Every
release, with reasons.
We ship in sprints. Each entry below is a real release — features we shipped, hardening passes, infrastructure changes. No marketing spin. If we removed something, you’ll read about that too.
- 2026-05-11featv0.2.0-beta.2
Nomos brand · public docs · dark canvas everywhere.
The platform now ships under the Nomos brand: dark-first, editorial typography, and a comprehensive public docs surface. Marketing pages, sign-in / sign-up, and onboarding all redrawn from the ground up.
- New marketing home page with live decision panel
- Public /docs (mirrors in-product user guide)
- Public /security trust posture statement
- Public /integrations matrix + adapter contract
- Public /changelog (this page)
- Sign-in / sign-up split-pane with brand panel
- Onboarding wizard re-styled with Nomos tokens
- 2026-05-11featv0.2.0-beta.1
Clawvisor parity · LLM intent verifier · standing grants.
Closes the five-item parity gap with Clawvisor (YC W26). New surfaces: per-request LLM coherence verification (fail-closed), PDP response sanitizer, three new connectors (Linear, Stripe, Calendar), Telegram notification channel, durable standing-grant model.
- LLM intent verifier (Claude Haiku 4.5, 1.5s timeout, fail-closed)
- PDP response sanitizer middleware (secrets, HTML, zero-width)
- Linear + Stripe OAuth connectors
- Google Calendar scope expansion (5 templates)
- Telegram notification channel via Knock
- isStanding flag + nullable expiresAt on envelopes
- Standing grants overview page in dashboard
- 2026-05-10featv0.1.0
First win — Claude Desktop e2e green.
Claude Desktop end-to-end demo passes green. Approval Envelope + UCAN resource_constraint + /v1/intent + filesystem proxy + mcp-filesystem demo all live. Hardening pass on top: zod bump, schema seed, connections UI, audit polish, edge PDP packaging.
- Dynamic-scope filesystem slice landed
- mcp-filesystem demo green
- Customer-edge PDP Docker + Helm chart
- Audit panel polish + proof bundle download
- 2026-05-09featv0.0.9
Sprint 9 · step-up + WebAuthn passkey + cosigner UCAN.
Two-pass cedar detection escalates risky calls to step-up. Passkey assertion in the browser → cosigner UCAN minted on the control plane → PDP three-layer validation. Knock dev-console fallback when KNOCK_API_KEY is empty.
- WebAuthn passkey enrollment + assertion
- Cosigner UCAN minting + validation
- PDP three-layer cosigner validation
- Knock workflow integration
- 2026-05-09infrav0.0.8
Sprint 8 · push revocation + Postgres audit hash chain.
Audit chain moved to Postgres with hash-chained rows. Daily Ed25519 signed roots stored in audit_roots. Revocation pushes via Server-Sent Events. R2 Parquet archive with 7-year lifecycle. Open-source audit-verify CLI.
- Hash-chained audit_events
- Ed25519 signed daily roots (env-managed)
- audit-verify CLI
- Cloudflare R2 Parquet archive
- 2026-05-09featv0.0.7
Sprint 7 · visual policy builder + 20 templates.
packages/policy-builder: IR / parse / emit / round-trip. Schema-packs: 20 starter templates across the four foundation connectors. Dashboard ships a Visual tab on the Policies page.
- Cedar IR + visual builder
- roundTrip() validation rule before save
- 20 starter templates
- 2026-05-09featv0.0.6
Sprint 6 · dashboard MVP shipped.
Next.js 15 + tRPC + Better-Auth + Monaco editor + audit viewer. First end-to-end usable surface for the platform.
- Next.js 15 App Router
- tRPC + Better-Auth integration
- Monaco-backed Cedar editor
- Audit viewer + chain inspector
- api-keys router
- 2026-05-09infrav0.0.5
Sprint 5 · OAuth ↔ UCAN bridge + 24h refresh sweep.
Four connectors live (GitHub, Slack, Google, Notion). Proxy mode swaps UCAN for OAuth bearer at the moment of the upstream call. On-demand refresh on 401 + 1-hour sweep with 24-hour lookahead.
- 4 OAuth connectors
- Proxy mode
- Refresh sweep (1h cadence, 24h lookahead)