What's Changed

x402 Machine-to-Machine Payments (Production Ready)

• Coinbase CDP managed wallets: agents receive a self-custodied wallet on registration via POST /api/v1/agents/register — no private keys on the agent side
• EIP-3009 auto-pay: when an agent exhausts its free-tier quota, the Control Plane automatically signs a TransferWithAuthorization and settles via the Coinbase-hosted x402.org/facilitator — agent sees 200 OK with X-Payment-Response receipt header instead of 402
• Exponential backoff retry on CDP API calls (cenkalti/backoff v5): retries on 429 and 5xx, permanent failure on 4xx
• RemoteFacilitator hardening: non-2xx HTTP responses now return structured errors; configurable timeout via NewRemoteFacilitatorWithTimeout
• Graceful CDP failure handling: wallet provisioning failures emit agent.cdp_wallet_provision_failed audit events to Core; registration succeeds regardless
• Integration test skeleton (//go:build integration): create Sepolia wallet + hit real facilitator — skipped in standard CI, activated with COINBASE_CDP_KEY_NAME

Team Management

• Team member listing, invite flow, and role assignment via Control Plane API
• Agent API key create/revoke (scoped keys via Core) with AgentKeyMeta audit trail
• Web: team page, AgentKeysSection component, API proxy routes at /api/team/

Auth & Web Improvements

• OAuth flow updates and session route
• Demo login now proxied through Control Plane (/api/v1/demo/start)
• Auth store and apiClient improvements

Test Coverage

• EIP3009Hash: determinism, collision resistance, pinned test vector
• CDPClient: JWT signing, wallet creation, sign_payload, retry on 429/5xx, permanent failure on 4xx — via rewriteTransport (no real CDP creds needed)
• RemoteFacilitator: happy path, non-2xx errors, timeout (httptest.NewServer)
• RegisterAgentUseCase with CDP: wallet provisioned+stored, CreateWallet failure, SetConfig failure, no-CDP path
• AgentAutoPayMiddleware: 9 cases including quota-exceeded auto-pay flow
• TeamInvite: 14 cases including nil-entry guard, invite token round-trip, role resolution

Documentation

• docs/X402_SETUP.md: Base Sepolia testnet setup, 6-step end-to-end staging validation procedure, nonce deduplication operational notes
• docs/x402-pricing.example.json: pricing config example with Sepolia and mainnet networks

Fixes

• Elixir prometheus metrics test compatibility with Elixir 1.19 type checker (Enum.any? replaces != [])
• getTeamMembers nil guard to prevent panic on missing Core config entry
• Core tenant isolation: tenant_id filter enforced in event store query engine

Full Changelog: v0.17.2...v0.17.3

What's Changed

Event-Sourced Billing via Core

• Control Plane now writes billing.* events to Core on every LemonSqueezy webhook, making subscription state durable and auditable
• Query Service reads billing state from Core events via new GET /api/billing/status endpoint — no LemonSqueezy secrets needed on QS
• Configurable tier resolution via LEMON_SQUEEZY_VARIANT_MAP env var (reverse lookup by variant name or ID, with hardcoded fallback)
• Frontend apiClient gets getBillingStatus() method and BillingStatus type

LemonSqueezy Cleanup

• Removed all LemonSqueezy code from Query Service (dead webhook handler, schema, config, tests)
• Billing is now exclusively a Control Plane concern — QS only reads from Core
• Cleaned fly.toml, Dockerfile, and config files of LEMON_SQUEEZY_* references

Infrastructure

• Bumped Elixir 1.17 → 1.18 across CI workflows, Dockerfiles, and security scanning
• Added req dependency to QS (fixes --warnings-as-errors with JWKS auth plug)
• Fixed golangci-lint errors: goconst, errcheck, misspell
• Removed deprecated baseUrl from web tsconfig.json (TypeScript 6.0 compat)

Documentation

• New docs/current/BILLING_ARCHITECTURE.md with C4 container diagram and sequence flows
• Updated docs/LEMONSQUEEZY_SETUP.md to reflect event-sourced flow
• Updated C4 architecture mermaid diagrams (added Auth Service, LemonSqueezy, billing relationships)
• PRDs: prd-event-sourced-billing.md, prd-remove-lemonsqueezy-from-qs.md

Testing

• 15 new billing tests (10 CP unit, 5 QS unit)
• CP: tier resolution, tenant ID extraction, Core event writing, nil safety
• QS: state derivation from events, tier quotas, edge cases

Chronis

• Prime memory integration with ADR
• Projection idempotency fix (duplicate task.created events from sync no longer overwrite later state)
• Bumped allsource-core dependency to 0.17.1

Full Changelog: v0.17.1...v0.17.2

• release: v0.17.0 — AllSource Prime unified agent memory engine (5ae9c10)
• fix(prime): use rust:slim as runtime base to match glibc version (2c2b6b4)
• fix(prime): Dockerfile copies workspace root for dependency resolution (8ae48a0)
• chore: gitignore fastembed model cache (87MB ONNX blobs) (2876cba)
• docs(prime): full documentation, blog posts, marketing pages, and deployment config (b4bf723)
• feat(web): add Prime Interactive Playground to Demo Zone (1468eea)
• feat(prime): ecosystem integration — CI, Docker, Core HTTP proxy (9918fe1)
• fix(prime): pass quality-rust gates — fmt, clippy, integration test fixes (40d0364)
• feat(prime): implement AllSource Prime — unified agent memory engine (e5287dc)
• Merge pull request #115 from all-source-os/feat/recharts-v3-migration (b828cdd)
• deps(npm): bump recharts from 2.15.x to 3.8.0 (d083317)
• docs: archive completed proposals, add Prime PRDs and zer0dex analysis (fa43e4f)
• fix(rust): clippy lint fixes for core_nif, SDK client, and SDK tests (9f9d491)
• Merge pull request #110 from all-source-os/dependabot/github_actions/github-actions-3b988ea8b5 (ecca05c)
• Merge pull request #96 from all-source-os/dependabot/hex/apps/query-service/elixir-query-service-af97bc37db (b46aa44)
• Merge branch 'main' into dependabot/hex/apps/query-service/elixir-query-service-af97bc37db (ab03a24)
• Merge branch 'main' into dependabot/github_actions/github-actions-3b988ea8b5 (7be27ea)
• style(query-service): format Elixir test files (e78ff34)
• Merge branch 'main' into dependabot/hex/apps/query-service/elixir-query-service-af97bc37db (f75b839)
• Merge branch 'main' into dependabot/github_actions/github-actions-3b988ea8b5 (0ef6ce6)
• fix(query-service): Elixir tests fail in community mode (bb97525)
• fix(rust): workspace lints, unsafe_code deny, dep cleanup (b37e305)
• Merge branch 'main' into dependabot/hex/apps/query-service/elixir-query-service-af97bc37db (6f337d8)
• Merge branch 'main' into dependabot/github_actions/github-actions-3b988ea8b5 (26b49af)
• Merge pull request #111 from all-source-os/dependabot/cargo/rust-minor-patch-e758bba57d (3ea38ac)
• Merge pull request #99 from all-source-os/dependabot/cargo/rustler-0.37.2 (d539f0f)
• Merge pull request #94 from all-source-os/dependabot/npm_and_yarn/npm-minor-patch-dd84f991c6 (20e23a8)
• Merge pull request #93 from all-source-os/dependabot/hex/apps/mcp-server-elixir/elixir-mcp-server-9c35828abc (d9825ae)
• Merge pull request #92 from all-source-os/dependabot/go_modules/apps/control-plane/go-all-2ae97ed439 (9efa8cb)
• deps(rust): bump the rust-minor-patch group across 1 directory with 7 updates (438cb0f)
• ci(deps): bump the github-actions group across 1 directory with 8 updates (d1bd1ed)
• deps(elixir): bump the elixir-query-service group (2950cbf)
• deps(npm): bump lucide-react in the npm-minor-patch group (76ade16)
• deps(elixir): bump the elixir-mcp-server group (7deaed8)
• deps(go): bump the go-all group in /apps/control-plane with 4 updates (f4b4681)
• deps(rust): bump rustler from 0.36.2 to 0.37.2 (3d1c5da)

What's Changed

• deps(go): bump the go-all group in /apps/control-plane with 4 updates by @dependabot[bot] in #92
• deps(elixir): bump the elixir-mcp-server group in /apps/mcp-server-elixir with 2 updates by @dependabot[bot] in #93
• deps(npm): bump lucide-react from 0.576.0 to 0.577.0 in the npm-minor-patch group by @dependabot[bot] in #94
• deps(rust): bump rustler from 0.36.2 to 0.37.2 by @dependabot[bot] in #99
• deps(rust): bump the rust-minor-patch group across 1 directory with 7 updates by @dependabot[bot] in #111
• deps(elixir): bump the elixir-query-service group in /apps/query-service with 3 updates by @dependabot[bot] in #96
• ci(deps): bump the github-actions group across 1 directory with 8 updates by @dependabot[bot] in #110
• deps(npm): bump recharts from 2.x to 3.8.0 by @decebal in #115

