Skip to content

What's New

See the latest updates and improvements to ProcesOS

Current Version: v1782243022601
v1.8.0

The Process Maturity Ladder

Processes now climb a unified L1–L7 maturity ladder — computed from workspace state and surfaced from the editor's readiness checks all the way to the workspace cockpit.

Added

  • Unified L1–L7 process maturity ladder, computed from workspace state and persisted per process (recomputed on freeze)
  • Pre-validation checks in the editor are grouped by maturity level, showing current standing and what unlocks the next rung
  • Maturity level surfaced across the workspace cockpit — governance overview and process rankings now span all seven rungs
  • New ProcesOS cycle glyph and animated loader; the CPG governance loop and L4–L7 rungs share one lifecycle visual
  • New gated Process Lifecycle knowledge-base article in the Academy
  • Landing pages: per-audience social-preview images, a default showcase image, and an audience navigation dropdown

Changed

  • Process level widened from 1–3 to the full L1–L7 maturity scale (backwards compatible — levels 1–3 keep their meaning)
  • The ProcesOS logo now links back to the homepage

Fixed

  • Login hero logo and headings are legible on the always-dark map background
  • Audience landing pages reliably show their per-audience image; internal image paths are now absolute

L1–L7 Process Maturity

Every process now sits on one unified maturity ladder — Descriptive, Analytical, Governed, Compliant, Sustainable, Integrated, Cybernetic. The upper rungs are computed from real workspace state (compliance, resource flows, active capability nodes, credentials, federation) and persisted per process, recomputed when a process is frozen.

See where a process stands

The editor's pre-validation checks are grouped under their maturity level, so you can see exactly where a process sits and what unlocks the next rung. The workspace cockpit surfaces all seven levels across the governance overview and rankings.

Refreshed identity & Academy

A new ProcesOS cycle glyph and animated loader land across the app, with the CPG governance loop and the L4–L7 rungs aligned to the same lifecycle pillars. A new gated Process Lifecycle article joins the Academy knowledge base.

v1.7.0

ERP Sync & Process Intelligence

ProcesOS now syncs live ERP data into process cost analytics, consolidates duplicate process roles, and reveals each process's most valuable and greenest path — under a refreshed brand identity.

Added

  • Odoo ERP integration: connect a workspace, map products to resource categories, and sync them with real costs into process analytics — plus inventory levels, KPIs, and a dry-run preview
  • Process-role consolidation: merge duplicate roles across diagrams using name, shared-responsibility, and member-name suggestions, with diagram sync-back and credential retitling
  • Events now carry directed value and resource flows, revealing each process's golden path (highest business value) and green path (lowest footprint)
  • CMDB sovereignty scan: a scan button auto-fills hosting, technology, and FAIR maturity details for IT-system artifacts
  • Refreshed ProcesOS brand identity — logo, favicon, brand color, and per-audience social-preview images, plus a new For Academia landing page
  • After login you now land in your main workspace cockpit instead of a blank editor
  • Per-audience conversion funnel for the landing pages

Changed

  • Paid add-on routes (Odoo, CMDB scan) are now enforced on the server, not just hidden in the UI

Fixed

  • Switching themes no longer triggers a 500 error
  • The stakeholder validation dialog now scrolls on small screens
  • The Academy back button returns you to where you came from
  • XOR gateway branch probabilities are validated to sum to 100%
  • Intermittent 500 errors are now caught and logged with a reference ID
  • Signup notifications no longer mention obsolete account activation
  • The user-task form editor renders correctly
v1.6.0

Governance Lifecycle & CMDB-Driven Process Analytics

Validation now gates AS-IS freeze behind an ISMS review + promote vote. Process Analytics' Systems tab realigned onto the real CMDB with FAIR/ISMS ratings.

