Skip to main content

Changelog

Notable documentation updates and package changes. For package-level release history, see the vesanor npm package.

2026-05-01

Packaging

  • Updated: public SDK docs now use the vesanor package root for runtime imports and npm install vesanor <provider-sdk> for installation. The internal replay and contracts workspace packages are no longer presented as public install targets.

2026-04-18

Docs Accuracy Refresh

  • Updated: Dashboard Guide, How Vesanor Works, Replay overview, and Zero-Config Governance to reflect the current Studio-first browser flow: /dashboard redirects to /dashboard/studio, and Studio is the primary review and approval surface.
  • Updated: Govern Mode and API Reference to match the runtime API that exists in the repo today. Removed the undocumented proposal-approval endpoint and clarified that human checkpoints use the SDK onCheckpoint callback.
  • Added: Governance Studio, Runtime API, and Configuration Matrix to document the current Studio-first product flow, while the local-pack lane was moved into docs/legacy/advanced-local/ in the repo.
  • Updated: YAML-centric Replay docs were moved out of the public Governance section and archived under docs/legacy/advanced-local/.
  • Updated: older local-mode docs such as Protection Levels and Layered Enforcement were moved out of the public site, while Govern Mode stayed public and was updated to match the current repo.
  • Updated: the old observe/promote docs were archived under docs/legacy/advanced-local/, and the remaining public docs no longer treat NeverNormalize.json as a generated or required current-pack artifact.
  • Updated: Quickstart and Introduction now make zero-config governance + Studio the default public path. The older local YAML-pack docs were archived under docs/legacy/advanced-local/.
  • Updated: archived local-pack docs now explain the recorded-fixture fallback behavior versus stricter validation for explicit recorded validation runs.
  • Updated: the archived local SDK docs now clarify inactive observe() behavior and remove the incorrect claim that the SDK reads VESANOR_API_URL.
  • Updated: API Key Security and Dashboard Guide to reflect current plan-based limits instead of the older fixed values.
  • Added: Approval Model, Runtime States, Operations Playbook, Data Model Overview, and FAQ, based on the current repo’s approval boundary, runtime health fields, Studio workbench flow, and durable objects.
  • Updated: Workflow Governance, Troubleshooting, Dashboard Guide, and Operations Playbook to align with the current workflow runtime APIs plus the Phase 7 Studio workbench model (Atlas -> Control -> Focus).
  • Updated: Why Runtime Governance, Zero-Config Governance, and Configuration Matrix to keep the public story centered on zero-config governance, Studio approval, and runtime enforcement while relegating the old local-pack path to archived repo docs.
  • Updated: FAQ to match the current public product path: Studio-first browser flow, zero-config approval/runtime attachment, references as an operational trust surface, and advanced workflow/local-pack behavior clearly separated from the default onboarding story.
  • Updated: Data Model Overview to reflect the actual durable families in the repo: Studio authoring/approval rows, zero-config GovernancePlan state, replay runtime control-plane rows, execution/reference objects, and the fact that Atlas/Control/Focus are read models rather than separate authority tables.

2026-04-10

Governance Studio Planning Boundary

2026-04-04

Packaging

  • Updated: npm install and package references across the docs now use the unscoped vesanor package name, matching the intended public publish target and CLI update messaging.

Replay Governance

  • Updated: Replay overview, Replay Quickstart, and Zero-Config Governance now match the shipped zero-config SDK behavior: before approval the path captures and reviews, after approval it attaches to the approved compiled_session, with development staying non-blocking, staging running advisory enforcement, and production enforcing protectively.
  • Updated: Quickstart link text now describes zero-config as governance rather than review-only.

2026-04-01

Governance Dashboard

  • Added: Session-level truth support generation — the monitoring surface now emits support signals for accepted session fields (phases, transitions, session limits, unknown surface policy, rollout mode) when the plan is approved or enforcing. Uses persisted evidence counts when available for stronger support messages, with honest fallback to plan-level evidence.
  • Added: Session-level freshness decay — stale risky session fields (phases, transitions, unknown surface policy) now emit freshness_decay adaptive changes, using persisted entry freshness when available.
  • Added: Session truth strength indicator — monitoring summary includes session_truth_strength (strong / partial / under-observed) derived from session-scoped evidence ledger entries. Displayed in the Truth Health Bar.

