Changelog — AtlasRisks GGRI

Jump to: v20.x v19.x v18.x v17.x v16.x

v20.x · The customer-experience line

v20.1 Public changelog + pricing compare table extended NEW 2026-05-11

This page — /changelog.html — pulls the version history into one public-facing log. Linked from every footer.
pricing.html compare table now includes the Custom Enterprise column (unlimited seats, federated workspaces, on-prem deployment, dedicated CSM, custom SLA, BYO SSO + audit export, founder direct line). Custom is no longer just a strip card under the grid.

v20.0 Watchlist quick-add from drill-down 2026-05-11

One-click + Watch this country toggle inside every country drill-down. Signed-in subscribers no longer need to detour through Settings → Edit watchlist to track a country they're already looking at. Toggle flips to ✓ Watching when added; click again removes. Server enforces the per-tier seat cap (free 1 / paid 10 / team 25 / enterprise 75 / custom 999) and surfaces capped/truncated states inline.

v19.x · Revenue + product feature line

v19.9 Country comparison radar + bigger Refresh button + auto-refresh on login 2026-05-11

New Country Comparison panel: pick 2-3 countries, see a hand-rolled SVG radar chart over the 10 v18 categories side-by-side, with a numerical category table beneath. Useful for "same headline, different operational profile" analysis.
Refresh button enlarged ~50%, relabeled ↻ Refresh data, idle glow pulse, spinning ↻ during fetch.
Sign in via the Settings drawer → Live Atlas auto-pulls fresh /api/intel-feed. No manual refresh needed.

v19.8 Freshness pulse + deep-link to country FIX 2026-05-11

The "Atlas — Online" dot pulses green when pipeline data is fresh (<30 min), amber slow-pulse for 30 min–6 h, amber static for 6–12 h, red static for 12+ h. Tier flip on every fetch.
/dashboard.html#IRN now auto-opens Iran's drill-down + scrolls it into view. Closes the v18.2 audit's search-to-map disconnect — operators can bookmark, share, or link directly to any country panel.

v19.7 Status strip cleanup FIX 2026-05-11

Fixed "Last Update 9h ago ago" duplicate (HTML literal collided with fmtAgo() output).
Disabled the legacy v9 simulator that was racing the v10 adapter on #last-sweep (visible flicker between values).
Status strip "Sources / Countries / Methodology" numbers now live-bound to the payload instead of stale hardcoded "41 / 193 / v1.1".
Removed legacy "TSG PIPELINE" label (AtlasRisks has been the canonical OSINT host since v16.1).

v19.6 Bulk CSV / JSON export 2026-05-11

GET /api/v1/export?format=csv|json downloads today's full hotspot state — one row per country with the ten-category breakdown flattened to 40 columns. CSV opens cleanly in Excel; JSON is the pretty-printed full payload. "📥 Download today's data" button in the Settings panel for browser users; same Bearer auth + rate limit as the other v1 endpoints.

v19.5 Subscriber Settings panel + watchlist self-edit 2026-05-11

Settings drawer in the Live Atlas now includes an Account section: name, email, account-type pill (paid/trial/free), status, watchlist preview, API-key fingerprint. Five action buttons — Change password, Edit watchlist, Manage billing, Sign out, Delete account. New endpoints: /api/auth/me, /api/auth/change-password, /api/auth/delete-account, /api/subscriber-set-watchlist.

v19.4 Accessibility baseline 2026-05-11

Honors prefers-reduced-motion site-wide (animations + transitions disabled when requested).
Global :focus-visible outline — every interactive element shows a clear focus ring for keyboard users.
Skip-to-content link as the first body element on the long pages (dashboard, admin).
Static audit memo published — addresses the v18.2 deferred a11y item on every dimension except the ones that require a live browser (Lighthouse, axe DevTools).

v19.3 Customer-facing API + onboarding email drip REVENUE 2026-05-11

API access (sold on pricing.html since v16.3) now actually exists: GET /api/v1/hotspots + GET /api/v1/country/:iso with Bearer auth, per-key rate limit (Pro 50/hr · Team 100/hr · Enterprise 250/hr · Custom 1000/hr). Public docs at /api.html.
Admin can issue / rotate / revoke per-subscriber API keys. Plaintext shown once; only the SHA-256 hash persists.
4-email onboarding drip: day 0 welcome → day 2 tutorial → day 7 case study → day 12 trial-ending or upgrade nudge. Cron at 13:00 UTC daily.

v19.2 Watchlist score-delta alerts REVENUE 2026-05-10

Pricing has sold "Score-delta alerts" since v16.3 — v19.2 ships them. After each pipeline refresh, the engine scans every subscriber's watchlist; any country with |Δactive| ≥ threshold (paid 10, trial 15) triggers a single-country alert email within minutes. Per-(email, ISO, day) dedup. Daily cap 10/subscriber. Opt-out flag honored.

