What we've shipped, what's underway, and what comes next for the NetSec website and the open community directory across 2026. Action milestones (conference, plenary, anniversary) are interleaved with release milestones so the website cadence reads alongside the Action's own calendar.
Last updated · last reviewed against the internal working document on .
First public website at netsec-cost.eu. Ten pages, glass UI in light + dark, EU + COST branding, and the open community directory (Deliverable D1, first version) accepting bios via a public form.
Release notesOne-command release helper, SemVer documentation pack, and a refreshed admin guide. Made future releases boring to cut.
Release notesPublic press kit with logos and boilerplate, a six-step guided tour of the directory, click-to-expand on compact cards, an A3 promotional poster, and Wiki templates for members.
Release notesPublic FAQ (21 Q&As across six themes) and Glossary (~35 COST and NetSec terms), with deep-link anchors. Find out more grid added to the home page; Wiki signposted for members.
Release notesSite-wide search overlay (with rich bio cards and deep-link highlighting), iCalendar feed, streamlined header, and a new About page consolidating the Action narrative, deliverables timeline, leadership, and reference content.
Release notesClosed the launch-QA loop before the public push. Manual-translation ribbon correction on FR / DE pages, mobile navigation drawer made opaque, hash-deep-link spotlight on the directory made resilient to RAF deferral. Accessibility statement bumped to v1.2 with three additional audits. Hybrid release-notes format adopted across the whole CHANGELOG.
Release notesThe conference now has its own page at /essc-2026.html with a programme grid rendered from a daily Indico sync, day chips, parallel session cards, contributions, chairs, abstracts, livestream badges on plenaries and roundtables. Hovering a speaker name that resolves to a NetSec member opens a glass preview card with photo, role, country, bio excerpt, and a deep-link to their full profile. Shipped translations in EN, FR, and DE; landing page is the canonical URL for the conference in the sitemap and calendar feed.
Polish batch before the conference. Programme grid gains per-session room badges, parallel rows now line up by room across the day, and contribution cards expand the full abstract inline instead of sending readers off to Indico. A new Practical information section on /essc-2026.html lifts the organisers' Stockholm guidance (accommodation neighbourhoods on the red line, sl.se for tickets) into the page. The Indico sync opens a pull request (branch-protection-compatible) and patches data/events.json + calendar.ics from the same fetch, closing a long-standing drift between the live programme and the home-page banner / .ics feed. Mobile visual polish on the home, ribbon contrast on FR / DE, and a small copy-hygiene cleanup of the footer attribution round it out.
Research-interest keyword pipeline on The Network: canonical chips on every bio card, normalisation through a curated alias map (UN, NATO, EU, UK, US, OSCE, … preserved through sentence-case), and a multi-select filter row above the directory grid with URL-hash persistence so a filtered view is shareable. Bios-sync pipeline hardened ahead of the open-form rollout: photo-replacement workaround for an upstream Google Forms limit, defensive write tracking, self-describing auto-PRs. Release tooling now flips the public-roadmap card status pill automatically across EN / FR / DE during release, prints a PDF cover reminder on minor / major, and lists open issues tagged with the milestone you're about to cut.
Release notesPre-Stockholm release. The brand identity finally lands across the site, three Indico operational tools ship to make the ESSC 2027 prep cycle programmatic, the programme page exports a polished self-identifying PDF, and the CLAUDE.md §7 writing-voice rules get applied retroactively across the EN launch-era prose.
Release notesA quality patch covering the work that accumulated since v1.8.0. Founding contributors section on About listing the 52 researchers across 21 countries who participated in the COST Open Call (OC-2024-1-27931) establishing this Action. Home-page event cards refreshed against the official Action event ledger: the NetSec Policy Workshop and NetSec ITC Conference added between the European Security Conference and the inaugural MC plenary, and the plenary itself firms to 18 September 2026. Release-infrastructure hygiene: third-party Actions SHA-pinned with tag-comment annotation, YAML-form issue templates with preflight checkboxes, issue-lifecycle automation (needs-info / stale / duplicate / wontfix with auto-comments and a daily sweep). sync-cost.py now propagates per-bio Working Group memberships from cost.eu into data/bios.json so the home-page WG chips and the per-bio chips no longer drift.
