Changelog · 1 releases in the last 30 daysThe log of every decision we’ve shipped.
Velocity shows up in the weekly log, not the quarterly deck. Every shipped capability, ordered by date. 28 releases and counting.
June 2026
1 releaseAzure SQL Database support
Catalyst now connects to Azure SQL Database alongside PostgreSQL, MySQL, and on-prem SQL Server. First customer integration shipped same-day against a live Azure SQL workload.
- Azure-aware TLS — full certificate validation against Microsoft-signed certs for `*.database.windows.net` hosts
- View discovery during introspection — SQL Server reporting views now show up in the table picker, not just base tables
- Redesigned connection error card — full firewall and IP messages displayed in a wrapped, readable block so customers can see exactly which IP to whitelist
- pyodbc + ODBC Driver 18 for SQL Server under the hood
May 2026
1 releaseCSV upload reliability
Three production hardening passes on the CSV upload path — clearer errors when the upstream object store is slow, a fix for multi-schema introspection, and qualified `schema.table` storage so uploads into custom schemas round-trip correctly.
- Cleaner separation between transient upstream errors (502) and validation errors (422) so customers know which to retry
- Fix for a signature drift in the multi-schema introspect path that surfaced when uploading into non-public schemas
- Qualified `schema.table` storage end-to-end — uploads into custom schemas now appear correctly in the table picker and SQL Generator context
- Live on decide.diwo.ai
April 2026
18 releasesSelf-service onboarding for trial customers
Trial customers can now spin up their own Catalyst use case end-to-end — connect a database, pick the tables they care about, generate recommendations — without needing a Diwo admin in the loop.
- New `trialclient` role with the capabilities needed to create a use case but nothing more
- Guided use case creation wizard — connect database, introspect, pick tables, generate recommendations
- Tenant-scoped onboarding so trial workspaces are isolated by default
- Pairs with the 15-day free trial flow on diwo.ai/trial
Question taxonomy + pre-pipeline guardrails
A new guardrail in front of the agent pipeline classifies every incoming question against a structured taxonomy before any LLM call. Off-topic, malformed, or suspicious questions get rejected for pennies instead of dollars — and every step now writes a structured trace for audit.
- Pre-pipeline guardrail catches out-of-scope and malformed asks before they hit the expensive agents
- Structured question taxonomy routes each question to the right downstream agent
- End-to-end query logging — every agent step writes a structured trace tied to the conversation
- Word-boundary regex patterns on the guardrail so legitimate questions containing reserved keywords no longer get blocked
Cost & latency optimization
Big efficiency pass on the agent pipeline. Repeat questions now reuse cached prompt prefixes, schema context is selected per question instead of dumped wholesale, and the response + visualization steps were merged into a single LLM call.
- Anthropic prompt caching on static schema and system blocks — ~70% input-token reduction on repeat questions
- Schema RAG — only the tables relevant to the current question get sent to the LLM, not the full catalog
- Merged response + visualization agents — one LLM hop instead of two for chart-bearing answers
- Per-tenant rate limits — predictable spend caps that prevent runaway usage on a single workspace
Named by Gartner and IDC in 2024 DI vendor assessments
Diwo is now listed in two of the most consequential Decision Intelligence vendor assessments of the year — Gartner's Market Guide for DI Platforms and the IDC MarketScape: Worldwide Decision Intelligence Platforms 2024 Vendor Assessment.
- Listed as a Representative Vendor in Gartner's Market Guide for Decision Intelligence Platforms
- Named in the IDC MarketScape: Worldwide Decision Intelligence Platforms 2024 Vendor Assessment
- Alongside peers shaping the DI category — including Palantir, SAS, FICO, IBM, Aera, Quantexa
- Launched the /research page: analyst citations plus seven essential reads on the DI shift
Catalyst Enhancement Suite — Glossary, Training, ER Diagram, Observability
Five admin tools shipped together to put customers in control of how Catalyst understands their data, learns from their analysts, and proves its work. Plus a new M-Schema prompt format that gives the LLM richer table context inline.
