What is ReportBridge?

ReportBridge is a drop-in replacement for SSRS that renders existing RDL reports natively with AI-powered T-SQL to PostgreSQL conversion, native RDL rendering, and group-based access control. Most reports convert automatically, with guided correction tools for the rest.

What is SSRS and why does it need to be replaced?

SQL Server Reporting Services (SSRS) is Microsoft's paginated reporting engine used by 100,000+ organizations. Microsoft has confirmed SSRS will not receive new versions — SQL Server 2025 ships with Power BI Report Server instead. ReportBridge provides a migration path that preserves existing reports.

How does the T-SQL to PostgreSQL conversion work?

The Admin app sends each T-SQL query to AI along with PostgreSQL schema context. The AI rewrites queries to PostgreSQL syntax, handling patterns like ISNULL to COALESCE, TOP N to LIMIT N, GETDATE() to NOW(), and more. Converted SQL is validated via EXPLAIN against the live database.

What percentage of queries convert automatically?

Roughly 80–90% of queries convert on the first attempt; the iterative test/fix loop (up to five rounds per query) catches most of the rest, reaching a 95.8% effective conversion rate on the full ~190-report production corpus. The remainder are flagged for quick guided correction.

How is ReportBridge licensed?

ReportBridge is available as a standalone web app or as Domo ProCode apps. The Viewer is free. The Admin app starts at $499/month after the 30-day free beta trial.

Changelog

A complete history of ReportBridge releases, improvements, and milestones.

May 2026v1.10.0latest

Long-Running Reports — Async Render + Scheduled Snapshots (SSRS Subscription Parity)

Render in background — viewer surfaces a '↻ Render in background' button when a report's iframe sits in the loading overlay for more than 30 seconds. The render is queued to a background worker (Lambda + headless Chromium); user sees live progress (Queuing → Rendering m:ss → ✓ Open result) and the iframe stays mounted so they can keep working. Closes the most-requested SSRS-vs-cloud gap: synchronous browser-wait for slow reports
Scheduled snapshots — per-report Schedule modal in the admin Report Editor with cron input + 5 presets (Daily 8am UTC, Daily noon UTC, Weekly Mon 8am, Hourly, Every 15 min). EventBridge tick scans due schedules every minute and enqueues into the same async pipeline. Viewer surfaces 'Last refreshed: <ts> · auto-refreshes <cron> · ↻ Refresh now' banner above the iframe. Functional parity with SSRS subscriptions on the scheduling axis
Move A.5/A.6 — ALB idle_timeout 60s → 900s + Bold internal nginx proxy_read_timeout 300s → 900s. Catches the 5-15 min synchronous-render class without forcing async
Async render-job pipeline — DynamoDB jobs table (24h TTL), SQS work queue + DLQ (redrive after 3 receives), S3 results bucket (7-day lifecycle), worker Lambda (Node 20, 2GB, 870s timeout, reserved-concurrency=5, @sparticuz/chromium + playwright-core). Hard ceiling 14 min (Lambda runtime cap)
Tenant isolation — ws-render-status requires caller's instance_id to match the job's; returns 404 (not 403) on mismatch so callers can't probe for foreign job_ids. Error messages don't leak the foreign instance_id
Observability — 4 CloudWatch alarms (worker errors, p95 duration approaching 14-min cap, DLQ not empty, queue backlog > 20) wired to existing SNS → Pushover. New CloudWatch dashboard 'ReportBridge-RenderPipeline' with 8 panels. Operational runbook with per-alarm response procedures + 5-step failed-job triage + capacity guidance
Doc reconcile — architecture.md gained a new 'Path D — Async render' section with ASCII diagram. lambda-actions.md reconciled (drift count 34 → 0). New LADDER Laudit level fails the pre-deploy gate if action surface drifts from docs
1,941 automated tests passing (765 Lambda + 979 admin + 198 viewer), up from 1,803 baseline

