycle management
Consistent Interface: Same filtering experience across catalog and inventory views
Performance: Optimized queries only use aggregation when lifecycle filtering is active
Scalability: Efficient handling of large software inventories with proper indexing

Version 3.6.2

Released: 2025-10-24

Event Correlation Background Processing

🔄 Redis Queue Processor: Complete background processing infrastructure for event correlation
- Queue-Based Architecture: Event correlation runs asynchronously via Redis Bull queues
- Concurrent Processing: 3 concurrent workers process correlation jobs simultaneously
- Non-Blocking Operations: Events ingested immediately while correlation happens in background
- Automatic Queueing: All new events automatically queued for correlation analysis
- Job Status Tracking: Monitor correlation job progress via API and monitoring dashboard
- Retry Logic: Failed jobs automatically retry with exponential backoff (3 attempts)
- Connection Management: MongoDB reconnection and health checks built-in
🔍 Enhanced Correlation Strategies: Advanced multi-strategy correlation analysis
- Dependency Correlation: Analyzes CI dependency chains to identify root causes and cascading failures
- Temporal Correlation: Groups events occurring within 30-minute configurable time windows
- Topology Correlation: Uses CMDB CI relationships for intelligent event grouping (up to 3 hops)
- Pattern Correlation: Identifies similar event signatures across different systems
- Service Correlation: Correlates events affecting the same business service or application
- Relationship Analysis: Considers dependency types (depends_on, runs_on, hosted_on, database_connection)
📊 Queue Monitoring & Metrics: Complete visibility into correlation processing
- Bull Board Integration: Event correlation queue visible at /admin/queues dashboard
- Real-Time Metrics: Live tracking of waiting, active, completed, and failed jobs
- Performance Stats: Processing rate (jobs/minute), throughput (jobs/hour), average processing time
- Queue Health: Health indicators showing backlog, failures, and processing status
- Monitoring Dashboard: Integrated into system monitoring with queue-specific metrics
- Job Details: View individual job data, parameters, progress, and error messages
🛠️ Worker Integration: Seamless integration with existing worker infrastructure
- Worker.js Integration: Correlation processor initialized alongside other queue processors
- Graceful Shutdown: Proper cleanup and connection closing on worker shutdown
- Queue Naming: Support for queue prefixes in multi-environment deployments
- Concurrency Control: Configurable via EVENT_CORRELATION_CONCURRENCY environment variable
- Resource Management: Controlled memory usage and connection pooling
📚 Comprehensive Documentation: Complete guides for event management system
- Integration Guide: Expanded event sources documentation with 40+ monitoring platforms
- Correlation Deep Dive: Enhanced correlation documentation with dependency strategy details
- API Reference: Complete API documentation for correlation endpoints
- Practical Examples: Real-world database cascade failure correlation scenario
- Performance Tuning: Environment-specific configuration recommendations
- Architecture Diagrams: Visual representation of correlation flow and strategies

API Enhancements

🔌 Correlation Endpoints: New REST API endpoints for event correlation
- POST /events/:eventId/correlate: Manually trigger correlation for specific event
- GET /events/:eventId/correlations: Retrieve correlations for an event
- POST /events/analyze-correlations: Analyze recent events for correlation patterns
- Response Format: Detailed correlation metadata including confidence scores and reasoning

Technical Implementation

🏗️ Queue Processor Architecture: Production-ready correlation processing
- MongoDB Connection Manager: Automatic reconnection with retry logic for database resilience
- Progress Tracking: Job progress updates (10% → 30% → 50% → 90% → 100%)
- Error Handling: Comprehensive error logging with context and stack traces
- Event Handlers: Queue event handlers for completed, failed, stalled, and error events
- Type Safety: Proper handling of ObjectIds and string conversions
📈 Monitoring Integration: Complete monitoring infrastructure updates
- Queue Metrics API: Updated /api/monitoring/queue-metrics to include correlation queue
- Queue Health Check: Correlation queue included in system health monitoring
- Frontend Auto-Discovery: QueueMetricsCard automatically displays new queue without code changes
- Dynamic Display: Queue metrics table automatically includes event-correlation queue

Benefits

Scalability: Handle high-volume event ingestion without blocking operations
Reliability: Automatic retry ensures no correlation is lost due to temporary failures
Performance: 3 concurrent workers process correlations efficiently
Visibility: Complete monitoring and metrics for operational insight
Root Cause Analysis: Dependency-based correlation identifies cascading failures
Zero Downtime: Background processing doesn't impact event ingestion or user experience

Version 3.6.0

Released: 2025-10-15

Compliance Attestations

📜 Executive Attestation System: Complete attestation lifecycle management for executive-level compliance sign-offs
- Attestation Creation: Create formal attestations for compliance controls, profiles, frameworks, policies, and policy statements
- Multi-Scope Support: Attest to individual controls, entire profiles, full frameworks, organizational policies, or custom CI groups
- Period Selection: Choose from quarterly, monthly, fiscal year, annual, or custom date range periods
- Scope Preview: Preview exactly what assessments and CIs will be included before creating attestation
- Automated Aggregation: System automatically aggregates all relevant compliance assessments within scope
- Compliance Scoring: Real-time calculation of compliance percentage, risk metrics, and assessment counts
- Executive Sign-Off: Formal signature with attestation statements and timestamps
- SOX 302 Support: Co-attestation capability for dual executive sign-offs (CEO/CFO)
- Approval Workflow: Built-in review and approval process for attestations
- Audit Trail: Complete history of attestations, signatures, and approvals
🎯 Flexible Attestation Scopes: Six different scope types for comprehensive compliance coverage
- Control Scope: Attest to a single compliance control across all assessed systems
- Profile Scope: Attest to a collection of controls within a compliance profile
- Framework Scope: Attest to an entire compliance framework (e.g., SOX, HIPAA, PCI-DSS)
- Policy Scope: Attest to all controls linked to an organizational policy
- Policy Statement Scope: Attest to controls implementing a specific policy statement
- Custom Scope: Define custom criteria (CI types, tags, departments) for flexible attestations
📅 Dynamic Period Management: Intelligent period selection based on current date
- Quarterly Periods: Auto-generates current, previous, and upcoming quarters (2025-Q4, 2025-Q3, etc.)
- Monthly Periods: Last 6 months plus upcoming months with current period indicator
- Fiscal Year: Configurable fiscal year periods (April 1 - March 31)
- Calendar Year: Annual periods for year-end attestations
- Custom Periods: Define any start/end date range for special attestations
- Current Period Indicator: Visual indicator (📍) shows which period is current
🔍 Scope Preview Feature: See exactly what will be included before creating attestation
- Assessment Count: Total number of assessments within scope and period
- Compliance Summary: Overall compliance percentage and risk breakdown
- Scope Details: Control counts, profile information, framework details
- Date Range: Clear display of attestation period start and end dates
- Validation: Ensures scope contains data before allowing attestation creation
📊 Attestation Dashboard: Executive view of attestation status and compliance trends
- Attestation List: Filterable list of all attestations with status and compliance scores
- Period Filtering: Filter by quarter, month, or custom period
- Scope Filtering: Filter by scope type, framework, or policy
- Status Tracking: Track draft, pending approval, approved, rejected, and expired attestations
- Quick Actions: Create, view, edit, sign, and approve attestations from list
🔐 Multi-Tenant Security: Complete tenant isolation for attestation data
- Tenant Awareness: All attestations scoped to tenant boundaries
- Scope Resolution: Only includes assessments and CIs from selected tenant
- Access Control: Users can only view/manage attestations for their assigned tenants
- Data Protection: No cross-tenant access to attestation data or assessments

Integration & Enhancements

🔗 Compliance Registry Integration: Seamless integration with existing compliance infrastructure
- Registry Links: Empty states provide direct links to compliance registry when no data exists
- Real-time Data: Attestation forms fetch live data from compliance registry
- Model Integration: Works with ComplianceControl, ComplianceProfile, ComplianceFramework, CompliancePolicy, CompliancePolicyStatement models
- Assessment Connection: Automatically includes all completed assessments within scope

Bug Fixes & Improvements

🐛 Critical Fixes: Resolved multiple issues preventing attestation system from working
- Fixed CI model import error (CI.find is not a function) in attestationScopeResolver
- Fixed routes not being registered - added attestation routes to App.tsx
- Fixed API path causing 404 errors - removed duplicate /api prefix in attestationService
- Fixed empty state handling for all scope types with helpful registry navigation
- Fixed compilation errors with missing commas and imports
✨ User Experience: Enhanced attestation creation workflow
- Added tooltips explaining why buttons are disabled (Preview Scope required)
- Improved empty state messages with actionable guidance
- Added validation to prevent creating attestations without data
- Enhanced period labels with readable formatting (Q1 2025, Jan 2025, FY2025)

Version 3.5.1

Released: 2025-10-12

Documentation Improvements

📚 Rules Engine Documentation Consolidation: Complete documentation overhaul for the Rules system
- Single Source of Truth: All Rules documentation consolidated into /docs/Rules/Rules.md
- Comprehensive Coverage: Complete documentation of v1 (legacy) and v2 (workflow-based) rules
- Template System Guide: Detailed documentation of Handlebars templates with nested reference access
- Data Access Patterns: Full coverage of {{#data_list}} and {{#data_item}} helpers for cross-collection queries
- Handlebars Helpers: Complete reference for built-in and custom helpers with practical examples
- V2 Workflow Documentation: Multi-step workflows with script actions, AI actions, and condition actions
- Context & Variables: How to pass data between workflow steps using context object
- Architecture Diagrams: Visual representation of event-driven execution and queue processing
- Reference Population: Technical deep-dive into automatic population of MongoDB references
- Queue Processing: Detailed explanation of Redis-based async rule execution with worker processes
- Troubleshooting Guide: Common issues and solutions with populated references and email templates
- API Reference: Complete REST API documentation for rule management operations
- Migration Guide: How to migrate from v1 to v2 rules with code examples
- Best Practices: Recommendations for rule design, performance, and maintenance
🗑️ Documentation Cleanup: Removed duplicate documentation files
- Deleted /backend/help/rules.md (legacy documentation)
- Deleted /backend/help/rules_v2.md (redundant v2 documentation)
- All content migrated to comprehensive consolidated documentation
📖 Documentation Structure: Improved organization and discoverability
- Table of Contents: 10-section comprehensive navigation
- Code Examples: Real-world examples throughout with actual use cases
- Email Templates: Complete guide to email notification rules with Handlebars
- Technical Stack: Documentation of underlying technologies (Node.js, MongoDB, Redis, AWS SES)
- File Structure: Clear overview of relevant backend files and their purposes

