Changelog

Notable documentation updates and SDK changes. For SDK release notes, see the npm package history.

---

2026-04-01

Governance Dashboard

• Added: Session-level truth support generation — the monitoring surface now emits support signals for accepted session fields (phases, transitions, session limits, unknown surface policy, rollout mode) when the plan is approved or enforcing. Uses persisted evidence counts when available for stronger support messages, with honest fallback to plan-level evidence.
• Added: Session-level freshness decay — stale risky session fields (phases, transitions, unknown surface policy) now emit freshness_decay adaptive changes, using persisted entry freshness when available.
• Added: Session truth strength indicator — monitoring summary includes session_truth_strength (strong / partial / under-observed) derived from session-scoped evidence ledger entries. Displayed in the Truth Health Bar.

---

2026-03-31

Governance Dashboard

• Added: Truth Monitoring section on the governance page — shows contract fidelity level, approved-truth health (challenged vs supported), top adaptive changes by severity, top evidence requests by priority, and evidence freshness summary. Renders inside a collapsible disclosure when monitoring data is present.
• Added: Deterministic freshness/staleness derivation for governed surfaces. Uses a two-layer heuristic: source-quality baseline (exact → fresh, observation → aging, default → stale) combined with temporal decay from plan-level timestamps (7 days → aging, 30 days → stale). Emits per-tool freshness_decay adaptive changes for stale risky surfaces and tracks stale_risky_surfaces count in the monitoring summary. Evidence ledger entries now populate evidence_window and last_supported_at/last_contradicted_at from approval proof when available.

Replay Positioning

• Updated: Replay overview now frames replay() as workflow governance for agent reliability, clarifies that it complements IAM/sandboxing, and softens server-backed claims in Govern mode.
• Updated: Replay Quickstart now positions runtime blocking as structured workflow protection and explicitly keeps infrastructure permissions and API-level validation in scope.
• Updated: Protection Levels now distinguishes local workflow protection from server-backed Govern sessions without implying a hard external execution boundary.
• Updated: Govern Mode now documents current server-backed authority more narrowly: durable session state, governed records, approvals, and workflow coordination on the wrapped path.
• Updated: Security & Evidence now states what Replay evidence proves, what it does not prove, and softens compliance language to supporting relevance rather than standalone guarantees.
• Updated: Why Runtime Governance now narrows Replay's promise to workflow-level failures across steps and adds an explicit "what Replay is not" section.
• Updated: Site-level docs and navigation now match the narrower Replay framing: Introduction, How Vesanor Works, sidebar/footer labels, and the security/compliance pages all distinguish workflow governance from platform security guarantees.
• Updated: Public wording across Replay overview, Govern Mode, Protection Levels, and site-level navigation is now more consistent and less defensive: workflow governance is the primary term, repetitive caveats were trimmed, and Govern now points to Security & Evidence for trust-model detail.

---

2026-03-27

Zero-Config Documentation

• Updated: Zero-Config Governance now matches the shipped boundary: zero-config is the server-side governance learning and review flow, approval freezes immutable compiled_plan / compiled_session snapshots, post-approval drift becomes pending_review, and customer-triggered semantic re-analysis remains deferred.
• Updated: Replay Quickstart now distinguishes zero-config review from contract-based runtime enforcement and removes the claim that replay(client, { apiKey }) blocks tool calls locally today.
• Updated: Replay overview now separates zero-config capture/review from contract-driven Protect and Govern modes.
• Updated: Quickstart link text now reflects the current zero-config review flow instead of describing it as immediate runtime protection.

---

2026-03-25

Zero-Config Governance

• Added: Zero-Config Governance page — explains the customer experience: one line of code, auto-inferred rules across all four enforcement layers, plain English dashboard review, two-layer model (auto vs custom), continuous governance, and export escape hatch.
• Updated: Replay overview now leads with zero-config as the primary quickstart flow. Manual contracts moved to "Advanced: Manual Contracts" section.
• Updated: Quickstart now leads with the zero-config path (no YAML needed). Contract-based setup moved to "Advanced: Manual contracts" section.
• Added: Anchor targets for governance gap links: #pre-execution-constraints in Contract Cookbook, #authorization-policy in Contract Cookbook, #provider-constraints in Contract YAML Reference.

Preconditions & Ordering

• Added: with_output now supports gte and lte numeric comparisons in addition to equals. Enables threshold checks on prior tool output (e.g., VaR must be ≤ 0.05).

Contract Reference

• Added: Aggregates when clause for conditional bound overrides. Bounds can adapt to runtime conditions via session bindings (e.g., relax hedge call limit when VaR is elevated). First matching condition wins; missing bindings fall through to base bounds.

---

2026-03-24

Troubleshooting

• Added: Layer 2-4 enforcement issues section — diagnostics and fixes for binding_not_found, ref_mismatch, aggregate_limit_exceeded, aggregate_path_missing, envelope_not_established, envelope_violation, checkpoint_timeout, checkpoint_denied, checkpoint_budget_exceeded, label_gate removal, schema-derived invariant blocks, and contract graph analysis diagnostics (DEAD_TOOL, UNREACHABLE_PRECONDITION, DEAD_PHASE, CIRCULAR_DEADLOCK).

Contract Reference

• Added: Per-tool optional fields: binds, schema_derived, schema_derived_exclude, checkpoint.
• Added: Per-tool sections: binds (session-scoped slot capture), ref operator (bound slot equality in argument_value_invariants), schema_derived / schema_derived_exclude (auto-derived invariant control), checkpoint (human approval gates).
• Added: Session-level sections: aggregates, envelopes, checkpoints, label_gates, schema_derived, graph_analysis.
• Added: ref and tolerance operators to argument value invariants table.
• Added: Session YAML example expanded with aggregates, envelopes, checkpoints, label gates, schema-derived config, and graph analysis suppression.

API Reference

• Added: labels and onCheckpoint fields to ReplayOptions type reference (session labels with taint semantics, human checkpoint callbacks).
• Added: addLabel() method to ReplaySession<T> type reference.
• Added: label_gate to NarrowedTool reason union.
• Added: 9 new block reasons: binding_not_found, ref_mismatch, aggregate_limit_exceeded, aggregate_path_missing, envelope_not_established, envelope_violation, checkpoint_denied, checkpoint_timeout, checkpoint_budget_exceeded.
• Added: Runtime API endpoints section — POST .../labels and POST .../proposals/:proposalId/approve.
• Added: Checkpoint types section — ApprovalRequest, ApprovalResponse, and pending_approval proposal status.

SDK

• Fixed: with_output preconditions never worked with narrowing — outputExtract was populated after Stage 1 narrowing evaluated preconditions, so tools with with_output requirements were always removed. Extraction now runs before narrowing.
• Fixed: replay() now has a default diagnostics handler (matching observe()) — critical events like compile errors, blocks, kills, and bypass detection are logged via console.warn when no diagnostics callback is provided.
• Fixed: replay() now emits a compile warning when contractsDir is set but no session.yaml is found, so developers know session-level features (phases, policy, session_limits) are inactive.
• Fixed: Argument value invariant failures using regex, one_of, type, gte, or lte operators were misclassified as output_invariant_failed instead of argument_value_mismatch. Only exact_match was correctly mapped.
• Added: max_tool_calls_mode: narrow — opt-in session limit mode that narrows the tool set to budgeted tools instead of hard-blocking when max_tool_calls is exceeded. Keeps reserved tools reachable in multi-phase workflows.

Documentation

• Added: Layered Enforcement Model — explains the four enforcement layers (per-tool, cross-tool, session-level, human checkpoints), with concrete trading examples, a decision tree for choosing the right primitive, and a known-limitations section.
• Fixed: Broken cookbook example — process_payment used side_effect: destructive + evidence_class: ack_only, which throws ACK_ONLY_ON_HIGH_RISK at compile time. Changed to financial + local_transaction.
• Added: evidence_class + side_effect compatibility matrix in the Contract Cookbook. Documents which combinations are blocked and what to use instead.
• Added: evidence_class restrictions section in Contract YAML Reference — the ACK_ONLY_ON_HIGH_RISK compatibility matrix was only in the cookbook, now also in the reference.
• Added: End-to-end TypeScript example showing session.tools execution, .result unwrapping, and with_output precondition resolution in Preconditions & Ordering.
• Added: Shadow coverage tracking section in Shadow Mode — coverage ledger, classification tiers (zero/low/partial/good), access methods, checkpoint behavior in shadow mode.
• Added: max_tool_calls_mode documentation in Session Limits and Contract YAML Reference.
• Added: Server-side enforcement of Layer 2-4 primitives section in Govern Mode — documents how session labels, aggregates, envelopes, checkpoint approvals, and session bindings are enforced server-side to prevent client bypass.
• Added: Cross-phase behavior section in Phases & Transitions — documents that aggregates and envelopes persist across phases (anti-salami), and that graph analysis detects dead phases, unreachable phases, and circular deadlocks at compile time.