v2.2.1

What's Changed

• Inline validation replaced with generic hook on New Vendor modal by @Innagl in #3656
• fix(onboarding): mark onboarding completed after demo data insertion by @gorkem-bwl in #3642
• fix(ai-gateway): guardrail catalog enable button not reflecting enabled state by @gorkem-bwl in #3658
• build(deps): bump aiohttp from 3.13.3 to 3.13.4 in /EvalServer in the pip group across 1 directory by @dependabot[bot] in #3654
• deps(backend): bump @xmldom/xmldom from 0.8.11 to 0.8.12 in /Servers by @dependabot[bot] in #3645
• feat(llm): add AWS Bedrock inference provider via boto3 converse API by @sermengi in #3668
• feat(GRSModule): add Validation Playground page and fix dataset publish bug by @sermengi in #3653
• feat(fria): Fundamental Rights Impact Assessment module by @gorkem-bwl in #3500
• docs(fria): add user guide and technical documentation by @gorkem-bwl in #3670
• docs: complete user guide gap analysis + comprehensive API documentation by @gorkem-bwl in #3671
• build(deps): bump litellm from 1.82.2 to 1.83.0 in /AIGateway in the uv group across 1 directory by @dependabot[bot] in #3669
• deps(backend): bump lodash from 4.17.23 to 4.18.1 in /Servers by @dependabot[bot] in #3664
• chore: remove stale local user guide content directory by @gorkem-bwl in #3672
• feat(agent-discovery): plugin-based discovery with improved UX by @gorkem-bwl in #3673
• deps(backend): bump the backend-minor-patch group in /Servers with 14 updates by @dependabot[bot] in #3674
• deps(frontend): bump the frontend-minor-patch group in /Clients with 35 updates by @dependabot[bot] in #3676
• deps(frontend): bump vite from 8.0.3 to 8.0.5 in /Clients by @dependabot[bot] in #3679
• chore(deps-dev): bump vite from 7.2.6 to 7.3.2 in /docs/api-docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #3680
• Feat: MCP Gateway by @Br0wnHammer in #3677
• docs: rewrite 15 AI policy templates by @gorkem-bwl in #3683
• fix(super-admin): improve super admin panel UX and add user management by @gorkem-bwl in #3667
• More high priority e2e by @MuhammadKhalilzadeh in #3665
• Inline validation replaced with generic hook on new incident by @Innagl in #3663
• Inline validation replaced with generic hook on New policy by @Innagl in #3661
• Fix nist ai UI render bug by @HarshP4585 in #3686
• feat(grs): add backfill-base stage to include base scenarios in final dataset by @sermengi in #3678
• Feature: Mcp Gateway Improvements by @Br0wnHammer in #3688
• Merge develop into master (April 7) by @HarshP4585 in #3687