Benefits

Easier Maintenance: Single file to update instead of scattered documentation
Complete Coverage: No gaps between legacy help files and production documentation
Developer Onboarding: New developers have one comprehensive resource
User Training: Complete reference for building business rules and email notifications
Searchability: All Rules-related content in one searchable location

Version 3.5.0

Released: 2025-10-12

Email Notification System

📧 ServiceNow-Style Business Rules: Complete email notification infrastructure with zero-configuration approach
- Global Event Plugin: eventEmitterPlugin automatically applied to ALL Mongoose models before registration
- Zero Model Configuration: No per-model setup required - works like ServiceNow business rules
- Automatic Event Emission: Models automatically emit insert/update/delete events
- Event-Driven Architecture: Clean separation between data operations and notification logic
- Plugin Timing: Applied globally before model compilation ensures hooks are properly registered
✉️ V2 Email Rules Engine: Advanced rule engine with template support
- Handlebars Templates: Dynamic email content with variable substitution
- Template Rendering Fix: Mongoose document to plain object conversion for Handlebars compatibility
- Nested Reference Support: Access nested object properties like {{object.partner.name}}
- Multiple Triggers: Support for insert, update, delete operations on any model
- Conditional Execution: Field-level conditions for when rules should execute
- Async Processing: Non-blocking email delivery with comprehensive error handling
🌐 AWS SES Integration: Production-ready email infrastructure
- Custom MAIL FROM Domain: bounce.tripl-i.com configured and verified
- DKIM/SPF/DMARC: Complete email authentication setup
- Bounce Handling: SNS topics configured for bounce and complaint notifications
- Production Access Ready: Comprehensive documentation for AWS SES production access request
- Multi-Tenant Support: Tenant-isolated email sending with proper from address management

Enhanced Email Rules UI

🎨 Intelligent Field Browser: Revolutionary field discovery and insertion interface
- Search Functionality: Real-time filtering of available fields by name or type
- Expandable References: Chevron icons to expand reference fields and view nested attributes
- Dynamic Schema Loading: On-demand loading of reference model fields via API
- Nested Field Paths: Automatic path prefixing for nested fields (e.g., partner.name)
- Visual Hierarchy: Indented nested fields with grey background for clarity
🖱️ Click-to-Insert Workflow: Streamlined field insertion with active selection
- Active Field Selector: Chip-based selector for To/Subject/Body target fields
- One-Click Insertion: Click field name to insert into currently selected target
- Smart Cursor Placement: Fields inserted at cursor position in text inputs
- Backward Compatible: Original To/Subj/Body buttons still available for explicit targeting
- Visual Feedback: Active field highlighted with primary color chip
📊 Available Fields API: Dynamic field discovery infrastructure
- GET /api/rules/object-types: List all available object types for rule triggers
- GET /api/rules/object-types/:model/fields: Retrieve schema fields for any model
- Reference Detection: Automatic detection of ObjectId reference fields
- Type Information: Field types, descriptions, and reference models included
- Tenant-Aware: Proper tenant filtering in field discovery queries

Template Engine Enhancements

🔧 Handlebars Integration: Full-featured template rendering
- Variable Substitution: Support for {{object.fieldName}} syntax
- Nested Access: Dot notation for nested objects ({{object.parent.child.field}})
- Helper Functions: Built-in helpers for formatting dates, numbers, strings
- Conditional Logic: {{#if}} and {{#each}} for dynamic content
- Safe Rendering: Automatic HTML escaping for security
🐛 Mongoose Compatibility Fix: Critical template rendering fix
- Problem: Handlebars cannot access Mongoose document getters
- Solution: .toObject() conversion before passing to template engine
- Impact: All template variables now render correctly ({{object.title}}, {{object.email}}, etc.)
- Performance: Minimal overhead with efficient conversion logic
- Backward Compatible: Works with both plain objects and Mongoose documents

Rule Management Features

📋 Complete CRUD Interface: Comprehensive rule management UI
- Rule List: Paginated list with filtering by status, trigger type, and object type
- Rule Form: Rich form with trigger configuration, condition builder, and action setup
- Template Editor: Multi-field template editor for To/Subject/Body with live field browser
- Rule Testing: Execution logs showing successful sends and error details
- Version Control: V2 async rules with backward compatibility for V1 sync rules
🎯 Rule Execution Logging: Complete audit trail
- Execution Logs: Every rule execution recorded with timestamp and status
- Success Tracking: Email send confirmations with message IDs
- Error Logging: Detailed error messages for failed executions
- Template Debugging: Log rendered templates to verify variable substitution
- Performance Metrics: Execution duration and throughput tracking

Multi-Tenant Security

🔒 Complete Email Isolation: Tenant-aware email rules
- Rule Isolation: Email rules completely isolated by tenant
- Execution Context: Tenant ID passed through entire execution pipeline
- Recipient Validation: Email recipients must belong to rule's tenant
- Log Isolation: Execution logs filtered by tenant
- Data Protection: No cross-tenant email sending possible

Technical Implementation

🏗️ Backend Architecture: Robust email infrastructure
- Event Service: Centralized event listener for all model events
- Rule Engine: ruleengine.js with async rule evaluation and execution
- Template Rendering: renderTemplate() function with Mongoose document handling
- Email Service: AWS SES integration with retry logic and error handling
- Queue Integration: Background email sending with Bull/Redis queues
🔌 API Endpoints: Comprehensive rule management API
- POST /api/rules: Create email rules with validation
- GET /api/rules: List rules with tenant filtering
- PUT /api/rules/:id: Update existing rules
- DELETE /api/rules/:id: Remove rules
- GET /api/rules/execution-logs: Query execution history
💾 Database Schema: Email rule data models
- Rule Model: Trigger configuration, conditions, and email actions
- Rule Execution Log: Execution history with success/failure tracking
- Event Emitter Plugin: Global plugin for automatic event emission
- Indexes: Optimized for tenant filtering and execution log queries

User Experience Improvements

🎨 Enhanced UI Components: Material-UI based email rule interface
- Search with Icons: Search icon in field browser for visual clarity
- Chip Selectors: Color-coded chips for active field selection
- Expandable Lists: Collapsible reference fields with smooth animations
- Tooltips: Helpful tooltips showing field types and descriptions
- Loading States: Skeleton loading for field discovery
📚 Comprehensive Examples: Email template examples in UI
- Lead Notifications: Template showing lead details with nested partner info
- Service Requests: Ticket notification templates
- Compliance Alerts: Assessment result templates
- Infrastructure Alerts: CI change notification templates

AWS SES Production Access

📄 Documentation: Complete AWS SES setup documentation
- Production Access Request: Detailed request template for AWS support
- Use Case Description: Multi-tenant ITSM platform email requirements
- Bounce/Complaint Handling: Infrastructure description for AWS review
- Email Examples: Sample emails for AWS verification
- Compliance Statement: GDPR, CAN-SPAM compliance documentation

Performance & Scalability

⚡ Optimized Email Delivery: Efficient email processing
- Async Execution: Non-blocking email sending via background jobs
- Batch Processing: Support for bulk email operations
- Connection Pooling: Reusable AWS SES connections
- Error Recovery: Automatic retry with exponential backoff
- Rate Limiting: Respect AWS SES sending limits

Bug Fixes & Improvements

🐛 Template Rendering: Fixed {{object.title}} showing empty values
🔧 Event Emission: Fixed plugin not firing for CRM_Lead model
📊 Field Discovery: Proper handling of nested reference models
🎯 Cursor Position: Fixed field insertion at correct cursor position
🔍 Search Performance: Optimized field search with debouncing

Version 3.4.0

Released: 2025-10-09

Infrastructure-Aware Compliance System

🎯 Compliance Profiles: Revolutionary CI grouping system for scalable compliance assessment
- What They Are: Groups of Configuration Items sharing common compliance requirements
- Dynamic Profiles: Rule-based CI selection using criteria (CI Type, Environment, Status, Tags, Custom Fields)
- Manual Profiles: Explicit CI selection for exception-based or small compliance scopes
- Real-Time Updates: New systems automatically included when they match dynamic profile rules
- Scalability: Manage compliance for 10 systems or 10,000 systems with the same effort
- Logical Grouping: Group by environment (Prod/Dev/Test), function (Database/App/Network), or risk level
📊 Assessment Matrix Generation: Automated, infrastructure-aware assessment creation
- Matrix Concept: Control × Profile CIs = Individual Assessments
- Example: One "Data Classification" control × 7 database servers = 7 specific assessments
- Automatic Creation: Click "Generate Assessments Now" or wait for scheduled generation
- Period Tracking: Automatic period calculation (2025-Q4, 2025-M01, 2025) based on frequency
- Due Date Management: Automatic due date calculation from control frequency
- Assignment: Auto-assign to control owner or manage assignments manually
🔄 Background Job Processing: Non-blocking assessment generation with queue system
- Queue-Based Architecture: Assessment generation runs as background jobs using Bull/Redis
- Immediate Response: Users get instant feedback with Job ID while processing happens in background
- No Workflow Interruption: Generate thousands of assessments without blocking the UI
- Job Status Tracking: Monitor progress via API endpoint or Monitoring dashboard
- Automatic Retry: Failed jobs automatically retry with exponential backoff
- Scalable Processing: Multiple workers can process jobs in parallel