April 2026v1.9.0stable

AI Conversion Feature-Complete + Editor Extensions

Bedrock now PRIMARY AI for SQL conversion (Anthropic remains fallback). USE_BEDROCK=true Lambda env + IAM hardening (AmazonBedrockFullAccess + Marketplace ViewSubscriptions) + MODEL_MAP precedence reorder
CONV-18 — schema-strict AI-Fix r2 retry-with-allowed-columns: when a previous round failed with 'column X does not exist', the next round's prompt gets an explicit ALLOWED COLUMNS block listing the table's real columns. Closes the largest residual class (hallucinated columns)
CONV-19 — UNION directional cast prompt rule: 'CAST(int AS text)' not 'CAST(text AS int)' (latter fails on non-numeric strings). Closes the non-recursive UNION mismatch class
PG reserved-word prompt rule: type/user/order/case/default and 20+ others must be double-quoted when used as column names
_makeRequestOnce gains per-call timeout option (default = no timeout for backwards compatibility); AI calls pass 90000ms safety net to catch stalled connections without breaking legitimate 15-25s completions
Cache observability: [anthropic-usage] and [bedrock-usage] log lines emit input/output tokens + cache_read/cache_create on every successful AI response. CloudWatch metric filters in ReportBridge/Failover namespace (Attempted, Succeeded, DoubleFailure)
Effective conversion pass rate: 95.8% on full-corpus baseline (190 RDLs / 331 scorable datasets, up from 94.5%)
Editor — Live EXPLAIN feedback: debounced (800ms) inline status badge under each PG-SQL editor shows pass/fail without saving to test history
Editor — AI-Fix history disclosure with full per-round errors inline + 'Save Hint & Re-run AI Fix' combo button
Editor — Schema reference disclosure: lazy-loaded alias→table→columns map per dataset (click-to-copy)
Editor — Side-by-side T-SQL ↔ PostgreSQL diff with line-level annotations (same/changed/added/removed)
Editor — Test Preview disclosure: shows the SQL EXPLAIN actually runs (after parameter substitution) with per-param substitution mode (typed CAST vs heuristic)
Editor — Snippet library: 12 curated CONV-N patterns (PG reserved-word quoting, RECURSIVE keyword, UNION text-cast direction, ISNULL→COALESCE, TOP→LIMIT, CROSS APPLY→LATERAL, ROUND::NUMERIC, etc.) with click-to-copy
Lambda action surface: ws-test-dataset gains override_sql parameter; ws-get-schema-for-dataset and ws-preview-test-sql added
1,634 automated tests passing (723 Lambda + 911 admin app)

April 2026v1.8.0stable

QA Gate & Operational Hardening

WAR-5 security review: 3 HIGH + 7 MEDIUM findings identified and resolved. No regressions across 5 audit rounds
SSRF protection hardened: isHostTrusted() uses exact JSON field match with metadata endpoint blocklist (was LIKE substring)
Auth failure rate limiting: per-IP counter (10/min) blocks brute force before key comparison
Centralized error sanitization: connection strings, bearer tokens, JWTs, and internal URLs stripped from all error responses
EventBridge health check every 5 minutes with SNS alerting on report server failure
Daily EBS snapshots via DLM lifecycle policy (retain 7) + daily pg_dump backups (retain 7 days)
16-test multi-tenant isolation E2E suite: config, report, session isolation + cross-tenant write prevention. 16/16 PASS
Config import schema validation: 40-field whitelist strips unknown keys from imported JSON
[configured] sentinel rejection in write-config-v2 prevents password mask corruption
Tenant key cache TTL reduced from 60s to 15s for faster revocation propagation
58 test org artifacts cleaned from workspace database (68 down to 7 production tenants)
470+ automated tests across unit, E2E, security, tenant isolation, and visual regression suites

