What's new in v0.8.0
v0.8.0 turns the interactive inspector into an all-in-one TUI, adds a read-only preview for periodic disclosure reports, and moves the workspace to the Rust 1.96.0 toolchain. analyze --tui and explain --tui now open a single drill-down session across Analyze, Inspect and Explain, and disclose --tui previews a disclosure without writing or hashing anything. The default stdout output of analyze and explain is unchanged (--tui conflicts with --format and --ci), so CI and scripting are unaffected. No config breaking change, no report JSON schema change. The minimum supported Rust version is now 1.96.0. Validated end-to-end on the simulation lab: build, deploy, and the 10-scenario detection non-regression on the new toolchain.
Unified interactive TUI
The Inspect browser (traces, findings, correlations, detail) is now flanked by two views that form a single drill-down. Analyze shows the GreenOps summary (I/O waste ratio, top offenders, quality gate, findings by severity), and Explain shows the selected trace's annotated span tree full screen. Enter descends Analyze -> Inspect -> Explain, Esc ascends back, and a top tab bar shows the active view. analyze --tui opens on the Analyze view, explain --tui opens on the Explain view focused on --trace-id, and both reuse the full analysis pipeline so the three views stay coherent regardless of the entry command. Under query inspect the Analyze view is fed live from the daemon's /api/export/report, degrading to a hint on older daemons that do not expose it. Panel navigation inside Inspect now also accepts vim h/l alongside the arrow keys.
Read-only disclose preview
disclose --tui opens a read-only preview of the periodic disclosure report. A calendar stepper drives the period (month, quarter, year, or custom, with from/to snapping to calendar boundaries), intent and confidentiality toggle live, and the summary reports the window count, period coverage against the official threshold, measured and excluded services, the totals (requests, carbon, energy, waste ratio) and, for official intent, the validator verdict. The footer prints the exact disclose command for the current settings, to copy into a reproducible run. The preview re-reads the same cold NDJSON archive as the canonical command, so the figures match, but it never hashes or writes a report. It is backed by a new archive_time_range helper in the periodic aggregator that scans only each window's ts field to anchor the default period.
Rust 1.96.0 toolchain
The workspace moves to Rust 1.96.0 and the minimum supported version is bumped accordingly. The release adopts the stabilized idioms it enables: Path: PartialEq<str>, slice::array_windows, and core::assert_matches! in tests. These changes are semantics-preserving. The published benchmark figures were refreshed on 1.96.0.
Security
Quality-gate rule names rendered in the colored CLI report now pass through sanitize_for_terminal, closing a path where an attacker-controlled rule name could reach the terminal unescaped. This is the same control-character and escape-sequence guard already applied to the other operator-visible strings in the report, extended to the one rule-name field that still bypassed it.
Documentation
New docs/INSPECT.md and docs/REPORTING.md sections, with their French mirrors, document the unified TUI drill-down and the read-only disclose preview, including the keybindings and the still frames for each view. The README and README-FR Quick look were reworked to lead with the HTML dashboard then the interactive TUI, and the CLI-commands diagram now marks the --tui entry points. The project ships a new logo and banner.
Tests
The diff adds tests across the new code paths:
disclose.rs: the preview state machine and its arithmetic (granularity cycling, calendar stepping and snapping for month, quarter and year, custom-field editing, intent and confidentiality toggles, summary scrolling and clamping, the equivalent-command rendering across every value arm, and all validator-status render states).aggregator.rs:archive_time_rangeover an empty set, a single window, and a multi-window archive, asserting the scan only reads each window'sts.
Helm chart
charts/perf-sentinel 0.2.44 to 0.2.45, appVersion 0.7.8 to 0.8.0. Template surface unchanged, additive metadata only.
Why this is a minor and not a patch
The change is additive but reaches beyond a patch on two counts. The minimum supported Rust version moves from a prior toolchain to 1.96.0, a compatibility-affecting change for anyone pinning an older compiler. And the CLI grows new user-facing surfaces: the --tui flag on analyze, explain and disclose, a new interactive view, and a new archive_time_range helper exposed from the periodic aggregator. The report JSON schema, the disclosure JSON v1.0 format and its canonical content_hash, the daemon HTTP routes and OTLP wire protocol, the co2.model enum, and the Prometheus metric names and label sets are byte-for-byte identical to v0.7.8. The default non-TUI output of every existing command is unchanged.
Verifying this release
# Binary integrity via SLSA Build L3 attestation
gh attestation verify perf-sentinel-linux-amd64 \
--owner robintra --repo perf-sentinel
# A periodic disclosure produced by this binary
perf-sentinel verify-hash --report perf-sentinel-report.json \
--expected-identity "https://github.com/robintra/perf-sentinel/.github/workflows/release.yml@refs/tags/v0.8.0" \
--expected-issuer "https://token.actions.githubusercontent.com"gh CLI 2.49 or newer required for gh attestation verify (unchanged from v0.7.2).
Full Changelog: v0.7.8...v0.8.0