2026-07-14
Codex OAuth Login
- Added strict RFC 8252-style loopback callback support for
codex mcp login esheria, including dynamic local ports and exact/callback/<id>validation. - Kept hosted HTTPS callbacks on the explicit allow-list and rejected lookalike hosts, missing ports, wrong paths, fragments, userinfo, and non-loopback HTTP redirects.
- Generalized dashboard consent and connector-token naming for Claude, Codex, and future hosted MCP OAuth clients while retaining legacy connector tokens.
- Added Codex desktop-app setup through Settings -> MCP servers, including
Streamable HTTP configuration, OAuth authentication, shared-profile behavior,
and
/mcpverification.
Billing And Credits Production Hardening / CLI 1.2.0
- Replaced caller-selected Checkout credits and quantity with server-owned plan/top-up SKUs, persisted orders, exact public prices, and Stripe line-item verification.
- Added Sandbox, Developer, Team, Business, and Enterprise plan policy with pack limits, feature gates, authenticated requests/minute, expiring Sandbox grants, and 12-month paid top-ups.
- Scoped idempotency to the authenticated workspace/token, authorized every pack in multi-pack payloads, and made unknown protected route pricing fail closed.
- Moved runtime charging to immutable
2026-07-14-v2database rules and exposed the current catalog through billing plans. - Added retryable Stripe events, recurring invoice grants, asynchronous payment outcomes, refunds/disputes, credit-debt restoration, and stale-reservation reconciliation.
- Disabled unverified public email/password provisioning; verified Google and GitHub OAuth remain the production self-service identity paths.
- Updated the Dashboard and CLI to choose workspace packs and Checkout SKUs;
esheria billing checkout --sku-id ...replaces caller-defined top-ups.
2026-07-13
MCP 1.1.0 Production Hardening
- Replaced the handwritten transport with the official MCP SDK and current
Streamable HTTP lifecycle, protocol negotiation,
ping, schema validation, resource templates, and MCP-native tool errors. - Added exact 20/29/37 scope-aware catalogs. Invalid and management-only credentials are rejected before catalog disclosure; mutations require their write scope and explicit confirmation.
- Blocked path traversal, DNS-rebinding/private source-monitor destinations, downgrade redirects, local files, caller-controlled S3 settings, oversized content, unbounded waits, and oversized check batches.
- Added backward-compatible bounded JSON text plus structured outputs, pooled API clients, pre-auth/per-token rate and concurrency controls, session caps, structured logs, bounded-cardinality Prometheus metrics, HSTS, and versioned systemd/nginx hardening.
- Completed customer-profile detail/run-history reads without deleting or increasing the 37-tool catalog.
Multi-Jurisdiction Hardening
- Removed Kenya and
data_protectionrequest fallbacks from API, CLI, Python client, and MCP claim verification.pack_idis now explicit and pack jurisdiction/domain metadata is inferred from the selected pack. - Required explicit pack selection for graph queries, graph applicability, entity-profile summaries, and stateless customer lifecycle previews.
- Refreshed the production catalog to 69 current pack records across 27
jurisdiction labels: 60
verified_publishedand 9 metadata-onlynot_ready. - Diversified API, CLI, MCP, recipe, monitoring, billing, and applicability examples across UK, EU, US, Singapore, Australia, and global packs.
- Added UK-pack API, CLI, and MCP release validation.
CLI 1.0.0 Production Release
-
Promoted the package to
Development Status :: 5 - Production/Stableand declared Apache-2.0 for the distributed CLI, Python client, and MCP code. -
Added dedicated
monitoring:write,graph:write, andcustomer:writescopes. Read-only tokens can no longer authorize hosted-state mutations. - Restricted data-token creation to the documented read/operator scopes while keeping dashboard and OAuth connector tokens read-only by default.
-
Added
esheria --version, global output flags, richer command help, strict configuration/input validation, and broader NDJSON row streaming. -
Added explicit
--yesconfirmation for graph projection rebuilds, source checks, and subscription cancellation. - Added workspace and subscription commands, source-watch list/create commands, customer-profile inspection, and applicability-run history.
- Fixed graph applicability payload compatibility and removed silently ignored calendar, evidence, monitoring, and relationship filters.
- Prevented API-key forwarding through HTTP redirects and added wheel install smoke tests for Python 3.11, 3.12, and 3.13.
- Added CI wheel/entry-point smoke coverage on Linux, Windows, and macOS.
-
Hardened PyPI publication with tag/version matching, focused release tests,
twine check, installed-wheel entry-point smoke, andpip check.
2026-06-28
Regulatory Intelligence Workflows
- Added source monitoring endpoints, CLI commands, and MCP tools for source watches, source currentness, source-change events, and binding recompile candidates.
- Added published-only graph projection rebuild and graph coverage workflows.
- Added workspace-scoped customer profiles, applicability runs, customer obligation instances, and customer change-impact workflows.
- Updated OpenAPI-backed docs to include monitoring, graph, customer applicability, obligation instance, and impact surfaces.
2026-06-25
Hosted MCP Transport
- Deployed the hosted MCP HTTP endpoint at
https://mcp.esheria.ai/mcp. - Published DNS, nginx TLS, and a managed
esheria-mcp.serviceprocess for the hosted endpoint. - Updated Codex setup to use a remote MCP URL with bearer-token auth instead of a local
uvxstdio command. - Updated the public MCP guide and quickstart so users connect by URL first; local
esheria-mcp serve --stdiois now documented only as a fallback for hosts that do not support remote MCP URLs.
2026-06-03
Production Multipack Catalog
- Updated public pack documentation to show the current production Postgres serving catalog: five Kenya packs and six UK packs.
- Added current versions and published API counts for obligations, filing calendar items, evidence rows, and applicability rows.
- Clarified that generic pack workflows are available across the loaded packs, while claim verification remains limited to packs with enabled evaluator profiles.
- Disclosed that UK pack versions still carry source-intake names until the later publication-normalization phase, even though the production API is serving their published workflow surfaces.
Full Regulatory Fact Surfaces
- Added API Reference coverage for pack versions, pack diffs, change events, penalty facts, and legal review audit metadata.
- Added guides for change monitoring and first-class filing/evidence/penalty surfaces.
- Updated examples to use the current Kenya Data Protection pack version and a customer-operating claim instead of older institutional-duty examples.
- Clarified that the API provides read-only canonical legal intelligence; downstream products own applicability review, task ownership, uploaded evidence, remediation, comments, and reports.
2026-06-01
CLI And MCP Package
- Published the
esheriaPython package withesheriaandesheria-mcpconsole commands. - Added repo-local wrappers at
bin/esheriaandbin/esheria-mcp. - Added host examples for Claude Desktop, Cursor, Codex MCP, and internal agent hosts.
- Added first five MCP tool calls for liveness, readiness, pack discovery, pack inspection, and obligation retrieval.
Developer Docs
- Added Mintlify documentation structure under
mintlify/. - Added
docs.jsonnavigation for Quickstart, API Reference, CLI, MCP, Recipes, Errors, and Changelog. - Copied and enriched
api/openapi.v1.jsonasmintlify/openapi.jsonwith server URLs andx-api-keysecurity metadata. - Added GitHub Actions docs validation with OpenAPI freshness checks.
Contract Notes
- Public responses keep the deterministic envelope:
status,data,errors, andtrace_id. - Production workflows serve published regulatory facts.
- Claim verification requires a pack-level claim evaluation profile.