Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ is the pure-Python client and expects an `aasm` runtime to be reachable some oth
Confirm the `aasm` CLI is on your `PATH`:

```bash
aasm --version # e.g. aasm 0.0.1rc5
aasm --version # e.g. aasm 0.0.1rc6
```

> **Supply-chain verification.** The only official PyPI package is `agent-assembly`
Expand Down
2 changes: 1 addition & 1 deletion agent_assembly/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
import sys
from typing import TYPE_CHECKING, Any

__version__ = "0.0.1rc5"
__version__ = "0.0.1rc6"

_MODULE_CORE = "agent_assembly.core"
_MODULE_ADAPTERS = "agent_assembly.adapters"
Expand Down
22 changes: 22 additions & 0 deletions docs/compatibility/release-notes.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,28 @@ Release notes for the Agent Assembly Python SDK. Versions follow [SemVer](https:
!!! info "0.x development"
The SDK is in active 0.x development; per-release notes are minimal. Track full changes via [the commits to `master`](https://github.com/ai-agent-assembly/python-sdk/commits/master) and the [GitHub releases](https://github.com/ai-agent-assembly/python-sdk/releases) feed.

## 0.0.1-rc.6

Sixth **release candidate** on the `0.0.1` line. This release tracks the published
`agent-assembly` core **`v0.0.1-rc.6`**: the bundled `aasm` runtime binary and the
compiled `aa-ffi-python` extension are pinned to that core tag.

This is a **security-hardening** candidate: the SDK now refuses to resolve a
register endpoint that would send credentials over non-loopback plaintext, and a
LangChain policy `deny` now actually blocks the tool call instead of being swallowed.

- Enforce non-loopback TLS on register-endpoint resolution, so a register call can
no longer leak credentials over plaintext to a non-loopback host (AAASM-4655).
- Set `raise_error` on the LangChain adapter so a policy `deny` is enforced and
blocks the tool call rather than being silently ignored (AAASM-4658).
- Add an `allow_insecure` opt-in to `init_assembly()` for deliberately trusted
networks, gated and documented as a conscious escape hatch (AAASM-4664).
- Add an `aasm --version` flag sourcing `__version__`, and correct the README error-
handling example to match the actual exception (AAASM-4656 / AAASM-4710).
- Fix a misleading OS classifier on the platform wheels' packaging metadata
(AAASM-4648), and tidy dead LangChain async callbacks / test hygiene
(AAASM-4710 / AAASM-4691).

## 0.0.1-rc.5

Fifth **release candidate** on the `0.0.1` line. This release tracks the published
Expand Down
2 changes: 1 addition & 1 deletion docs/examples/agno.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Version pins (from `pyproject.toml`):
| Dependency | Version |
|---|---|
| `agno` | `>=2.0.0` |
| `agent-assembly` | `>=0.0.1rc5` (the release that ships the Agno adapter) |
| `agent-assembly` | `>=0.0.1rc6` (the release that ships the Agno adapter) |
| Python | `>=3.12` |

## How it works
Expand Down
2 changes: 1 addition & 1 deletion docs/examples/haystack.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ Version pins (from `pyproject.toml`):
| Dependency | Version |
|---|---|
| `haystack-ai` | `>=2.0.0,<3.0` |
| `agent-assembly` | `>=0.0.1rc5` (the release that ships the Haystack adapter) |
| `agent-assembly` | `>=0.0.1rc6` (the release that ships the Haystack adapter) |
| Python | `>=3.12` |

## How it works
Expand Down
2 changes: 1 addition & 1 deletion docs/examples/llamaindex-tool-policy.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Version pins (from `pyproject.toml`):
| Dependency | Version |
|---|---|
| `llama-index-core` | `>=0.14.22` |
| `agent-assembly` | `>=0.0.1rc5` (the release that ships the LlamaIndex adapter) |
| `agent-assembly` | `>=0.0.1rc6` (the release that ships the LlamaIndex adapter) |
| Python | `>=3.12` |

## How it works
Expand Down
2 changes: 1 addition & 1 deletion docs/examples/microsoft-agent-framework.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Version pins (from `pyproject.toml`):
| Dependency | Version |
|---|---|
| `agent-framework` (the `live` extra) | `>=1.9,<2` |
| `agent-assembly` | `>=0.0.1rc5` (the release that ships the Microsoft Agent Framework adapter) |
| `agent-assembly` | `>=0.0.1rc6` (the release that ships the Microsoft Agent Framework adapter) |
| Python | `>=3.12` |