Pre-conference cut, four days before the Summer School and ESSC open in Stockholm. Calendar plumbing refresh across the board: per-event .ics downloads and Add to calendar buttons on each event card, a news RSS feed at /news.xml for academic and policy audiences who read feeds, and a structural refactor so the home-page event cards derive from data/events.json instead of hand-coded HTML across three locales (including a five-line clamp with Read more for longer descriptions). D10 (risk management strategy) hosted if the document is ready.
Early-Career Scholars Summer School (9–11 Jun) and the European Security Conference (11–12 Jun) at Stockholm University. The flagship outreach moment of the year, the website serves as the canonical entry point for new arrivals.
The reactive cut after the Stockholm Summer School and ESSC. Bug fixes and content polish from on-the-ground feedback, carryover items from v1.8.1 and v1.9.0 (notably sync-cost.py Gaps B and C: the statistics and country roster refresh, plus the leadership-label regex holes), Summer School and ESSC recap on the news block (gallery, feedback summary, recordings link if available), and the new feature suggestions that surface from delegate conversations. Native-speaker translation pass on the French and German variants of FAQ and Glossary to lift them out of beta. August is a deliberate break.
Three days ahead of the inaugural Management Committee plenary. Outputs section refresh with a real card design for the D6 policy briefs and schema.org/ScholarlyArticle metadata. Information-architecture audit Phase 2 lands: deeper UX pass on the home page and header, with audience tracks, mobile patterns, content lifecycle, and future-proofing for incoming policy briefs and deliverables. Founding-cohort follow-ups (Items C and D of #245): per-bio founding contributor badge on the directory and founding-cohort stats on the press kit. PDF documentation pack section-level catch-up (#229): site graph and screenshots refreshed. D8 (STSM planning guidelines) hosted as a permalink on the Grants page if the Grant Awarding Coordinator has approved.
The Action's first formal MC plenary. The site reads as the canonical entry point for new MC representatives; the About page and the members' Wiki onboarding strip are reviewed against fresh-arrival flow.
The Action's first year closes. Two MoU deliverables land in this window: D1 (first version of the open community directory) and D6 (first policy briefs). The site hosts each one with stable permalinks and citation metadata.
Year-1 retrospective on the news block. Inclusion & diversity declaration (D11) and environmental sustainability guidelines (D12) hosted as they reach approval. Per-page Open Graph images. Print stylesheet for the FAQ and Glossary. Member-photos-out-of-git refactor (#119) to keep repo size linear-in-text rather than linear-in-headshots. Whatever Q4 polish accumulates.
Items the maintainer is tracking but not yet committing to a date, each has a clear trigger that would move it onto the timeline.
Replace placeholder marks with the Action's approved official logos across the site, the PDF documentation pack, the press kit, and the poster. Social-media presence (channels live, profile art using the new marks). Trigger: the COST office finalises the visual-identity hand-off.
Re-engineer the directory's expand-in-place pattern as a sticky side panel. Trigger: membership above ~150, or friction reports from MC. Re-evaluated end of November 2026.
One-click Suggest an edit CTA on each card, pre-filled with the existing bio. Trigger: three or more MC members asking for faster turnaround than the weekly form sync.
Lightweight email-list signup form, forwarding to the Action mailbox. Trigger: the Action Chair commits to a newsletter cadence.
Filter chips (All / Pages / People) in the search overlay header. Trigger: Q3 capacity, after FR / DE review and calendar work land.
The NetSec website and directory are built openly, for the benefit of the Action's members, partners, and the wider European security community. We welcome feedback, feature requests, and bug reports, every issue you open helps prioritise what ships next.
This page is the public-facing summary. The full working document, with per-deliverable detail, open decisions awaiting the Action Chair, audit scopes, and the maintainer's reasoning, lives in docs/roadmap-2026.md on GitHub.
