Changelog

Added

• +POST /api/deployments/:id/auto-fix endpoint orchestrates the full crash to PR pipeline. Extracts a Go, Python, Node, Ruby or Java stack signature from log lines, applies the dedupe policy (3 occurrence floor, 24h cool down, 5 PRs per day per project), fetches source files at the exact deploy commit SHA from GitHub, calls Claude with a focused prompt, then clones and applies the diff and opens a draft PR via the user's GitHub token
• +Worker incident scanner ticks every 5 minutes, walks every project, env and service tuple, filters CloudWatch log events on common crash patterns, runs the signature extractor on hits and records incidents with a captured trace sample so the dashboard banner can replay them on click
• +GET /api/projects/:id/incidents endpoint backs the recurring crash banner with occurrence count, last seen timestamp, language detected, and any existing fix PR URL
• +Recurring crash banner on the deployment detail page with an Open fix PR with Eigon button when a trace has been captured
• +Daily cost ingest cron in the controlplane runs cloudcost.IngestEngine against AWS Cost Explorer so cloud_cost_breakdowns is kept warm without manual admin trigger
• +Three new shared packages: pkg/incidentdiag (stack trace parser, Postgres dedupe store, Claude and git and GitHub adapters), pkg/cloud/cwlogs (CloudWatch wrapper), pkg/scaletozero (idle service scaler), pkg/dbrollback (data rollback planner)

Improved

• ~Customer environment cost endpoint prefers actual MTD from cloud_cost_breakdowns over the engine estimate. Response carries a source flag so the UI labels Actual versus Estimate, plus an as_of_date so customers can see how fresh the AWS data is. Falls back to the engine estimate only on brand new environments where no usage has been ingested yet

Added

• +Procfile parser fans a single repo with web, worker, clock and release lines into one service per process type with the right network shape. Workers and crons get no public IP, no ALB rule and no HTTP healthcheck
• +Release tasks render as ECS TaskDefinitions with no long-running Service; the worker calls RunTask between Sceptre phases and aborts the deploy on a non-zero exit so a broken migration never overtakes a new web image
• +BuildKit S3 cache backend keyed by lockfile hash, so the dependency-install layer survives across services and across deploys including a service's first build; falls back transparently to the previous ECR latest cache when the bucket is unset
• +Cost prediction endpoint at GET /environments/:envId/cost/prediction returning days until cap, severity bucket and a one-line recommendation calculated from a 7-day rolling rate
• +Preflight check framework with four rules at launch: ephemeral SQLite path, localhost in connection-string env vars, hardcoded listen port without process.env.PORT, hallucinated imports not present in package.json
• +Static AST audit that fails CI when a new HTTP handler extracts a tenant-scoped URL parameter without verifying organisation membership
• +Pluggable preflight phase in the deploy pipeline that persists each finding to the deployment timeline so users see the fix hint before the build runs

Improved

• ~Worker private subnets are read from the network stack output or the warm-base plan, with an explicit error when neither resolves a subnet so misconfigured release tasks surface instead of silently running in the wrong VPC
• ~Sceptre launch is now phased: phase one creates infrastructure plus release task definitions, then RunTask runs migrations, then phase two updates services. Old behaviour was a single launch that could promote a new image against an unmigrated database
• ~Service templates branch on type to drop public IP, listener rules and inbound security group rules for worker and cron services, removing unnecessary attack surface
• ~Cost prediction returns a non-NaN, deterministic result on day one of the month and on environments with no cost history yet, so the dashboard never has to special-case empty state

Added

• +WAF toggle per environment, on by default for production profile, with PATCH endpoint for changing it later
• +Monthly bandwidth ceiling in GB per environment with 50/80/95/100 threshold emails and Slack or Discord alerts
• +Failure classifier that mines resolved failure analyses every six hours and returns a bucket plus confidence for new unknown errors
• +POST endpoint for multi-change what-if simulations that sums cost deltas across up to twenty proposed changes and surfaces the worst risk level
• +Compliance report endpoint that audits each environment against eighteen technical controls and returns a pass, fail, warning or not applicable verdict with cited evidence for each
• +Public environment health badge served as an SVG at /environments/:id/badge.svg so customers can embed status in their README
• +Dynamic OpenGraph image generator for the root of the site and for every blog post, producing branded social cards at build time
• +VS Code extension scaffold with deploy, status and logs commands, buildable from cli/vscode-extension