Full Changelog: v2.2...v2.2.1

v2.2

What's Changed

• Fix docker-compose references by @HarshP4585 in #3426
• Add intake forms user guide article by @gorkem-bwl in #3425
• Fix intake form critical bugs: race condition, field mapping, validation, and UX by @gorkem-bwl in #3427
• Add intake submission viewer and entity field mapping validation by @gorkem-bwl in #3429
• Enhance intake form builder UX and add LLM questions panel by @gorkem-bwl in #3428
• feat(intake): polish UX, fix bugs, and add field mappings by @gorkem-bwl in #3430
• E2E Tests for Full UI Test Automation by @MuhammadKhalilzadeh in #3421
• Feat/use cases implement column visibility by @Innagl in #3415
• deps(frontend): bump minimatch in /Clients by @dependabot[bot] in #3416
• build(deps): bump rollup from 4.53.3 to 4.59.0 in /docs/api-docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #3431
• deps(frontend): bump rollup from 4.57.1 to 4.59.0 in /Clients by @dependabot[bot] in #3432
• Migrate policy editor from Plate/Slate to TipTap by @gorkem-bwl in #3436
• Remove unused editor code and dependencies by @gorkem-bwl in #3440
• More E2E Tests by @MuhammadKhalilzadeh in #3434
• fix(evals): custom scorer judge now receives test case data and returns reasoning by @sermengi in #3456
• feat(policies): assign policies to virtual folders by @gorkem-bwl in #3460
• feat(GRSModule): add validation pipeline improvements and rejected scenario inspection by @sermengi in #3423
• fix(evals): fix Params button form submission and false API key warning in experiment wizard by @sermengi in #3461
• fix(intake): fix infinite re-render loop and suggested questions panel by @gorkem-bwl in #3466
• fix(intake): remove risk tier system toggle, always use EU AI Act by @gorkem-bwl in #3467
• feat(intake): supersede old submissions on resubmission by @gorkem-bwl in #3469
• Fix: Remove Dead Code of Layouts by @Br0wnHammer in #3470
• feat: tamper-proof audit ledger with hash chain and feature toggle by @gorkem-bwl in #3479
• feat(GRSModule): add GeneratedBy provenance tracking to config entry models by @sermengi in #3471
• fix(grs): resolve inference response truncation and JSONL corruption on resume by @sermengi in #3478
• fix(db): add missing task_entity_links table to new tenant creation by @gorkem-bwl in #3468
• Feat: AI Report Generation by @Br0wnHammer in #3477
• Add AI or Not pre-screening survey before use case creation by @gorkem-bwl in #3487
• refactor(docs): slim CLAUDE.md from 4,057 to 484 lines with reference index by @Br0wnHammer in #3488
• Column selector implemented on Agent discovery page by @Innagl in #3476
• Column visibility implemented on Tasks by @Innagl in #3437
• fix(arena): resolve model selection, settings navigation, and Mistral connection errors by @sermengi in #3490
• Update architecture to use shared-schema by @HarshP4585 in #3484
• feat: add Start Here onboarding page with animated feature videos by @gorkem-bwl in #3489
• Implement Column Selector on Risk management page by @Innagl in #3480
• docs: purge old schema-per-tenant architecture references by @gorkem-bwl in #3497
• Fix/llm evals scorer api key by @sermengi in #3499
• deps(backend): bump dottie from 2.0.6 to 2.0.7 in /Servers by @dependabot[bot] in #3439
• ci: bump actions/upload-artifact from 6 to 7 by @dependabot[bot] in #3462
• deps(frontend): bump the frontend-minor-patch group in /Clients with 10 updates by @dependabot[bot] in #3463
• deps(backend): bump the backend-minor-patch group in /Servers with 16 updates by @dependabot[bot] in #3464
• deps(backend): bump @types/jsdom from 27.0.0 to 28.0.0 in /Servers by @dependabot[bot] in #3465
• deps(backend): bump minimatch from 3.1.2 to 3.1.5 in /Servers by @dependabot[bot] in #3474
• deps(backend): bump underscore from 1.13.7 to 1.13.8 in /Servers by @dependabot[bot] in #3482
• deps(frontend): bump svgo from 3.3.2 to 3.3.3 in /Clients by @dependabot[bot] in #3486
• deps(backend): bump multer from 2.0.2 to 2.1.1 in /Servers by @dependabot[bot] in #3485
• deps(frontend): bump dompurify from 3.3.1 to 3.3.2 in /Clients by @dependabot[bot] in #3494
• deps(backend): bump express-rate-limit from 8.2.1 to 8.2.2 in /Servers by @dependabot[bot] in #3498
• ci: bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in #3501
• ci: bump docker/build-push-action from 6 to 7 by @dependabot[bot] in #3502
• ci: bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 by @dependabot[bot] in #3503
• ci: bump docker/login-action from 3 to 4 by @dependabot[bot] in #3504
• deps(backend): bump the backend-minor-patch group in /Servers with 6 updates by @dependabot[bot] in #3505
• deps(backend): bump ejs from 4.0.1 to 5.0.1 in /Servers by @dependabot[bot] in #3506
• deps(frontend): bump the frontend-minor-patch group in /Clients with 27 updates by @dependabot[bot] in #3507
• deps(frontend): bump dotenv-webpack from 8.1.1 to 9.0.0 in /Clients by @dependabot[bot] in #3508
• Fixed migration To Shared Schema Script by @MuhammadKhalilzadeh in #3511
• More E2E test Coverage by @MuhammadKhalilzadeh in #3512
• Column visibility implemented on Reporting page by @Innagl in #3493
• Column selector added to the Vendors page by @Innagl in #3516
• Feat/model inventory implement column visibility by @Innagl in #3458
• feat(grs): track dataset in version control and add Parquet export utility by @sermengi in #3522
• feat: add CSS-filter dark mode and redesign empty state illustrations by @gorkem-bwl in #3525
• Add explanatory empty state tips across all modules by @gorkem-bwl in #3527
• feat(viewer): surface LLM semantic validation fields in scenario UI by @sermengi in #3531
• feat(grs): hybrid LLM semantic validation for scenario acceptance by @sermengi in #3524
• Backend migrations fix by @MuhammadKhalilzadeh in #3534
• Feat/frontend deployment by @Br0wnHammer in #3435
• Feat: Add FAIR-inspired quantitative risk assessment by @Br0wnHammer in #3513
• feat(policies): add one-way DOCX import to policy editor by @gorkem-bwl in #3514
• Column selector added to Policy manager page by @Innagl in #3526
• Column selector implemented on Training Registry page by @Innagl in #3530
• Column selector implemented on Incident management page by @Innagl in #3532
• feat(ai-detection): LLM vulnerability detection with full OWASP LLM Top 10 coverage by @gorkem-bwl in #3521
• chore(deps): bump tornado from 6.5.4 to 6.5.5 in /GRSModule in the uv...

v2.1.1

What's Changed

• fix: comprehensive UI/UX improvements and helper icon sidebar fixes by @gorkem-bwl in #3378
• fix: add missing CSS and font files that break client build by @gorkem-bwl in #3381
• Fix: Dead Code in Server Dir by @Br0wnHammer in #3380
• feat: GRS Scenario Inspector — multi-page Streamlit app with full pipeline lifecycle view by @sermengi in #3384
• PaheHeaderExtended implemented on Frameworks page by @Innagl in #3383
• Mock data removed from NewApproval workflow component by @Innagl in #3382
• Added claude.md file for app context by @HarshP4585 in #3385
• Add activity history tabs to all entity modals by @gorkem-bwl in #3375
• fix: unify date formatting and UI consistency across tables by @gorkem-bwl in #3386
• Unified color palette across all modules by @gorkem-bwl in #3387
• Fix: Evidence & documents by @MuhammadKhalilzadeh in #3388
• AI Detection: risk scoring, repository management, and scheduled scans by @gorkem-bwl in #3389
• deps(frontend): bump jspdf from 4.1.0 to 4.2.0 in /Clients by @dependabot[bot] in #3360
• ci: bump aquasecurity/trivy-action from 0.34.0 to 0.34.1 by @dependabot[bot] in #3392
• deps(backend): bump the backend-minor-patch group in /Servers with 5 updates by @dependabot[bot] in #3393
• deps(frontend): bump the frontend-minor-patch group across 1 directory with 11 updates by @dependabot[bot] in #3396
• fix: prevent plugins page crash when tags or features fields are missing by @gorkem-bwl in #3398
• CodeRules Upgraded by @MuhammadKhalilzadeh in #3402
• feat: intake form system for external submissions by @gorkem-bwl in #3401
• feat: add Custom LLM provider with user-defined endpoint and headers by @gorkem-bwl in #3404
• Fix "Invalid Date" in evidence upload date column by @gorkem-bwl in #3405
• Optimize dashboard loading performance and add progress dialog by @gorkem-bwl in #3399
• fix: resolve null timestamps across all Sequelize models by @gorkem-bwl in #3406
• refactor(GRSModule): renderer catalog refactor + viewer pre-inference browsing by @sermengi in #3407
• Playwright & UI Tests by @MuhammadKhalilzadeh in #3408
• Add task integration and user assignment notifications by @HarshP4585 in #3412
• feat(intake): contact info toggle + delete bug fix by @gorkem-bwl in #3410
• fix(GRSModule): fix Scenario Inspector fallback, increase inference max_tokens, expand mutations catalog by @sermengi in #3413
• fix(styleguide): update color values to match current theme by @gorkem-bwl in #3417
• Integration and UI Component Tests by @MuhammadKhalilzadeh in #3418
• Fix task integration by @HarshP4585 in #3420
• Merge develop into master (25 Feb) by @HarshP4585 in #3419

Full Changelog: v2.1...v2.1.1

v2.1

What's new

2.1 is a major release introducing Shadow AI detection for discovering unauthorized AI tool usage, an AI agent discovery and inventory system, law-aware bias audits for LLM evaluations, self-hosted scorer and judge support, and a plugin ecosystem expansion with Jira integration and dataset bulk upload.

• Shadow AI detection module — discover unauthorized AI tool usage across the organization
• AI agent discovery and inventory — catalog and monitor AI agents org-wide
• Law-aware bias audit module for LLM evaluations
• Self-hosted local LLM scorer support (e.g. Ollama)
• Self-hosted judge provider and saved model dropdowns for evals
• Jira integration plugin
• Model inventory lifecycle plugin
• Dataset bulk upload plugin
• AI detection extended to workflows, containers, and configs
• Lifecycle initialization in Shadow AI governance wizard
• Configurable API key expiration

