What's new in v0.9.0
v0.9.0 rebuilds the self-contained HTML dashboard as an application shell and adds a local_batch confidence value that separates a local analyze run from a CI one. The pipeline, the detection logic, the configuration format, the daemon HTTP routes, and the OTLP wire protocol are unchanged. The surface that moves is the HTML report, one new confidence value, and inline code formatting in suggestion text. The minimum supported Rust version stays 1.96.0.
Report: the HTML dashboard becomes an application shell
The self-contained HTML report is rebuilt around a sidebar that navigates the sections and a new Overview landing page that gathers the quality-gate verdict, the KPI cards, the top findings by impact, and the diff and carbon rails. The Findings view becomes a master/detail pane with the Explain trace tree folded inline, so selecting a finding shows its tree, its pg_stat cross-references, and its suggested fix in place. KPI cards are tinted by their severity band, SQL, code, and endpoints are syntax-highlighted, and the Geist font family is embedded so the report renders identically offline. It stays a single offline file under the same strict content security policy, and the data each tab shows is unchanged. The embedded demo dataset now spans several frameworks, languages, and cloud regions so the new views have realistic content to render.
Detection: a local-batch confidence value
Batch findings now carry one of two confidence values depending on the run context. A local analyze run is tagged local_batch, a CI run is tagged ci_batch. The de-facto CI environment variable drives the split, and JENKINS_URL is also honored so a Jenkins build is recognized as CI even though it does not set CI. CI=false and CI=0 still force a local context. The value is serialized as local_batch in JSON and SARIF, ranks below ci_batch in the SARIF rank field, and shows as batch · local in the dashboard sidebar. The ci_batch, daemon_staging, and daemon_production values are unchanged.
Report: inline code formatting in suggestions
Remediation suggestions now mark their code tokens. The HTML dashboard renders them as inline code chips, and the terminal and SARIF renderers strip the markup back to clean prose, so console output and code-scanning alerts stay readable.
Operator-visible behavior change
A local, non-CI analyze run now emits confidence: "local_batch" on every finding where 0.8.x emitted ci_batch. A consumer that pins the confidence field against a closed allowlist must accept local_batch. The suggested_fix.recommendation field in the JSON report now carries backtick-delimited code tokens, the SARIF and terminal renderers strip them but JSON consumers see them. No daemon HTTP route, OTLP wire shape, configuration key, or Prometheus metric is added, removed, or changed, and the JSON, SARIF, and NDJSON field shapes are otherwise unchanged.
Why this is a minor and not a patch
The release rebuilds the HTML dashboard and adds a new value to a public output field, both user-visible additions, so it is a minor rather than a patch. It is backward compatible: every CLI flag, configuration key, daemon HTTP route, and OTLP wire shape keeps its meaning, no flag or configuration is removed, and the only output additions are the local_batch confidence value and the inline code markup in suggestion text. The minimum supported Rust version stays 1.96.0.
Validation
The simulation-lab release-gate passed for v0.9.0 (lab commit 8ba4bff, 2026-06-25). CI covers the build, the full test suite (cargo test --workspace), clippy at -D warnings, cargo fmt, and both the default and --no-default-features builds. The redesigned dashboard is pinned by the Rust template tests and by the Playwright dashboard and stills suites.
Verifying this release
# Binary integrity via SLSA Build L3 attestation
gh attestation verify perf-sentinel-linux-amd64 \
--owner robintra --repo perf-sentinel
# A periodic disclosure produced by this binary
perf-sentinel verify-hash --report perf-sentinel-report.json \
--expected-identity "https://github.com/robintra/perf-sentinel/.github/workflows/release.yml@refs/tags/v0.9.0" \
--expected-issuer "https://token.actions.githubusercontent.com"gh CLI 2.49 or newer required for gh attestation verify.
Full Changelog: v0.8.14...v0.9.0