Changelog
What's new in NYXR
Every release, newest first - what was added, improved, fixed and hardened. Each line maps to a real change in the platform.
-
Faster assistant, seamless navigation & unified alerts
- Fixed The AI assistant stopped replying (and got much slower) after the prompt-injection hardening - it now answers in seconds again, with the same anti-injection safeguards intact.
- Improved Moving between the landing, dashboard and changelog is now instant: client-side navigation with no full page reload and no flash.
- Improved One redesigned notification system across the whole console - on-brand alerts with a contextual action and a dismiss button, replacing the old toasts.
- Improved Rebuilt the changelog as a clean release timeline.
-
Console consolidation & polish
- Improved Merged Performance into Health and Bans into AI Verdicts, and redesigned the bans view.
- Improved Light-theme contrast pass, plus the traffic-over-time legend icons now match each curve colour.
- Fixed Accessibility and Lighthouse cleanups across the authenticated console and the login / changelog pages.
-
Tables, AI assistant & changelog
- Added Uniform table toolkit: global search, per-column value filters (multi-select checklists + contains), click-to-sort, row multi-select and CSV export across every table.
- Added "Ask AI" bulk action: forward a selection of requests or verdicts to the assistant for analysis, with the data treated as untrusted.
- Added This changelog, reachable from the console and the public site.
- Security Hardened the AI assistant against prompt injection: user input and tool results are treated strictly as data, with anti-exfiltration and role-lock rules.
- Fixed Assistant conversations now replay in chat order (oldest message first).
- Fixed Section tabs sit flush left and the track hugs the tabs instead of stretching full width.
- Improved Subtle row striping and a cleaner selection / export toolbar for readability.
-
WAF mode enforcement fix
- Fixed A protected service in detect/off mode no longer challenges or rate-limits requests - only block mode enforces. Detect/off is now truly observe-only.
-
NYXR landing & console home
- Added Public NYXR marketing site with an animated WebGL hero, the nine-layer engine schema and a faithful console preview.
- Improved The landing now lives at /, the authenticated console moved to /dashboard, sign-in at /login.
-
Conditional Access
- Added Conditional Access policies: gate any service behind a country rule, TOTP, a shared password or a trusted-IP bypass - non-bypassable and fail-closed at the gateway.
- Added Per-policy maximum failed attempts with a styled block page on lockout.
- Improved Access Lists and Conditional Access merged into a single "Access & Policies" workspace.
- Improved Styled, on-brand block / challenge / gate pages.
-
Kernel-level bans & AI verdict
- Added Kernel-level enforcement: confirmed bans are dropped at the kernel with nftables (off / log / drop).
- Improved An AI "allow" verdict is now authoritative down to the kernel ban layer, lifting over-eager behavioural bans.
- Added Read-only AI assistant (the NYXR cat) with per-user conversation history.
-
Core gateway
- Added ModSecurity v3 + OWASP CRS WAF, IP / ASN / country / threat-intel filtering, adaptive antibot challenges, advanced rate limiting and behavioural bans.
- Added Real-time Astro admin console with live logs, KPI dashboards and centralized observability.