- Business Glossary — define tenant-specific terms so the LLM speaks your language ("ARR", "GMV", "active member") instead of guessing
- AI Training — curate a library of sample questions and expected answers; Catalyst uses them as few-shot examples for similar future asks
- Interactive ER Diagram — visualize tables, columns, and foreign-key relationships discovered from your database
- Observability panel — token spend, query latency, error rates, and per-conversation traces in admin
- M-Schema prompt format — table descriptions, column roles, FK targets, cardinality, and sample values rendered inline per table for richer LLM context
Prompt injection hardening across all agents
Every Catalyst agent — Intent, SQL, Response, Visualization — now isolates user input inside a quoted context block and rejects attempts to override its instructions. Pairs with a tighter classifier so off-topic asks get redirected cleanly instead of dropped into the data pipeline.
- Defensive system prompts on every agent so user input can't escape its quoted context
- Tighter IntentClassifier — `data_retriever` is the default, off-topic asks route to `out_of_context` instead of `greeting`
- Explicit separation between out-of-scope questions and greetings, with distinct responses for each
- Hardened JSON output parsing across providers (OpenAI, Anthropic, Google) to prevent malformed responses from corrupting card rendering
Data refresh profiles + CSV upload + Agents UI
Catalyst now keeps connected databases in sync on a schedule, accepts CSV files as ad-hoc data sources, and exposes the full agent inventory in admin so customers can see exactly which agents are configured for their workspace.
- Data refresh profiles — schedule periodic re-introspection of connected databases to pick up schema drift automatically
- CSV upload as a first-class data source — drop a file, get a connection
- Agents UI in admin — see every agent (intent, SQL, response, visualization, recommendation) and its configuration in one place
- Insight-first UX polish — answers lead with the insight, with data and SQL one click away
- Connection reuse — pick from existing connections when configuring new use cases instead of re-entering credentials
Catalyst Dashboards
Pin any card from any conversation onto a curated dashboard, then generate an AI-written executive briefing from it. The story your team needs to see, in one place.
- Pin metric, chart, table, and insight cards from any Catalyst conversation
- AI briefing endpoint synthesizes a structured summary (executive summary, key findings, recommended actions, data highlights) from pinned cards
- Dashboards are per-use-case, editable, and preserve card snapshots so the briefing doesn't drift
- Briefings regenerate on demand when underlying conversations evolve
Analyzed recommendations + thread reuse
Recommendations now remember which ones you've already explored — and clicking a repeat recommendation reopens the existing conversation instead of starting a new one.
- Green checkmark on analyzed recommendation cards, tab counts reflect only unanalyzed
- Repeat clicks on the same recommendation reopen the existing thread — no duplicate conversations
- Inline rename for conversation titles and individual user messages (pencil on hover → inline edit)
- Cache invalidation on decision creation so navigating back reflects the updated state
Catalyst Agent Framework — plugin-style inbound & outbound
A plugin architecture that snaps into your existing systems. Inbound agents keep the data layer fresh; outbound agents push decisions into Slack, CRM, ERP, and custom destinations — under a deterministic, typed contract.
- Inbound agent slots: schema metadata refresh, market-signal pollers, user-action listeners
- Outbound agent slots: Slack notifier, Salesforce task create, ERP push, email dispatch, Microsoft Teams, Webhook Dispatcher (HMAC-signed, retried with jitter, logged)
- Deterministic execution — every agent runs a narrow typed contract, not open-ended reasoning
- High-impact actions require named human approval before firing
- Every inbound refresh and outbound dispatch is appended to the per-decision audit trail
Enterprise-grade visualization
Every chart, metric, and insight card rebuilt for executive eyeballs. 14 chart types, zoom and fullscreen controls, rich metric tiles with sentiment context, and tabbed insight views.
- Migrated to ApexCharts — 14 chart types, zoom/pan/selection/reset/fullscreen toolbar
- Rich metric cards — icon + sentiment arrow + contextual comparison (vs. prior period, vs. target)
- Insight cards — tabbed view (Data · Observations · Evidence) with markdown support
- Smart value formatting inferred from axis labels (currency, percent, integer, decimal)
- IntersectionObserver defers chart render until in view — no more blank charts
Decision Flows — multi-step data pipelines
Write business rules in plain English, and Catalyst structures them into a repeatable decision pipeline. Each click runs a curated SQL + synthesis flow end to end.