Enhanced Compliance Workflow

🚀 Automatic Assessment Generation: Control-driven, frequency-based assessment creation
- Frequency Options: Continuous, Daily, Weekly, Monthly, Quarterly, Semi-Annual, Annual, Ad-Hoc
- Scheduling Fields: Last Generated Date, Next Due Date tracked automatically
- Enable/Disable: Toggle automatic generation per control
- On-Demand Generation: Manual trigger via "Generate Assessments Now" button
- Profile Discovery: System finds all profiles linked to the control
- CI Resolution: Resolves profile members (dynamic query or manual list)
- Assessment Creation: Creates one assessment per CI per control
🛡️ Duplicate Prevention: Intelligent protection against duplicate assessments
- Unique Index: (Control + CI + Period + Tenant) combination enforced at database level
- Safe Re-Generation: Can safely click "Generate Now" multiple times
- Duplicate Reporting: System reports "Created X, skipped Y duplicates"
- Period Management: New assessments created when period changes (new quarter, new month)
- Data Integrity: Prevents accidental duplicate work for assessors

Monitoring & Operations

📈 Compliance Queue Monitoring: Real-time visibility into background jobs
- Bull Dashboard Integration: Added compliance queue to /admin/queues dashboard
- Queue Metrics: Waiting, Active, Completed, Failed job counts
- Processing Rate: Jobs per minute throughput metrics
- Job Details: View individual job data, parameters, and errors
- Retry Failed Jobs: Manual retry capability from dashboard
- Monitoring Page: Compliance queue included in system monitoring dashboard
- Performance Tracking: Average processing time and throughput statistics
🔍 Assessment List Enhancements: Updated UI for infrastructure-aware compliance
- Profile Column: Shows which profile/system group the assessment relates to
- CI Column: Displays the specific Configuration Item being assessed
- Enhanced Filtering: Filter by control, profile, CI, status, or assignee
- Auto-Generated Titles: Clear titles like "Data Classification Control - HANADB01"
- System-Specific View: See compliance status per individual system
- Bulk Operations: Manage assessments at scale across infrastructure

Technical Implementation

🏗️ Backend Architecture: Robust service layer for compliance operations
- Compliance Queue Processor: complianceQueueProcessor.js handles background jobs
- Assessment Generation Service: assessmentGenerationService.js creates assessment matrix
- Job Router: Routes jobs by type (generate-assessments, scheduled-assessments)
- Progress Tracking: 10% → 20% → 100% progress updates during job execution
- Error Handling: Comprehensive logging and error recovery
- Tenant Isolation: Complete tenant filtering throughout assessment generation
🔌 API Enhancements: New endpoints for queue-based operations
- POST /controls/:id/generate-assessments: Queue assessment generation job
- GET /jobs/:jobId/status: Check job status and progress
- Response Format: Returns jobId and "queued" status immediately
- Job Status: State, progress, failedReason, attempts, data
- Error Responses: Proper HTTP status codes and error messages
💾 Database Optimizations: Efficient schema for large-scale compliance
- Unique Indexes: Prevent duplicate assessments at database level
- Compound Indexes: (control + ci + period + tenant) for fast lookups
- Profile Membership: Separate fields for dynamic rules vs manual selection
- Period Fields: Indexed period field for fast filtering and reporting
- ObjectId Consistency: Proper ObjectId types for tenant queries

User Experience Improvements

🎨 Frontend Updates: Enhanced UI for profiles and queue-based generation
- Profile Management: Complete CRUD interface for compliance profiles
- Rule Builder: Visual interface for dynamic profile rule configuration
- CI Selector: Browse and select CIs for manual profiles
- Generate Button: Clear "Generate Assessments Now" action in control form
- Job Feedback: Success message shows Job ID and monitoring link
- Assessment Preview: See which assessments will be generated before creating
📚 Comprehensive Documentation: Complete user guides for new features
- Controls & Assessments Guide: 650-line comprehensive user manual
- Profile Concepts: What profiles are and why to use them
- Configuration Examples: Step-by-step profile creation instructions
- Assessment Generation: How the matrix system works
- Troubleshooting: Common issues and solutions
- Best Practices: Profile design, naming conventions, automation tips
- Updated Overview: Integration of profiles into compliance workflow

Multi-Tenant Security

🔒 Complete Tenant Isolation: Enhanced security for compliance data
- Profile Isolation: Profiles completely isolated by tenant
- Assessment Generation: Respects tenant boundaries throughout process
- CI Resolution: Only includes CIs from the selected tenant
- Queue Jobs: Tenant ID passed through entire job lifecycle
- Access Control: Users can only generate assessments for their tenant's controls
- Data Protection: Assessment matrix never crosses tenant boundaries

Integration & Compatibility

🔗 CMDB Integration: Seamless integration with existing infrastructure discovery
- CI Queries: Profiles leverage existing CMDB for CI discovery
- Real-Time Sync: Dynamic profiles reflect current CMDB state
- Relationship Aware: Can use CI relationships for profile rules
- Custom Fields: Profile rules can filter on custom CI fields
- Type Safety: Proper handling of CI types and subtypes
⚙️ Backward Compatibility: Maintains support for existing compliance workflows
- Manual Assessments: Can still create assessments manually if needed
- Legacy Structure: Old assessment structure supported for migration
- Optional Profiles: Profiles are optional, not required for all controls
- Gradual Adoption: Can implement profiles incrementally

Performance & Scalability

⚡ Optimized for Scale: Designed to handle enterprise-scale compliance
- Batch Processing: Processes CIs in batches for memory efficiency
- Queue Depth Management: Monitors queue to prevent backlog
- Worker Scaling: Support for multiple queue workers
- Database Efficiency: Optimized queries with proper indexing
- Async Operations: Non-blocking design keeps UI responsive
- Resource Management: Controlled memory usage during large generations

Bug Fixes & Improvements

🐛 Tenant Context Fixes: Corrected tenant handling in assessment generation
- Fixed controller using req.user.tenant instead of getTenant(req)
- Fixed profile routes to use selected tenant from header
- Corrected CI model import (destructured from export object)
- Fixed empty owner field validation in profile form
🔧 Schema Corrections: Proper data types throughout compliance system
📊 Monitoring Integration: Added compliance queue to all monitoring dashboards
🎯 UI Polish: Improved form validation and error messaging

Version 3.3.0

Released: 2025-09-28

Compliance Assessment System Implementation

🏗️ Complete Assessment Workflow: Full compliance assessment lifecycle management
- Assessment Creation: Create assessments linked to compliance controls with configurable frequency
- Evidence Collection: Comprehensive evidence tracking with file uploads and documentation
- Result Recording: Record assessment outcomes with scoring, findings, and remediation plans
- Historical Tracking: Complete audit trail of assessment history with versioning
- Status Management: Track assessment status (not-assessed, compliant, non-compliant, in-progress)
🏢 Multi-Tenant Architecture: Proper tenant isolation for compliance data
- Tenant-Aware Models: Policies, controls, and assessments properly isolated by tenant
- Tenant-Independent Data: Frameworks and citations remain global for consistency
- Data Isolation: Complete separation ensuring tenants only see their compliance data
- ObjectId Conversion: Proper MongoDB ObjectId handling for tenant queries
📊 Assessment Dashboard: Comprehensive compliance monitoring and reporting
- Compliance Scoring: Real-time calculation of overall compliance percentage
- Overdue Tracking: Automatic identification of overdue assessments
- Status Distribution: Visual breakdown of assessment statuses across tenant
- Recent Activity: Timeline view of recent assessment activities
- Due Date Management: Automated next due date calculation based on frequency
🎯 Frontend Components: Complete UI for assessment management
- Assessment List: Paginated list with filtering by control, status, type, and assignee
- Assessment Form: Rich form for creating and editing assessments
- Result Dialog: Modal for recording assessment results with evidence upload
- Dashboard View: Executive dashboard with key compliance metrics
- Material-UI Integration: Consistent design with existing application
🔧 API Enhancements: Comprehensive REST API for compliance management
- CRUD Operations: Full create, read, update, delete for all compliance entities
- Tenant Validation: Automatic tenant filtering in all operations
- Error Handling: Robust error handling with proper HTTP status codes
- Pagination Support: Efficient pagination for large assessment datasets
- Validation: Input validation using express-validator

Technical Improvements

🛠️ Database Schema Fixes: Corrected tenant field types from String to ObjectId
🔍 Import Corrections: Fixed controller imports and function references
📁 Model Registration: Ensured all models are properly loaded in app.js
🔗 API Connectivity: Resolved 404 and 500 errors in compliance endpoints

Version 3.2.0

Released: 2025-09-23

Xurrent (4me) AI Change Manager Integration

🤖 AI-Powered Change Risk Assessment: Complete integration with Xurrent for automated change analysis
- Webhook Integration: Receives change requests from Xurrent automation rules
- AI Analysis: Uses Claude AI to analyze change risks based on CMDB relationships
- Specific System Recognition: Identifies and includes specific CI names (e.g., KTPRDEXC01, KSDC01, KSDC02)
- Relationship Context: Leverages CIAiRelationship data with purpose, risk level, and business impact metadata
📊 Comprehensive Risk Metrics: Detailed risk assessment with multiple dimensions
- Risk Scores: Technical, Business, Dependency, and Historical risk scoring (0-100 scale)
- Impact Analysis: Affected systems count, critical impacts, and user impact assessment
- Downtime Estimation: Complex downtime analysis with planned duration and risk-adjusted estimates
- Confidence Scoring: AI confidence level for each assessment
🎯 Enhanced UI Extension Fields: 19 custom fields for Xurrent tasks
- Downtime Breakdown: Separate fields for planned duration, risk-adjusted estimate, service impact, and recommended window
- Recommendations: Pre-change, during-change, and post-change recommendations in rich text format
- Impact Metrics: Total impacted systems, critical impacts, and affected users
- Risk Categories: Individual scores for different risk dimensions
🔧 Developer Tools: Scripts and utilities for testing and deployment
- Test Script: test-xurrent-webhook.js for webhook testing with actual payload formats
- UI Extension Script: update-xurrent-ui-extension.js for GraphQL-based UI Extension management
- Error Handling: Robust type checking to prevent runtime errors with various data formats