The adapter's `get_supported_versions()` reports `>=1.0.0,<2.0` — governance attaches across the 1.x line.
Expand Down
2 changes: 1 addition & 1 deletion docs/examples/smolagents.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Version pins (from `pyproject.toml`):
| Dependency | Version |
|---|---|
| `smolagents` | `>=1.0.0,<2.0.0` |
| `agent-assembly` | `>=0.0.1rc5` (the release that ships the Smolagents adapter) |
| `agent-assembly` | `>=0.0.1rc6` (the release that ships the Smolagents adapter) |
| Python | `>=3.12` |

## How it works
Expand Down
8 changes: 4 additions & 4 deletions docs/guides/container-base-image.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,13 @@ There are two families of tags: **immutable** (pinned, reproducible) and **movin

| Tag | Example | Mutable? | Use it for |
| --- | --- | --- | --- |
| `python:<runtime>-<core-version>` | `python:3.14-slim-v0.0.1-rc.5` | **No** — immutable | **CI and production.** Reproducible, byte-for-byte stable. |
| `python:<runtime>-<core-version>` | `python:3.14-slim-v0.0.1-rc.6` | **No** — immutable | **CI and production.** Reproducible, byte-for-byte stable. |
| `python:<runtime>` | `python:3.14-slim` | Yes — moves per release | Local experiments on a fixed Python runtime. |
| `python:latest` | `python:latest` | Yes — moves per release | Quick one-off tries only. |

`<core-version>` is the **Agent Assembly core / `aa-runtime` release** baked into the
image — it is also the version of the `aasm` CLI inside the image. Pinning
`python:3.14-slim-v0.0.1-rc.5` therefore pins *both* the Python runtime and the exact
`python:3.14-slim-v0.0.1-rc.6` therefore pins *both* the Python runtime and the exact
governance core/CLI version, which is what makes the build reproducible.

!!! warning "Pin the immutable tag in CI and production"
Expand All @@ -53,7 +53,7 @@ A minimal agent image that inherits governance from the base image:

```dockerfile
# Pin the immutable tag — Python 3.14 runtime + a fixed governance core/CLI version.
FROM ghcr.io/ai-agent-assembly/python:3.14-slim-v0.0.1-rc.5
FROM ghcr.io/ai-agent-assembly/python:3.14-slim-v0.0.1-rc.6

WORKDIR /app

Expand Down Expand Up @@ -123,7 +123,7 @@ which `agent-assembly` SDK release gets baked in.
## Best practices

- **Pin the immutable tag in CI and production.** Use
`python:<runtime>-<core-version>` (e.g. `python:3.14-slim-v0.0.1-rc.5`); never `:latest`.
`python:<runtime>-<core-version>` (e.g. `python:3.14-slim-v0.0.1-rc.6`); never `:latest`.
- **Pair the image with the `aa-runtime` sidecar.** The image makes your agent
*governance-ready*, but the in-process SDK layer is **not a security boundary on its
own** — point `init_assembly()` at an `aa-runtime` instance (sidecar or service) so policy
Expand Down
2 changes: 1 addition & 1 deletion docs/javascripts/source-facts-guard.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
It issues TWO unauthenticated calls to api.github.com per page load:

1. GET https://api.github.com/repos/<owner>/<repo>/releases/latest
→ 404, because this repo publishes only pre-releases (0.0.1a4..0.0.1rc5,
→ 404, because this repo publishes only pre-releases (0.0.1a4..0.0.1rc6,
0.0.2); GitHub's /releases/latest endpoint excludes pre-releases and
returns 404 when no non-prerelease exists. AAASM-4318 rewrites this
request to /releases?per_page=1 and picks the newest so the badge can
Expand Down
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "hatchling.build"

[project]
name = "agent-assembly"
version = "0.0.1rc5"
version = "0.0.1rc6"
description = "Python SDK for AI Agent Assembly - A governance-native runtime for AI agents"
authors = [{ name = "Agent Assembly Team", email = "team@agent-assembly.dev" }]
requires-python = ">=3.12,<4.0"
Expand Down
2 changes: 1 addition & 1 deletion sonar-project.properties
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ sonar.projectName=python-sdk
# `-Dsonar.projectVersion=...` (see .github/workflows/rw_run_all_test_and_record.yaml),
# so it always tracks the current release; this static value is the local-scan
# fallback only.
sonar.projectVersion=0.0.1rc5
sonar.projectVersion=0.0.1rc6

# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
sonar.projectBaseDir=./
Expand Down
2 changes: 1 addition & 1 deletion uv.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading