Awali ships continuously. Every release is reviewed, tested in staging, and verified against production security checks before any client environment sees it.
Filter by category to see what’s landed recently — from new modules and improvements to security and compliance updates.
Analysts working in the Workbench shell can now submit dbt changes for review directly through the embedded git workflow — including validation evidence — and reviewers can check out, withdraw, or approve those submissions without leaving Awali.
Strengthened isolation between per-user Workbench shells and tightened git ownership checks so one analyst’s working tree can never be read, written, or impersonated by another.
Every Awali user now gets a true Linux identity inside the Workbench shell — files, processes, and audit logs all reflect the actual person, not a shared service account. This is the foundation for our SOC 2 user-attribution story.
Administrators can now drill down into per-user activity — slow queries, job throughput, cache pressure, and request volumes — with a live operational dashboard built into Awali.
Smoothed out the first-run setup experience — stale shell images are restarted automatically, UID collisions are handled gracefully, and the wizard now self-checks state between steps so partial setups always converge.
When a user’s database sandbox falls behind the golden copy, the Workbench now walks them through refreshing it instead of failing silently.
Aligned the PHP and dbt connection layers so every database connection — application, sandbox, and clone — uses the same verified SSL handshake and canonical hostname.
Production database migrations now run from sealed Docker secrets at container startup. Credentials never touch disk in plaintext and never appear in environment dumps, even briefly.
The deployment pipeline now waits for the application to be fully ready — and retries transient public-smoke failures — before running the post-deploy security test battery.
If the sandbox broker can’t find a usable golden snapshot at startup, it now recovers automatically instead of leaving users without a working sandbox.
Awali now provisions a private, writable copy of the production database for every analyst in seconds — backed by Btrfs copy-on-write clones of a nightly golden snapshot. No more dump/restore, no shared dev DB, no waiting. Every user can break, rebuild, and re-clone their own sandbox without touching anyone else’s.
The deployment pipeline now stands up the sandbox engine on its own — no manual provisioning, no separate EBS volumes, no operator intervention. New environments get instant per-user database sandboxes from day one.
Resolved git “safe directory” warnings when the Workbench operates across shared bind-mounted paths and bare origins.
Each user now gets a private, persistent workspace inside the Workbench shell — their own home directory, their own configuration, and their own command history, isolated from every other user.
Stabilized the per-user shell runtime so sessions start cleanly even after deploys, and the shell image is preserved across deployment cleanups for instant cold starts.
Upgraded Symfony components inside the static-analysis toolchain to clear all known CVEs.
Resolved 20 outstanding Dependabot advisories and one Composer-level CVE in a single coordinated dependency sweep.
The per-user shell proxy now ships from a signed container registry image on every deploy — no manual rollout, no version drift between environments.
Hardened the production deploy script so a single optional feature failing can no longer abort an otherwise-clean rollout.
Locked down the CSP nonce path on the view-mode toolbar and added defense-in-depth hardening on the auth token endpoint.
Power-user shortcuts familiar from VS Code now work everywhere in the Workbench — Cmd+B toggles the sidebar, Cmd+J maximizes the active tab, last-used tab and split positions persist across reloads, and the per-user shell is color-tagged for instant recognition.
Launched CliTerm — a per-user terminal container with full access to dbt, Dagster, MySQL, and Python, isolated from every other user’s environment. Analysts and engineers can run real commands inside the platform without contaminating shared state.
Upgraded axios and dompurify to address 26 outstanding Dependabot alerts across the platform.
Adopted a shared-group permissions model so PHP, dbt, Dagster, and builder workspaces can collaborate on the same files without permission errors.
Operations leaders can now refine pain points directly in the OpMap staging workbench before publishing the operational map.
Added keepalive handling to prevent AI agents from disconnecting during long-running data exploration sessions.
Introduced a dedicated read-only database role for the AI/MCP boundary. AI agents can now query business data but are physically prevented from writing, dropping, or altering anything — enforced at the database, not the application layer.
Extended the MCP toolset so AI agents can configure tables, propose schemas, and preview data with the same capabilities a human user has in the Table Builder UI.
Rolled out an SSM-based deployment workflow for client production environments — no inbound SSH required, and every deployment action is logged and auditable.
Improved terminal container initialization and builder healthchecks for more reliable cold starts.
Screen Builder now supports redeploying updated screens without manual cleanup of menus, permissions, or database tables.
Screen Builder now surfaces deploy errors directly in the wizard with a one-click copy button, so issues can be shared with support instantly.
Replaced fixed-duration startup waits with active readiness polling and smoke-test retries — deployments are now faster on the happy path and more resilient on slow ones.
Removed all inline event handlers across every module to comply with strict CSP. Eliminates an entire class of cross-site scripting risks.
Added a dedicated staging workbench for refining operational maps before they’re published to the team.
Each Screen Builder screen now supports its own encrypted API key vault, so external integrations are scoped to the screen that uses them.
Process candidates surfaced by OpMap can now be reviewed in detail before being promoted to the operational map.
Introduced OpMap — an AI-assisted module for discovering, mapping, and visualizing the real processes that run a business.
Seeds upload now accepts XLSX, images, and additional file types — making it easier to load real-world data without preprocessing.
Onboarded a new client onto a fully isolated production environment with its own credentials, encrypted data, and deployment pipeline.
All workshop screens now share a consistent layout with draggable panel splitters, so users can size their workspace to their task.
Upgraded axios across all modules to remediate the disclosed HTTP client vulnerability.
Wired up Vanta continuous-compliance monitoring across the Awali infrastructure for SOC 2 evidence collection.
Implemented per-request CSP nonces for inline scripts — defense-in-depth against script-injection attacks.
SSO sign-in flow plus end-to-end user sync between Awali and the integrated OpenWebUI chat experience.
Added validation gates, base classes, and MCP tooling that enforce security review on every generated screen before it can be deployed.
Rolled out SOC 2 compliant Docker infrastructure with TLS-encrypted database connections across every Awali environment.
Browse your dbt project tree with inline data previews and an expandable sidebar — exploratory analytics without leaving Awali.
Archive screens with restore, enforce per-screen permissions, and ship updates through a guided deploy wizard.
Preview generated screens against a disposable SQLite sandbox before promoting them to a real database.
Introduced Screen Builder — AI-assisted generation of production-grade Laravel screens straight from a business description.
Embedded AI chat alongside the platform, grounded in each client’s own data and configuration.
Comprehensive document management plus format conversion built into the Notes module.
We’ll walk you through the platform — data, dashboards, and AI agents — on your own data.
Schedule a Demo