Roadmap
Planned features and upcoming improvements for Planekeeper.
This page lists features we’re planning to build or are actively working on. It’s meant to give you visibility into what’s coming next.
For detailed release notes, see the Changelog.
info
Priorities may shift
This roadmap reflects our current plans, but timelines and priorities may change based on user feedback and other factors. If a feature here is important to you, let us know!
Recently Shipped
Features that have been completed and are available now.
| Feature | Category | Description |
|---|---|---|
| Maintenance mode & outage detection | Operations | Planned maintenance page, automatic outage detection, advance warning banners with scheduling, runtime toggle without restarts |
| Global pool contributions | Scrape & Gather | Suggest your gather and helm sync jobs for inclusion in the shared global pool via admin moderation |
| Incremental GitHub sync | Performance | GitHub gather jobs only fetch new releases after the first full sync, reducing API calls |
| Alerts page redesign | UI | Status filter (Active/Resolved), inline Resolve buttons, unified activity timeline on alert detail page |
| Multi-role member management | Access Control | Assign multiple roles per member with checkbox selection. Effective permissions are the union of all assigned roles |
| EOL product management | Scrape & Gather | Curated approval system for end-of-life product tracking with approve/deny workflow |
| Loading states on buttons | UI | Spinner and disabled state on all action buttons during form submission to prevent double-clicks |
| Styled confirmation dialogs | UI | All destructive actions (delete, deactivate, resolve, revoke) use a themed confirmation modal instead of the browser’s native dialog |
| Slide-over detail panels | UI | Click any job or alert row to see a quick detail panel that slides in from the right without leaving the list page |
| Breadcrumb navigation | UI | Hierarchical breadcrumbs on detail pages for easier wayfinding back to list pages |
| Improved error messages | UI | API errors from form submissions now surface detailed messages instead of generic failure text |
| User invitations | Access Control | Invite team members to join your organization via invite tokens with role selection during onboarding |
| Bulk actions | UI | Select multiple items for bulk operations (delete, resolve) on jobs, channels, rules, and alerts pages |
| Dark mode | UI | Cookie-based dark/light/system theme toggle in the sidebar with full semantic color token support |
| Alpine.js component architecture | UI | 10+ Alpine.data components for toasts, counters, sidebar, org-switcher, keyboard shortcuts, and more |
| HTMX 2.0 upgrade | UI | Upgraded to HTMX 2.0.8 with eval-free configuration using delegated event listeners |
| Toast notification system | UI | Alpine-based toast for action feedback with auto-conversion of query param messages |
| Keyboard shortcuts | UI | ? help modal, / search focus, g+d/j/s/a/r for page navigation |
| Expandable detail rows | UI | Click-to-expand table rows with session persistence across page loads |
| Auto-refresh on live pages | UI | Configurable auto-refresh intervals for dashboard and job pages |
| CSP hardening | Security | Content Security Policy middleware with strict directives, HTMX eval disabled |
| Scope filter component | UI | Reusable All/Org/Global dropdown on list pages for filtering by data scope |
| Correct summary card counts | Bug Fix | Dashboard and job page totals now show accurate counts instead of being capped at page size |
| Permission enforcement on forms | Security | Create forms are hidden server-side when the user lacks permission, preventing URL-based bypass |
| Alert action audit trail | Alerts | Full audit trail of alert lifecycle events with actor, source, and unified activity timeline |
| IAM policy documents | Access Control | AWS IAM-style JSON policy documents for role management with wildcards, deny statements, and org-scoped ARNs |
| IAM-style permissions | Access Control | Fine-grained RBAC with 5 system roles (Owner, Administrator, Editor, Viewer, Operator), custom roles, and per-endpoint authorization |
| Job queued status & queue monitoring | Jobs, Dashboard | New queued status, 6-card dashboard, status filter dropdowns on all job pages |
| Manual scrape jobs | Scrape & Gather | Enter deployed versions directly without agents |
| Pre-seeded global gather jobs | Scrape & Gather | ~173 global jobs covering common infrastructure software for immediate upstream release data |
| Dead letter queue UI | Notifications | View and retry failed notification deliveries |
| Distroless runtime images | Infrastructure | All containers switched to distroless for zero OS-package CVEs |
| GitHub Actions CI | Infrastructure | Five parallel quality checks + Trivy container scanning on PRs |
| UTC timestamp standardization | Infrastructure | All timestamps stored as TIMESTAMPTZ with local timezone display in the browser |
What’s Next (0.4.0-alpha)
Features actively planned for the next release.
