Product Roadmap
Real progress broken down by Day 1, Day 2, Day 3, Day 4, Day 5, and upcoming.
Day 1
13Full base designed, implemented, and deployed in the first 24 hours.
The goal was clear: ship a working MVP in one day to prove that a production-grade platform could be built from scratch using AI-assisted development. 12 epics covering auth, multi-tenancy, assets, service requests, real-time notifications, reports, and a full React frontend.
After deploying, a pre-commit hook failure went unnoticed and the initial code only followed DDD and Hexagonal Architecture at about 70%. It took an extra hour to fix the architecture violations and bring everything into proper compliance — a good reminder that AI speed doesn't eliminate the need for validation checks.
Project setup, DB, auth, multi-tenancy base
Super admin: create companies, assign admins, manage domains
Asset CRUD, assignment, history (event sourcing), CSV import
Employee portal, request state machine, technician queue, comments
WebSockets, in-app notifications, pub/sub events
Metrics, charts, alerts, user management
Celery async tasks, PDF generation, MinIO storage
React app, routing, layouts, pages for all modules
Demo data, demo script, Docker Compose polish
Invite users, departments edit, frontend quality uplift, reliability hardening
QR codes and barcodes on asset detail page with print functionality
Astro static site: landing, training, books, open source, roadmap, contact
Production setup, Nginx, systemd, SSL, CI/CD, Docker Compose
Day 2
8Built on top of Day 1 with advanced modules completed.
With the foundation solid, Day 2 focused on expanding the platform's capabilities with advanced modules: AI-powered request classification, procurement with budget controls, appointment scheduling, equipment shipping, scheduled maintenance, and an MCP server exposing 57 AI-callable tools.
As we built and shared progress, feedback from early reviewers sparked new ideas and refinements. Features were shaped in real time by the conversation between what was planned and what people actually wanted to see. The roadmap grew organically alongside the code.
Role-based equipment profiles and automatic assignment
Structured categories, scoring and approval flow
AI inference for category, subtype and priority
Purchase orders, receiving, and budget controls
Slots, booking, reminders, and rescheduling
Outbound/return shipments with tracking and status flow
Recurring maintenance plans, reminders and overdue alerts
DSM exposed as MCP tools for AI assistants
Day 3
3Design overhaul and dedicated refactoring session.
Honest assessment: the design looked too "AI-generated" — functional but bland. We brought in V0.app and Google Stitch to completely rethink the visual identity, producing a more distinctive, professional interface that didn't scream "default template".
The rest of the day was dedicated to refactoring: cleaning up accumulated tech debt, fixing bugs surfaced by real usage, and tightening the overall code quality. No new features — just making everything that existed work better and look better.
Rebuilt the entire frontend look using V0.app and Google Stitch to replace the generic AI aesthetic with a polished, professional design
Dedicated session to clean up accumulated tech debt, fix edge cases discovered by early testers, and improve code consistency
Improved navigation flows, loading states, error handling, and overall user experience based on real-world feedback
Day 4
13Enterprise features, compliance, billing, and the first white-label deployment.
Day 4 was about making the platform enterprise-ready and commercially viable. We shipped the full NIS2/DORA compliance stack — security incident management with regulatory timelines, a risk register with heat maps, and a compliance dashboard mapping controls to NIS2, DORA, and ISO 27001 frameworks.
On the commercial side, Stripe billing went live with free trials, plan enforcement, and a super admin revenue dashboard. We also built Google & Microsoft OAuth login, a knowledge base with AI article suggestions, SLA management with escalation rules, and admin-defined custom fields.
The day's highlight: shipping the first white-label deployment. A runtime brand config API replaced build-time variables, and DSM Control launched at dsmcontrol.com with its own subdomains (www/app/api), SSL certificates, Stripe products, and a dedicated marketing site — all powered by the same codebase.
Wiki with TipTap editor, categories, full-text search, AI-suggested articles, self-service portal
Configurable SLA policies, escalation rules, breach notifications, compliance reports
OAuth2 login buttons, token verification, account linking, auto-creation by domain
Immutable audit logs, GDPR data export, evidence tagging for NIS2/DORA/ISO 27001
Admin-defined fields for assets, tickets, and companies — text, number, date, dropdown types
Incident lifecycle, NIS2 24h/72h reporting timelines, CSIRT notifications, post-mortems
Risk scoring matrix, mitigation tracking, periodic reviews, heat map dashboard
NIS2/DORA/ISO 27001 control mapping, evidence collection, gap analysis, audit-ready exports
Stripe checkout, plan management, usage limits, customer portal, feature gating
Company list with usage counts, Stripe invoice history, revenue dashboard (MRR)
Location entity, system locations, movement tracking, automatic location changes
Runtime brand config API, per-brand assets, branded deployments, database isolation
Full deployment at dsmcontrol.com — 3 subdomains, SSL, nginx, systemd, Stripe billing
Day 5
6UX improvements, new features, and production hardening.
After Day 4's enterprise push, it was time to circle back to UX and operational polish. Workflow templates brought configurable checklists per request type, admin-defined asset types replaced the hardcoded enum, and a new menu visibility system lets admins hide irrelevant sidebar items per role.
On the report side, the inventory report was restructured to group assets by location — a small change that makes the PDF actually useful for physical audits. The rest was production fixes, Google OAuth per-brand configuration, and the kind of small improvements that add up to a better daily experience.
Dynamic workflow templates with configurable checklists per request type
Company-defined asset types replacing hardcoded enum — CRUD, reordering, priority
Admin-configurable nav item visibility per role — blocklist approach with per-company settings
Redesigned sidebar with collapsible sub-groups for the Management section
Asset inventory PDF report now groups assets by physical location for easier auditing
Google OAuth config per brand, navigation improvements, report enhancements, and production fixes
Upcoming
14Asset Lifecycle & Warranties
Depreciation, renewals and warranty workflows
Software License Management
Seats, renewals, and compliance reports
Employee Onboarding/Offboarding
Automated joiner/leaver equipment workflows
Multi-channel Intake
Email, Slack/Teams and chatbot intake
Vendor & Supply Chain Risk
Vendor management plus third-party risk controls
Observability with Grafana
Prometheus metrics, Grafana dashboards, infrastructure health
Surveys & Feedback
CSAT and operational feedback loops
Mobile / PWA
Field workflows, push notifications, offline support
Asset Discovery
Agent and agentless discovery synchronized with inventory
Change Management (ITIL)
CAB workflow, rollback plans and change calendar
Feature Voting & Roadmap
In-app idea board and vote-based prioritization
Asset Criticality & CMDB
Criticality classes and CI relationship mapping
Vulnerability Management
CVE exposure and remediation workflows
SSO & Directory Sync
SAML/OIDC and LDAP/AD synchronization