Added

  • ISMS Compliance Review stage — when all lane-responsibles validate, the workspace's Head of Compliance gets an attestation task listing CMDB Systems + Data Objects used in the process, with FAIR / contract / GDPR gap indicators
  • Promote-to-AS-IS Vote stage — after ISMS attestation, a governance vote opens to lane responsibles + Head of Processes + Head of Compliance with configurable quorum and 7-day expiry
  • Governance dashboard surfacing — ISMS reviews and promote-vote tasks appear on the user dashboard, in the notification bell, and inline in the validation wizard
  • CMDB IT-System view in Process Analytics — Systems tab, Overview chart, Monthly cost table, and per-lane/per-path tags all driven by the real CMDB inventory with FAIR scores
  • Per-system Data Object detail — each CMDB system shows the Data Objects attached to its tasks with classification, personal-data flag, special categories, and legal basis
  • Shared freezeProcessAsIs() helper — atomic CAS-freeze + AS-IS version insert with rollback on failure

Changed

  • Stakeholder validation no longer auto-freezes the process — completion now opens the ISMS review stage instead. The validation-complete toast was repurposed to "Validation complete — ISMS compliance review opened"
  • Tailwind dark variant is now bound to the app's CSS-variable theme (light / dark / midnight / amethyst), not the OS prefers-color-scheme setting
  • Process Analytics snapshot stores real CMDB system names (instead of BPMN task-type pseudo-names) — improves AS-IS / TO-BE delta accuracy and SC4 setup-cost matching going forward
  • package.json now carries an explicit license field; README has a license section pointing at the LICENSE file

Fixed

  • Path explosion — extractAllPaths and calculateProcessMetricsFromFlow followed every connection (including DataOutputAssociation, DataInputAssociation, MessageFlow); a single parallel gateway with two branches generated 72 paths instead of 2 in real diagrams
  • Process-context entity resolution silently returned empty — fixed the prop-only extractor (now uses extractAllCmdbSystemIds to match attribute-form bm:cmdbSystemId) and the wrong data_objects collection lookup (real collection is dataObjects)
  • Invisible cockpit overview text on light theme — the custom --color-* namespace was never defined anywhere and fell back to rgba(255,255,255,…); one bridge in app.css maps it onto the existing theme variables
  • Forum badges unreadable on theme/OS mismatches — credential / tag / status / gated-state badges now use color-mix() against theme variables for contrast on every theme
  • Resolved a long-standing merge conflict in README.md that had been sitting in the file since the original BPMN-Builder → ProcesOS rebrand
v1.5.4

Parallel Gateway KPI Correctness

Process-level KPIs no longer overcount shared tasks across paths produced by parallel gateways. Critical-path analysis replaces sum-of-durations for parallel branches.

Changed

  • Process-level KPIs (`totalCostPerRun`, `monthlyCost`, `totalEffortHours`) now use task-based aggregation with effective execution probability instead of summing over paths — eliminates the parallel-gateway overcount
  • Total process duration uses critical-path analysis (max across parallel branches) instead of summing across all paths
  • Scoped KPIs in `scope-analysis.ts` follow the same task-based pattern

Fixed

  • Parallel gateways no longer overcount shared tasks in `totalCostPerRun` / `monthlyCost` — a 11-task diagram with one parallel fork previously showed ~5× the correct figure
  • Process duration for parallel branches no longer adds branch durations — uses concurrent-execution semantics (max) as expected
v1.5.3

Sovereignty Scanner, BYOK Wizard & Managed Agent Tooling

CMDB sovereignty scanner (SSRF-hardened), US CLOUD Act exposure in FAIR scoring, IRB FAIR matrix estimator, BYOK setup wizard, and BPMN tools on Anthropic managed agents.