Product Mapping Enhancements

🔍 Dynamic Product Search: Replaced manual product ID entry with real-time product search
- Autocomplete Search: Material-UI based autocomplete component with debounced search
- GraphQL Product API: Backend endpoints for searching Xurrent product catalog
- Rich Product Display: Shows product name, brand, model, and category in search results
- Product Categories: Displays product category information with reference codes
- Search Optimization: Debounced search (300ms) to minimize API calls
🛠️ Integration Improvements: Enhanced Xurrent API integration
- Webhook Name Discovery: Dynamic detection of webhook names with account suffix
- Fixed Automation Rule Creation: Handles Xurrent's automatic account name appending to webhooks
- GraphQL Filter Syntax: Corrected filter syntax using "contains" operator instead of wildcards
- Scope Management: Removed fields requiring extra permissions (supportTeam, financialOwner)
- Type Safety: Fixed integer type conversion for GraphQL limit parameter

Technical Improvements

Array Type Safety: Enhanced handling of arrays vs strings in webhook responses
Object Field Mapping: Proper extraction of nested object properties for UI display
GraphQL Integration: Support for Xurrent's GraphQL API for task updates and product searches
Module Export Patterns: Added support for both class and instance exports in XurrentService

Version 3.1.9

Released: 2025-09-14

CI Relationship System Improvements

🔄 Bidirectional Relationship Fixes: Enhanced relationship storage with proper view management
- View Swapping: Fixed bidirectional relationship storage to properly swap sourceView/targetView
- Duplicate Prevention: Resolved duplicate relationship creation in maintenance tasks
- Perspective Management: Correctly handles relationship perspectives from both source and target CIs
📚 Software Catalog Enhancements: Global catalog improvements
- Tenant-Less Catalog: Removed tenant filtering to make software catalog globally accessible
- Matching Logic: Fixed aggressive Operations-agent fallback that incorrectly matched all processes
- Process Detection: Improved process-to-application matching accuracy

Network Visualization Enhancements

🎯 Connection Grouping: New grouping functionality for network connections
- Port Grouping: Group connections by port numbers (e.g., 1521 for Oracle, 3306 for MySQL)
- IP Range Grouping: Group by network subnets (/24, /16, /8)
- Process Grouping: Group connections by process name
- Perspective-Based: Port grouping uses remote ports from central CI's viewpoint
📊 Interactive Groups: Enhanced visualization with smart grouping
- Collapsible Groups: Click to expand/collapse grouped connections
- Threshold Control: Automatic collapsing for groups with 5+ connections
- Large Group Handling: Groups with >10 connections display as lists in Inspector panel
- Group Metadata: Shows connection counts and grouping criteria
🎨 UI Improvements: Better user experience for grouped views
- View Configuration: Added grouping controls to right-side configuration panel
- Inspector Panel: Enhanced to show grouped connections as scrollable lists
- Performance: Optimized rendering for large numbers of connections
- Visual Feedback: Clear indication of grouped vs individual connections

Version 3.1.8

Released: 2025-09-05

Project Management Enhancements

📊 Improved Gantt Chart: Consolidated to a single, more capable Gantt chart implementation
- Hierarchical Task Organization: Tasks properly organized under collapsible phase groups
- Phase Management: Visual phase headers with task counts and expand/collapse functionality
- Inline Task Creation: Add new tasks directly within each phase using inline forms
- Enhanced Visualization: Better visual hierarchy with indented tasks and phase summaries
- Progress Tracking: Phase-level progress automatically calculated from child tasks
- View Modes: Support for Day, Week, and Month timeline views
🎯 UI Improvements: Streamlined project detail view
- Removed Duplicate Tabs: Eliminated redundant Gantt chart tab for cleaner navigation
- Consistent Experience: Single Gantt implementation ensures uniform user experience
- Better Performance: Reduced bundle size by removing unused component library

Version 3.1.7

Released: 2025-08-17

Enhanced Authentication Security

🔒 Password Security Enhancements: Comprehensive password policy implementation
- Strong Password Requirements: 12+ character minimum with complexity rules (uppercase, lowercase, numbers, special characters)
- Common Password Blocking: Prevents use of common/easily guessable passwords
- Sequential Character Detection: Blocks patterns like "123456" or "abcdef"
- Real-Time Strength Validation: Live password strength feedback with scoring system
- Password Migration Flow: Seamless upgrade path for existing users with weak passwords
- Enhanced Validation: Joi-based server-side validation with detailed error messages
⚡ Advanced Rate Limiting: Multi-layered protection against brute force attacks
- Login Protection: 5 attempts per 15 minutes, escalates to 1-hour lockout after 10 failed attempts
- 2FA Rate Limiting: 10 attempts per 15 minutes for 2FA operations
- Registration Throttling: 3 registration attempts per hour per IP
- Sensitive Operations: Password changes limited to 3 attempts per hour
- Smart Fingerprinting: IP + User-Agent combination for better tracking
- Security Logging: Comprehensive audit trail for all rate limit violations
🔐 2FA Security Improvements: Enhanced two-factor authentication flow
- Mandatory 2FA Enforcement: Users with weak passwords must update before accessing 2FA
- Secure Migration Flow: Password updates require 2FA verification for completion
- Token Security: Separated migration tokens from login tokens for better security
- Session Management: Proper handling of authentication states during migration
- 2FA Preservation: User 2FA settings maintained throughout password migration process
🛡️ Authentication Architecture: Improved login flow design
- Multi-Stage Authentication: Separated password validation, migration, and 2FA verification
- Complete Login Endpoint: New /auth/complete-login for post-migration authentication
- State Management: Clear separation of authentication states (migration, 2FA, setup, complete)
- Error Resilience: Robust error handling throughout the authentication pipeline
- Security Headers: Rate limit information exposed to clients for transparency

Security Infrastructure

📊 Security Monitoring: Enhanced logging and monitoring capabilities
- Security Event Logging: Dedicated security.log for authentication events
- Rate Limit Tracking: Detailed violation logging with client fingerprinting
- Authentication Audit Trail: Complete logging of password migrations and 2FA events
- Real-Time Monitoring: Live tracking of authentication failures and security events

User Experience Improvements

🎨 Enhanced Login Interface: Improved authentication user experience
- Password Strength Indicator: Real-time visual feedback during password creation
- Migration Workflow: Seamless password update flow with clear instructions
- Rate Limit Feedback: Visual indicators showing remaining attempts and reset times
- Security Messaging: Clear communication about security requirements and improvements
- Progressive Enhancement: Graceful handling of JavaScript and network issues

Technical Implementation

🔧 Backend Security: Robust server-side security implementation
- Joi Validation Schemas: Comprehensive input validation for all authentication endpoints
- JWT Security: Enhanced token management with explicit algorithms and shorter expiration
- Middleware Architecture: Modular rate limiting and validation middleware
- Error Handling: Detailed error logging while preventing information disclosure

Version 3.1.6

Released: 2025-08-16

CPE/NVD Integration for Software Vulnerability Management

🔒 CPE Data Integration: Comprehensive Common Platform Enumeration support
- Automatic CPE Matching: Searches NVD database to assign CPE identifiers to software
- Vulnerability Tracking: Real-time vulnerability counts (Critical, High, Medium, Low)
- Match Confidence Scoring: Displays confidence percentage for CPE matches
- Multiple Match Strategies: Exact, version, vendor-product, and name-based matching
- Manual CPE Assignment: Ability to manually set CPE for unmatched software
📊 Vulnerability Visualization: Enhanced UI for security insights
- CPE Status Column: Shows match status and confidence in software catalog
- Vulnerability Badges: Color-coded chips for critical/high/medium vulnerabilities
- CVE Details Tab: New tab showing top CVEs with CVSS scores and descriptions
- CPE Information Panel: Comprehensive CPE details including NVD status
- Vulnerability Summary: Visual dashboard with vulnerability counts
🔄 Background CPE Enrichment: Automated vulnerability data collection
- Maintenance Task: "Enrich CPE Data for Software Catalog" background job
- Rate-Limited Processing: Respects NVD API limits (50 requests/30 seconds)
- Batch Processing: Processes 50 software entries at a time
- Progress Tracking: Real-time progress updates via Redis queue
- Error Resilience: Automatic retries with exponential backoff
🛠️ Technical Implementation
- Software Catalog Schema: Added comprehensive CPE fields and methods
- API Endpoints: New endpoints for CPE population and vulnerability queries
- Redis Queue Worker: Dedicated handler for CPE enrichment tasks
- Migration Support: Scripts to migrate existing CPE data to catalog
- Frontend Components: Updated forms and details views with CPE fields

Version 3.1.5

Released: 2025-08-09

Software Asset Management (SAM)

📦 Software Inventory Management: Comprehensive software discovery and tracking
- Unified Software View: Displays Software Families, Products, and Instances in one interface
- Advanced Filtering: Filter by family, vendor, category, status, and CI type
- Installation Tracking: Automatic calculation of installation counts across infrastructure
- Smart Family Grouping: View all software products and instances belonging to a family
- Real-Time Statistics: Dashboard shows total items, families, vendors, and installations
- CSV Export: Export software inventory with installation counts for reporting
🔧 Maintenance Tasks: New administrative tools for CMDB maintenance
- Installation Count Updates: Background job to calculate software installations via Redis queue
- Task Management UI: Visual interface for running maintenance tasks with progress tracking
- Queue Integration: Bull queue processing with job status monitoring
- Performance Optimized: Direct MongoDB operations bypass validation for bulk updates
- Task Categories: Data updates, performance optimization, and cleanup tasks
- Job History: Track completed, failed, and running maintenance tasks
🎨 UI Enhancements: Improved Software Inventory interface
- CI Type Column: Visual indicators for Software Family, Product, and Instance types
- Installation Count Display: Shows number of installations for Software Instance CIs
- Collapsible Sidebar: Space-efficient filter panel matching Software Catalog design
- Color-Coded Statistics: Visual distinction between families, vendors, and installations
- Responsive Design: Optimized for desktop and mobile viewing

