May 2026 Release Notes

Arthur Platform

Comprehensive policy lifecycle management. Organizations can create, update, and delete policies with inline alert and attestation rules, full API support, and SpiceDB authorization.
Bulk workspace compliance checks. Trigger compliance evaluations across all policy-model pairs in a workspace with a single API call and per-assignment job tracking.
Policy assignment enforcement. Automatically materialize alert rules on target models with dual permission checks and cascade deletion protection.
Configurable compliance time windows. Users can select from six relative presets or define custom start dates when running policy checks, replacing hardcoded 30-day windows.
Workspace compliance overview. Flat, queryable table showing per-rule and per-model compliance status with filtering, sorting, and summary rollup counts.
Three new governance roles. Organization Governance Admin, Organization Policy Reader, and Workspace Policy Manager enable fine-grained delegation of governance responsibilities.

Agent scanning and registration. Automatically discover agents within workspaces with GCP agent metadata tracking and system project creation.
Mute and unmute unregistered agents. Configure durations from 7-365 days with dedicated tabs for discovered and muted agents.
Agent observability metrics. Track agent span counts, tool count metrics, and tool call latencies for comprehensive agentic workflow monitoring.
Agent registration workflow. Register discovered agents with complete GCP provider metadata through the governance interface.

Workspace and project-level dashboards. Complement existing model-level analytics with date range selectors and custom filtering capabilities.
Custom metrics management. Create, read, update, and soft delete custom aggregations with workspace-scoped management and testing capabilities.
Policy dashboard integration. Analytics views scoped to individual policies with exportable data and visualization.
Chart library access. Browse and select from curated published charts when creating custom dashboards.

Azure Blob Storage connector. Full support for Azure Blob Storage containers as data sources with comprehensive authentication options.
Expanded connector support. New Databricks, ODBC, Snowflake, BigQuery, S3, and GCS connectors with native authentication and schema inference.
Multiple datasets per model. Associate models with multiple data sources and perform cross-dataset aggregation matching.
Static dataset support. Handle datasets without time columns for non-temporal data analysis.

OIDC authentication. Replace access key-based authentication across all deployment environments with modern identity provider integration.
IDP-managed group membership. Synchronize group access via identity provider token claims instead of manual provisioning.
Audit logging system. Comprehensive API request tracking with CloudWatch forwarding and 365-day retention.
User invitation workflow. Email-based account creation with multi-group assignment and pending invitation management.

High availability database clusters. Patroni-based PostgreSQL and TimescaleDB HA with automatic failover and streaming replication.
OpenShift deployment support. Standardized Helm charts with proper fsGroup configuration and audit log PVC support.
LTS build pipelines. Independent publishing workflows for long-term support versions including arthur-client PyPI and Helm charts.
CloudWatch monitoring dashboards. Track platform health metrics including response codes, latency, and running task counts.

Fixed user authentication queries running unnecessarily on every request, reducing database load.
Resolved timezone handling issues in upsolve exports that were breaking timestamp-based filtering.
Optimized job dequeue polling from 225ms to 0.008ms with partial indexing on active jobs.
Fixed header validation behavior in FastAPI to properly reject underscore headers by default.

Airgapped deployment support. Pre-cached tiktoken encodings eliminate external network calls during container initialization in network-restricted environments.
Non-root container execution. Docker configurations support running as non-root users across ECS, GCP, and Kubernetes deployments.
Unified model upload pipeline. Consolidated codebase supporting S3, filesystem/PVC, and GCS backends with consistent configuration.
Azure OpenAI provider support. Full LiteLLM integration with API key, endpoint URL, and optional API version configuration.

Interactive onboarding CLI agent. Automates setup of observability, model configuration, and Python instrumentation with guided validation paths.
Arthur-onboard Claude Code skill. Streamlined engine installation and code instrumentation through guided prompts on macOS and Windows.
Multistep onboarding tour. Walks first-time users through essential platform features with contextual tooltips and progress tracking.

Expanded framework instrumentors. Added support for agentminds, baml, and codex instrumentors as optional extras in the Arthur SDK.
Stateless validation endpoint. Run Arthur's built-in guardrail checks against arbitrary prompt/response pairs without persistent setup.
Improved PII detection accuracy. Reduced PERSON entity false-positive rate from 17.9% to 0% by filtering digit-containing detections.

Transform version history. Complete version tracking with author and timestamp information for each configuration change.
One-click restore capability. Revert transforms to any earlier version without data loss through a confirmation dialog.
Edit history panel. Read-only snapshot viewer for previewing previous transform configurations.

Organization-scoped data isolation. Database-level tenant isolation with automatic migration of existing data to default organization.
API key organization scoping. Distinguish admin cross-org keys from tenant-scoped keys for proper access control.
Route-level enforcement. Comprehensive org scope filtering across 193 OpenAPI operations preventing cross-organization resource access.

Fixed subagent span hierarchy to correctly nest under parent AGENT spans in distributed traces.
Resolved race conditions in UserPromptSubmit that could overwrite trace context.
Restored missing definition field on TraceTransformResponse for backward compatibility.
Fixed model image bootstrap jobs to succeed on first run without latest-dev tag dependencies.