What's Changed

• Add Shadow AI onboarding wizard by @gorkem-bwl in #3281
• build(deps): Bump langchain-core from 0.3.81 to 1.2.11 in /EvaluationModule/BiasAndFairnessModule in the uv group across 1 directory by @dependabot[bot] in #3286
• PageHeaderExtended implemented on Use cases page by @Innagl in #3288
• build(deps): Bump pillow from 11.3.0 to 12.1.1 in /EvaluationModule/BiasAndFairnessModule in the uv group across 1 directory by @dependabot[bot] in #3294
• Adapting Components with CodeRules Standards by @MuhammadKhalilzadeh in #3295
• More improved components using CodeRules by @MuhammadKhalilzadeh in #3296
• Restrict evaluation LLM API key management to Admin only by @gorkem-bwl in #3299
• Add validation gate and obligation-aware enrichment for GRS scenarios (Step 4) by @sermengi in #3211
• Added API key configurable expiration by @HarshP4585 in #3298
• Remove experimental BiasAndFairnessModule by @gorkem-bwl in #3305
• Add Shadow AI detection module by @gorkem-bwl in #3270
• Add resumable multi-model inference with OpenRouter + audit manifests (Step 5) by @sermengi in #3291
• PageHeaderExtended implemented on TrainingRegistar page by @Innagl in #3300
• Feat/implement page header extended on reporting page by @Innagl in #3303
• deps(backend): Bump qs from 6.14.1 to 6.14.2 in /Servers by @dependabot[bot] in #3306
• Patch for the Shadow AI by @MuhammadKhalilzadeh in #3308
• Enhancing Model Inventory by @MuhammadKhalilzadeh in #3312
• feat: add law-aware bias audit module to LLM Evals by @gorkem-bwl in #3314
• deps(frontend): bump markdown-it from 14.1.0 to 14.1.1 in /Clients by @dependabot[bot] in #3313
• Better than vertical stepper by @MuhammadKhalilzadeh in #3315
• Add hover tooltips to all tab bars by @gorkem-bwl in #3316
• Add self-hosted local LLM scorer support (e.g. Ollama) by @sermengi in #3307
• feat: AI agent discovery & inventory by @gorkem-bwl in #3321
• fix: reorganize sidebar navigation groups by @gorkem-bwl in #3322
• ci: bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 by @dependabot[bot] in #3317
• Model Inventory Lifecycle Plugin by @MuhammadKhalilzadeh in #3325
• deps(backend): bump the backend-minor-patch group in /Servers with 12 updates by @dependabot[bot] in #3318
• deps(frontend): bump the frontend-minor-patch group in /Clients with 11 updates by @dependabot[bot] in #3319
• PageHeaderExtended implemented on ApprovalWorkflow page by @Innagl in #3323
• PageHeaderExtended implemented on Evidence page by @Innagl in #3324
• feat: extend AI advisor to all governance sidebar sections by @gorkem-bwl in #3327
• Dataset Bulk Upload Plugin complete & Model Lifecycle plugin fixed by @MuhammadKhalilzadeh in #3331
• Migrate AI advisor to Vercel AI SDK 6 by @gorkem-bwl in #3333
• feat: add release notes tab to right sidebar and user menu by @gorkem-bwl in #3341
• Enhance AI advisor UI and improve responsive layout by @gorkem-bwl in #3342
• fix: resolve left sidebar toggle closing and reopening instantly by @gorkem-bwl in #3343
• feat: extend AI detection for workflows, containers, and configs by @gorkem-bwl in #3344
• Fix chart rendering and add advisor to dashboard by @gorkem-bwl in #3338
• deps(backend): bump ajv from 8.17.1 to 8.18.0 in /Servers by @dependabot[bot] in #3334
• Implement PageHeaderExtended on Datasets page by @Innagl in #3332
• PageHeaderExtended implemented on AI trust center page by @Innagl in #3339
• PageHeaderExtended implemented on Vendors page by @Innagl in #3340
• fix: align scorer CRUD queries with actual DB schema by @gorkem-bwl in #3345
• fix: display experiment name instead of ID across UI by @sermengi in #3346
• feat: self-hosted judge provider and saved model dropdowns by @gorkem-bwl in #3347
• PageHeaderExtended implemented on Model inventory page by @Innagl in #3349
• fix: set model inventory stat cards to fixed 140x100 dimensions by @gorkem-bwl in #3353
• Add jira integration plugin by @HarshP4585 in #3352
• fix: extend invitation token expiry from 1 hour to 1 week by @gorkem-bwl in #3350
• fix: remove duplicate autoFocus parameter in Field component by @gorkem-bwl in #3355
• Feat: Wise Search Enhancement by @Br0wnHammer in #3326
• More components are enhanced by @MuhammadKhalilzadeh in #3357
• Component enhancement with Multi Agents and CodeRules by @MuhammadKhalilzadeh in #3358
• Implement GRS Judge Scoring + Leaderboard Aggregation (Step 6 Complete) by @sermengi in #3356
• feat: add pending invitations table to team settings by @gorkem-bwl in #3351
• fix: resolve FK violation when deleting demo data by @gorkem-bwl in #3361
• fix: run agent discovery tenant migrations on server startup by @gorkem-bwl in #3362
• feat: implement lifecycle initialization in shadow AI governance by @gorkem-bwl in #3363
• Fix release notes and help center buttons across all modules by @gorkem-bwl in #3365
• Add v2.1 release notes to What's new sidebar by @gorkem-bwl in #3366
• Fix/performance chart default timerange by @EfeAcar6431 in #3367
• fixed performance graph so user doesn't get stuck by @EfeAcar6431 in #3368
• Fix scorers CRUD column mismatch and add orphaned experiment cleanup by @EfeAcar6431 in #3369
• fix: consistent page spacing, AI Detection settings, and notification links by @gorkem-bwl in #3370
• fix: rename target date to next review date in model risks by @gorkem-bwl in #3371
• Delete model lifecycle core app placeholder code by @HarshP4585 in #3372
• Merge develop into master (19 Feb) by @HarshP4585 in #3364