Added

  • CMDB Sovereignty Scanner — server-side scan of DNS / HTTP security headers / SSL-TLS / WHOIS-ASN / technology detection for `it_system` artifacts (feature-gated, CMDB add-on)
  • Provider Knowledge Base — workspace-aware registry of hosting / CDN / email / analytics providers with jurisdiction (EU / US / other / unknown), seeded with ~50 hand-curated providers and growing automatically via scan-discovery
  • EU Sovereignty Score (0-100 + A-E grade) per artifact, with category-weighted breakdown (hosting 40%, email/auth 25%, CDN 15%, analytics 10%, other 10%)
  • US CLOUD Act exposure surfacing on scan results + propagation into FAIR scoring
  • IRB FAIR Maturity Matrix estimator from scan signals — full level descriptions per dimension stored alongside the score
  • SSRF-hardened scanner core — `validateScanTarget()` rejects private / loopback / link-local / cloud-metadata IP ranges with TOCTOU-safe IP pinning
  • BYOK Setup Wizard — guided multi-step flow (provider → test → model dropdown → managed-agent create → token usage)
  • Anthropic managed-agent BPMN tool integration — all 22 BPMN custom tools registered on the agent alongside `agent_toolset_20260401`
  • System-prompt teaching for the managed agent — explicit ProcesOS tool round-trip + result shapes baked into the agent body

Changed

  • BYOK key save now fails loudly when `WORKSPACE_KEY_ENCRYPTION_SECRET` is missing or misconfigured — silent encryption failure path closed
  • BYOK model-load now receives the API key explicitly from the connection test (no more post-save race against `getWorkspaceSecret()`)
  • Anthropic console link in BYOK setup updated to `platform.claude.com` (new Anthropic URL)

Fixed

  • Anthropic managed-agent updates now include the required `version` field for optimistic concurrency control; one automatic retry with fresh version on conflict
  • Empty star-rating outlines in the Validation Wizard are now visible (previously rendered transparent-on-transparent)
v1.5.2

Wizard, Billing & Cost-Math Fixes + AI Model Discovery

Wizzy chat unbroken, Stripe boot-crash fixed, monthly cost math now probability-weighted, validation flow hardened. Plus AI model discovery dropdowns and password reveal on auth screens.

Added

  • Provider-agnostic model discovery in Admin AI Settings + Workspace BYOK Settings (dropdown after API-key entry, supports Anthropic / OpenAI / Mistral)
  • Anthropic skill / managed-agent listing in Admin AI Settings
  • One-click "Wizzy erzeugen" creates an Anthropic Skill agent idempotently (existing skill is reused, not duplicated)
  • Password reveal toggle (eye icon) on login, setup, and reset-password screens — preserves `autocomplete` for password-manager compatibility, aria-label i18n in en/de/es
  • Discovery-call CTA on the landing page linking to Proton Meet booking
  • Anthropic managed-agents Sessions API spike script (`scripts/spike-managed-sessions.ts`) — foundation for future Wizzy-on-Sessions integration

Changed

  • Stripe price-ID resolution is now lazy (resolved on first use, not at module import) — missing env vars no longer block server boot
  • Wizzy API now requires `spaceId` and resolves the AI provider per workspace (BYOK key + provider, then global, then env-var fallback)
  • Validation start now archives prior `validation_invite` notifications via `read: true` instead of deleting — audit trail preserved
  • Validation `complete` action performs the all-responsibles-validated check server-side and creates the AS-IS freeze atomically via CAS — no client-side race condition

Fixed

  • Wizzy chat returned 400 "spaceId is required" on every message — client now passes the diagram's workspace id
  • Stripe crash at import time when price-ID env vars are missing (esp. local dev without full Stripe setup)
  • Monthly costs in Analyze view were up to 3× too high on multi-path diagrams without configured gateway probabilities — path probability is now properly computed and propagated through lane/system aggregation
  • Stakeholder validation "Start" button stayed clickable during an active session, allowing duplicate validation tasks
  • Clicking a validation task on the dashboard navigated to the diagram but didn't open the validation wizard
  • No auto-freeze to AS-IS when all responsible lane-stakeholders completed validation — a manual freeze step was required
  • Sidebar grey-background cutoff in the auth screen sidebars
v1.5.1

Legal, Security & Brand Hardening

TTDSG cookie consent, Terms of Service, GDPR-hardened legal pages, HTTP security headers, env-driven Stripe config, and a consistent ProcesOS brand across the app.