April 2026v1.7.0stable

Multi-Tenant Config Parity & Infrastructure

Report server DNS migrated from direct EC2 EIP to ALB with ACM auto-renewing SSL certificate (SNI)
Beta tenant config parity: 9 missing fields populated, viewer token regenerated (90-day)
White-label build system: REACT_APP_WHITE_LABEL flag strips all branding at build time. Verified 0 brand references in bundle
Multi-target deploy: separate white-label and branded build targets
View Report button in Report Editor: opens published report on report server in new tab after successful publish
Customer troubleshooting guide: 6 categories covering setup, database, conversion, publishing, viewer, and rate limiting
Setup Wizard E2E tests (8 tests) + visual regression tests (7 screens) added to Playwright suite
Hardcoded demo API URL removed from viewer source: config-driven getDemoApiUrl()

April 2026v1.6.0stable

Beta Feedback & Tenant Isolation Audit

20-item beta feedback session processed: 17 fixes, 3 deferred to backlog
17 Lambda queries hardened for tenant isolation: explicit instance_id via JOIN on all workspace tables
Ownership checks added to ws-save-param-value, ws-convert-sql, ws-fix-sql, ws-get-history
RLS policies created on 8 tenant tables with PostgreSQL ENABLE ROW LEVEL SECURITY (defense-in-depth)
WAR-31: Tenant isolation enforcement — body.instance_id always overridden to match authenticated tenant key
WAR-32: JWT embedded credentials with 30-day token lifetime and refresh-standalone-token endpoint
14+ settings fields hidden from tenant admins in SaaS mode (saasHidden extended to Domo V2)
Config startup hardening: mergeConfig/sanitizeForSave prevent [configured] mask corruption, no hardcoded UUIDs
370+ automated tests (up from 159): configUtils, bundleIntegrity, security, customer journey, standalone E2E
Standalone mode: save paths for write-config-v2/write-database-v2, first-load error handling, token persistence

March 2026v1.5.0stable

P1 Launch Features & Enterprise Hardening

AI models dropdown: configurable model list stored in config, supports Claude Sonnet, Haiku, and Opus
White-label branding: all references to 'Bold Reports' replaced with 'Report Server' across admin UI (88 replacements)
Read-only settings lock: 11 critical fields locked after initial setup to prevent accidental misconfiguration, with unlock button for admin override
Button layout reorganization: Schema Repair, Backup & Restore, Sync, and Cache Management grouped into logical sections
Organization-aware data: org dropdown and filtering on Dashboard, Report Library, Legacy Reports, Validation, Report Menus, and Audit Log screens
Customer onboarding flow: sample AdventureWorks PostgreSQL database seeded on workspace RDS with shared data sources
Conversion Settings tab with editable AI prompts for customizing T-SQL to PostgreSQL conversion behavior
Locked database entries prevent accidental deletion of production database configurations
190+ reports in scope (178 published to report server) with 97% automated conversion rate
SSRS migration landing page and pricing page added to report-bridge.com

March 2026v1.4.0stable

Multi-Org, Infrastructure Migration & Config Resilience

Multi-organization support: organizations table, org selector in admin and viewer, scoped favorites and recently viewed, per-org viewer signing secrets
Admin access control: group-based admin permissions, access denied screen with troubleshooting, organizations management UI
Infrastructure migration: consolidated from three AWS accounts to a two-account model (customer data + application tier) with VPC peering
Workspace database migrated from Docker container to AWS RDS (PostgreSQL 16) with automated schema versioning
Config resilience: Settings merge-on-save prevents partial wipes, Clear All preserves bootstrap keys, Lambda cache bust endpoint
Config auto-refresh with stale detection and connection lost banner in admin app
183 reports published to report server, 187 tracked in workspace database (up from 166 published in v1.2.0)
50+ Lambda actions including 18 workspace actions, 4 multi-org actions, and SQL Server query actions
SaaS security Phase 1: instance_id isolation on all workspace queries, admin-sql host lockdown, instance_id locked after setup
Viewer enhancements: deep linking (#report=Name), favorites and recently viewed, Copy Link button
Custom ConfirmDialog component replaces all window.confirm across all three apps
Shared data source publish pipeline with DataSourceReference pattern for report server
Configurable report server site identifier (site1, site2, etc.) in Settings UI
25 Dependabot vulnerabilities resolved — 0 remaining across all packages
Native 2016 RDL template generator proven with live data rendering