2026-03-31

Governance Dashboard

  • Added: Truth Monitoring section on the governance page — shows contract fidelity level, approved-truth health (challenged vs supported), top adaptive changes by severity, top evidence requests by priority, and evidence freshness summary. Renders inside a collapsible disclosure when monitoring data is present.
  • Added: Deterministic freshness/staleness derivation for governed surfaces. Uses a two-layer heuristic: source-quality baseline (exact → fresh, observation → aging, default → stale) combined with temporal decay from plan-level timestamps (7 days → aging, 30 days → stale). Emits per-tool freshness_decay adaptive changes for stale risky surfaces and tracks stale_risky_surfaces count in the monitoring summary. Evidence ledger entries now populate evidence_window and last_supported_at/last_contradicted_at from approval proof when available.

Replay Positioning

  • Updated: Replay overview now frames replay() as workflow governance for agent reliability, clarifies that it complements IAM/sandboxing, and softens server-backed claims in Govern mode.
  • Updated: Replay Quickstart now positions runtime blocking as structured workflow protection and explicitly keeps infrastructure permissions and API-level validation in scope.
  • Updated: the archived Protection Levels doc now distinguishes local workflow protection from server-backed Govern sessions without implying a hard external execution boundary.
  • Updated: Govern Mode now documents current server-backed authority more narrowly: durable session state, governed records, approvals, and workflow coordination on the wrapped path.
  • Updated: Security & Evidence now states what Replay evidence proves, what it does not prove, and softens compliance language to supporting relevance rather than standalone guarantees.
  • Updated: Why Runtime Governance now narrows Replay's promise to workflow-level failures across steps and adds an explicit "what Replay is not" section.
  • Updated: Site-level docs and navigation now match the narrower Replay framing: Introduction, How Vesanor Works, sidebar/footer labels, and the security/compliance pages all distinguish workflow governance from platform security guarantees.
  • Updated: public wording across Replay overview, Govern Mode, and site-level navigation is now more consistent, with older local-mode docs archived separately.

2026-03-27

Zero-Config Documentation

  • Updated: Zero-Config Governance now matches the shipped boundary: zero-config is the server-side governance learning and review flow, approval freezes immutable compiled_plan / compiled_session snapshots, post-approval drift becomes pending_review, and customer-triggered semantic re-analysis remains deferred.
  • Updated: Replay Quickstart now distinguishes zero-config review from contract-based runtime enforcement and removes the claim that replay(client, { apiKey }) blocks tool calls locally today.
  • Updated: Replay overview now separates zero-config capture/review from contract-driven Protect and Govern modes.
  • Updated: Quickstart link text now reflects the current zero-config review flow instead of describing it as immediate runtime protection.

2026-03-25

Zero-Config Governance

  • Added: Zero-Config Governance page — explains the customer experience: one line of code, auto-inferred rules across all four enforcement layers, plain English dashboard review, two-layer model (auto vs custom), continuous governance, and export escape hatch.
  • Updated: Replay overview now leads with zero-config as the primary quickstart flow. Manual contracts moved to "Advanced: Manual Contracts" section.
  • Updated: Quickstart now leads with the zero-config path (no YAML needed). Contract-based setup moved to "Advanced: Manual contracts" section.
  • Added: archived advanced-local docs now include anchor targets for the older governance-gap links.

Preconditions & Ordering

  • Added: with_output now supports gte and lte numeric comparisons in addition to equals. Enables threshold checks on prior tool output (e.g., VaR must be ≤ 0.05).

Contract Reference

  • Added: Aggregates when clause for conditional bound overrides. Bounds can adapt to runtime conditions via session bindings (e.g., relax hedge call limit when VaR is elevated). First matching condition wins; missing bindings fall through to base bounds.