Full Changelog: v2.0.1...v2.1

v2.0.1

What's Changed

• Add datasets domain documentation and update evidence documentation by @gorkem-bwl in #3231
• More components enhanced with CodeRules by @MuhammadKhalilzadeh in #3232
• Optimize risk management loading issue by @HarshP4585 in #3235
• Fix policy manager formatting issue by @HarshP4585 in #3237
• Fix file manager column visibility, preview panel, and metadata editor by @gorkem-bwl in #3238
• Optimize data loading on sidebar pages by @HarshP4585 in #3236
• Fix file manager always visible columns by @gorkem-bwl in #3240
• Improve file manager scrollbar UX by @gorkem-bwl in #3241
• Enhancements in the Codebase by @MuhammadKhalilzadeh in #3239
• PageHeaderExtended implemented on Risk management page by @Innagl in #3234
• build(deps): bump protobuf from 5.29.3 to 5.29.6 in /EvalServer in the pip group across 1 directory by @dependabot[bot] in #3218
• Version Control Visibility by @MuhammadKhalilzadeh in #3244
• Fix: AI Score Card Alignment by @Br0wnHammer in #3242
• Model Lifecycle Management by @MuhammadKhalilzadeh in #3258
• deps(eval): bump tqdm from 4.67.2 to 4.67.3 in /EvaluationModule by @dependabot[bot] in #3247
• deps(eval): bump pydantic from 2.11.7 to 2.12.5 in /EvaluationModule by @dependabot[bot] in #3248
• deps(eval): bump pandas from 2.3.1 to 3.0.0 in /EvaluationModule by @dependabot[bot] in #3249
• deps(eval): bump numpy from 1.26.4 to 2.4.2 in /EvaluationModule by @dependabot[bot] in #3250
• deps(eval): bump transformers from 5.0.0 to 5.1.0 in /EvaluationModule by @dependabot[bot] in #3251
• ci: bump actions/setup-node from 4 to 6 by @dependabot[bot] in #3246
• deps(backend): bump the backend-minor-patch group in /Servers with 9 updates by @dependabot[bot] in #3252
• deps(backend): bump jsdom from 27.4.0 to 28.0.0 in /Servers by @dependabot[bot] in #3253
• deps(backend): bump nodemailer from 7.0.13 to 8.0.1 in /Servers by @dependabot[bot] in #3254
• deps(frontend): bump the frontend-minor-patch group in /Clients with 12 updates by @dependabot[bot] in #3255
• deps(frontend): bump jsdom from 27.4.0 to 28.0.0 in /Clients by @dependabot[bot] in #3256
• deps(frontend): bump @eslint/js from 9.39.2 to 10.0.1 in /Clients by @dependabot[bot] in #3257
• Remove LLM Gateway placeholder by @gorkem-bwl in #3266
• Make model inventory approver optional and fix API docs by @gorkem-bwl in #3245
• build(deps): Bump the uv group across 1 directory with 2 updates by @dependabot[bot] in #3267
• Time stamp removed from the pending step by @Innagl in #3268
• Wire 6 unused email notification templates to their triggers by @gorkem-bwl in #3276
• Add table existence check to migration down method by @gorkem-bwl in #3277
• Add AI Detection onboarding wizard by @gorkem-bwl in #3280
• Enhancing Components by @MuhammadKhalilzadeh in #3283
• Feat: Search Text Enhancement by @Br0wnHammer in #3272
• Fix security issues by @HarshP4585 in #3287
• Add approval workflow for evidence uploads by @HarshP4585 in #3285
• Merge develop into master (Feb 11) by @HarshP4585 in #3292
• Merge develop into master (Feb 11) by @HarshP4585 in #3293

Full Changelog: v2.0...v2.0.1

v2.0

What's new

This release introduces significant new features including a virtual file manager, comprehensive notification system, dataset
inventory, plugin marketplace enhancements, and post-market monitoring. It also includes UI/UX improvements, testing
infrastructure, and numerous bug fixes.

Virtual File Manager: Organize uploaded files into a hierarchical folder structure without changing where files are linked from. Files can exist in multiple folders (tag-like behavior), with "All Files" and "Uncategorized" default views.