March 2026v1.3.0stable

Dual-Source Viewer & Legacy SQL Server Support

Legacy Reports screen: publish original TSQL reports directly against SQL Server — drop-in SSRS replacement with zero conversion needed
Unified dual-source Viewer: SQL Server and PostgreSQL reports displayed together in one categorized sidebar
Validation screen: side-by-side data comparison across SQL Server and PostgreSQL (row counts, sample values, visual comparison)
RDL rewriting for report server 2016 format: UserName/PassWord XML elements, rd:SecurityType, ReportSections wrapper, namespace upgrade
Admin app expanded to 8 screens: Dashboard, Report Library, Legacy Reports, Validation, Report Menus, Access Control, Audit Log, Settings
Domo group management: read groups directly from Domo, map to reports, enforce server-side in Viewer (fail-closed access)
VPC peering for SQL Server: Lambda connects to on-prem SQL Servers via cross-account VPC peering (no public exposure)
655-line integration test suite validating all data flow paths against live infrastructure
11 AdventureWorks demo reports (6 PostgreSQL + 5 TSQL source) on demo.report-bridge.com
47 Lambda actions across rendering, publishing, SQL testing, Domo integration, administration, and AI conversion
Postgres-authoritative config (V2): config and databases sourced from PostgreSQL RDS with optimistic concurrency
Report server deployment on managed EC2 with Docker, OpenResty, and auto-renewing ACM SSL certificates

March 2026v1.2.0stable

Production Hardening

97% SQL conversion pass rate (164/169 applicable reports)
166 reports published and rendering in production
Settings save protection with config change audit trail
Viewer UX: resizable and pinnable sidebar, dark/light theme toggle, adjustable font size
Report Menus: admin-configurable report groups with drag-and-drop reordering
Group-based access control enforced server-side via Lambda (fail-closed: no groups = no access)
Credential sync: Admin writes signed tokens to Viewer Config DataSet automatically
Config backup and restore system for safe DataSet management
GitHub Actions CI: build verification, unit tests, and live infrastructure smoke tests
Security hardening: timing-safe API keys, CORS exact-origin matching, auth enforcement on all actions
SQL conversion fixes: CAST(CASE), string concatenation, quoted column refs for PostgreSQL reserved words
Report server: duplicate report cleanup (all reports unique, 0 duplicates)
AdventureWorks sample RDL files and queries for E2E testing and demos

March 2026v1.1.0stable

Architecture Migration

Three-account AWS model (customer data isolation)
Config-driven Lambda (46-column Domo Config DataSet, 4 bootstrap env vars)
VPC + NAT gateway for fixed outbound IP
Admin app: 7-tab Settings (General, Report Server, Databases, API & Network, Security, AI, Maintenance)
Viewer app: New Tab / Embedded mode toggle
OpenResty reverse proxy with HTTPS header rewriting
Dependabot security scanning enabled
Let's Encrypt SSL with auto-renewal

March 2026v1.0.0initial

Initial Release

AI-powered T-SQL to PostgreSQL conversion
Batch report conversion and publishing
Domo Everywhere embedding
Admin dashboard with 6 screens
Group-based access control

February 2026v0.9.0beta

Beta Release

Core conversion pipeline
Report server integration
Lambda API bridge

January 2026v0.8.0alpha

Alpha

Proof of concept
Single report conversion
Basic viewer embedding

Ready to Get Started?

Apply for the free 30-day beta trial with your own reports, or try the live demo with sample data.

Apply for Beta Try Live Demo