- Rule-first input — type numbered business rules, click Generate, Catalyst derives the step sequence
- Each flow step reuses the production SQL generator + response synthesizer — no bespoke one-off code
- Multiple published flows per use case, each with its own generated recommendations
- Role-gated flow authoring via a dedicated `can_create_flows` capability
- Full audit trail — every step's SQL, retry history, and synthesis is logged against the decision
Recommendation Pipeline
The landing page now surfaces ranked recommendations grouped by category — the high-leverage questions your team should be asking this week, generated from your schema metadata.
- LLM-generated recommendations per use case, ranked by category and severity
- Category-first navigation with mini-card rows, priority dots, hover-reveal impact and value
- One-click dive from recommendation to full conversation, pre-loaded with the underlying question
- Per-use-case regeneration with optional `force` override
- Decision tracking — every analyzed recommendation writes to the audit trail
Real-time chat with streaming answers
Full Catalyst chat UI live — centered landing input, streaming responses, card-based artifacts for every answer. Built on native WebSocket with auto-reconnect.
- WebSocket-based streaming pipeline — tokens arrive as they're generated
- Claude.ai-inspired layout — centered landing greeting, full-width conversation, no sidebar clutter
- Card registry — every answer returns metric, chart, table, insight, or action cards
- Auto-reconnect with backoff, connection status hidden on the happy path
- Per-user connection limits enforced server-side
Natural-language data engine — BYO database + 5 LLM providers
Ask your data anything in plain English. Catalyst translates to safe SQL, executes against your connected database, validates every card against a Pydantic schema, and returns structured answers.
- Agent pipeline — IntentClassifier → SQLGenerator → ResponseGenerator → VisualizationExpert
- Bring your own database — MySQL and PostgreSQL connections with introspected schema metadata
- Bring your own LLM — OpenAI, Anthropic, Google/Gemini, Groq, and Ollama (privacy-sensitive deployments)
- Per-tenant model + credential configuration with Fernet-encrypted keys
- Output schema validation on every card before it reaches the user
v2.0 — Diwo Decision Intelligence goes GA
A full rebuild of the Decision Intelligence platform is now generally available. Production live at decide.diwo.ai, dev and prod branches split, auto-deployed on DigitalOcean App Platform with Cloudflare in front.
- Complete refactor of the platform — new engine, new UI, new security posture
- Dedicated dev + prod branches with auto-deploy pipelines
- Production deployment: Dockerized API + web on DigitalOcean App Platform
- Cloudflare-proxied DNS at decide.diwo.ai
- 679+ passing backend tests, 97 REST endpoints + 1 WebSocket, 31 database models
Security hardening pass
Full CVE cleanup, production security headers, rate limiting on sensitive endpoints, and Dependabot on auto-watch.
- Replaced python-jose with PyJWT — eliminated 4 CVEs in one swap
- Production security headers: HSTS, CSP, Referrer-Policy, Permissions-Policy
- Rate limits via slowapi: auth 5/min, refresh 10/min, AI endpoints 20/min
- Dependabot configured on pip + npm with weekly cadence
- API docs hidden in production builds; XSS hardening on markdown rendering
Bring your own LLM
Customers with data-residency or model-governance mandates can now route every Diwo invocation through their own model provider account — with credentials stored encrypted at the tenant level.
- Five first-class providers: OpenAI, Anthropic, Google / Gemini, Groq, Ollama (local)
- Per-tenant AI settings with Fernet-encrypted API keys
- Seven configurable prompt templates per tenant — override the defaults for every Diwo agent
- Admin UI with provider/model selectors, key management, and prompt editors
- Compliance-aware fallback chain: tenant config → tenant AI settings → environment default
March 2026
8 releasesDynamic roles & capability-based permissions
Admin / Analyst / Viewer is out. Roles are now first-class tenant resources with explicit capability flags — define a role per tenant, assign users per use case, and gate every action through a named capability.
