Skip to main content
Invoset

Roadmap and changelog

What we shipped. What is next.

Major technical work only. Items appear here once they are scoped, not when they are aspirational. Things slip; we will note when they do.

Recently shipped

Changelog

  1. Shipped

    Browser extension (Chrome MV3)

    One-click on-device WCAG 2.1 AA scan with an injected rule engine. Anonymous; results stay local unless you save them to your account.

  2. Shipped

    Public single-URL scan endpoint

    Lead-scan pipeline runs an isolated, time-boxed audit on a single URL with SSRF blocklist, IP-hash rate limiting, and honeypot bot defense.

  3. Shipped

    Plan-tier enforcement and account lifecycle

    Worker stamps plan and page-cap on every scan, soft-delete with thirty-day grace, RFC 8058 List-Unsubscribe headers on diff alerts.

  4. Shipped

    Domain ownership verification

    DNS TXT or HTML meta-tag check before any scan runs. Partial unique index keeps a verified domain bound to a single account.

What is next

By quarter

Q3 2026

Programmatic access and external delivery.

  1. Planned

    Read-only API (Pro and Business)

    Bearer-token access to sites, scans, scores, and violations. Per-key rate limits, revocation, public OpenAPI spec.

  2. Planned

    Slack and generic webhooks

    Push diff alerts to a Slack channel or POST signed JSON to your endpoint when a scan finishes. HMAC-SHA256 body signature, retry with backoff, dead-letter on persistent failure.

  3. Planned

    Authenticated crawl (Business)

    Encrypted credential vault and Playwright login replay so the scanner can reach pages behind a login wall, not only the public sitemap.

  4. Planned

    CI/CD regression checks

    A pre-deploy check (GitHub Action and a generic CLI) that scans a build before it ships and fails the pipeline when a change introduces new violations. Stops accessibility regressions at the source instead of catching them on the next scheduled scan.

Q4 2026

Closing coverage gaps competitors leave open.

  1. In progress

    PDF accessibility scan

    Phase 1 ships this quarter: tagged-structure, document-title, language, and figure-alt-text checks via pikepdf, mapped to WCAG criteria 1.1.1, 1.3.1, 2.4.2, and 3.1.1. Phase 2 layers full PDF/UA-1 conformance via veraPDF for procurement-grade validation.

  2. Planned

    GPT-4 Vision pass on critical pages

    Vision-model layer on top of the rule engine to catch focus order, modal traps, and navigation hierarchy issues a static analyzer cannot flag.

  3. Planned

    AI-assisted fix guidance

    For each finding, generate a concrete, copy-paste remediation: the specific CSS or markup change, plus platform-native steps for Shopify, WordPress, and Webflow. Moves the report from what is broken to here is the fix.

  4. Planned

    In-page widget scan (widget.js)

    Single-script tag that runs an audit in the live DOM as your real users navigate. Closes the gap between sitemap-discovered pages and the SPA routes users actually see.

  5. Planned

    Mobile app accessibility scan

    Static analysis of iOS and Android bundles plus a guided flow runner. Parity with the one competitor that ships this today.

  6. Planned

    WordPress plugin

    Listed on WordPress.org so site owners can install us from their admin and embed the monitoring badge with one click. Consumes the read-only API; ships after Q3 2026.

Need an item moved up? A paying customer with a real use case can email sales@invoset.com and we will share an honest ETA.