Improved

• ~Orphan resource scanner now distinguishes hard and soft orphans, scans ECR, CloudWatch log groups, CloudFront distributions and unattached target groups, and runs hourly instead of daily
• ~Canary repo no longer writes to non-existent deployment state values, rollback now flips only the deployment status enum
• ~PR preview coordinator attributes webhook-triggered deploys to the organisation owner so the NOT NULL user column is satisfied
• ~AWS scale-down helper no longer passes an invalid scalable dimension filter to DescribeScalableTargets, which previously blocked the autoscaler pin step silently
• ~GitHub webhook handler is now a single consolidated endpoint with HMAC verification, PR preview dispatch and PR merge redeploy all in one place

Added

• +Canary monitoring window on every environment, configurable from the dashboard
• +Background watcher that polls error rate after every deploy and rolls back automatically when the threshold is breached
• +Configurable rollback threshold and minimum request count so quiet environments do not trigger noisy rollbacks
• +Spending cap email alerts at 50, 80, 95 and 100 percent with branded HTML templates
• +Celebratory email on the first ever successful deploy for each organisation

Improved

• ~Graceful degradation now actually scales every service down to its minimum and pins the autoscaler so it cannot fight back
• ~Hard stop now scales the affected services fully offline instead of only marking the environment paused
• ~Deploy completion is funnelled through a single transition point so future reliability features can plug in cleanly

Added

• +API tokens, scoped and revocable, managed from Account settings
• +eigon CLI for deploys, status checks, log streaming and flag management
• +GitHub Action that runs a deploy and waits for it to finish
• +Spending cap card on every environment with live month to date usage
• +Slack, Discord and generic webhook integrations for deploy and cap events
• +Feature flags with per environment rollout percentages
• +Terraform export bundle covering network, compute, database, cache, CDN and WAF

Improved

• ~Auth layer accepts both browser sessions and long lived API tokens
• ~Spending cap reconciliation runs hourly and triggers graceful degradation at the limit
• ~Recommendations engine surfaces cost and reliability suggestions on the environment page

Added

• +Drag and drop ZIP upload as an alternative to a GitHub repository
• +Atomic source switching between GitHub and ZIP, enforced at the data layer
• +Versioned source storage so concurrent uploads cannot clash
• +Delete environment flow with a type to confirm modal
• +Admin cleanup page for orphaned cloud resources
• +First deploy success modal with next step links

Improved

• ~Framework and runtime detection now falls back when source signals are weak
• ~Environment teardown is more robust and reports clearer status
• ~Region detection picks the right default on the very first deploy
• ~Background graph and metadata writes no longer contend with the request path

Added

• +Cost analysis page with category breakdown and one click apply for suggestions
• +Eigon Copilot chat panel on every environment
• +Region selector modal with latency and cost scoring
• +Daily orphan resource scanner
• +Plain language tooltips across the dashboard

Improved

• ~Deployment progress rail explains every phase in plain English
• ~Failure analysis panel lists likely causes and next steps
• ~Infrastructure graph uses friendly node names instead of cloud jargon
• ~Logs page filters with hover explanations for each log level

Added

• +Custom domain setup with CNAME instructions and one click verify
• +Auto provisioned SSL certificates that renew on their own
• +Self heal endpoint for failed nodes with safety guards
• +Drift detection comparing template against deployed state
• +Sizing recommendations driven by 30 days of metrics

Added

• +Four production regions across North America, Europe and Asia
• +Production profile that auto enables WAF and CDN
• +Readiness scoring engine with rule based checks and one click fix packs
• +Suggested code patches for the most common deploy failures

Added

• +Failure analysis that classifies build and runtime errors and proposes fixes
• +Auto applicable fix packs for low risk issues
• +Variables page with bulk import from .env files
• +Encrypted secret storage with per environment isolation

Added

• +GitHub OAuth and repository selection wizard
• +Framework auto detection across 45 plus stacks
• +Managed container deployments with a load balancer in front
• +Real time deployment events streamed to the dashboard
• +Basic dashboard with logs and metrics