> ## Documentation Index
> Fetch the complete documentation index at: https://docs.esheria.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Changelog

> Release notes for Esheria developer surfaces.

## 2026-07-14

### Codex OAuth Login

* Added strict RFC 8252-style loopback callback support for
  `codex mcp login esheria`, including dynamic local ports and exact
  `/callback/<id>` validation.
* Kept hosted HTTPS callbacks on the explicit allow-list and rejected lookalike
  hosts, missing ports, wrong paths, fragments, userinfo, and non-loopback HTTP
  redirects.
* Generalized dashboard consent and connector-token naming for Claude, Codex,
  and future hosted MCP OAuth clients while retaining legacy connector tokens.
* Added Codex desktop-app setup through **Settings -> MCP servers**, including
  Streamable HTTP configuration, OAuth authentication, shared-profile behavior,
  and `/mcp` verification.

### Billing And Credits Production Hardening / CLI 1.2.0

* Replaced caller-selected Checkout credits and quantity with server-owned
  plan/top-up SKUs, persisted orders, exact public prices, and Stripe line-item
  verification.
* Added Sandbox, Developer, Team, Business, and Enterprise plan policy with
  pack limits, feature gates, authenticated requests/minute, expiring Sandbox
  grants, and 12-month paid top-ups.
* Scoped idempotency to the authenticated workspace/token, authorized every
  pack in multi-pack payloads, and made unknown protected route pricing fail
  closed.
* Moved runtime charging to immutable `2026-07-14-v2` database rules and exposed
  the current catalog through billing plans.
* Added retryable Stripe events, recurring invoice grants, asynchronous payment
  outcomes, refunds/disputes, credit-debt restoration, and stale-reservation
  reconciliation.
* Disabled unverified public email/password provisioning; verified Google and
  GitHub OAuth remain the production self-service identity paths.
* Updated the Dashboard and CLI to choose workspace packs and Checkout SKUs;
  `esheria billing checkout --sku-id ...` replaces caller-defined top-ups.

## 2026-07-13

### MCP 1.1.0 Production Hardening

* Replaced the handwritten transport with the official MCP SDK and current
  Streamable HTTP lifecycle, protocol negotiation, `ping`, schema validation,
  resource templates, and MCP-native tool errors.
* Added exact 20/29/37 scope-aware catalogs. Invalid and management-only
  credentials are rejected before catalog disclosure; mutations require their
  write scope and explicit confirmation.
* Blocked path traversal, DNS-rebinding/private source-monitor destinations,
  downgrade redirects, local files, caller-controlled S3 settings, oversized
  content, unbounded waits, and oversized check batches.
* Added backward-compatible bounded JSON text plus structured outputs, pooled
  API clients, pre-auth/per-token rate and concurrency controls, session caps,
  structured logs, bounded-cardinality Prometheus metrics, HSTS, and versioned
  systemd/nginx hardening.
* Completed customer-profile detail/run-history reads without deleting or
  increasing the 37-tool catalog.

### Multi-Jurisdiction Hardening

* Removed Kenya and `data_protection` request fallbacks from API, CLI, Python
  client, and MCP claim verification. `pack_id` is now explicit and pack
  jurisdiction/domain metadata is inferred from the selected pack.
* Required explicit pack selection for graph queries, graph applicability,
  entity-profile summaries, and stateless customer lifecycle previews.
* Refreshed the production catalog to 69 current pack records across 27
  jurisdiction labels: 60 `verified_published` and 9 metadata-only `not_ready`.
* Diversified API, CLI, MCP, recipe, monitoring, billing, and applicability
  examples across UK, EU, US, Singapore, Australia, and global packs.
* Added UK-pack API, CLI, and MCP release validation.

### CLI 1.0.0 Production Release

* Promoted the package to `Development Status :: 5 - Production/Stable` and
  declared Apache-2.0 for the distributed CLI, Python client, and MCP code.

* Added dedicated `monitoring:write`, `graph:write`, and `customer:write`
  scopes. Read-only tokens can no longer authorize hosted-state mutations.

* Restricted data-token creation to the documented read/operator scopes while
  keeping dashboard and OAuth connector tokens read-only by default.

* Added `esheria --version`, global output flags, richer command help, strict
  configuration/input validation, and broader NDJSON row streaming.

* Added explicit `--yes` confirmation for graph projection rebuilds, source
  checks, and subscription cancellation.

* Added workspace and subscription commands, source-watch list/create
  commands, customer-profile inspection, and applicability-run history.

* Fixed graph applicability payload compatibility and removed silently ignored
  calendar, evidence, monitoring, and relationship filters.

* Prevented API-key forwarding through HTTP redirects and added wheel install
  smoke tests for Python 3.11, 3.12, and 3.13.

* Added CI wheel/entry-point smoke coverage on Linux, Windows, and macOS.

* Hardened PyPI publication with tag/version matching, focused release tests,
  `twine check`, installed-wheel entry-point smoke, and `pip check`.

## 2026-06-28

### Regulatory Intelligence Workflows

* Added source monitoring endpoints, CLI commands, and MCP tools for source
  watches, source currentness, source-change events, and binding recompile
  candidates.
* Added published-only graph projection rebuild and graph coverage workflows.
* Added workspace-scoped customer profiles, applicability runs, customer
  obligation instances, and customer change-impact workflows.
* Updated OpenAPI-backed docs to include monitoring, graph, customer
  applicability, obligation instance, and impact surfaces.

## 2026-06-25

### Hosted MCP Transport

* Deployed the hosted MCP HTTP endpoint at `https://mcp.esheria.ai/mcp`.
* Published DNS, nginx TLS, and a managed `esheria-mcp.service` process for the hosted endpoint.
* Updated Codex setup to use a remote MCP URL with bearer-token auth instead of a local `uvx` stdio command.
* Updated the public MCP guide and quickstart so users connect by URL first; local `esheria-mcp serve --stdio` is now documented only as a fallback for hosts that do not support remote MCP URLs.

## 2026-06-03

### Production Multipack Catalog

* Updated public pack documentation to show the current production Postgres
  serving catalog: five Kenya packs and six UK packs.
* Added current versions and published API counts for obligations, filing
  calendar items, evidence rows, and applicability rows.
* Clarified that generic pack workflows are available across the loaded packs,
  while claim verification remains limited to packs with enabled evaluator
  profiles.
* Disclosed that UK pack versions still carry source-intake names until the
  later publication-normalization phase, even though the production API is
  serving their published workflow surfaces.

### Full Regulatory Fact Surfaces

* Added API Reference coverage for pack versions, pack diffs, change events,
  penalty facts, and legal review audit metadata.
* Added guides for change monitoring and first-class filing/evidence/penalty
  surfaces.
* Updated examples to use the current Kenya Data Protection pack version and a
  customer-operating claim instead of older institutional-duty examples.
* Clarified that the API provides read-only canonical legal intelligence;
  downstream products own applicability review, task ownership, uploaded
  evidence, remediation, comments, and reports.

## 2026-06-01

### CLI And MCP Package

* Published the `esheria` Python package with `esheria` and `esheria-mcp` console commands.
* Added repo-local wrappers at `bin/esheria` and `bin/esheria-mcp`.
* Added host examples for Claude Desktop, Cursor, Codex MCP, and internal agent hosts.
* Added first five MCP tool calls for liveness, readiness, pack discovery, pack inspection, and obligation retrieval.

### Developer Docs

* Added Mintlify documentation structure under `mintlify/`.
* Added `docs.json` navigation for Quickstart, API Reference, CLI, MCP, Recipes, Errors, and Changelog.
* Copied and enriched `api/openapi.v1.json` as `mintlify/openapi.json` with server URLs and `x-api-key` security metadata.
* Added GitHub Actions docs validation with OpenAPI freshness checks.

## Contract Notes

* Public responses keep the deterministic envelope: `status`, `data`, `errors`, and `trace_id`.
* Production workflows serve published regulatory facts.
* Claim verification requires a pack-level claim evaluation profile.
