Skip to content

Releases: brownjuly2003-code/agentflow

AgentFlow v1.6.0 — ClickHouse serving + engine-enforced PII governance

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 02 Jul 00:58

AgentFlow v1.6.0 — ClickHouse serving + engine-enforced PII governance

The architecture-fixing release: the serving engine is decided and shipped, and PII protection moved from an app-level string parse to access control enforced by the database engine itself.

Headline

  • ClickHouse is the shipped serving engine (ADR 0006 Phase 1). config/serving.yaml defaults to backend: clickhouse; make demo and both compose files bring the service up by default. The local pipeline mirrors every validated event into ClickHouse after the DuckDB commit (clickhouse_sink.py, fail-loud on unreachable CH), mutable serving tables are ReplacingMergeTree row versions read with final=1, and the freshness-critical event scan goes through the serving backend — event-driven freshness survives an out-of-process writer. Verified live against ClickHouse 26.7 (cross-process burst, SSE, upsert dedup); a dedicated CI E2E lane runs the API on the shipped profile against a real ClickHouse and proves no silent DuckDB fallback.
  • PII governance is now engine-enforced in the DV2 vault (ADR 0006 Phase 2). New warehouse/agentflow/dv2/governance/: a fail-closed dv2_analyst role (contact-PII columns never granted), per-jurisdiction dv2_pii_officer__<branch> roles, and row policies scoping the shared customer hub. bv_customer_mdm__* views run SQL SECURITY DEFINER; the cross-branch customer_360 mart is PII-free by contract (it had been copying contact PII past the grants — found and closed in this cycle). Verified live: 32/32 adversarial probes; the historical app-gate bypass forms are dead on the engine, two of them not even expressible.
  • The serving-layer PII gate/masker is removed — it guarded columns that do not exist in the serving warehouse. Real contact PII lives only in the vault, where the engine now enforces the boundary.

Also in this release

  • NL→SQL engine (ADR 0008): vendored LangGraph generate→validate→repair pipeline with a DuckDB-aware sqlglot guard, catalog-grounded context, routed through the GraceKelly orchestration API (claude-sonnet-5); the shipped demo default remains the rule-based translator. 18-question eval harness with execution-accuracy metrics included.
  • DV2 raw vault migrated to PostgreSQL with a parameterized vault writer, in-database OLTP→vault promotion, and LISTEN/NOTIFY event-driven freshness; the ClickHouse dialect regenerates byte-for-byte for mart serving.
  • PyIceberg sink backed by a real MinIO object store (REST catalog via S3FileIO, same bucket as the Flink path).
  • OpenSSF Scorecard channel: published score 5.8 → 7.0; all 99 action references SHA-pinned; Dockerfiles digest-pinned; least-privilege workflow permissions.
  • ADR 0009 records the honest scaling gate (control plane stays embedded per-pod until externalized — replicaCount/autoscaling pinned).
  • Chaos teardown guard (tolerates only green-session signal-death after a written report), analytics-logging flake fix, dependency maintenance batch.

Full detail in CHANGELOG.md [1.6.0].

Packages

  • PyPI: agentflow-runtime==1.6.0, agentflow-client==1.6.0
  • npm: @yuliaedomskikh/agentflow-client@1.6.0

AgentFlow v1.5.0 — security & correctness hardening

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 02 Jul 00:58

AgentFlow v1.5.0 — security & correctness hardening

Backfilled Release object (2026-07-02) for the tag published to PyPI/npm on 2026-06-05 — metadata only, no re-publish; the Trusted Publishing runs from the tag push remain the package source of truth.

Headline

  • M-C4 closed — argon2id key hashing with an O(1) peppered lookup index. N=20 cold hit-last drops 8.1 s → ~34 ms, miss ~0.1 ms; legacy bcrypt keys keep verifying.
  • NL→SQL guard bypass fix: typed read_csv / read_parquet scan functions are now denied in projection position.
  • sqlglot control-byte and mutation-target repairs.
  • Strict-mypy expansion across the orchestration and freshness slices — zero per-module relaxations (flink_jobs hand-annotated).

Also in this release

  • sqlglot ClickHouse transpile (H-C2) with permanent live-CH CI coverage.
  • Flink 2.2.1 platform bump with the M-C2/M-C3 hot-path fixes.
  • SDK latest/deprecated version response headers.
  • scripts/ under the Ruff CI gate; autopilot scheduler-env fix; order-independence test fixes.

No public API changes from v1.4.0. Full detail in CHANGELOG.md [1.5.0].

Packages

  • PyPI: agentflow-runtime==1.5.0, agentflow-client==1.5.0
  • npm: @yuliaedomskikh/agentflow-client@1.5.0

AgentFlow v1.4.0 — maintenance + release hardening

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 03 Jun 02:35

Maintenance release. No runtime API changes from v1.3.0.

  • Top-level handoff and release docs, on-call runbooks, SECURITY.md, issue/PR templates
  • Contract / DORA CI hardening
  • Dependabot + editorconfig repo hygiene; type-stub adoption
  • Tier A dependency wave (mypy, Terraform AWS provider, TypeScript, GitHub Actions, Vitest)

Published 2026-05-24 via OIDC Trusted Publishers with SLSA provenance attestations:

  • PyPI: agentflow-runtime 1.4.0, agentflow-client 1.4.0
  • npm: @yuliaedomskikh/agentflow-client 1.4.0

See CHANGELOG.md and docs/dv2-multi-branch/RELEASE_STATUS.md for the verified registry table.

AgentFlow v1.3.0 — Helm hardening + DV2 demo triptych

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 03 Jun 02:35

Operational hardening and the DV2 demo triptych.

  • helm/kafka-connect hardened to match helm/agentflow (NetworkPolicy + PDB + pod/container securityContext + /tmp emptyDir; schema-required, off-by-default)
  • Helm live validation parametrized across both charts
  • A03 CI hardware-gap acceptance; Load Test gates raised to 1.3x baseline
  • DV2 demo triptych completed (terminal + web-UI + dbt docs screencasts)

See CHANGELOG.md for the full list.

AgentFlow v1.2.0 — DV2 multi-branch warehouse

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 03 Jun 02:35

DV2.0 multi-branch warehouse merged to main.

  • 38 Data Vault 2.0 tables (8 hubs / 8 links / 22+ satellites)
  • Argo Workflows dv2-refresh orchestration template
  • dbt project with 3 mart models + 12 tests
  • Per-branch CDC fan-out via ClickHouse MaterializedPostgreSQL
  • First voice-narrated terminal-cast demo

Packages for this release line are on PyPI (agentflow-runtime, agentflow-client) and npm (@yuliaedomskikh/agentflow-client). See CHANGELOG.md and docs/dv2-multi-branch/ for detail.

AgentFlow v1.1.0

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 30 Apr 00:47

AgentFlow v1.1.0 publishes the runtime/SDK split and the first green registry proof for the release line.

Highlights:

  • Runtime distribution is published as agentflow-runtime 1.1.0 on PyPI.
  • Python SDK distribution is published as agentflow-client 1.1.0 on PyPI while keeping the agentflow import path.
  • TypeScript SDK is published as @uedomskikh/agentflow-client 1.1.0 on npm.
  • The release includes the v1.1 SDK contract alignment, MCP integration, SDK resilience work, and CDC operationalization documented in CHANGELOG.md and docs/release-readiness.md.

Registry artifacts:

Verification:

  • Publish Python Packages, Publish TypeScript SDK, and tag Contract Tests are green for tag target 2c72387.
  • Local full suite after docs sync: 729 passed, 4 skipped.

AgentFlow v1.0.1 - Clean-clone installation fixes

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 20 Apr 15:24

[1.0.1] - 2026-04-20

Post-publication patches ensuring clean-clone installation works out of the box.

Fixed

  • SDK sources missing from git tree: sdk/agentflow/ and integrations/agentflow_integrations/ were not tracked, causing ImportError on fresh clones. Now included. (302883e)
  • Cached bytecode in tracked paths: .pyc files accidentally committed alongside SDK sources - removed. (a032f16)
  • Cloud extras missing from setup verification: pyiceberg, bcrypt were not installed during verification, causing cryptic test failures. make setup now installs [dev,integrations,cloud] extras. (4e86759)
  • Bandit missing from dev verification deps: bandit wasn't in dev extras, breaking security baseline check on clean clones. (cf3a602)
  • Bandit baseline missing from published repo: .bandit-baseline.json was gitignored - required by test_bandit_diff.py. Now tracked. (669c9d7)

Verification

Fresh clone installation flow confirmed:

git clone https://github.com/brownjuly2003-code/agentflow
cd agentflow
python -m venv .venv
.venv/Scripts/python -m pip install -e '.[dev,integrations,cloud]'
.venv/Scripts/python -m pytest tests/unit -q  # -> 340 passed

AgentFlow v1.0.0 - Initial release

Choose a tag to compare

@brownjuly2003-code brownjuly2003-code released this 20 Apr 11:55

[1.0.0] - 2026-04-20

Added

  • Python and TypeScript SDK resilience support: retry policies, circuit breakers, batching helpers, pagination helpers, and contract pinning
  • Minimal admin dashboard at /admin
  • Chaos smoke on pull requests plus scheduled full chaos coverage
  • Performance regression gate in CI based on docs/benchmark-baseline.json
  • Terraform apply workflow with environment approval and OIDC-ready AWS auth
  • Fly.io demo deployment config in deploy/fly/
  • Public-facing docs set: API reference, competitive analysis, security audit, glossary, and publication checklist

Changed

  • Entity lookup latency from the original ~26,000 ms baseline to the current 43-55 ms release range, with entity p99 at 290-320 ms in the checked-in baseline
  • Query safety from regex-style scoping to sqlglot AST validation with allowlisted tables
  • Hot-path entity reads from string interpolation to parameterized queries
  • SDK configuration cleaned up around configure_resilience() while preserving backwards compatibility for existing callers

Fixed

  • Windows DuckDB file-lock flake in rotation tests
  • Auth auto-revoke regression after the auth module split
  • Analytics hot-path regression caused by cache stampede and schema re-bootstrap
  • Missing Flink Terraform application_code_configuration

Security

  • Parameterized queries throughout the serving hot path
  • sqlglot AST validator for natural-language-to-SQL translation
  • Bandit baseline gate so only new findings fail CI
  • API key rotation with grace period and auto-revoke support