In-App Notification System: Comprehensive real-time notification system featuring:

• Server-Sent Events (SSE) for instant updates
• Email integration for important notifications
• Notification types for tasks, reviews, approvals, policies, and mentions
• "Load more" pagination in notification dropdown
• Mark as read functionality

Dataset Inventory: New dataset management under Model Inventory for EU AI Act Article 10 compliance:

• Track training, validation, testing, and production datasets
• Data classification levels (Public, Internal, Confidential, Restricted)
• PII tracking and bias documentation
• Dataset-model and dataset-project linking

Plugin Marketplace:

• Plugin install/uninstall functionality
• Generic plugin execute endpoint for extensibility
• Enhanced custom import plugin with separate framework support
• Improved sidebar navigation and consistent styling

Governance Score Widget
Task Deadline View
New deadline view for task management with priority colored flags and inline editing
Unified Upload Component

What's Changed

• fix: preserve paragraph formatting when saving policies from templates by @gorkem-bwl in #3093
• Feat/reusable dropdown with icons by @Innagl in #3086
• fix: standardize action dropdown styles in evals tables by @gorkem-bwl in #3088
• Update workflows by @HarshP4585 in #3091
• docs: add comprehensive technical documentation by @gorkem-bwl in #3099
• Rotate severity label 180 deg by @Innagl in #3105
• Approval workflow button convert to an icon button by @Innagl in #3106
• 3054 setup repository to start tests by @DeboraSerra in #3115
• Fix: Remove Stale Uppy Code by @Br0wnHammer in #3101
• feat: add post-market monitoring for EU AI Act compliance by @gorkem-bwl in #3098
• Eval dashboard fixes by @EfeAcar6431 in #3121
• Add plugins by @HarshP4585 in #2996
• feat: add generic plugin execute endpoint by @gorkem-bwl in #3127
• Fix password validation checks showing incorrect icons by @gorkem-bwl in #3116
• 2812 app logs timezone by @DeboraSerra in #3056
• feat: add governance score widget to dashboard by @gorkem-bwl in #3087
• Feature/priority colored flags and inline edit by @Innagl in #3102
• feat: add comprehensive security scanning to CI/CD pipeline by @gorkem-bwl in #3128
• 3110 tests for application mappers directory by @DeboraSerra in #3117
• Updated routes for plugins by @HarshP4585 in #3132
• chore(deps): bump the npm_and_yarn group across 3 directories with 3 updates by @dependabot[bot] in #3126
• Enhancements and Fixes by @MuhammadKhalilzadeh in #3165
• test(utils): add missing tests to reach full line and branch coverage by @Walber2903 in #3122
• feat: add deadline view for task management by @gorkem-bwl in #3125
• 3114 tests for application validations directory by @DeboraSerra in #3131
• ci: bump actions/upload-artifact from 4 to 6 by @dependabot[bot] in #3134
• ci: bump docker/build-push-action from 4 to 6 by @dependabot[bot] in #3135
• docker(frontend): bump nginx from 1.25-alpine to 1.29-alpine in /Clients by @dependabot[bot] in #3133
• ci: bump aquasecurity/trivy-action from 0.28.0 to 0.33.1 by @dependabot[bot] in #3138
• docker(backend): bump node from 20-alpine to 25-alpine in /Servers by @dependabot[bot] in #3137
• ci: bump appleboy/ssh-action from 0.1.5 to 1.2.5 by @dependabot[bot] in #3139
• ci: bump docker/setup-buildx-action from 2 to 3 by @dependabot[bot] in #3140
• Selectable Cards to filter Vendor Risks tables by @MuhammadKhalilzadeh in #3167
• refactor: improve plugins marketplace UI with sidebar navigation and consistent styling by @gorkem-bwl in #3166
• Visual effects and messages on Risk Cards to Filter Vendor Risk table by @MuhammadKhalilzadeh in #3169
• Scaffold GRS dataset generation pipeline + the Normative Seed Layer (Step 0-1) by @sermengi in #3171
• docker(frontend): bump node from 20-alpine to 25-alpine in /Clients by @dependabot[bot] in #3136
• deps(frontend): bump the frontend-minor-patch group in /Clients with 6 updates by @dependabot[bot] in #3147
• deps(frontend): bump @types/node from 22.19.7 to 25.0.10 in /Clients by @dependabot[bot] in #3153
• deps(frontend): bump vitest from 3.2.4 to 4.0.18 in /Clients by @dependabot[bot] in #3155
• deps(frontend): bump @vitest/coverage-v8 from 3.2.4 to 4.0.18 in /Clients by @dependabot[bot] in #3149
• deps(frontend): bump @mui/styled-engine-sc from 6.4.9 to 7.3.7 in /Clients by @dependabot[bot] in #3157
• deps(frontend): bump globals from 16.5.0 to 17.2.0 in /Clients by @dependabot[bot] in #3162
• deps(frontend): bump react and @types/react in /Clients by @dependabot[bot] in #3163
• deps(backend): bump the backend-minor-patch group in /Servers with 15 updates by @dependabot[bot] in #3148
• deps(backend): bump resend from 4.8.0 to 6.9.1 in /Servers by @dependabot[bot] in #3151
• deps(backend): bump tsc-watch from 6.3.1 to 7.2.0 in /Servers by @dependabot[bot] in #3152
• deps(eval): bump langfair from 0.6.6 to 0.8.0 in /EvaluationModule by @dependabot[bot] in #3145
• deps(eval): bump pyarrow from 21.0.0 to 23.0.0 in /EvaluationModule by @dependabot[bot] in #3144
• deps(eval): bump pydantic-core from 2.33.2 to 2.41.5 in /EvaluationModule by @dependabot[bot] in #3143
• deps(eval): bump datasets from 4.0.0 to 4.5.0 in /EvaluationModule by @dependabot[bot] in #3142
• Fix: AI Governance Score Card by @Br0wnHammer in ...