Added

  • TTDSG-compliant cookie consent banner gating non-essential storage
  • AGB / Terms of Service page
  • Expanded Impressum and Privacy Policy for GDPR compliance (controller, purposes, data-subject rights, processors)
  • Baseline HTTP security response headers on every response

Changed

  • Stripe price IDs are now environment-driven — test→live cutover is a pure env-var change with no code deploy or 500-error window
  • Checkout API now takes a tier key (`pro` / `team`) instead of a raw Stripe price ID; the server resolves it so price IDs never reach the client
  • App domain consolidated onto `procesos.techreform.de`; sitemap / robots.txt / llms.txt base URL is now env-driven via `APP_URL`
  • Product brand unified to ProcesOS across page titles, API docs, on-chain credential metadata, User-Agent headers, and UI text

Fixed

  • Sidebar grey-background cutoff in menu sidebars (`flex: 1; min-height: 0; overflow-y: auto` on the nav container)
v1.5.0

Universal Quest System

Quests grow up: visibility/context discriminator, optional bounty, target-artifact rollup, auto-generation from CMDB gaps, and atomic credential + XP rewards on completion.

Added

  • `QuestPayload.visibility` (`internal` | `public`) and `QuestPayload.context` (`marketplace` | `workspace_task` | `maintenance`) as required discriminators
  • `QuestEvidenceKind` union — `validation_session`, `artifact_assessment_submitted`, `form_completed`, `manual_attestation`
  • `QuestTargetArtifact[]` rollup payload — multi-artifact, multi-kind quest targets supersede the single `requiredGttSlug`
  • Bounty is now optional — `workspace_task` and `maintenance` contexts accept `priceTier: 'free'` with no escrow checks
  • Bounty-free quests auto-close on activation (verified → closed) with two-hop `stateHistory` entries
  • **Artifact-completeness library** (`src/lib/server/artifact-completeness/`) — pure-function `computeCompleteness(artifact, domain)` with FAIR domain implementation for `it_system` artifacts
  • **Quest Generator engine** (`src/lib/server/quest-generator/`) — template-driven scanner with dedup, rate caps (50/workspace/day, 5/template/cycle), circuit-breaker, 24h scheduler, cockpit lazy-refresh
  • `questTemplates` + `questGenerationLog` collections with FAIR-on-`it_system` default template seeded per workspace
  • `quest_completion` credential type with `QuestCompletionMetadata` — atomic credential + Foundation Skill XP credit on quest completion
  • `QuestPayload.rewardSpec` — canonical reward configuration (credentialType + skill + xp) copied from generator templates at insert time
  • Compensating-rollback reward path — credential revoked if XP write fails; existing-credential pre-check prevents double-rewards on retry
  • Migrations 027 (visibility/context backfill), 028 (targetArtifacts from requiredGttSlug), 029 (questTemplates schema + indexes), 030 (seed default FAIR template into existing workspaces)

Changed

  • Quest publish validator now checks `visibility`, `context`, `evidenceSpec.kind`, `targetArtifacts` consistency, and optional `rewardSpec` (credentialType + xp + foundation-skill existence)
  • Q1g acceptance loop guards against non-`validation_session` evidence and issues reward *before* close-CAS for bounty-free path (failure leaves quest at `verified` for retry)
  • Marketplace QuestPublishPane hides bounty and party-kind fields for non-marketplace contexts
  • Workspace-creation routes (`/api/spaces/+server.ts`, `/api/spaces/from-template/+server.ts`) seed the default FAIR quest template
  • Cockpit page-load triggers a lazy quest-refresh (debounced, fire-and-forget with `.catch()` to prevent SvelteKit unhandled-rejection crashes)
v1.4.0

Maturity Epic Sealed + Cockpit Systems Tab

Maturity Epic #104 sealed: all 12 profile-types covered, age-tier-cap, admin-tunable weights, history sparklines. Plus Cockpit Systems tab with FAIR/ISMS scoring and 3-tier cost analysis.

