Skip to main content

2026-07-14

Codex OAuth Login

  • Added strict RFC 8252-style loopback callback support for codex mcp login esheria, including dynamic local ports and exact /callback/<id> validation.
  • Kept hosted HTTPS callbacks on the explicit allow-list and rejected lookalike hosts, missing ports, wrong paths, fragments, userinfo, and non-loopback HTTP redirects.
  • Generalized dashboard consent and connector-token naming for Claude, Codex, and future hosted MCP OAuth clients while retaining legacy connector tokens.
  • Added Codex desktop-app setup through Settings -> MCP servers, including Streamable HTTP configuration, OAuth authentication, shared-profile behavior, and /mcp verification.

Billing And Credits Production Hardening / CLI 1.2.0

  • Replaced caller-selected Checkout credits and quantity with server-owned plan/top-up SKUs, persisted orders, exact public prices, and Stripe line-item verification.
  • Added Sandbox, Developer, Team, Business, and Enterprise plan policy with pack limits, feature gates, authenticated requests/minute, expiring Sandbox grants, and 12-month paid top-ups.
  • Scoped idempotency to the authenticated workspace/token, authorized every pack in multi-pack payloads, and made unknown protected route pricing fail closed.
  • Moved runtime charging to immutable 2026-07-14-v2 database rules and exposed the current catalog through billing plans.
  • Added retryable Stripe events, recurring invoice grants, asynchronous payment outcomes, refunds/disputes, credit-debt restoration, and stale-reservation reconciliation.
  • Disabled unverified public email/password provisioning; verified Google and GitHub OAuth remain the production self-service identity paths.
  • Updated the Dashboard and CLI to choose workspace packs and Checkout SKUs; esheria billing checkout --sku-id ... replaces caller-defined top-ups.

2026-07-13

MCP 1.1.0 Production Hardening

  • Replaced the handwritten transport with the official MCP SDK and current Streamable HTTP lifecycle, protocol negotiation, ping, schema validation, resource templates, and MCP-native tool errors.
  • Added exact 20/29/37 scope-aware catalogs. Invalid and management-only credentials are rejected before catalog disclosure; mutations require their write scope and explicit confirmation.
  • Blocked path traversal, DNS-rebinding/private source-monitor destinations, downgrade redirects, local files, caller-controlled S3 settings, oversized content, unbounded waits, and oversized check batches.
  • Added backward-compatible bounded JSON text plus structured outputs, pooled API clients, pre-auth/per-token rate and concurrency controls, session caps, structured logs, bounded-cardinality Prometheus metrics, HSTS, and versioned systemd/nginx hardening.
  • Completed customer-profile detail/run-history reads without deleting or increasing the 37-tool catalog.

Multi-Jurisdiction Hardening

  • Removed Kenya and data_protection request fallbacks from API, CLI, Python client, and MCP claim verification. pack_id is now explicit and pack jurisdiction/domain metadata is inferred from the selected pack.
  • Required explicit pack selection for graph queries, graph applicability, entity-profile summaries, and stateless customer lifecycle previews.
  • Refreshed the production catalog to 69 current pack records across 27 jurisdiction labels: 60 verified_published and 9 metadata-only not_ready.
  • Diversified API, CLI, MCP, recipe, monitoring, billing, and applicability examples across UK, EU, US, Singapore, Australia, and global packs.
  • Added UK-pack API, CLI, and MCP release validation.

CLI 1.0.0 Production Release

  • Promoted the package to Development Status :: 5 - Production/Stable and declared Apache-2.0 for the distributed CLI, Python client, and MCP code.
  • Added dedicated monitoring:write, graph:write, and customer:write scopes. Read-only tokens can no longer authorize hosted-state mutations.
  • Restricted data-token creation to the documented read/operator scopes while keeping dashboard and OAuth connector tokens read-only by default.
  • Added esheria --version, global output flags, richer command help, strict configuration/input validation, and broader NDJSON row streaming.
  • Added explicit --yes confirmation for graph projection rebuilds, source checks, and subscription cancellation.
  • Added workspace and subscription commands, source-watch list/create commands, customer-profile inspection, and applicability-run history.
  • Fixed graph applicability payload compatibility and removed silently ignored calendar, evidence, monitoring, and relationship filters.
  • Prevented API-key forwarding through HTTP redirects and added wheel install smoke tests for Python 3.11, 3.12, and 3.13.
  • Added CI wheel/entry-point smoke coverage on Linux, Windows, and macOS.
  • Hardened PyPI publication with tag/version matching, focused release tests, twine check, installed-wheel entry-point smoke, and pip check.

2026-06-28

Regulatory Intelligence Workflows

  • Added source monitoring endpoints, CLI commands, and MCP tools for source watches, source currentness, source-change events, and binding recompile candidates.
  • Added published-only graph projection rebuild and graph coverage workflows.
  • Added workspace-scoped customer profiles, applicability runs, customer obligation instances, and customer change-impact workflows.
  • Updated OpenAPI-backed docs to include monitoring, graph, customer applicability, obligation instance, and impact surfaces.

2026-06-25

Hosted MCP Transport

  • Deployed the hosted MCP HTTP endpoint at https://mcp.esheria.ai/mcp.
  • Published DNS, nginx TLS, and a managed esheria-mcp.service process for the hosted endpoint.
  • Updated Codex setup to use a remote MCP URL with bearer-token auth instead of a local uvx stdio command.
  • Updated the public MCP guide and quickstart so users connect by URL first; local esheria-mcp serve --stdio is now documented only as a fallback for hosts that do not support remote MCP URLs.

2026-06-03

Production Multipack Catalog

  • Updated public pack documentation to show the current production Postgres serving catalog: five Kenya packs and six UK packs.
  • Added current versions and published API counts for obligations, filing calendar items, evidence rows, and applicability rows.
  • Clarified that generic pack workflows are available across the loaded packs, while claim verification remains limited to packs with enabled evaluator profiles.
  • Disclosed that UK pack versions still carry source-intake names until the later publication-normalization phase, even though the production API is serving their published workflow surfaces.

Full Regulatory Fact Surfaces

  • Added API Reference coverage for pack versions, pack diffs, change events, penalty facts, and legal review audit metadata.
  • Added guides for change monitoring and first-class filing/evidence/penalty surfaces.
  • Updated examples to use the current Kenya Data Protection pack version and a customer-operating claim instead of older institutional-duty examples.
  • Clarified that the API provides read-only canonical legal intelligence; downstream products own applicability review, task ownership, uploaded evidence, remediation, comments, and reports.

2026-06-01

CLI And MCP Package

  • Published the esheria Python package with esheria and esheria-mcp console commands.
  • Added repo-local wrappers at bin/esheria and bin/esheria-mcp.
  • Added host examples for Claude Desktop, Cursor, Codex MCP, and internal agent hosts.
  • Added first five MCP tool calls for liveness, readiness, pack discovery, pack inspection, and obligation retrieval.

Developer Docs

  • Added Mintlify documentation structure under mintlify/.
  • Added docs.json navigation for Quickstart, API Reference, CLI, MCP, Recipes, Errors, and Changelog.
  • Copied and enriched api/openapi.v1.json as mintlify/openapi.json with server URLs and x-api-key security metadata.
  • Added GitHub Actions docs validation with OpenAPI freshness checks.

Contract Notes

  • Public responses keep the deterministic envelope: status, data, errors, and trace_id.
  • Production workflows serve published regulatory facts.
  • Claim verification requires a pack-level claim evaluation profile.