v19.0–v19.1 Stripe Checkout + self-service portal REVENUE 2026-05-10

POST /api/checkout creates a real Stripe Checkout Session for the Pro tier with a 15-day trial. The webhook (HMAC-SHA256 signature verified) upgrades the subscriber from source=trial to paid on completion.
/manage.html page + Settings panel button route subscribers to the Stripe Billing Portal for self-service cancellation / plan change / payment method.

v18.x · Scoring methodology rebuild

v18.7–v18.9 Source diversity: 45 → 67 feeds SCORING 2026-05-10

Three sub-rounds closing the Western-press concentration the v18.2 audit flagged:

Sub-round 1 — 9 regional anchors: Premium Times Nigeria, East African, Mail & Guardian SA, Times of India, Nikkei Asia, SCMP, Folha de São Paulo, El Universal, Clarín.
Sub-round 2 — wire + state-affiliated: AFP, TASS, Xinhua, PressTV, Anadolu. State-affiliated outlets carry the stateAffiliated:true flag and weight 0.30 — corroborate but never dominate scoring.
Sub-round 3 — economic + specialist + governmental: IMF Press Center, Federal Reserve, ECB, FRED Blog, Al-Monitor, Defense One, EU Council Press, Japan MOFA travel advice.

Western-mainstream concentration dropped from 53% → ≈32%. Economic-category active signal is now live (rate decisions, IMF Article IV) instead of OFAC-only.

v18.1 Per-event scoring + asymptotic ceiling SCORING 2026-05-10

Per-event scoring formula: event_score = severity × source_reliability × recency × frequency × business_impact × locus_factor. Asymptotic compression replaces the hard 100-cap: values above 85 squash toward 100 along an exponential curve and never quite reach it — so a tactical-nuclear-exchange day in Russia can still produce a meaningfully higher headline than a quiet day. Two-decimal display so subscribers can see real precision at the top of the band.

v18.0 Ten-category baseline decomposition SCORING 2026-05-10

Risk scoring decomposed into ten weighted categories — security, political, civil unrest, crime, economic, regulatory, infrastructure, cyber, health, advisory. Per-country profile assignments (state_collapse_war / peer_war_invader / war_defender / fragile_authoritarian / criminal_violence / regional_tension / stable_democracy / default) drive structurally honest baselines. Russia and Israel can sit at the same headline GGRI but have completely different top-3 category profiles — the methodology now communicates that.

v18.2 Comprehensive site audit 2026-05-10

Tier 1 audit across 12 dimensions: storage, scale, broken links, code redundancy, source diversity, per-country source attribution, usability, efficiency, SEO, security, pricing. 13 numbered recommendations R1-R13. Two strategic gaps surfaced: source diversity (closed in v18.7-v18.9) and pricing positioning (addressed in v18.4 Option B). The audit memo is available on request.

v17.x · Hybrid headline + live-merger

v17.8 Hybrid headline rule SCORING 2026-05-09

For CRIT countries (baseline ≥ 75): headline = baseline + (active − 50) × 0.25 — modulates Sudan/Ukraine/Russia/Israel headlines so they actually move on the day's news. For non-CRIT countries: max(static, active) — a Sweden terror incident still escalates the headline appropriately. Both clamps come before the v18.1 asymptotic compression.

v17.6 Static / Active decomposition 2026-05-09

Every country score is now two numbers: risk_static (curated structural baseline, slow-moving) and risk_active (pure event-driven, fast). Headline is derived from both. Surfaces in dashboard + daily brief + admin diagnostics so subscribers can see whether today's GGRI is driven by structural fragility or news intensity.

v17.0 Audit P0/P1 fixes + email deliverability 2026-05-09

Closes the v16.6 audit P0/P1 items: pricing typos corrected to $99/mo, Pro CTA repointed from broken /checkout → /signup.html, "41 sources" → "45 sources" across 6 pages. Daily brief email gains RFC 2369 + RFC 8058 List-Unsubscribe headers for Gmail one-click unsubscribe (also biases out of Promotions tab).

v16.x · Country-relevance + admin layer

v16.5 Subscribers admin panel 2026-05-08

Full CRUD over the daily-brief subscriber list inside /admin — add/remove subscribers, source pill (paid/trial/free), test-send button, last-loaded timestamp.

v16.2 Country-relevance fix FIX 2026-05-08

Word-boundary regex country matching so "Indiana" no longer matches India, "Iranian" no longer matches Iran, "Chinatown" no longer matches China. Drill-down events also now filter to locus/actor roles only — passing-mention items get dropped from the per-country panel.

v16.0 Locus / actor / mention classifier SCORING 2026-05-08

Every event now carries a per-country role: locus (the country where the event occurred), actor (the country that did the thing), mention (passing reference). Only locus events contribute meaningfully to a country's score. Stops "US Senate condemns X" from counting as a US event when it's actually a country-X event.

Earlier versions (v9 – v15) cover the initial methodology bring-up, OSINT pipeline construction (10-category SOURCE_REGISTRY, 21 event types, recency decay, country-attribution confidence), and the edge-function admin gate. Available on request to hello@atlasrisks.com.