Added

  • Maturity profiles for the 7 remaining ecosystem-roles (`district`, `association`, `organisation`, `transform_consultant`, `agency`, `government`, `solution_provider`) — no more silent business-fallback
  • Workspace-age tier cap (silver under 3mo, gold under 12mo, unlimited ≥12mo) with would-be-tier display in Cockpit Maturity hero
  • Admin-tunable maturity weights via Cybernetic Core — per-profile, per-dimension override with 1.0 sum validation
  • `Admin → Cybernetic Core → Weights` tab with profile selector + dimension table + sum-indicator + reset
  • Maturity history snapshots (`workspaceMaturitySnapshots` collection) with daily-deduped 4-hour scheduler over active workspaces
  • Inline sparkline trend in Cockpit Maturity hero — per-dimension and overall score
  • `GET /api/spaces/[id]/maturity/history?days=N` endpoint with 5-min client-side TTL cache
  • Cockpit **Systems** tab — CMDB-sourced view of every IT system with FAIR / ISMS / contract / ESG / AI metadata
  • FAIR dimension visualization (5-segment horizontal bars per dimension, color-coded by level)
  • Framework filter toggles on Systems tab (GDPR / NIS2 / DORA / ISO27001) with OR-semantics across multi-select
  • Sort options on Systems tab — sovereignty / FAIR-score / name / cost / criticality, with rated-first / unrated-last for sovereignty + FAIR
  • Header counter badges on Systems tab — `X low sovereignty · Y not assessed` for at-a-glance pain-point context
  • 3-tier cost analysis with execution multipliers and time-window calculations (path / process / global metrics)
  • `src/lib/bpmn/cost-math.ts` — pure-math helpers extracted as testable module (21 unit tests)

Changed

  • Maturity engine `getProfileFor` async-resolves admin overrides via derived-config; sync `getDefaultProfile` exposed for tests; `getProfileFor` kept as `@deprecated` alias
  • Maturity engine `getProfileFor()` default branch now only catches `null` / `undefined` ecosystem-role; all 12 roles resolve to dedicated profiles

Fixed

  • Age-cap notice rendering "workspace is 1 months old" — fixed via `plugin-message-format` structured plurals across all three locales
v1.3.0

Treasury, Maturity, Audience Pages

Workspace Treasury sealed end-to-end. Maturity engine + 12 dimensions visible in Cockpit. Six audience-targeted landing pages live. Plus dashboard worldmap, listing hardening, cockpit hub.

Added

  • Workspace Treasury — non-custodial declared-wallet, CIP-30 ownership proof, Blockfrost balance + 6h cache, rotate / unset with open-escrow guard, audit log UI, obligations chip
  • Workspace-funded quests end-to-end — Head-of-Finance publishes quests from the workspace treasury; fulfillers offer via per-user `/api/user/me/treasuries`
  • Workspace Maturity engine with 12 dimensions across 5 ecosystem-role profiles (business / community / village / institution / university)
  • Cockpit Maturity tab — score ring, tier badge (bronze→diamond), dimension sub-score grid weighted by `effectiveWeight`, per-role rating breakdown, embedded Skill + GTT-capability dashboards
  • Audience-targeted landing pages: `/for-business`, `/for-enterprise`, `/for-communities`, `/for-institutions`, `/for-government`, `/for-solution-providers`
  • Dashboard worldmap with workspace + federation-peer markers, Nominatim-backed address search
  • Cockpit Übersicht redesign — summary-card hub with deep-links to detail tabs
  • GET `/api/spaces/[id]/maturity` (auth-gated, 5-min client-side TTL cache)
  • GET `/api/spaces/[id]/treasury/obligations` (any workspace member, returns `{ count, totalLovelace }` for live workspace-funded quests)
  • GET `/api/user/me/treasuries` (returns spaces where current user holds Head-of-Finance + a verified treasury)
  • ADR-0001: rating-infrastructure decision for the role-experience-variance dimension

Changed

  • `/api/marketplace/listings` GET returns tiered responses based on caller auth (anonymous → identity-stripped, authed non-member → `kind` only, creator-space member → full payload). Single batched membership lookup avoids N+1.
  • Treasury DELETE handler shares the same `getOpenObligationsSum` helper as the new obligations endpoint — single source of truth for open-escrow precondition.
  • Marketplace `?creator=<spaceId>` filter param threads through to listings GET — used by the worldmap quest-badge deep-link.
v1.2.0

Quest Marketplace & Compliance Cockpit

Demand-side marketplace: workspaces publish capability bounties in ADA, fulfillers deliver via blueprints, acceptance auto-triggers on GTT activation. Plus compliance cockpit + voting view.

