FortressCI v1.1.0: Usability & Adoption

What's New in v1.1.0

This release completes the v1.1.x Usability & Adoption milestone from the roadmap, adding major features for local scanning, multi-platform CI, reporting, and policy gating.

Features

fortressci init CLI Wizard (1.1.1)

• Interactive setup that detects project type (Node.js, Python, Go, Java) and CI platform
• Generates tailored CI workflow, pre-commit hooks, waivers, and threshold config
• Supports --ci flag for non-interactive use

Multi-CI Platform Templates (1.1.2)

• 6 platforms supported: GitHub Actions, GitLab CI, Bitbucket Pipelines, Azure Pipelines, Jenkins, CircleCI
• Each template includes all 5 scan stages with SARIF output and artifact upload

Docker-Based Local Runner (1.1.3)

• All-in-one scanner image with TruffleHog, Semgrep, Snyk, Checkov, Trivy, and Cosign
• Single command: docker run --rm -v $(pwd):/workspace fortressci/scan /workspace

Unified Findings Dashboard (1.1.4)

• Interactive HTML report with severity charts, tool breakdown, and filterable findings table
• Dark mode, print-friendly layout

PR Comment Summary (1.1.5)

• Automatic security summary posted as PR comment with pass/fail per tool

Severity Threshold Gating & Waiver CLI (1.1.6)

• .fortressci.yml config with fail_on/warn_on severity thresholds
• check-thresholds.sh gates pipeline based on configured levels
• fortressci-waiver.sh CLI for managing security finding waivers (add/list/expire/remove)
• summarize.py now outputs structured summary.json with per-tool severity breakdowns

Improvements

• Added .gitignore for generated scan results
• Added CLAUDE.md for AI-assisted development onboarding

Full Changelog

v1.0.2...v1.1.0