Skip to content

Release Notes: v0.1.0-beta.1 (RC1)

Date: January 19, 2026 Version: Beta Release Candidate 1

Vision

This release marks the transition of Fulcrum from a functional prototype to a production-ready "Beta Release Candidate." We have focused on hardening the infrastructure, formalizing security controls for enterprise compliance, and polishing the user experience to ensure Fulcrum is "Operator-Grade."

Key Highlights

1. Infrastructure Hardening

  • Safe Configuration: Implemented a unified configuration layer across all Go services (event-processor, fulcrum-server, fulcrum-mcp) with strict environment validation. Services now fail fast if critical secrets or settings are missing.
  • Networking & Security: Hardened Kubernetes NetworkPolicies to enforce the principle of least privilege. Internal service communication is restricted to authorized paths only (e.g., Server to Database).

2. Security & Compliance

  • Granular RBAC: Introduced a scope-based access control system. API keys can now be restricted to specific actions such as policy:read, policy:write, or audit:read.
  • The Action Ledger: Renamed "Traces" and "Flight Recorder" to the Action Ledger—a canonical, immutable system of record for all agent activity. This ledger is now backed by general-purpose audit logging in Postgres.
  • Isolation: Verified and enforced Row-Level Security (RLS) across the database, ensuring that tenant data remains strictly isolated even at the storage layer.

3. User Experience (Dashboard)

  • Terminology Alignment: Unified terminology across the platform. "Traces" are now recorded in the "Action Ledger," and "Rules" are part of "Policies."
  • Swiss Industrial Aesthetic: Refined the UI for high-contrast visibility and "Operator-Grade" voice, prioritizing clarity and speed for high-frequency agent monitoring.

Technical Changes

  • Added scripts/verify-env.sh for proactive secret mapping verification.
  • Updated internal/middleware to support granular scope enforcement.
  • Created fulcrum.audit_logs table for general-purpose compliance tracking.
  • Fixed migration dependency issues in integration test suites.

Beta Testing Checklist

  • [x] Verify API Key generation with granular scopes.
  • [x] Confirm "Action Ledger" captures all agent requests via SDK.
  • [x] Ensure policy violations trigger the correct DENY/WARN actions.
  • [x] Validate that audit logs record all administrative changes.

Fulcrum: Safety is the foundation.