Added

  • Quest Marketplace (Epic #95): publish a capability-activation bounty with ADA locked in Cardano escrow; fulfillers offer, deliver, and get auto-accepted on GTT activation
  • Quest discovery tab at /marketplace?type=quest with bounty/deadline/urgency card, scope badge (U→U / U→W / W→U / W→W), archive toggle
  • Inline OfferToFulfilDialog — no detail page, one-click from frontier-pill or marketplace-card to offer-submit
  • GTT Frontier bounty chip: any unblockable capability with an open quest shows an accent ₳-pill that deep-links into the offer flow
  • Automatic quest acceptance loop: when the required GTT node flips to `active`, matching open quests auto-advance to `verified` with forensic evidence (non-fatal sweep, CAS-guarded against double-writes)
  • quest_fulfilment credential minted on offer-accept; space-scoped lookup so it survives individual member departures
  • Workspace Cockpit Compliance Tab: cross-diagram aggregation with min() semantics, per-framework/jurisdiction heatmap, pain-point hero card, gap click-through
  • Multi-dimensional Delta View (BPMN + cost + resource + GTT + compliance) extracted into its own reusable component
  • Voter View for change proposals with credential-gated voting + weighted tallies + on-acceptance bounty release
  • Workspace Treasury backend primitive: non-custodial CIP-30 signData ownership proof, Mongo-backed nonce store with atomic consume-once replay protection, rotate/unset endpoints that respect open-escrow immutability (UI lands v1.3.0)

Changed

  • Validated AS-IS BPMN diagrams are now immutable — PUT handler returns 409 `edits_disabled_after_validation` once a governance validation session has locked the process; proposals must flow through the voting view
  • Marketplace browse query filters out expired quests (no auto-cron for published → expired) and self-authored quests (no circular self-nudge)
  • Compliance analysis moved server-side via bpmn-moddle, with a 5-minute client-side cache on the aggregated workspace compliance store
  • QuestPayload's `questParties.quester` is the single source of truth for funder identity — open-escrow states (`published`, `in_progress`, `verified`, ...) exported as `OPEN_QUEST_STATES` for cross-module reuse

Removed

  • User-level subscription model — licensing is workspace-only now; personal spaces cascade-delete with their owner
  • Hard-coded `fundedFromSpaceId` / `fundedFromTreasuryAddr` escrow snapshots — superseded by QuestPayload's discriminated-union funder encoding + AS-IS payload immutability
v1.1.0

Marketplace & Sovereignty

Operating Layer epic complete: unified paid-escrow marketplace across all item types, capability activation loop, sovereign workspace identity via KERI AID, Forms linked to DataObjects.

Added

  • Unified paid-escrow marketplace across blueprints, GTT capabilities, artifacts and workspace templates
  • PublishListingDialog: five-step type-aware publish wizard with early-draft persistence
  • Creator Analytics dashboard at /marketplace/creator with totals, 30-day trend chart, acceptance rate
  • Blueprint.producesGttSlug hook: run-context validation auto-activates the referenced GTT capability
  • Editor action "Solution from selected artifacts" — promote artifact-bearing tasks into a workspace solution node
  • Durable audit log for admin-triggered GTT frontier snapshots, surfaced in the admin debug view
  • KERI AID support via KERIA integration — per-workspace identity with on-chain registration (Cardano metadata label 7743)
  • Public workspace profile at /w/[slug] with tokenize.it invest-widget integration
  • Head-of-Finance role with treasury:manage permission scope
  • Forms now link to DataObjects; AI heuristic infers GDPR categories from field keys and labels
  • DataObject settings: linked-forms section + read-only form preview on the GDPR tab
  • 30-day Pro trial on every new workspace (pre-Stripe launch)
  • Vitest infrastructure as first repo-wide unit-test runner
  • In-app Bug Report dialog creates GitHub issues via server-side PAT — no repo access needed for users

Changed

  • WorkspaceCreateModal rewritten on top of a live marketplace picker — any published workspace_template listing appears automatically
  • FilterBar sector dropdown expanded to full FoundationSector enum; gains optional priceTier opt-out
  • MarketplacePublishSettings now dispatches to the unified PublishListingDialog with preset type
  • Tier-gate removed from workspace creation — every new workspace starts Pro-trialing
  • Frontier admin UI renders a compact timeline table instead of prose snapshot metadata
  • UserTask properties panel always offers a Create-form button, not just an Edit button for already-linked forms

Fixed

  • Direct-editing inline textbox is now visible across all themes — transparent background with theme-aware text and caret color
  • Spell-check red wavy underlines suppressed on BPMN element labels
  • Auto-popup "Add form" dialog no longer triggers on every diagram load with existing forms
  • Form-js editor now renders reliably on first dialog open (previously ignored the container ref timing)
  • LaneRoles tab infinite-spinner caused by a $effect reactivity ping-pong
  • Docker build no longer crashes on signify-ts/libsodium ESM bundling issue
  • FormStore silent error swallow — errors now propagate to UI toasts and the list refreshes after save
  • Forum credential badge type mismatch for head_of_finance role
  • SSR crash on /edit route caused by unguarded localStorage access in Wizzy $state() initializers

Removed

  • Legacy /api/marketplace/templates/* endpoint family (use /api/marketplace/listings/* instead)
  • PublishWorkspaceDialog component (superseded by PublishListingDialog)
  • Per-creation module-checkbox add-ins on WorkspaceCreateModal (Launch-Trial activates all modules)
  • Recommendation-tier match-badge UI (tier-gate no longer relevant with Launch-Trial)
v1.0.2

Operating Layer: Artifacts, Unified Marketplace, Contextual GTT

Operating Layer launch: unified marketplace, CMDB artifacts, contextual GTT frontier, and artifact/capability references directly on BPMN tasks.

Added

  • Artifact/Capability two-layer data model with cmdbArtifacts collection and artifact-bound GTT nodes
  • Unified marketplace with four item types (blueprint, gtt_node, artifact, workspace_template) and faceted filters
  • Workspace Capability Tree seeded per space (procesos-workspace, workspace_core and sovereign/intelligence/operations/interop layers)
  • Contextual GTT Frontier panel surfacing the next three recommended nodes with explainable rationales
  • Adoption gates on GTT nodes: required credentials, workspace skill aggregates, and blueprint listings
  • bpb:GttNodeReference as a first-class BPMN palette element with status-aware renderer
  • artifactRefs and gttNodeRefs on BPMN flow nodes and lanes with a dedicated properties-panel section
  • Artifact editor UI with type-specific fields for physical, digital asset, sensor, document and integration artifacts
  • Free-adopt endpoint for marketplace listings, distinct from paid purchase flow
  • Admin debug view for the GTT Frontier with snapshot, recompute and heatmap tabs
  • Four-act scripted story and milestone banner on the login map

Changed

  • Settings tab 'CMDB / IT-Systems' renamed to 'Artifacts', with IT-systems now one category among many
  • Workspace template selection is sourced from marketplace listings instead of hardcoded seeds
  • Governance validator now checks referenced artifacts are deployed and capabilities active
  • Marketplace listings support structured jurisdictions and compliance frameworks instead of free-text tags
  • GTT template titles, descriptions and rationales are fully i18n-keyed with fallbacks

Fixed

  • Editor page crash on load after the marketplace refactor
  • Docker build OOM by disabling auto-openapi in production builds and raising the Node heap limit
  • CI Docker builds switched to a self-hosted runner to stabilise image publishing
v1.0.1

Marketplace, Process Roles & Release Communication

Cardano-secured workspace template marketplace, BPMN lanes promoted to workspace-wide process roles, a public changelog, and various UX improvements.

