Two releases close the week: a focused v3.17.3 patch, then a feature-rich v3.18.0 bringing dynamic Jira field mappings, a per-object audit trail, two new Saudi NCA frameworks, an IDOR fix, and the backend's move from Poetry to uv.
Two releases close out the week: v3.17.1 brings a Prometheus metrics endpoint, user-configurable date formats, expanded comments and audit aggregation; v3.17.2 piles on an expanded AI/MCP server, the ABRO framework, a tables column selector, action-plan cost breakdowns, SSO redirect handling, and a big batch of data-wizard, framework-builder, and ordering fixes.
A big stretch: native project management arrives, framework-driven reporting goes cross-domain, requirement nodes gain their own score scales, and OIDC picks up a strict state/nonce mode. Plus new NCSC CAF v4.0 and TRUE II frameworks, analytics on applied controls, the psycopg2→psycopg3 upgrade, and a long tail of fixes across four releases (v3.16.5 → v3.17.0).
Two releases land back-to-back: v3.16.3 brings the AI Defense Matrix and KSA PDPL frameworks, a Responsibility Matrix (RACI/RASCI/RAPID), Ebios RM import in Egerie format, task labels, and full Estonian language support — followed by a v3.16.4 hotfix round covering Matrix Editor, breadcrumbs, and journey templates.
v3.16.2 brings two new framework libraries (EU CER directive, UK Defence Standard 05-138), an experimental UI mode for asset creation, a specialized wizard for customer questionnaire prefill, the start of CBDDO and DoW ZT-OT framework support, plus a healthy round of audit performance work, mapping engine fixes, and i18n improvements.
A focused v3.16.1 release: a new journeys editor, Azure Blob Storage as an alternative to S3, AI chat memory improvements, EPSS feeds, IEC 62443 outline, NIST CSF 1.1 enriched with reference controls, expanded respondent mode for third parties, and a steady stream of performance and bug fixes.