2026-03-24

Troubleshooting

  • Added: Layer 2-4 enforcement issues section — diagnostics and fixes for binding_not_found, ref_mismatch, aggregate_limit_exceeded, aggregate_path_missing, envelope_not_established, envelope_violation, checkpoint_timeout, checkpoint_denied, checkpoint_budget_exceeded, label_gate removal, schema-derived invariant blocks, and contract graph analysis diagnostics (DEAD_TOOL, UNREACHABLE_PRECONDITION, DEAD_PHASE, CIRCULAR_DEADLOCK).

Contract Reference

  • Added: Per-tool optional fields: binds, schema_derived, schema_derived_exclude, checkpoint.
  • Added: Per-tool sections: binds (session-scoped slot capture), ref operator (bound slot equality in argument_value_invariants), schema_derived / schema_derived_exclude (auto-derived invariant control), checkpoint (human approval gates).
  • Added: Session-level sections: aggregates, envelopes, checkpoints, label_gates, schema_derived, graph_analysis.
  • Added: ref and tolerance operators to argument value invariants table.
  • Added: Session YAML example expanded with aggregates, envelopes, checkpoints, label gates, schema-derived config, and graph analysis suppression.

API Reference

  • Added: labels and onCheckpoint fields to ReplayOptions type reference (session labels with taint semantics, human checkpoint callbacks).
  • Added: addLabel() method to ReplaySession<T> type reference.
  • Added: label_gate to NarrowedTool reason union.
  • Added: 9 new block reasons: binding_not_found, ref_mismatch, aggregate_limit_exceeded, aggregate_path_missing, envelope_not_established, envelope_violation, checkpoint_denied, checkpoint_timeout, checkpoint_budget_exceeded.
  • Added: Runtime API endpoints section — POST .../labels and POST .../proposals/:proposalId/approve.
  • Added: Checkpoint types section — ApprovalRequest, ApprovalResponse, and pending_approval proposal status.

SDK

  • Fixed: with_output preconditions never worked with narrowing — outputExtract was populated after Stage 1 narrowing evaluated preconditions, so tools with with_output requirements were always removed. Extraction now runs before narrowing.
  • Fixed: replay() now has a default diagnostics handler (matching observe()) — critical events like compile errors, blocks, kills, and bypass detection are logged via console.warn when no diagnostics callback is provided.
  • Fixed: replay() now emits a compile warning when contractsDir is set but no session.yaml is found, so developers know session-level features (phases, policy, session_limits) are inactive.
  • Fixed: Argument value invariant failures using regex, one_of, type, gte, or lte operators were misclassified as output_invariant_failed instead of argument_value_mismatch. Only exact_match was correctly mapped.
  • Added: max_tool_calls_mode: narrow — opt-in session limit mode that narrows the tool set to budgeted tools instead of hard-blocking when max_tool_calls is exceeded. Keeps reserved tools reachable in multi-phase workflows.

Documentation

  • Added: the archived Layered Enforcement doc explains the four enforcement layers of the older local contract model.
  • Fixed: Broken cookbook example — process_payment used side_effect: destructive + evidence_class: ack_only, which throws ACK_ONLY_ON_HIGH_RISK at compile time. Changed to financial + local_transaction.
  • Added: the archived contract cookbook now includes the evidence_class + side_effect compatibility matrix.
  • Added: the archived Contract YAML Reference includes the evidence_class restrictions section.
  • Added: archived advanced-local docs now include the end-to-end session.tools precondition example.
  • Added: the archived shadow-mode docs include shadow coverage tracking details.
  • Added: archived session-limit docs include max_tool_calls_mode documentation.
  • Added: Server-side enforcement of Layer 2-4 primitives section in Govern Mode — documents how session labels, aggregates, envelopes, checkpoint approvals, and session bindings are enforced server-side to prevent client bypass.
  • Added: archived phase-machine docs now include cross-phase behavior guidance.