Technical Improvements

Field Management: Added number_of_installations field to Software Instance CI type
Worker Integration: Maintenance task processor integrated with worker.js
Queue Naming: Support for queue prefixes in multi-environment deployments
Validation Bypass: Bulk update operations skip Mongoose validation for performance
Direct MongoDB Access: Critical operations use native MongoDB driver for efficiency

Version 3.1.4

Released: 2025-08-07

Performance Optimization & Monitoring

📊 Query Performance Monitoring: New database performance dashboard
- Real-Time Scan Ratios: Monitors query efficiency with visual status indicators
- Index Usage Analysis: Tracks index coverage per collection with document counts
- Performance Recommendations: Automated suggestions for query optimization
- Slow Query Detection: Identifies and displays queries with high scan ratios
- No Overhead Design: Only queries when dashboard is viewed, zero continuous impact

Database Performance Fixes

⚡ Critical Index Optimizations: Resolved MongoDB Atlas performance alerts
- Fixed 69,000:1 Scan Ratio: Created 4 critical indexes for cirelationships collection
- Index Cleanup: Removed 15 redundant indexes saving ~200MB storage
- Query Speed: 99.99% reduction in scanned documents (193,748:1 to 0:1)
- Execution Time: 10x faster queries (520ms → 51ms)

Resource Optimization

💾 Storage and Memory Improvements: Significant resource savings
- DiscoveryLogs TTL: Implemented 3-day TTL for 709,426+ documents
- Embedding Optimization: Excluded workstations from embeddings, saving 148.51MB
- Smart Cleanup: Removed 36,248 unnecessary workstation embeddings
- Teknosa Agent: Identified and resolved excessive logging (101,452 logs/day)

WebSocket Stability

🔌 Connection Reliability: Enhanced agent WebSocket connections
- Heartbeat Tolerance: Increased timeout from 90s to 120s (4 heartbeat intervals)
- Debug Logging: Added warnings for delayed heartbeats at 60 seconds
- Network Resilience: Better handling of temporary network delays
- Connection Monitoring: Improved tracking of heartbeat delays

Discovery Enhancements

🔄 Schedule Synchronization: Fixed agent schedule sync issues
- getSchedule Command: Properly syncs schedule data to DiscoverySchedule model
- Data Extraction: Fixed parsing of nested schedule data in command responses
- Schema Flexibility: Made customer field optional for agent compatibility
- Error Handling: Robust sync with detailed error logging
- Manual Sync: Support for recovering schedules from command history

CI Management

👤 User Login Tracking: Enhanced CI fields for user activity
- New Fields: Added last_logged_on_user, current_logged_on_user, last_logged_on_sam_user
- UI Display: Fixed display in System Information section of CI Details
- Data Processing: Updated WMI processor to capture user login information
- Field Validation: Added proper validation patterns for user fields

Version 3.1.3

Released: 2025-08-06

Discovery Agent Enhancements

🔧 Agent Connection Stability: Major improvements to WebSocket connection reliability
- Stable Agent IDs: Fixed duplicate agent records by using configured IDs instead of generating UUIDs on restart
- Reduced Overhead: Disabled WebSocket ping/pong frames, reducing connection overhead by 50%
- Exponential Backoff: Implemented intelligent reconnection with delays (5s, 10s, 20s, 40s, 60s)
- Stale Connection Detection: Enhanced error handling to detect and properly close stale connections
- Connection Metrics: Added monitoring for reconnection rates and connection health

Agent Command Improvements

📋 Get Logs Command: Enhanced log retrieval functionality for discovery agents
- Multi-File Support: Collects logs from all agent log files (agent.log, background_service.log, app.log, scheduler.log, service.log, integrations.log)
- Rotation Support: Automatically includes rotated log files (.1, .2, etc.)
- Flexible Filtering: Support for line count, log level filtering (error, warning, info, debug), and time range queries
- Metadata Tracking: Returns log file paths, line counts, and filter information
- Performance Optimized: Efficient reading of large log files with configurable limits

UI/UX Improvements

🎨 Enhanced Log Viewer: New full-screen log viewing capability
- Expand Button: Added expand icon next to getLogs command results for full-screen viewing
- Dark Theme: Black background with monospace font for better log readability
- Smart Formatting: Handles both string and JSON log formats with proper parsing
- Scrollable View: Both horizontal and vertical scrolling with 60% viewport height limit
- Metadata Display: Shows retrieval timestamp and line count information
- Improved Commands Tab: Better layout with flex containers for log results

Discovery Features

🚀 Remote Scan Initiation: New on-demand discovery scan interface
- Dedicated Scan Page: Full-featured UI for configuring and running discovery scans remotely
- CIDR Support: Input multiple IP ranges with CIDR notation (e.g., 192.168.1.0/24)
- Exclusion Ranges: Define IPs or ranges to exclude from scanning
- Real-Time Progress: Live progress tracking using discovery logs
- Async Process Handling: Monitors scan progress by polling discovery logs instead of command responses
- Progress Visualization: Determinate progress bar showing IPs scanned vs total expected
- Success Metrics: Real-time display of successful/failed scans with success rate percentage
- Intelligent Completion: Scan completes when all IPs are scanned or after 5-minute timeout
- Result Summary: Shows total IPs scanned, success/failure counts, duration, and success rate

Technical Details

Log Data Flow:
- Agent reads logs from local files without creating duplicates
- Logs sent via WebSocket as part of command response
- Backend stores logs in MongoDB agentcommands collection
- Frontend retrieves and displays from database with proper formatting
Agent Status Colors:
- Green: Active WebSocket connection (isConnected = true)
- Gray: No active connection, status not explicitly set
- Red: Explicitly offline status
- Orange: Pending status

Version 3.1.2

Released: 2025-08-02

VMware vCenter Integration

🔄 vCenter Scanner: Comprehensive VMware infrastructure discovery capability
- Complete Infrastructure Mapping: Discovers vCenter servers, datacenters, clusters, ESX hosts, and virtual machines
- Resource Tracking: Collects CPU, memory, storage allocations and usage metrics
- Network Discovery: Maps virtual networks, distributed port groups, and VLANs
- Storage Systems: Discovers datastores with capacity, usage, and accessibility information
- Template Management: Automatically identifies and excludes VM templates from active inventory
- Multi-UUID Support: Tracks UUID, Instance UUID, and BIOS UUID for accurate VM identification
- Performance Metrics: Captures resource reservations, limits, and actual usage
- Hypervisor Details: Collects ESXi version, build, and API information

Infrastructure Enhancements

🏗️ Enhanced CI Types for VMware: Comprehensive field additions for VMware infrastructure
- Server CI Type: Added VM-specific fields including UUIDs, resource allocations, boot times, and annotations
- ESX Server: Enhanced with hypervisor details, uptime tracking, maintenance mode, and management IPs
- VMWare VCenter: Added version, build, licensing, and API version tracking
- VCenter Datacenter: Tracks folder structure, resource counts, and health status
- VCenter Cluster: Monitors DRS/HA configuration, EVC mode, and resource utilization
- Storage CI Type: New type for datastores with capacity metrics and host mount information
- Network CI Type: New type for virtual networks with VLAN and connectivity tracking

Processing Pipeline

⚙️ vCenter Processor: Automated processing of VMware scan data
- Relationship Mapping: Creates complete infrastructure hierarchy from vCenter down to VMs
- Multi-tenant Support: Maintains customer and tenant isolation for all VMware CIs
- Nested Data Handling: Properly processes complex vCenter JSON structures
- Conditional Field Population: VM fields only populated for virtual servers
- Redis Queue Integration: Asynchronous processing through existing scan pipeline

Version 3.1.1

Released: 2025-08-02

Documentation Enhancements

📚 Comprehensive Security Documentation: Complete security documentation suite for customer assurance
- Security Overview: Comprehensive guide to NopeSight's defense-in-depth security architecture
- Data Encryption Guide: Detailed documentation of encryption at rest, in transit, and application-level security
- Compliance Support: Complete regulatory compliance guide covering SOX, HIPAA, PCI-DSS, ISO 27001, and NIST frameworks
- Security Best Practices: Comprehensive guide for customers on account security, agent deployment, and operational security
- Enhanced Documentation Structure: Security section promoted to top-level navigation with expanded visibility
- Customer-Focused Content: All documentation written for operators and customers, focusing on benefits and assurances rather than technical implementation

Security Enhancements

🔐 Mandatory Two-Factor Authentication (2FA): Comprehensive TOTP-based security implementation
- TOTP Integration: Time-based One-Time Password support with authenticator apps (Google Authenticator, Authy, Microsoft Authenticator)
- QR Code Setup: Automatic QR code generation for easy authenticator app configuration
- Backup Codes: 10 single-use backup codes generated during setup for account recovery
- Mandatory Enforcement: All users required to enable 2FA within 7 days of login
- Grace Period: Temporary access allowed for setup with persistent reminder notifications
- Session Security: Enhanced JWT token management with 2FA verification state
- Recovery Flow: Secure backup code usage with automatic deactivation after use
- User Experience: Seamless integration with existing login workflow, maintaining familiar interface
🔒 AWS Secrets Manager Integration: Enhanced security for sensitive configuration data
- Credential Management: JWT secrets and API keys now stored in AWS Secrets Manager
- Environment Separation: Production credentials isolated from development environments
- Automatic Rotation: Infrastructure ready for automated credential rotation
- Access Control: IAM-based access controls for secret retrieval
- Zero-Trust Architecture: Eliminated hardcoded credentials from application code

Performance Optimizations

⚡ Dashboard Performance Improvements: Significant reduction in API calls and loading times
- API Call Deduplication: Reduced dashboard API requests by 50-60% through intelligent caching
- Smart Caching: TTL-based caching system for frequently accessed data (5-minute TTL for most endpoints)
- Batch Loading: Widget data loaded in optimized batches rather than individual requests
- Skeleton Loading: Enhanced user experience with skeleton loading states during data fetch
- Memory Optimization: Reduced memory footprint through efficient data structure management
- Response Time: Average dashboard load time reduced from 3-5 seconds to 1-2 seconds
- Concurrent Request Management: Prevents duplicate API calls through request deduplication