Added

  • Cardano smart-contract-secured workspace template marketplace (Publish → Buy → Instantiate → Validate → Release/Refund)
  • Anonymization pipeline for template export with PII detection and deterministic role-placeholder remapping
  • BPMN lanes as first-class workspace process roles with credential gates and default cost rates
  • Public /changelog page with release timeline and empty state
  • Admin release management panel (CRUD, draft/published workflow)
  • "What's New" banner in the layout, tied to the latest published release version
  • App version and changelog link in the footer
  • Forgot password flow — password reset directly from the login screen
  • Form.js integration for UserTask form definitions in the editor
  • Self-sustaining village demo workspace template (~125 seed documents)
  • World events stream and resource flow panel on the login screen
  • ProcesOS brand definition with tagline typewriter in the hero section
  • /marketplace/how-it-works transparency page with links to validator and signer source

Changed

  • Lane roles auto-register workspace-wide on diagram save
  • Credential gate: hard for responsible, soft warning for contributor/viewer
  • Archived roles auto-reactivate when the same lane name reappears
  • Cardano NFT portfolio now queries by stake address for full HD wallet coverage

Fixed

  • Marketplace helper export prefixed with underscore for SvelteKit compatibility
  • Cardano: silent preprod fallbacks removed — explicit network configuration required
  • Login map: subtler connection lines and quest bubble viewport clamping
v1.0.0

ProcesOS — The Process Operating System

Initial release of ProcesOS: a multi-tenant process management platform combining BPMN 2.0, DMN decision tables, AI assistance, process governance, and capability planning into a composable process execution language for organizations.

Added

  • BPMN 2.0 editor with bpmn-js — full diagram modeling, auto-save, translation overlays, auto-layout (ELK.js)
  • AI Wizard Assistant — multi-turn AI chat for diagram creation and modification (Anthropic, OpenAI, Mistral providers)
  • DMN Decision Tables — dmn-js integration linking BusinessRuleTask elements to reusable decision table definitions
  • Multi-tenant workspaces with subscription tiers (free, pro, team, enterprise) and feature gates
  • Process Governance — AS-IS/SHOULD-BE versioning, stakeholder validation wizard, change voting
  • Global Technology Tree (GTT) — 5-element capability planning (Fire/Water/Earth/Air/Aether) with status machine and unlock cascades
  • CMDB — IT systems registry with cost tracking, license management, FAIR assessment, and ESG data
  • Data Objects library with GDPR classification (personal data flags, legal basis, retention periods)
  • Resource tracking with carbon footprint analysis per process path
  • Cost & ROI analysis — per-task cost modeling, lane costs, process-level analytics with currency support
  • Compliance analysis — regulatory gap detection, DPIA/GDPR fields, EU AI Act properties (Art. 14, 26)
  • FAIR Score assessment for IT systems (Transparency, Accountability, Interoperability, Data Sovereignty, Human Oversight, Local Adaptability)
  • Discussion forum with credential-gated access, diagram linking, AI insights, and change proposals
  • Gamification — XP-based skill system with bronze-to-diamond tiers, foundation skill graph, and mastery levels
  • Cardano/Web3 — wallet connection, credential minting, NFT portfolio, Andamio integration
  • Stripe billing — subscription management with webhooks
  • Cross-instance federation — Cardano registry, Ed25519 signing, public surfaces, collaboration references
  • Cybernetic Core — server-side configuration engine with pluggable engines (feature gates, pricing, landing page)
  • CPG Demo Workspace (Baeckerei Schmidt) — 4 processes, 8 IT systems, 6 data objects, 7 resources, full governance setup
  • Internationalization — English, German, Spanish (32 namespaces via Paraglide/inlang)
  • Better-auth authentication with 33 social providers, organization-based permissions, API key support
  • Interactive guided tours (Shepherd.js) for onboarding