This document outlines the new features and improvements that are being considered for the future releases of Narrows. The intention is to provide the Narrows contributors and users with a clear understanding of what features they can expect to see in the near future, as well as to encourage feedback and ideas from the community.
Please note that priorities for the project may change over time, and this roadmap is subject to evolution. If a feature is not listed now, it does not mean that it will not be considered for Narrows in the future. We welcome suggestions and ideas from everyone about the roadmap and Narrows features.
-
Phase 1: Improve Static Security and Build the Central Knowledge Base Mechanism.
- Related release: Narrows 0.4, planned for mid-June 2023.
- This phase will focus on:
- Adding protocols to support static scanner plugins;
- Adding more static scanning features, such as SBOM;
- Building a central knowledge database for sequential events and risk mining;
- Better support for VAC as a data source.
-
Phase 2: Build Dynamic Security Open Protocols.
- Related release: Narrows 0.5, planned for late July 2023.
-
Phase 3: Introduce Open Policy Agent (OPA) to Enable Intelligent Vulnerability Detection.
- Related release: Narrows 1.0, planned for late September 2023.
-
Phase 4: Support Multi-Cluster Security Inspection.
- Related release: Narrows 1.1, planned for late October 2023.
-
Phase 5: Support Software Supply Chain Integration.
- Related release: Narrows 1.5, planned for late December 2023.