Database Security Analysis

🛡️ Critical Security Vulnerabilities Identified: Comprehensive security audit completed
- Code Injection Risks: Identified potential NoSQL injection vulnerabilities in query construction
- Hardcoded Credentials: Located embedded credentials requiring immediate rotation
- Access Control: Documented insufficient input validation in several API endpoints
- Data Exposure: Identified potential for sensitive data leakage in error responses
- Remediation Plan: Security fixes scheduled for immediate implementation
- Security Assessment Score: Current risk level classified as HIGH, requiring urgent remediation

Developer Experience

🔧 Enhanced Development Tools: Improved debugging and monitoring capabilities
- Security Logging: Comprehensive audit trail for 2FA operations and authentication events
- Performance Metrics: Dashboard performance monitoring with detailed timing analytics
- Error Handling: Enhanced error boundaries and user feedback mechanisms
- Development Workflow: Streamlined development process with security-first approach
- Token Management: Centralized JWT and API key management through AWS infrastructure

Compliance & Audit

📋 Security Compliance: Enhanced compliance posture for enterprise deployments
- Audit Trails: Complete logging of authentication and authorization events
- Multi-Factor Requirements: Meets modern security standards for privileged access
- Session Management: Improved session security with 2FA state tracking
- Recovery Procedures: Documented and tested account recovery workflows
- Regulatory Alignment: Supports SOX, HIPAA, PCI-DSS, and ISO 27001 requirements

Breaking Changes

Mandatory 2FA: All users must complete 2FA setup within 7 days of system access
AWS Secrets Manager Dependency: Production deployments require AWS Secrets Manager configuration
API Authentication: Enhanced token validation may require client application updates

Version 3.0.21

Released: 2025-08-01

Technical Documentation

📚 Windows WMI Scanner Documentation: Comprehensive technical reference for Windows discovery system
- WMI Classes Reference: Complete documentation of all Win32_* WMI classes used for Windows system discovery
- Network Protocol Details: Port requirements (135, 445), RPC/DCOM protocols, and firewall considerations
- Authentication Methods: Multiple credential format support (domain\user, user@domain, local accounts)
- PAExec Fallback System: Detailed explanation of SMB-based fallback when WMI ports are blocked
- Registry-Based Software Inventory: Performance-optimized software discovery using registry queries
- Network Connection Analysis: TCP connection mapping with process identification and state analysis
- Security Configuration: Required permissions, firewall rules, and WMI security settings
- Troubleshooting Guide: Common error codes, diagnostic commands, and configuration fixes
- Performance Metrics: Typical scan times and resource usage for different system types

Documentation Infrastructure

🔧 Technical Reference Section: New documentation category for detailed technical specifications
- Sidebar Integration: Added Technical Reference section to documentation navigation
- Structured Technical Docs: Framework for additional technical documentation (SSH, SNMP, vCenter)
- Administrator Focus: Documentation tailored for system administrators and security analysts

Version 3.0.20

Released: 2025-07-31

CI Relationship System Enhancements

🔗 Enhanced CI Relationship Mapping: Comprehensive system for mapping network connections and software installations to applications and families
- Software Catalog Integration: Imported 2,031 enriched software catalog entries from systematic AI analysis of CSV files (1000-1800.csv and 1800-3000.csv)
- Enhanced Process Matching: Upgraded findApplicationForProcess function with multi-strategy software matching including SQL Server specific handling, vendor-based matching, and catalog status awareness
- Network Relationship Enhancement: Fixed missing softwareFamily field for unknown device relationships in network connections
- Automatic Catalog Creation: Added pending catalog entry creation for unmatched network processes to improve future matching
- Software Installation Enrichment: Enhanced software installation relationships with catalog-based application and family information
- Smart Process Detection: Added intelligent process matching for software installations using catalog data cross-referenced with running processes

Backend Processing Improvements

📊 Bulk Relationship Updates: Created scripts to update existing relationships with enhanced metadata
- Mass Enhancement: Updated 53,419+ existing "Installed On" relationships with application, softwareFamily, and process information
- ServerProcess Model Fix: Resolved dependency issues by removing reliance on empty ServerProcess model, using ServerNetworkConnection instead
- CI Relations Analysis: Enhanced analysis to handle both network relationships and software installation relationships
- Queue Processing: Added support for background processing of large-scale relationship updates
- Error Resilience: Improved error handling for relationships with null/empty process names and missing catalog entries

API & Data Management

🔧 New API Endpoints: Added getCINames endpoint for efficient CI name resolution by batch ID lookup
- Performance Optimization: Reduces API calls by fetching multiple CI names in a single request
- Memory Efficient: Uses lean queries with only _id and name fields for minimal data transfer
- Route Integration: Properly wired endpoint at /api/cmdb/cis/names with authentication middleware
- TypeScript Support: Updated interfaces to support enhanced relationship processing results

UI/UX Improvements

🎨 ScanDataDetail Enhancements: Improved Related CIs section with better user experience
- CI Name Display: Shows actual CI names instead of ObjectIDs for better readability
- Correct Navigation: Fixed navigation URLs from /cmdb/items/{id} to /cmdb/{id} format
- Fallback Handling: Graceful degradation to show IDs when name resolution fails
- Loading States: Added proper loading and error handling for CI name fetching
- Batch Loading: Efficiently loads all CI names when component initializes

Data Quality & Consistency

📈 Relationship Data Enhancement: Systematic improvement of relationship metadata quality
- Application Mapping: Network connections now properly link to applications via process analysis
- Family Classification: Software families properly assigned based on catalog taxonomy
- Process Correlation: Running processes matched to installed software for complete picture
- Catalog Coverage: Pending entries created for unknown software to improve future discovery
- Statistics Tracking: Comprehensive tracking of enrichment success rates and processing results

Developer Experience

🛠️ Enhanced Tooling: Created comprehensive scripts and utilities for relationship management
- Import Scripts: Automated CSV import with proper field mapping and validation
- Update Scripts: Bulk update utilities for existing relationship enhancement
- Test Scripts: Verification tools for validating relationship processing logic
- Migration Support: Safe migration paths for model changes and data updates
- Documentation: Enhanced inline documentation for complex relationship processing logic

Version 3.0.19

Released: 2025-07-30

Discovery Agent Enhancements

🔍 NMAP Integration: Bundled NMAP with discovery agent for enhanced network scanning
- Portable NMAP: Includes NMAP binaries for Windows (x86/x64) in agent package
- Service Detection: Enhanced port scanning with service version detection
- OS Fingerprinting: Improved operating system detection accuracy
- No Installation Required: NMAP runs directly from agent directory without admin rights
- Automatic Architecture Detection: Agent selects appropriate NMAP binary (32/64 bit)

Security & Multi-Tenant Improvements

🔒 Scan Data Tenant Isolation: Implemented complete tenant awareness for raw scan data
- Backend Filtering: Raw scan data controller now filters all queries by user's selected tenant
- Access Control: Users can only view, update, or delete scan data from their assigned tenant
- Frontend Integration: ScanDataList and ScanDataDetail components now use tenant context
- Discovery Service Updates: All API calls include tenant parameter for proper isolation
- Security Validation: Added 403 Forbidden responses for cross-tenant access attempts

Software Catalog Enhancements

📦 Software Catalog Status Management: Added proper status tracking for software catalog entries
- Status Field: Added status field with values: pending, active, inactive, deprecated
- Pending Discovery Items: Software discovered by agents now properly marked as "pending" for classification
- Enhanced Filtering: Added status filter to software catalog UI with color-coded status chips
- Migration Script: Migrated 19,971 existing entries (16,750 pending, 3,221 active)
- Product Name Column: Added product name column to list view for better clarity
- Pagination Fix: Fixed MongoDB memory errors with proper pagination and disk usage

Deployment Improvements

🚀 Redis Readiness Check: Enhanced deployment reliability with Redis health verification
- Connection Validation: Waits up to 5 minutes for Redis to be ready before backend deployment
- Task Status Monitoring: Checks ECS task status to ensure Redis container is running
- Additional Buffer: 20-second delay after confirmation for full Redis initialization
- Prevents Timeout Errors: Eliminates "connect ETIMEDOUT" errors during deployment

Version 3.0.18

Released: 2025-07-25

Multi-Tenant Security Enhancements

🔒 Critical Security Fix: Fixed critical security issue where users could see data from all tenants
- Dashboard Isolation: Dashboard now properly filters by user's assigned tenants
- Embedding Tenant Isolation: Added tenant field to all embeddings for vector search isolation
- RAG Multi-Tenant Fix: Vector searches now filter by tenant to prevent cross-tenant data leakage
- User Tenant Management: Added easy-to-use UI in UserEdit/UserDetail for managing tenant assignments

Software Catalog Migration

🔄 SoftwareMapping to SoftwareCatalog Migration: Complete migration to unified software catalog
- Model Consolidation: Removed duplicate SoftwareMapping model in favor of SoftwareCatalog
- Static Methods: Added normalizeName(), findBestMatch(), createOrUpdateEntry() to SoftwareCatalog
- Service Updates: Updated all services to use SoftwareCatalog instead of SoftwareMapping
- Performance: Added compound indexes for better multi-tenant query performance

CI Relationship Enrichment

🔧 CI Relations Analysis & Enrichment: New CMDB Settings section for relationship analysis
- Analysis Dashboard: Shows relationships without application/family data
- Bulk Enrichment: Enrich relationships with software catalog data via direct or queue processing
- SAP Process Support: Added all core SAP NetWeaver processes to software catalog
- Special Character Handling: Fixed regex escaping for processes with special characters (e.g., disp+work.exe)
- Null Process Handling: Fixed errors when processing relationships with null process names
- Installed On Cleanup: Removed 106,072 "Installed On" relationships that lacked process information

