Shipped milestones, what’s in flight, and the long view to v1.0 GA. Updated at the close of each sprint. Feature requests and bug reports live on the forum.
Allow or block sign-in by country, set installation-wide and per user. The country is detected from the sign-in address using an on-server lookup database (one-click download, no third-party service or key). The app-wide rule is the outer boundary; each user can only tighten within it. Current-country detection guards against locking yourself out.
A second step at sign-in. Each user chooses their method — authenticator app, email code, or text-message code (text needs a mobile number on the profile). Single-use recovery codes as a universal fallback, optional “remember this device” for 30 days, and security-alert emails whenever a factor is turned on or off. Changing your password requires a verification code.
A new Admin → Integration home for outbound channels: email through standard mail relay or Amazon SES, and text messages through Twilio. Credentials are stored encrypted, each card has a test-send, and the section is the shared home that two-factor delivery and the upcoming currency-rates key plug into.
Self-service account menu in the topbar — profile, timezone preference, sign-in history, and a Security tab, alongside sign out. Replaces the old direct-logout name chip.
One-click “Rebuild” from Admin reconciles every entity table with its fields — creates tables, adds columns, widens columns. Additive only: nothing is ever dropped, so a rebuild cannot lose data. Every change is logged with status, duration, and who ran it.
Per-card Edit / Save / Cancel state on every record. Schema-driven layout, AJAX swap without page reload, SYSTEM panel inline edit (Owner + Assigned to), group-scoped stream verbiage, concurrent-edit guard.
Multi-rule per entity. Per-field operators (Equals / Starts with / Contains / Ends with). Warn vs Block policies, Save-anyway override with audit, "Not a duplicate" pair exemptions, live check while typing.
One-to-Many, Many-to-Many, and Child-to-Parent relationships as a first-class concept. Sub-tab auto-generation on parent records, ACL-filtered counts and reads. Replaces hand-wired reference fields.
Build custom entities and fields from the admin UI — Account, Contact, Lead, Opportunity, Case live alongside admin-created entities. Picklists (Country, State, Industry, etc.) cascade and reuse across the app.
Every save writes a field-diff event to the Stream. Audit entries are append-only; restore a previous save without losing the intermediate history. Foundation for 21 CFR Part 11.
Every timestamp stored as UTC; the browser shifts to the user’s timezone on render. User timezone preference persisted on the user record.
Per-entity, per-action rules (own / team / all). Admin UI for roles. Query-level filtering on lists, voter checks on every POST.
Visual filter builder per list view. Saved views per user. Underpins every list view across the app.
Activity rail on every record. Live sub-tab counts for Contacts / Opportunities / Cases / Projects. Stream events on insert, update, restore.
Generic form view at /{entity}/new and /{entity}/{id}/edit. CSRF, validation, dirty-state checks, version bumps on update.
Accounts, Contacts, Leads, Opportunities, Cases. Filter chips, sortable columns, sub-tabs, dense field grids.
Install wizard, kernel boot, DI container, session auth, dashboard. Live at demo.sutracrm.net.
Rounds out the Security area: IP access control at both the application level (one admin allowlist for the whole install) and per user (admin sets, the user can tighten further), plus a Sessions & devices tab to review and revoke active sessions and allow or block devices. Also adds an extra verification step when signing in from a never-before-seen device.
Set a primary currency and manage additional currencies with exchange rates against it (manual entry plus scheduled auto-update). Becomes the single source of currencies for amount fields and per-user defaults, and powers conversion of totals to the primary currency.
Drag-and-drop layout editor per entity. Detail, List, Side Panels, Search Filters, Mass Update, Convert Lead — full surface coverage.
Replace the placeholder Activity sub-tab with real Email, Meeting, and Call entities. Sub-tab generation reuses M1.5.5 relationship plumbing.
Tasks alongside Activities. Polymorphic parent (Account / Contact / Opportunity / Case) via the M1.5.5 child-to-parent mechanism.
File uploads attached to any record. Per-entity storage policy. Audit on every upload + download.
Markdown-input field type with safe-HTML render. Replaces the current plain-text textarea for notes / descriptions.
Continent → country → zone-style territory tree as a second ACL axis orthogonal to roles. WHERE-clause filter on every list query.
A background job runner (cron / queue), and on top of it a Cleanup job — hard-delete records past a retention window, log rotation, orphan attachment + temp-file purge, expired token / notification cleanup. Also unlocks an opt-in schema cleanup ("hard rebuild") for orphaned columns left by deleted fields.
Replace server-rendered PHP templates with a Vue 3 SPA. API surface stable from M1; the SPA is just another client.
Marketplace API for third-party plugins. Composer + ZIP distribution. Per-plugin licensing. The CRM module is just the first plugin.
sutra/compliance-21cfr — audit-log wiring, electronic signatures, record lockdown, validation tracking. Built on M1.4.7 foundations.