DocumentationChangelog

Changelog

Release history for the cPod platform and SDK packages (@cpod/sdk, cpod-sdk, cpod-sdk-go, Cpod.SDK). Follows Semantic Versioning and Keep a Changelog.

Upgrade policy — No breaking changes before v2.0.0. Minor versions add new optional fields and endpoints. Patch versions are bug fixes only.

v0.9.0 — 2026-05-21

OAuth 2.0 app-store engine — register apps, issue JWTs, PKCE flows, rotating refresh tokens.

Added

Sidecar

  • OAuth 2.0 engine — POST /oauth/token, GET /oauth/authorize, POST /oauth/introspect, POST /oauth/revoke (served by Control Plane at :8080, proxied via cpod-backend)
  • client_credentials grant — service-to-service token issuance (RS256 JWT, 1 h TTL)
  • authorization_code + PKCE grant — user-facing flows with S256 code challenge
  • refresh_token grant — rotating refresh chain; old token revoked on each use
  • JWKS endpoint — GET /api/v1/jwks on control plane for external JWT verification
  • Token event stream — GET /api/v1/token-events for issuance/revocation audit

Control Plane

  • POST /api/v1/apps — register an OAuth application; returns client_secret (argon2-hashed at rest, returned once)
  • POST /api/v1/apps/:id/rotate-secret — secret rotation with immediate invalidation of old credentials
  • DELETE /api/v1/apps/:id — revokes all active tokens for the app
  • POST /api/v1/scopes — define custom scopes with resource namespacing
  • App types: service (client_credentials), web (auth code), spa (PKCE, no secret), cli (device/PKCE)

SDKs

  • Python (cpod-sdk==0.9.0) — AsyncCpodClient.from_env(), full EDM domain access, typed Pydantic models
  • TypeScript (@cpod/sdk@0.9.0) — SDK.fromEnv(), full EDM service wrappers, typed error classes
  • Go (github.com/cpod-ai/cpod-sdk-go@v0.9.0) — cpod.FromEnv(), context-first API, functional options
  • .NET (Cpod.SDK@0.9.0) — CpodClient.FromEnv(), async/await, strong typed models

v0.8.0 — 2026-04-10

SCIM 2.0 federation and hash-chained audit log.

Added

  • SCIM 2.0 endpoints — /scim/v2/Users, /scim/v2/Groups for Okta/Azure AD/Google Workspace federation
  • AuditService.EmitAuditEvent — hash-chained audit records (sequence_id + previous_hash + record_hash)
  • AuditService.QueryAudit — query audit events by tenant, actor, resource, time range
  • Webhook delivery — outbound audit events to registered HTTP endpoints (HMAC-SHA256 signed)
  • TenantServiceResolveTenant, ValidateIsolation gRPC RPCs
  • Per-tenant Rego policy isolation — input.tenant_id namespacing in the default bundle

Fixed

  • Sidecar crash on malformed JWKS response from IdP — now logs warning and retains cached keys
  • gRPC connection pool exhaustion under high concurrency — increased pool size and added backpressure

v0.7.0 — 2026-02-28

Job engine, secrets service, PII masking.

Added

  • JobServiceSubmitJob, WatchJob (streaming), GetJobLogs, GetJobOutput, CancelJob
  • SecretsServiceResolveSecret with secret bundle + grant model; raw secret never logged
  • MaskingServiceMask (structured), MaskString — regex + NER-based PII detection
  • FlagServiceEvaluateFlag with tenant-scoped feature flags
  • RateLimitService — token-bucket CheckRateLimit, ResetRateLimit
  • inline_files support on job submission — mount content directly into job containers
  • secret_bundles on jobs — inject resolved secrets as files in the job container

v0.6.0 — 2026-01-15

Initial public release — gRPC sidecar with AuthService and PolicyService.

Added

  • CoreSDK Rust sidecar — gRPC on :50051, health on :9091
  • AuthServiceValidateToken, Authorize, RevokeToken, GetJwks
  • PolicyServiceEvaluate, DryRun, OPA/Rego via regorus engine
  • JWKS validation — RS256, ES256, PS256; rejects alg: none; ArcSwap<JwkCache> with 30 s background refresh
  • CORESDK_ENV=development mode — disables JWT validation for local dev
  • mTLS support — CORESDK_TLS_{CERT,KEY,CA}_FILE
  • Control Plane SQLite backend (default), Postgres and MongoDB options
  • Default RBAC Rego bundle — global_admin, tenant_admin, user, viewer roles

Upcoming v1.0.0 (planned 2026-Q3)

  • SAML SSOValidateSAMLAssertion gRPC RPC for enterprise IdP integration
  • Impersonation tokens — time-limited admin impersonation with full audit trail
  • Quota service — per-tenant resource quotas with QuotaService.CheckEntitlement
  • OTel traces — every gRPC call produces an OTLP trace span; export to Jaeger, Tempo, or any collector
  • License entitlementsLicenseService.CheckEntitlement for feature gating by plan
API Contract