Reporting & Analytics
| Feature | Status | Description |
|---|---|---|
| Application ownership & tagging | Planned | Tag scrape jobs and alert configs with team, environment, and category labels to enable team-level filtering and reporting. Org admins can require specific labels and restrict allowed values per resource type |
| Version lag metrics | Planned | Organization-scoped metrics showing version staleness by rule type, worst offenders, and alert distribution |
| Reports page | Planned | Dedicated page showing version lag summary, alert distribution by severity, and worst-offending configurations |
| Security snapshot export | Planned | On-demand JSON/CSV report generation for quarterly security reviews with top risks and staleness data |
| Label-filtered views | Planned | Filter all report and list data by team, environment, or category labels |
Notifications
| Feature | Status | Description |
|---|---|---|
| PagerDuty channel | Planned | Native PagerDuty integration for alert routing |
| Telegram channel | Planned | Send alerts to Telegram chats |
| SMTP / email channel | Planned | Email notifications for alerts |
| Notification channel health checks | Planned | Periodic synthetic notifications to each active channel with automatic health status |
| Channel-level rate limiting | Planned | Per-channel rate limiting and burst control to prevent overloading downstream services |
| Notification quiet hours | Planned | Time window configuration to suppress non-critical notifications during off-hours |
| Escalation chains | Planned | Multi-step escalation policies when alerts remain unacknowledged for a configurable duration |
| Multiple alert conditions | Planned | Configure time and version alerts as a single alert with multiple conditions, reducing duplication |
Scrape & Gather Jobs
| Feature | Status | Description |
|---|---|---|
| Template-based scrape configs | Planned | Reusable scrape job templates for common repo layouts that can be instantiated with minimal parameters |
| Scrape job test harness | Planned | Test scrape configurations against live repositories before saving to verify correct version extraction |
| OCI registry full tag sync | Planned | Fetch all available OCI registry tags without the default 100-tag limit |
Agent Observability
| Feature | Status | Description |
|---|---|---|
| Agent error tracing in UI | Planned | Store agent execution logs in database and display in Admin UI, searchable by organization |
| Configurable log retention | Planned | Default 24h retention per agent, configurable per organization |
| Structured database logging | Planned | Structured logs written to PostgreSQL with agent ID, org ID, timestamp, and level |
| Log aggregation dashboard | Planned | Organization-level dashboard showing recent agent logs with filtering by agent, job, or error type |
Other Improvements
| Feature | Status | Description |
|---|---|---|
| Organization audit log | In Progress | Central audit log of entity state changes, expanding beyond the existing alert audit trail |
| Improved onboarding experience | Planned | Guided setup wizards and tutorials for new users |
Future Considerations
These are areas we’re exploring for future releases. Priorities may shift based on user feedback.
- Trend tracking & SLO compliance — Historical trends, version-freshness SLO definitions, and compliance burn-down charts
- Advanced notification routing — Rules-based routing by severity or tags, quiet hours, alert grouping to reduce noise
- CVE & vulnerability awareness — Surface known vulnerabilities alongside version staleness alerts
- Advanced rule engine — Composite rules with Boolean logic, rule templates, dry-run simulation
- SSO & enterprise access — OIDC/SAML integration, org invitations, configuration export/import
- Extended automation — Automatic PR generation for version updates, artifact discovery