Software Instance Enrichment

📦 Software Instance CI Enrichment: New endpoint to enrich software instances with catalog data
- Automatic Matching: Matches software instances to catalog entries by name or mappingId
- Pending Catalog Creation: Creates pending entries for unknown software
- Bulk Processing: Support for batch enrichment via Redis queue
- Family Assignment: Automatically assigns software families based on catalog data

Performance Improvements

⚡ CIList Performance: Optimized default columns for faster loading
- Essential Columns Only: Shows only name, type, status, created, IP, OS, last scan, model, manufacturer, vendor
- Date Validation: Added validation to prevent "Invalid time value" errors
- Column Configuration: Improved column customizer for better user experience

Bug Fixes

Fixed CI relation enrichment not working due to queue naming issues
Fixed duplicate key errors when creating pending catalog entries
Fixed SoftwareCatalog validation error for metadata.source enum value
Fixed discrepancy in CI relationship counts between dashboard cards
Fixed CI relation enrichment job structure for Redis queue compatibility

Version 3.0.17

Released: 2025-07-24

Business Service Analyzer

🚀 New Feature: Business Service Analyzer: Comprehensive AI-powered service discovery and mapping
- Multi-Step Wizard: Intuitive workflow for service definition, enrichment, discovery, and analysis
- AI-Powered Enrichment: Automatically suggests related processes, ports, and software based on service description
- Automated Discovery: Finds all servers and network connections related to the business service
- Intelligent Classification: AI classifies servers by role (web, app, database) and tier (frontend, application, data, infrastructure)
- Visual Service Mapping: Interactive network diagrams showing service topology and dependencies
- Comprehensive Insights: AI-generated analysis including business impact, technical architecture, risks, and recommendations
- Business Service CI Creation: Automatically creates Business Service CIs with full discovery metadata
- Relationship Mapping: Creates "Runs On" relationships between Business Service and component servers
🔧 AI Service Improvements:
- Token Limit Optimization: Increased AI token limits to handle complex service analysis (4000 for enrichment, 8000 for classification)
- JSON Parsing Enhancement: Improved handling of AI responses wrapped in markdown code blocks
- SAP Port Placeholder Fix: Fixed AI generating placeholder syntax like 5<instance_no>13 in port numbers
- Error Recovery: Enhanced JSON extraction with multiple fallback strategies
📊 Data Structure Enhancements:
- Flexible Process Handling: Components now handle both runningProcesses and processes fields for backward compatibility
- Metadata Extraction: OS and IP information properly extracted from nested metadata objects
- Service Analysis Tab: Enhanced to display saved Business Service data with full discovery details
🎨 UI/UX Improvements:
- Discovery Preview: Added checkbox functionality to select/deselect servers and connections
- Process Display: Shows key processes for each server with expandable view
- Confidence Scoring: Visual indicators for classification confidence levels
- Save Dialog: Streamlined Business Service saving with validation

Backend Improvements

🔧 Discovery Optimization: Improved query performance for large-scale process searches
🏷️ Type Safety: Fixed TypeScript types to support both process field variations
📝 Audit Trail: Comprehensive logging for all Business Service Analyzer operations

Bug Fixes

Fixed discovery navigation not advancing after completion
Fixed checkbox selection in Discovery Preview section
Fixed "Unable to parse insights data" error when viewing saved Business Services
Fixed missing OS and process information in Service Analysis tab
Fixed ObjectId vs string comparison in discovery queries

Version 3.0.16

Released: 2025-07-18

Reporting & Analytics Enhancements

📊 CMDB KPI Reports: Added comprehensive CMDB health and quality metrics
- Data Freshness Score: Gauge chart showing percentage of recently updated CIs
- Stale CI Detection: Bar chart identifying CIs not updated in specified timeframes
- Added gauge chart support to ReportChart component using Chart.js
- KPI scoring algorithms for data quality measurement
📈 Report Improvements:
- Device Age Distribution Report: Shows age groups of servers and workstations
- Fixed device discovery timeline reports returning empty results
- Improved report filtering to work correctly with tenant isolation
- Enhanced stat/number widgets with gradients, icons, and better visual appeal

UI/UX Improvements

🎨 CI List Enhancements:
- CSV Export: Added export functionality for filtered Configuration Items
  - Exports all currently filtered CIs (no selection required)
  - Proper CSV escaping for special characters
  - Includes all visible columns in export
  - Loading state during export process
- Modern Toolbar Design: Redesigned header with cleaner aesthetics
  - Removed rounded Paper component for flatter design
  - Simple underline separator instead of borders
  - Better typography with item counts
  - Icon-based actions with hover effects
  - Gradient "New CI" button with enhanced styling

Version 3.0.15

Released: 2025-07-17

Event Management Improvements

🎯 Event Impact Visualization: Enhanced event display in CI relationship views
- Fixed events not showing in Event Impact visualization due to ObjectId/string mismatch
- Events now properly display on affected CIs with severity-based colors
- Added event tooltips showing title, severity, and timestamp
- Event icons display on nodes based on severity (critical/major: error icon, warning: warning icon, info: info icon)
- Unknown devices automatically hidden in Event Impact view for cleaner visualization
- Fixed event CID matching by converting both values to strings before comparison
📅 Event Date Management: Improved event timestamp handling
- Created script to update existing event dates to current timestamps for testing
- Events distributed by severity: Critical (last 24h), Major (last 3d), Warning (last 7d), Minor/Info (last 30d)
- Proper event aging simulation for realistic testing scenarios

UI/UX Improvements

🔧 Software Family Associations: Fixed associated collections not loading
- Fixed filter configuration for Software Family to Software relationships
- Added proper type filtering when querying associated Software CIs
- Ensures only Software type CIs are shown in Software Family associations

Version 3.0.14

Released: 2025-07-17

Application Dependency Mapping (ADM)

🗺️ ADM Preview Mode: New Application Dependency Mapping visualization
- Process-level dependency visualization showing application connections
- Interactive process discovery - click on target nodes to discover listening processes
- Automatic creation of intermediate process nodes when dependencies are discovered
- Smart grouping by process with expandable/collapsible views
- Focus mode to isolate specific process dependencies
- Real-time discovery of listening processes on target servers
- Visual process chain: Source Process → Listening Process → Target Server

Network Visualization Improvements

🔍 Enhanced IP Address Discovery: Improved CI lookup by IP address
- Searches multiple IP address fields including arrays and JSON structures
- Parses network adapter summary to extract all IPs
- Created migration script to index IPs for faster searches
- Supports multi-homed servers with multiple network interfaces
🚫 Hide CI Functionality: Fixed and enhanced the hide CI feature
- Right-click context menu now properly hides selected CIs
- Hidden nodes are filtered from visualization along with their edges
- Hidden state persists across graph rebuilds
- Improved change detection to trigger rebuilds when nodes are hidden

Backend Improvements

🔧 Process Connection API: New endpoints for ADM functionality
- /api/ci/:ciId/process-connections - Get process-level connections
- /api/ci/:ciId/listening-process/:port - Discover listening processes
- /api/ci/find-by-ip/:ip - Enhanced IP lookup with multiple field support
- Debug endpoints for troubleshooting connection and IP lookup issues

Reporting & Analytics

📊 New Predefined Report Templates: Added comprehensive out-of-the-box reports
- Memory Distribution Reports:
  - Server Memory Distribution - Shows RAM capacity ranges for servers
  - Workstation Memory Distribution - Shows RAM capacity ranges for workstations
- OS Matrix Reports (Table format with counts and percentages):
  - OS Distribution Matrix - All Devices
  - OS Distribution Matrix - Servers only
  - OS Distribution Matrix - Workstations only
- Database Software Reports:
  - Database Software Distribution - Filtered to show only main database servers (SQL Server, Oracle, MySQL, PostgreSQL, etc.)
  - Database Components & Tools - Detailed table showing all database-related components
🔧 Report Template Improvements:
- Smart filtering to exclude drivers, connectors, and tools from main database report
- Percentage calculations in matrix reports
- Drill-down capabilities for all reports
- Export functionality for table-based reports

Version 3.0.13

Released: 2025-07-11

AI & Relationship Improvements

🤖 AI Insights Resilience: Fixed AI Insights generation for CIs without embeddings
- Fixed "Analyze CI" button not working for first-time analysis
- Made AI insights generation resilient to missing embeddings
- AI insights now work even without vector embeddings
- Added fallback to fetch explicit relationships when embeddings are missing
- Enhanced to fetch AI-enhanced relationships (CIAiRelationship) when available
- Improved error handling to continue insight generation despite missing data
- Changed embedding errors from fatal to warnings in insight generation
🔗 Unknown Device Resolution: Enhanced automatic resolution of unknown devices
- Added Redis queue support for unknown device resolution
- Unknown device relationships now automatically resolve when matching CIs are discovered
- Improved relationship resolution to update both source and target unknown devices
- Resolution respects tenant boundaries for security
- Manual resolution available via Process Mapping tab

Agent Improvements

🔄 Log Rotation: Implemented automatic log rotation for all agent log files
- agent.log: 20MB max size with 5 backups
- service.log, app.log, integrations.log: 10MB max size with 5 backups
- Prevents disk space issues from unbounded log growth
📊 Schedule Optimization: Removed schedule data from regular status updates
- Schedule now only sent on-demand via getSchedule command
- Reduces unnecessary data transfer every 150 seconds
- Follows on-demand principle for better efficiency
🧹 Code Cleanup: Removed obsolete batch files and utilities
- Consolidated compilation scripts
- Removed debug and intermediate build scripts
- Created new create_portable_package.bat for distribution
🐛 Bug Fixes: Fixed agent disconnect issue during scan execution
- Enhanced heartbeat logging for debugging
- Fixed WebSocket ping/pong configuration
- Improved connection stability
🖥️ Local Scanner: Added standalone PowerShell-based local scanning capability
- No authentication required - runs with current user context
- Captures ALL network connections including local/loopback (not filtered like remote scanner)
- PowerShell-only implementation - no Python or external dependencies
- Process mapping with enhanced detection when run as Administrator
- Enables application dependency mapping and local service discovery
- Scheduled task support for automated local scanning
- Upload utility for sending results to NopeSight API
- Located in local_scanner/ directory within agent package