- New `Role` model with eight boolean capability flags per tenant
- Four default roles seeded per tenant: admin, editor, analyst, viewer
- User-to-use-case assignments replace flat tenant-wide access
- Endpoint guards migrated to `require_capability("can_edit_configs")`-style dependencies
- Admin panel with full role CRUD — create custom roles, toggle individual capabilities, see user counts per role
Strategy sharing
Share any saved strategy with another analyst — so the retention lead, the pricing lead, and the segment lead can all iterate on the same what-if scenario instead of rebuilding it.
- Per-strategy share dialog with user search and share/unshare in one click
- "Shared with me" filter tab on the Strategy Library
- Recipients see who shared, when, and can load the strategy into What-If to iterate
- Share events are logged; revocation is one click
Notification Center
New opportunities surfaced overnight, strategies shared with you, decisions landed in your inbox — one place to see what changed while you were away.
- Derived notifications — no new model, just aggregations over opportunities + shared strategies
- Bell badge in TopNav and sidebar with unread count
- Dedicated `/notifications` page with per-item read tracking
- Dashboard hero surfaces shared-strategy count inline
- "Mark all as read" clears the queue in one action
Session management + pluggable auth
Short-lived access tokens with refresh-token rotation, replay detection, device-level session management, and a pluggable AuthProvider ABC ready for SAML and OIDC.
- 15-minute access tokens + 7-day refresh tokens with SHA-256 hashed storage
- Refresh-token rotation on every use — any replay revokes the whole family
- `AuthProvider` abstract base class + registry for pluggable providers (SSO-ready)
- Frontend refresh queue mutex — concurrent 401s share one refresh attempt, silent retry after
- Session warning dialog at T-5 minutes with Extend / Sign Out actions
- Password change revokes all sessions and auto-logs the user out everywhere
Storytelling report — AI-narrated, printable
Every opportunity now has a shareable narrative report. AI-generated executive summary, strategy comparison, segment analysis, entity-level deep dives, and experiment charts — all on a print-ready A4 layout.
- Seven-section report: cover, executive summary, strategy overview, segment analysis, entity deep dives, remaining entities, experiment charts
- AI executive summary with headline, key insight, strategic narrative, action hint
- Entity group deep dives with static D3 experiment charts for the top five
- Print-optimized CSS — page breaks, A4 sizing, hidden interactive chrome
- Standalone `/reports` listing page and per-opportunity "View Report" link
Declining portfolio mode
When the opportunity is a KPI decline rather than an uplift, the UI shifts tone. Amber recovery palette, "Recovery Analysis" language, and strategy framing built for stop-loss decisions.
- Client-side direction resolution from config — direction flips UI tone automatically
- Amber palette throughout: opportunity cards, What-If chart, KPI panel, strategy save dialog
- Three-group opportunity split: positive · declining · attention
- Recovery-focused language: "Current Decline" · "Implement Recovery" instead of "Lift" / "Implement"
- Diwo Recommendation card reframes the ask in recovery terms
Per-opportunity AI narratives
Every opportunity gets a three-column AI panel — What it is · Why it matters · What to do — written freshly against the opportunity's current metrics and segments. Not a dashboard tooltip; a strategic read.
- Three-column layout: What / Why It Matters / Actions, each with a lightweight icon card
- Narrative rewrites when the opportunity's underlying data hash changes
- Strict prompt rules — never repeats card metrics, never fabricates numbers, focuses on "why now"
- Fallback narrative is strategic, not metric recitation
- Enable per-use-case via the `enable_opp_narratives` UI layout toggle
AI-assisted strategy validation
Save a strategy and Diwo immediately validates it against real KPI computation, then suggests two or three alternative constraint configurations that could improve the outcome. No more "save and wonder."
- Three-phase Save Strategy dialog: idle → loading → AI suggestion cards
- Suggestions compute real lift against the opportunity, not a hallucinated estimate
- `strategy_type: "ai_assisted"` tags the provenance so filters can isolate AI-suggested strategies
- Violet "AI-Assisted" theme in Strategy Library filter tab and strategy cards
- Backend endpoint `POST /whatif/ai-validate` does the Claude call + KPI computation in one pass
Get the changelog in your inbox.
One email, every other week, every shipped decision. No marketing, no noise.