Changelog pubblico
Changelog
Le modifiche visibili a utenti e sviluppatori sono registrate qui. Cambiamenti di prodotto, SDK, API, connector, verifier, witness, Local Vault e documentazione che impattano utenti esterni devono aggiornare questa pagina.
Politica documentazione
docs.attesto.eu pubblica solo materiale pubblico per utenti e sviluppatori. Procedure interne di control-plane, runbook infrastrutturali, credential handling e diagnostics privati restano fuori da questo sito.
2026-06-14
| Status | Cambiamento | Riepilogo |
|---|---|---|
| Updated | Tenant signup subscriptions | Tenant signup ora richiede la scelta Starter, Growth o Realtime, registra l'onboarding intent, invia una branded welcome email e avvia Stripe Checkout per la tenant trial configurata di 30 giorni. Billing docs e API references descrivono lo stesso flow. |
| Updated | Parità docs e codebase | Le docs pubbliche sono allineate con i contratti attuali di API, connectors, Local Vault, SDK, CLI e regulatory evidence. Python, TypeScript, Go e CLI sono first-class developer surfaces; le famiglie di route connector e Local Vault sono documentate con precisione; l'evidenza di logging Article 12 è spiegata come supporto al lavoro di trasparenza Article 13 senza rivendicare conformità legale. |
| Corrected | Docs Gateway, MCP, OTel e n8n | Le docs developer-surface e implementation-recipe ora usano i veri flag attesto-gateway, configurazione MCP esplicita ATTESTO_BASE_URL, nomi attuali dei tool MCP, nomi delle opzioni allowlist OTel e il comportamento action/trigger n8n implementato dai packages. |
2026-06-12
| Stato | Cambiamento | Riepilogo |
|---|---|---|
| Fixed | Docs navigation and mobile sidebar | Le pagine documentation mantengono le route canoniche inglesi in inglese, preservano route localizzate equivalenti quando si cambia lingua e mostrano la sidebar dei manuali come vero hamburger drawer su telefoni e tablet senza cambiare il layout desktop. |
| Updated | SDK and verifier package versions | La documentazione SDK riflette la famiglia release corrente 0.4.0 per Python, TypeScript, Go e CLI; gli esempi Go usano go.attesto.eu/sdk e i verifier reports usano verifierVersion: 0.4.0. |
| Expanded | Docs Article 12, companion packages e SDK test harness | SDKs e Implementation Recipes spiegano ora la promessa “Voldoe aan Artikel 13 met 1 regel code” come supporto tecnico probatorio: una riga di integrazione può avviare capture di evidence verifier-ready per il lavoro di trasparenza, mentre la conformità legale resta responsabilità del cliente. Le docs coprono anche attestedFetch, attesto-mcp, attesto-local-vault, n8n-nodes-attesto e la phase-gated witness package boundary. |
| Expanded | Gateway, MCP, and n8n implementation recipes | Implementation Recipes documenta Attesto Inference Gateway, Attesto MCP server e il nodo n8n-nodes-attesto come superfici developer pubbliche, incluse production base URL, capture mode, secret boundaries ed evidence behavior. |
2026-06-08
| Stato | Modifica | Riassunto |
|---|---|---|
| Hardened | Language content parity | Tutte le route lingua pubblicano il body completo canonico di manuals e changelog; il contract verifica hashes, headings, code examples, tables, trust boundaries e copertura per sette lingue. |
| Added | Full localized manual routes | I manuals esistono su /languages/{lang}/manuals/...; il language selector conserva il manual corrente e i contract falliscono se manca una localized route. |
| Added | Truth Package lifecycle verification | Tenant export ZIP generation è Proof of Evolution evidence; packages includono attesto.truth-package.manifest.json, ZIP hashes come truth_package.generated e downloads come truth_package.accessed. |
| Hardened | Truth Package verified events | Dopo CLI verification, tenant API valida report, package hash, manifest hash e artifact count prima di registrare truth_package.verified; la lane service-backed prova generation, access, verification e Merkle inclusion. |
| Clarified | Release evidence boundaries | Il dossier v1 frozen è storico; la readiness Attesto 2.0 corrente si valuta con release/attesto-2.0-production-readiness/manifest.json e contract release/total-evidence verdi. |
| Added | Public status page contract | status.attesto.eu è una trust surface pubblica con database status proprio e solo public probe results; niente tenant data, raw logs, provider payloads, secrets o admin diagnostics. |
| Improved | Status uptime ticker bars | La pagina status mostra 90-day health bars, uptime, latency, HTTP expectation, probe interval e timezone; admin control panel escluso dal pubblico. |
| Hardened | Marketplace developer onboarding and trials | Marketplace mostra developer signup/signin e plans Free/Verified/Professional/Partner in alto; prezzi e trials vengono dal backend, tenant checkout mostra trial 30-day. |
| Hardened | Marketplace publisher auth and reproducible Evidence Score | Developer accounts usano auth marketplace-only e sono respinti dal dashboard login; Evidence Score è deterministico, con criteria espliciti e senza marketing bonus. |
| Hardened | Marketplace developer account gate | Connector submission richiede marketplace developer account; free assets vanno in private review, paid assets richiedono paid tier e Stripe Connect readiness. |
| Added | Marketplace CLI publishing helpers | CLI supporta manifest creation, local validation, marketplace publisher submission e private-review submission contro API reali con output secret-safe. |
| Added | Marketplace developer subscription checkout | Publisher profiles possono avviare developer checkout e billing portal; Stripe webhooks aggiornano subscription state ed evidence senza esporre secrets o checkout IDs. |
| Added | Paid marketplace connector checkout | Paid connector acquisition crea Stripe Checkout Sessions con Connect transfer data e Attesto application fee; webhooks creano entitlements, ledger ed evidence. |
| Hardened | Marketplace refunds and payout reconciliation | Refunds verificati aggiornano ledger, invertono 75/25, chiudono entitlements refunded, revocano installs e bloccano artifact download; payouts riconciliano publisher ledger evidence. |
| Hardened | Marketplace review boundary | Publisher submissions sono private pending-review di default; le docs pubbliche descrivono il lifecycle publisher-facing, mentre Attesto review e publication restano private operator workflows con marketplace evidence e platform audit entries. |
| Added | Marketplace Stripe Connect payout onboarding | Publisher profiles avviano Stripe Connect payout onboarding e status refresh; frontend riceve solo Stripe-hosted URL e safe payout status fields. |
2026-06-07
| Stato | Modifica | Riassunto |
|---|---|---|
| Expanded | Marketplace install lifecycle evidence | Marketplace supporta tenant-scoped install update, entitlement revoke, reacquire/reinstall e receipt lookup; tests coprono CSRF recovery, gating, idempotency, revoke e reactivation. |
| Added | Marketplace publisher profile evidence | Publishers possono creare, leggere e aggiornare profile via API/UI; create e display-name updates scrivono evidence receipts. |
| Added | Attesto Marketplace documentation and production gate | Marketplace guide e readiness contract coprono manifests, acquisition, installation, downloads, publisher validation, evidence, security boundaries, frontend build policy e deployment labels. |
| Added | first-class Go SDK and Attesto CLI | Go SDK e CLI usano lo stesso Proofstream protocol, production API origin, golden vectors e verifier matrix di Python e TypeScript. |
| