Release

Changelog

Public release notes for shipped HASP versions.

All notable public releases should be summarized here.

Unreleased

Close the May 16 security review backlog with broker authorization hardening, public Worker ingress controls, dependency and OSV gates, static docs XSS containment, public recon drift tracking, and release verification coverage.
Add structured authorization requirements for broker grant actions and share brokered run/inject execution across CLI and MCP while keeping write-env as a separate workspace-visible export path.
Harden macOS HTTP signing to fail closed on randomness failures and extend the signer contract tests.

Make public release gates prove the live first-party telemetry endpoint by generating the probe body from the core CLI telemetry encoder, then checking DNS, TLS SNI, and the /v1/cli/ping response contract before release.

Ship the process-identity authorization hardening with deterministic Darwin race-test coverage after the v1.0.16 public release workflow stopped before publishing artifacts.

Harden process-bound session resolution so daemon RPC callers can only resolve sessions for their kernel-attested socket peer PID.
Disable implicit process binding when the platform cannot provide a per-process stale-binding token instead of falling back to PID ancestry.
Replace shell-based process ancestry checks with native platform lookups and refuse daemon stop when a pidfile does not match the live HASP daemon socket.

Harden the public release workflow against transient macOS arm64 race-test runner failures by retrying the Darwin race step once before failing.

Make the setup convenience-unlock eval platform-aware so Linux CI verifies the disabled path while macOS verifies best-effort Keychain unavailability.

Keep public release evals aligned with the setup convenience-unlock hardening so merge-gate CI covers the new macOS Keychain failure contract.

Make setup keychain failures explicit: convenience-unlock errors now say the macOS login keychain rejected access, not the HASP master password.
Show Setup complete with warnings when setup succeeds but convenience unlock is unavailable.
Treat --enable-convenience-unlock=always as a hard setup contract so setup cannot report success while leaving the requested unlock path unusable.

Made the public installer regression test portable to clean Linux runners by accepting the expected "install directory is not on PATH" warning while preserving the dedicated stale-hasp shadowing assertion.
Continue the 100% server coverage release line after the v1.0.10 public CI attempt exposed the Linux-only installer-test assumption.

Split public script-test execution into named release and merge-gate steps so Linux CI identifies the exact script regression instead of reporting the aggregate test-scripts lane.
Continue the 100% server coverage release line with a small release-version parser regression test.

Split the public verify-ci aggregate into named workflow steps for release and merge gates so Linux CI reports whether links, generated docs, workflow lint, shellcheck, web checks, server tests, or server lint failed.
Carry forward the 100% server coverage gate and release diagnostic hardening from the v1.0.7 and v1.0.8 release attempts.

Move public non-secret release preflight and merge-gate checks to GitHub-hosted Linux and split the release gates into named steps so CI failures identify the exact failing lane instead of collapsing into one opaque make release-gate or make release-preflight result.
Preserve the 100% server coverage release gate and the v1.0.7 MCP/coverage hardening in the release line.

Raise the server release coverage gate to 100% with regression coverage across runtime HTTP/RPC paths, app command errors, HTTP auth/HMAC handling, integrations, store backup/config/policy paths, telemetry, leases, approvals, and support utilities.
Simplify unreachable defensive branches surfaced by the coverage push while preserving production error handling for reachable failure modes.

Harden managed agent MCP startup so initialization and tool discovery stay available even when vault unlock, saved consumer lookup, session setup, or process registration preflight fails.
Contain vault unlock failures during MCP tool execution as JSON-RPC tool errors instead of process exits.
Isolate HTTP vault-init regression coverage from the operator macOS Keychain.

Add optional HASP CLI telemetry with explicit setup consent, hasp telemetry controls, a first-party ingest endpoint, strict payload allowlists, and default-off/no-network behavior unless the user opts in.

Harden the private-to-public release driver so live verification waits for the Homebrew tap publish to land before fetching or installing from the tap.
Add release-publication regression coverage for the live verifier's Homebrew polling path.

Fix the public Release workflow so pre-publish release smoke no longer tries to install the Homebrew formula before the new artifacts are available on the R2 mirror.
Keep Homebrew install verification after R2 publication and before Homebrew tap publication, then verify the published tap before creating the GitHub Release.

Harden managed agent MCP startup so stale wrappers still answer the MCP initialize handshake instead of exiting when a saved agent record is missing.
Make hasp setup --agent <id> persist the matching agent consumer record for every supported harness, including Codex CLI, Claude Code, Cursor, Aider, Hermes, and OpenClaw.
Add regression coverage for every managed agent harness from setup through wrapper generation, persisted consumer state, and hasp agent mcp tools listing.

Fix macOS setup convenience unlock so normal Keychain prompt latency does not get reported as an unavailable keychain.
Fix hasp proof --secret <alias> so project aliases such as secret_01 resolve correctly during brokered proof checks.
Keep the public installer compatible with the published v1 release archive layout.

Publish HASP v1 as the first public code and documentation line.
Ship the local-first runtime secret broker with encrypted vault storage, project-scoped bindings, repo guardrails, protected agent process-tree sessions, one-time plaintext approval grants, brokered command execution, audited secret use, value-free repo manifests, and first-class agent profiles.
Publish the release through the public Release workflow: supported-platform tarballs, checksums, detached GPG signatures, packaged SBOM/provenance/status sidecars, Ed25519 upgrade signatures, Cloudflare R2 mirrors, download Worker metadata, Homebrew tap publication, and GitHub Release assets.
Start public versioned documentation at /docs/v1.0.0/; the private source repository keeps pre-v1 development history and archived release notes.