v1.9

What's Changed

• Entity Graph Visualization: Interactive graph showing relationships between AI models, risks, vendors, and controls. Helps users understand how different entities connect across their governance framework.
• AI Detection Module: Scans code repositories to identify AI-generated content. Useful for compliance teams tracking where AI tools are being used in development.
• Governance Advisor: AI-powered chat interface providing governance recommendations. Users can ask questions and receive contextual guidance on compliance and risk management.
• LLM Evaluation Arena: Testing environment for comparing different language models. Allows teams to run experiments, measure performance metrics, and evaluate AI model quality.
• Multi-Tenancy / Workspace support: Enables multiple isolated organizations (eg countries/business units) within a single deployment. Each tenant has separate data, users, and configurations while sharing infrastructure.
• A Completely New Dashboard: A new designed dashboard with a switch between Executive and Operations perspectives on the dashboard. Executive view shows high-level metrics while Operations view provides detailed operational data.
• Policy Export: Export compliance policies to PDF and Word formats. Enables easy sharing of documentation with stakeholders and auditors.

New Contributors

• @Walber2903 made their first contribution in #3028

Full Changelog: v1.8.1...v1.9

v1.8.1

What's Changed

• Fix db issue in LLM Evals by @HarshP4585 in #2954
• Fixed production issues for LLM Evals by @EfeAcar6431 in #2955
• Fix enum_file_manager_source migration file by @HarshP4585 in #2959
• Minor UI fixes in EvalsDashboard by @EfeAcar6431 in #2962
• Fix: include selectedScorers in frontend experiment config request by @sermengi in #2963
• Llm evals module by @EfeAcar6431 in #2966
• Fix evalserver multitenancy by @HarshP4585 in #2964
• Merge develop into master by @HarshP4585 in #2967

Full Changelog: v1.8...v1.8.1

v1.8.1-saas

What's Changed

• Fix db issue in LLM Evals by @HarshP4585 in #2954
• Fixed production issues for LLM Evals by @EfeAcar6431 in #2955
• Fix enum_file_manager_source migration file by @HarshP4585 in #2959
• Minor UI fixes in EvalsDashboard by @EfeAcar6431 in #2962
• Fix: include selectedScorers in frontend experiment config request by @sermengi in #2963
• Llm evals module by @EfeAcar6431 in #2966
• Fix evalserver multitenancy by @HarshP4585 in #2964
• Merge develop-saas into master-saas by @HarshP4585 in #2968

Full Changelog: v1.8-saas...v1.8.1-saas

v1.8

What's Changed

• Notes module, phase 1: NIST AI RMF by @MuhammadKhalilzadeh in #2807
• LLM Evals module integration by @gorkem-bwl in #2813
• Add User Guide sidebar with documentation content by @gorkem-bwl in #2814
• Remove Bias & Fairness module from sidebar by @gorkem-bwl in #2819
• Add activity history for vendor risks by @gorkem-bwl in #2823
• Add activity history for vendors by @gorkem-bwl in #2824
• Add activity history for Policy Manager by @gorkem-bwl in #2825
• Add activity history for Incident Management by @gorkem-bwl in #2826
• Add activity history for use cases by @gorkem-bwl in #2827
• Add activity history for project risks by @gorkem-bwl in #2828
• Modern Tabular Structure added to ISO 42001 Clauses by @MuhammadKhalilzadeh in #2831
• Bump nodemailer from 7.0.7 to 7.0.11 in /Servers in the npm_and_yarn group across 1 directory by @dependabot[bot] in #2802
• Bump the npm_and_yarn group across 3 directories with 3 updates by @dependabot[bot] in #2832
• Modern Tabular Structure added to ISO 42001 Annexes by @MuhammadKhalilzadeh in #2833
• Modern Tabular Structure added to ISO 27001 Clauses by @MuhammadKhalilzadeh in #2836
• Replace HelperDrawer with User Guide sidebar by @gorkem-bwl in #2837
• Unify status summary cards with reusable StatusTileCards component by @gorkem-bwl in #2838
• Improve UI layout and add Help center integration by @gorkem-bwl in #2839
• Fix UI/UX improvements for Policy pages and Incident Management by @gorkem-bwl in #2840
• Fix UI/UX improvements for Policy pages and Incident Management by @gorkem-bwl in #2841
• Improve LLM Evals datasets page and remove unused components by @gorkem-bwl in #2842
• Modern Tabular Structure added to ISO 27001 Annexes by @MuhammadKhalilzadeh in #2843
• Enable stricter TypeScript compiler options by @gorkem-bwl in #2845
• Modern Tabular Structure added to EU AI Act Questions by @MuhammadKhalilzadeh in #2854
• Remove /test and /playground routes by @gorkem-bwl in #2850
• Hide helper sidebar on authentication pages by @gorkem-bwl in #2858
• Bump urllib3 from 2.5.0 to 2.6.0 in /BiasAndFairnessServers/src in the pip group across 1 directory by @dependabot[bot] in #2830
• Fix: User Data Update in Sidebar by @Br0wnHammer in #2853
• Modern Tabular Structure added to EU AI Act Subcontrols by @MuhammadKhalilzadeh in #2864
• Fix dashboard greeting flickering on initial load by @gorkem-bwl in #2847
• UI/UX fixes: Wise Search, help sidebar, onboarding modals by @gorkem-bwl in #2865
• Add stats cards to LLM Evals project overview dashboard by @gorkem-bwl in #2866
• UI/UX improvements and Event Tracker logs table by @gorkem-bwl in #2867
• Refactor confirmation modals and improve UI by @gorkem-bwl in #2869
• EvalServer changes for deployment by @HarshP4585 in #2871
• Improve onboarding flow and redesign Add new dropdown by @gorkem-bwl in #2872
• Fix demo data deletion and refactor demo use case by @gorkem-bwl in #2868
• Remove non-functional demo project step from onboarding by @gorkem-bwl in #2873
• Enhance policy editor with image and table support by @gorkem-bwl in #2874
• The latest improvements made to the EvalsDashboard and EvalServer by @EfeAcar6431 in #2876
• Show vendor risk count in vendors table by @gorkem-bwl in #2882
• Fix project deletion errors and UI improvements by @gorkem-bwl in #2881
• Improve UI/UX across dashboard layouts and table components by @gorkem-bwl in #2883
• Making all Interface files consistent by @MuhammadKhalilzadeh in #2884
• Add missing change history table to tenant creation script by @gorkem-bwl in #2885
• Additional fixes for Evaluation pipeline and cleaned up leftover BiasAndFairness code by @EfeAcar6431 in #2888
• optimize getAllRisksQuery using indexing and joins by @rachanabasnet in #2860
• Loading Risks in the Modal, and Re-loading NIST Subcategories by @MuhammadKhalilzadeh in #2892
• Fix ISO 27001/42001 subclause lookup query by @gorkem-bwl in #2894
• Add migration for subcontrols_eu__risks table by @gorkem-bwl in #2895
• EU AI Act Control risk link by @MuhammadKhalilzadeh in #2900
• Fix alignment of form fields in ISO 27001 annex drawer by @gorkem-bwl in #2899
• Move Activity History from sidebar to dedicated tab by @gorkem-bwl in #2904
• Fix React key prop warning in Autocomplete components by @gorkem-bwl in #2901
• Add migration for file_manager content and source columns by @gorkem-bwl in #2893
• Fix task modal form layout alignment by @gorkem-bwl in #2906
• Added tennant handling for all the deepeval tables and fixed datasets section by @EfeAcar6431 in #2898
• Critical fixes by @HarshP4585 in #2889
• Improve reporting system with DOCX native generation and PDF fixes by @gorkem-bwl in #2880
• Fix ISO 27001/42001 subclause ID queries and add NIST migration by @gorkem-bwl in #2902
• Add app switcher sidebar for multi-module navigation by @gorkem-bwl in #2909
• Fix infinite loop in EvalsDashboard useEffect by @gorkem-bwl in #2910
• Fixed llm api key saving and the problem with different provider evaluations. by @EfeAcar6431 in #2912
• Fix page scroll when helper sidebar is open by @gorkem-bwl in #2913
• • Fix share link enable/disable functionality by @Aryanak47 in #2886
• Bump filelock from 3.20.0 to 3.20.1 in /EvalServer/src in the pip group across 1 directory by @dependabot[bot] in #2908
• Fix Evals UI improvements and add grouping functionality by @gorkem-bwl in #2914
• Sw linked operational objects to policies by @swaleha456 in #2862
• Extract SelectableCard component and refactor Add dataset modal by @gorkem-bwl in #2916
• Over-written Risk linking is fixed by @MuhammadKhalilzadeh in #2925
• Add security fixes and RBAC for LLM Evals module by @gorkem-bwl in #2922
• LLM Evals Update by @EfeAcar6431 in #2919
• Fix Mistral response handling when content is returned as list by @sermengi in #2920
• Feature/retry with backoff by @sermengi in #2924
• Feature: Select Custom Scorers Per Experiment by @sermengi in #2927
• Fix v1.8 UI issues and error handling by @gorkem-bwl in #2931
• Added new rul to stop the user from running eval with empty dataset and expanded the UI. by @EfeAcar6431 in #2933
• Notes tab UX enhancements by @MuhammadKhalilzadeh in #2934
• F...