Roadmap

Stage and direction for NexusRAG

GitHub
Current stage
Where this project sits today.
Live in production
Now — Live in production
now
The platform serves real workload through a streaming LangGraph agent. Tier-A telemetry exposes workload counters, latency percentiles, and uptime. Audit log is tamper-evident and always on.
  • Multi-tenant /v1/run streaming endpoint with SSE
  • RBAC + ABAC + document ACLs (default-deny)
  • Bedrock KB and Vertex AI Search retrieval routing live
  • Envelope encryption + KMS key rotation enforced
  • SOC 2 evidence bundles persisted under var/evidence
  • Public Tier-A /api/stats with workload metrics
Next — Reliability + governance hardening
next
Active themes from the CHANGELOG Unreleased section: notification receiver contract v1.0, governance retention proofs, and compliance evidence automation. These tighten the operational surface without changing the public contract.
  • Notification Receiver Contract v1.0 (typed headers, signature parsing, dedupe)
  • DSAR / governance retention-proof workflows
  • Tenant-scoped notification routing with DLQ replay
  • Admin API key lifecycle endpoints + keyring rotation tooling
  • Operability evaluator worker with distributed locking
Later — Federated + edge-native retrieval
later
Where the platform is heading once the current reliability themes close. The architecture (multi-cloud retrieval routing, audit-evident logs, kill-switched feature flags) is already shaped for these.
  • Federated retrieval across customer-owned data planes
  • Active failover with geo-replicated audit log
  • Self-serve compliance attestation export
  • Edge-cached embeddings with regional TTLs
  • Customer-supplied LLM provider plug-in surface