What's new in v0.8.8
v0.8.8 adds query monitor, a read-only live operator TUI for a running daemon, backed by two new daemon endpoints, an extended status endpoint, and six new Prometheus gauges with matching Grafana panels. It also lightens the self-contained HTML dashboard and hardens terminal output against control-sequence injection. There is no breaking change to the daemon wire protocol, the configuration format, or any existing command. The minimum supported Rust version stays 1.96.0. The release-gate lab validation passed.
CLI: query monitor, a live operator TUI
perf-sentinel query --daemon <URL> monitor opens a read-only terminal UI for a running daemon, aimed at DevOps and SRE rather than the developer-facing inspect. It polls on --refresh (1 to 3600 seconds, default 5) and cycles five tabs with Tab. Advisor shows the daemon's settings-advisor hints colored by kind. Energy shows the effective energy and carbon mix per service and per region, distinguishing cold reference tables from hot live sources. Trends draws live energy and carbon curves and runtime-headroom gauges over the poll history. Scrapers shows per-backend energy scraper health. Config lists every [daemon] parameter with its current value, the compiled-in default, and a one-line explanation. When the daemon is unreachable the last snapshot stays on screen under a stale banner, and a transient endpoint failure carries the previous static data forward rather than flickering. Both TUIs now follow the terminal theme so light and dark backgrounds both read well, and they restore the terminal idempotently across the panic hook and the RAII guard.
Daemon: new read-only endpoints
GET /api/config returns every [daemon] parameter through an explicit allowlist response. Secrets never leave the process: TLS paths and the ack API key are summarized to the booleans tls_configured and ack_api_key_set, and the ack and archive storage paths are never echoed. GET /api/energy reports per-backend health for the five energy and intensity sources, with a configured flag, scrape freshness, and success and failure counts. GET /api/status is extended additively with the runtime caps and live depths the Trends tab reads: max_active_traces, analysis_queue_depth, analysis_queue_capacity, stored_findings, and max_retained_findings. All three are loopback-facing and GET-only.
Metrics and Grafana
Six new scalar gauges join /metrics, label-free by design to respect the bounded-cardinality rule. perf_sentinel_energy_kwh and perf_sentinel_carbon_gco2 report the most recent scoring window, while perf_sentinel_max_active_traces, perf_sentinel_analysis_queue_capacity, perf_sentinel_max_retained_findings and perf_sentinel_stored_findings report the runtime caps and current depths. The capacity gauges are published once at startup, the rest per scoring window. The upstream Grafana dashboard gains three panels: energy and carbon per scoring window, and runtime headroom as a percentage of each cap against a 90% threshold line. The high-cardinality per-service and per-region mix deliberately stays off /metrics and is surfaced only by the monitor TUI.
HTML dashboard: a leaner embed
The self-contained HTML report no longer embeds per_endpoint_io_ops, which no view rendered, and caps top_offenders at the 25 the dashboard can show, since it reads only the top entry. On a 15000-finding report the file drops from about 6.4 MB to 5.0 MB. The JSON report keeps the full set.
Terminal hardening
sanitize_for_terminal now also strips BiDi reordering marks and invisible characters, the Trojan-Source class, consolidated out of the SARIF helper so every terminal and HTML sink shares one sanitizer. The monitor's Config tab routes daemon-controlled strings, the listen address, environment and CORS origins, through it, so a hostile daemon cannot inject escape sequences into the operator's terminal. The cloud-energy scraper now advances its staleness gauge on a failed scrape, matching the Kepler scraper.
Documentation
INSPECT.md, QUERY-API.md, METRICS.md and the CLI and design docs document the five tabs, the new endpoints, and the gauges, with the French mirrors updated in lockstep. Both READMEs showcase the monitor demo, and the inspect and all-in-one TUI stills were refreshed for the lighter secondary text.
Helm chart
charts/perf-sentinel 0.2.52 to 0.2.53, appVersion 0.8.7 to 0.8.8. Template surface unchanged, additive metadata only.
Operator-visible behavior change
There is none beyond the additions. The new endpoints, gauges, and TUI are purely additive, and older daemons that lack them degrade gracefully in the monitor. The detect and score verdicts, the existing daemon routes, the OTLP wire shape, and the existing configuration keys are unchanged.
Why this is a patch and not a minor
Everything in this release is additive and backward compatible: a new client TUI, two new read-only endpoints, additive status fields, six new gauges, and a lighter HTML embed. The terminal-sanitization change only strips more dangerous input, it never alters legitimate text. No detection verdict, daemon route, OTLP wire protocol, or existing configuration key changes. The minimum supported Rust version stays 1.96.0.
Verifying this release
# Binary integrity via SLSA Build L3 attestation
gh attestation verify perf-sentinel-linux-amd64 \
--owner robintra --repo perf-sentinel
# A periodic disclosure produced by this binary
perf-sentinel verify-hash --report perf-sentinel-report.json \
--expected-identity "https://github.com/robintra/perf-sentinel/.github/workflows/release.yml@refs/tags/v0.8.8" \
--expected-issuer "https://token.actions.githubusercontent.com"gh CLI 2.49 or newer required for gh attestation verify.
Full Changelog: v0.8.7...v0.8.8