Backend Improvements

🔧 Discovery Agent Service: Fixed command type retrieval from database
📝 Logging: Enhanced WebSocket connection logging
🚀 Performance: Reduced redundant schedule data transmission

Frontend Improvements

🐛 Bug Fix: Fixed race condition in schedule sync after getSchedule command
- Replaced fixed delay with intelligent polling that waits for schedule data
- Polls up to 10 seconds for schedule to appear after command
- Stops polling immediately when schedule data is detected
🎯 Unknown Device Resolution: Added feature to resolve unknown device relationships
- New card in Process Mapping tab shows unknown device statistics
- Automatically finds CIs that were discovered after relationships were created
- Resolves unknown IPs to actual CIs when they exist
- Updates relationship names and removes unknown device markers
- Respects tenant boundaries - only resolves to CIs within the same tenant

Version 3.0.12

Released: 2025-07-10

Features & Improvements

🚀 Performance: Implemented priority-based CI loading for improved performance
🎨 UI/UX: Added column customization with drag-and-drop reordering
🔍 Search: Enhanced search to include custom fields
🛡️ Security: Fixed critical tenant isolation issue in CI listing
📱 UI: Added collapsible filter sidebar with improved UI
💾 Preferences: Implemented user preference tracking for CI types and columns
📊 Table: Added horizontal scrolling for CI table
⚡ Performance: Fixed double refresh issue on initial load
🔤 Sorting: Improved sorting functionality for all columns
🔕 UX: Removed redundant loading notifications

Version 3.0.11

Released: 2025-07-09

Agent Management

Implemented Agent Commands menu for manual command execution
Removed automatic getSchedule on page refresh
Fixed schedule sync to save data in agentSchedule field
Added commands: getSchedule, getSystemInfo, getLogs, getInstalledSoftware, getNetworkConnections, getDiskUsage
Improved UX with explicit user control over agent commands
Started migration to separate collections for commands and connections

Version 3.0.10

Released: 2025-07-09

WebSocket Improvements

Fixed critical WebSocket connection timeout issue
Configuration now sent immediately upon connection
Database operations moved after initial handshake
Prevents agent timeout during connection establishment
Fixes connection storm caused by race condition
Async operations no longer block WebSocket handshake

Version 3.0.9

Released: 2025-07-09

Performance Optimizations

Optimized WebSocket heartbeat to use zero database operations
Heartbeats now update only in-memory state
Added periodic batch database updates every 2 minutes
Removed schedule data from heartbeat messages
Reduced resource consumption by 90% for heartbeats
Status updates now happen less frequently (every 2.5 minutes)
Improved scalability for handling many concurrent agents

Version 3.0.8

Released: 2025-07-09

Database Stability

Improved MongoDB connection stability
Increased server selection timeout from 5s to 10s
Added connection pool size limits to prevent resource exhaustion
Enabled compression for MongoDB connections
Added retry for read operations
Added MongoDB connection event monitoring
Better error handling for replica set issues

Version 3.0.7

Released: 2025-07-09

Logging Optimizations

Reduced verbose logging to improve performance
Changed WebSocket verifyClient logs from info to debug level
Disabled schedule persistence from status updates to reduce DB load
Optimized logging for heartbeats and status messages
Improved performance by reducing unnecessary database operations

Version 3.0.6

Released: 2025-07-09

Connection Stability

Fixed WebSocket connection loop issues
Simplified duplicate agent detection to prevent reconnection storms
Temporarily disabled pending command flush to stabilize connections
Improved error logging for WebSocket connections
Fixed syntax error in connection logging

Version 3.0.5

Released: 2025-07-09

Schedule Management

Fixed schedule sync to check payload.schedule in addition to result.schedule and data.schedule
Added schedule persistence to DiscoveryAgent model from status/heartbeat messages
Implemented configuration update handler for schedule changes
Added duplicate agent detection based on IP address
Implemented offline command queueing with automatic flush on reconnection
Improved schedule location logging to show exact source

Version 3.0.4

Released: 2025-07-09

Debug Improvements

Added explicit logging for schedule sync decision
Added warning logs when schedule sync is skipped
Improved debugging for schedule sync conditions

Version 3.0.3

Released: 2025-07-09

Bug Fixes

Fixed getSchedule command result processing to check both result.schedule and data.schedule
Added comprehensive debug logging for schedule sync conditions
Fixed schedule data path detection for agent responses
Added About page with version tracking

Version 3.0.2

Released: 2025-07-09

WebSocket Improvements

Fixed discovery agent schedule sync from WebSocket responses
Added schedule sync condition debugging
Improved WebSocket message logging for command responses

Version 3.0.1

Released: 2025-07-08

Agent Synchronization

Fixed agent schedule synchronization
Added support for both result.schedule and data.schedule formats
Improved error handling for MongoDB version conflicts
Added retry logic for parallel save errors

Version 3.0.0

Released: 2025-07-01

Major Release: NopeSight v3

Core Features

🤖 AI-Powered: Network Discovery and CMDB with AI insights
📊 Event Management: System with multi-source support
🧠 AI Reporting: Enhanced reporting with AI-powered insights
🔌 WebSocket: Real-time discovery agent communication
🏢 Multi-tenant: Enterprise-ready architecture
📦 Redis Queues: Scalable async processing
☁️ AWS Bedrock: Claude AI integration for advanced analysis

Key Capabilities

Automated network discovery with WMI, SSH, and SNMP
AI-powered dependency mapping and relationship analysis
Compliance analysis (SOX, HIPAA, PCI-DSS)
Software identification and vulnerability matching
Real-time event correlation and analysis
Natural language search across infrastructure

Version 3.6.11​

Monitor and Peripheral Device Tracking​

Version 3.6.10​

Production Deployment Fixes​

Version 3.6.9​

Minor Improvements and Bug Fixes​

Version 3.6.8​

Event AI Analysis Queue Processor​

Version 3.6.7​

Business Service Analyzer SSE Fixes​

Version 3.6.6​

AI Insights Response Quality Fix​

Version 3.6.4​

Service Pattern Library Management System​

Migration & Data Management​

Technical Improvements​

Bug Fixes​

Version 3.6.3​

Software Lifecycle Management Enhancements​

Integration Improvements​

User Experience Enhancements​

Technical Implementation​

Benefits​

Version 3.6.2​

Event Correlation Background Processing​

API Enhancements​

Technical Implementation​

Benefits​

Version 3.6.0​

Compliance Attestations​

Integration & Enhancements​

Bug Fixes & Improvements​

Version 3.5.1​

Documentation Improvements​

Benefits​

Version 3.5.0​

Email Notification System​

Enhanced Email Rules UI​

Template Engine Enhancements​

Rule Management Features​

Multi-Tenant Security​

Technical Implementation​

User Experience Improvements​

AWS SES Production Access​

Performance & Scalability​

Bug Fixes & Improvements​

Version 3.4.0​

Infrastructure-Aware Compliance System​

Enhanced Compliance Workflow​

Monitoring & Operations​

Technical Implementation​

User Experience Improvements​

Multi-Tenant Security​

Integration & Compatibility​

Performance & Scalability​

Bug Fixes & Improvements​

Version 3.3.0​

Compliance Assessment System Implementation​

Technical Improvements​

Version 3.2.0​

Xurrent (4me) AI Change Manager Integration​

Product Mapping Enhancements​

Technical Improvements​

Version 3.1.9​

CI Relationship System Improvements​

Network Visualization Enhancements​

Version 3.1.8​

Project Management Enhancements​

Version 3.1.7​

Enhanced Authentication Security​

Security Infrastructure​

User Experience Improvements​

Technical Implementation​

Version 3.1.6​

CPE/NVD Integration for Software Vulnerability Management​

Version 3.1.5​

Software Asset Management (SAM)​

Technical Improvements​

Version 3.1.4​

Performance Optimization & Monitoring​

Version 3.6.11

Monitor and Peripheral Device Tracking

Version 3.6.10

Production Deployment Fixes

Version 3.6.9

Minor Improvements and Bug Fixes

Version 3.6.8

Event AI Analysis Queue Processor

Version 3.6.7

Business Service Analyzer SSE Fixes

Version 3.6.6

AI Insights Response Quality Fix

Version 3.6.4

Service Pattern Library Management System

Migration & Data Management

Technical Improvements

Bug Fixes

Version 3.6.3

Software Lifecycle Management Enhancements

Integration Improvements

User Experience Enhancements

Technical Implementation

Benefits

Version 3.6.2

Event Correlation Background Processing

API Enhancements

Technical Implementation

Benefits

Version 3.6.0

Compliance Attestations

Integration & Enhancements

Bug Fixes & Improvements

Version 3.5.1

Documentation Improvements

Benefits

Version 3.5.0

Email Notification System

Enhanced Email Rules UI

Template Engine Enhancements

Rule Management Features

Multi-Tenant Security

Technical Implementation

User Experience Improvements

AWS SES Production Access

Performance & Scalability

Bug Fixes & Improvements

Version 3.4.0

Infrastructure-Aware Compliance System

Enhanced Compliance Workflow

Monitoring & Operations

Technical Implementation

User Experience Improvements

Multi-Tenant Security

Integration & Compatibility

Performance & Scalability

Bug Fixes & Improvements

Version 3.3.0

Compliance Assessment System Implementation

Technical Improvements

Version 3.2.0

Xurrent (4me) AI Change Manager Integration

Product Mapping Enhancements

Technical Improvements

Version 3.1.9

CI Relationship System Improvements

Network Visualization Enhancements

Version 3.1.8

Project Management Enhancements

Version 3.1.7

Enhanced Authentication Security

Security Infrastructure

User Experience Improvements

Technical Implementation

Version 3.1.6

CPE/NVD Integration for Software Vulnerability Management

Version 3.1.5

Software Asset Management (SAM)

Technical Improvements

Version 3.1.4

Performance Optimization & Monitoring