New Contributors

• @decebal made their first contribution in #115

Full Changelog: v0.16.0...v0.17.0

• release: v0.16.0 — open-core licensing, feature gating, dual Docker builds (2c3319c)
• chronis: sync +287 events (c656857)
• fix: shorten keyword to satisfy crates.io 20-char limit (b271403)
• feat: prepare allsource-mcp for crates.io publishing (closes #108) (f53120c)

Full Changelog: v0.14.8...v0.16.0

• fix(ci): exclude tooling crates from workspace to fix Docker build (12088ee)
• release: v0.14.8 — workspace lints, clippy pedantic, allsource-inspect CLI (85a0f59)

Full Changelog: v0.14.7...v0.14.8

What's New

allsource-inspect CLI

• Rust binary in tooling/allsource-inspect/ that reads Parquet files and WAL logs directly from disk
• Filters by entity_id, event_type, time range; outputs JSON
• Links against allsource-core embedded API — no server process needed

allsource-mcp (Rust stdio MCP server)

• Lightweight Rust MCP server in tooling/allsource-mcp/ using stdio transport
• Wraps EmbeddedCore in read-only mode, points at a --data-dir
• 8 debugging tools: query_events, sample_events, quick_stats, get_snapshot, event_timeline, explain_entity, reconstruct_state, analyze_changes
• Zero Elixir/NIF dependency — pure Rust, works with Claude Code out of the box

Claude Code skills & docs

• allsource-debug skill: inspect projections, query events by entity, trace replay, diagnose stale state
• allsource-data-access skill: reading WAL vs Parquet, storage layout, event schemas
• allsource-mcp-setup skill: configure MCP server for local debugging
• STORAGE_FORMAT.md: WAL binary format (JSON Lines + CRC32), Parquet schema (Arrow columnar), file layout
• PROJECTION_DEBUGGING.md: worked examples for diagnosing stale projections, missing events, duplicates

Other improvements

• Durable API key storage: event-sourced auth repository persists keys to __system stream, survives restarts via WAL/Parquet recovery
• Docker cache optimization: reorder Dockerfile stages so version bumps don't invalidate cargo-chef cook layer
• Clippy fixes: let-chain syntax for collapsible_if in auth.rs

Closes #105.

• release: v0.14.6 — native backup/restore API on EmbeddedCore (closes #102) (d774349)
• fix(chronis): add rust-version = 1.92 for cleaner MSRV error (closes #90) (e4150b0)
• fix(ci): align testcontainers versions to fix Clippy (closes Rust Quality Gates) (e0d3fd1)
• chore: harden release skill guardrails, optimize Core Docker cache (71fb58f)

Full Changelog: v0.14.5...v0.14.6

• release: v0.14.5 — surface Parquet restore errors on startup (closes #101) (e9ab395)
• fix(ci): format Elixir test file for CI check (64c1582)

Full Changelog: v0.14.4...v0.14.5

• release: v0.14.4 — force HTTP/1.1 for WebSocket connections (closes #100) (87573fb)
• fix(ci): fix registry Dockerfile COPY path for new build context (0d87027)

Full Changelog: v0.14.3...v0.14.4

Fixes

• Fix GET /api/v1/auth/me returning 500 in dev mode and API key auth (#91) — me_handler now synthesizes identity from JWT claims when no user record exists, supporting dev mode and API key authentication
• Fix Docker builds for Core and Registry — missing workspace member stubs caused cargo chef prepare and cargo build to fail in CI

Improvements

• Isolate Registry from root Cargo workspace — apps/registry and crates/better-auth-allsource are now excluded from the workspace (like apps/chronis), so adding new workspace members never breaks other apps' Dockerfiles
• Simplify Core Dockerfile: only stubs actual workspace members
• Simplify Registry Dockerfile: standalone build with own Cargo.lock, no stubs needed
• Fix Elixir compiler warnings and credo strict issues

Upgrade

docker pull ghcr.io/all-source-os/chronos-core:0.14.3
docker pull ghcr.io/all-source-os/chronos-query-service:0.14.3