v0.7.0 Release Notes
Release Date: 2026-05-17
Highlights
- Threshold Matrix XLSX Sheet - New pivot-style view showing SLIs with M1-M5 threshold columns
- SLI Tags - Multi-dimensional classification with kebab-case validation
- NIST CSF Category Ordering - Canonical sort order: govern → identify → protect → detect → respond → recover
- Dashboard Category Grouping - Bullet charts grouped by category with section headers
Added
Threshold Matrix XLSX Sheet
New "Threshold Matrix" sheet in XLSX exports provides a human-readable view of how thresholds progress across maturity levels:
| Category | Tags | Frameworks | SLI Name | Unit | M1 | M2 | M3 | M4 | M5 |
|---|---|---|---|---|---|---|---|---|---|
| detect | shift-left | NIST CSF | Monitoring Coverage | % | - | ≥50% | ≥80% | ≥95% | =100% |
Features:
- Categories sorted by NIST CSF order
- SLIs sorted alphabetically within each category
- Tags displayed as comma-separated sorted list
- Frameworks displayed as comma-separated sorted list
SLI Tags
Tags enable multi-dimensional classification orthogonal to category:
{
"slis": {
"vuln-scan-coverage": {
"name": "Vulnerability Scan Coverage",
"category": "detect",
"tags": ["shift-left", "vulnerability-management"]
}
}
}
Tag requirements:
- Lowercase kebab-case format (letters, numbers, hyphens)
- Must start with a letter
- 1-32 characters maximum
- Automatically deduplicated and sorted
Recommended tags:
| Tag | Description |
|---|---|
ai |
AI/ML-specific security |
shift-left |
Design/build-time controls |
supply-chain |
Software supply chain security |
runtime-defense |
Production-time protection |
vulnerability-management |
Vulnerability handling |
incident-response |
Incident handling |
NIST CSF Category Ordering
Categories are now sorted using NIST CSF 2.0 canonical order:
- Govern - Governance and oversight
- Identify - Asset and risk identification
- Protect - Safeguards and controls
- Detect - Monitoring and detection
- Respond - Incident response
- Recover - Recovery and restoration
This ordering applies to:
- Threshold Matrix XLSX sheet
- Dashboard bullet chart sections
- Dashboard SLI tables
- Dashboard progress charts
Custom Category Ordering
Define custom category and SLI ordering in your model:
{
"categories": [
{
"id": "detect",
"name": "Detection",
"sliOrder": ["monitoring-coverage", "alerting-defined", "threat-detection"]
}
]
}
Changed
Dashboard Category Grouping
Bullet charts are now grouped by category instead of methodology (RED, USE, Golden Signals):
Before (v0.6.0):
- RED Metrics (User Experience)
- USE Metrics (Infrastructure)
- Prevention
- Detection
- Response
After (v0.7.0):
- Operations - Detection
- Operations - Response
- Operations - Reliability
- Operations - Efficiency
Dashboard Layout Improvements
- Bullet chart labels use flexbox with auto-calculated width
- Progress chart height scales dynamically based on SLI count
- Chart heights calculated from grid layout for proper sizing
Fixed
- Progress chart now uses same data retrieval logic as bullet charts for consistency
- Progress chart sorted by category then alphabetically by SLI name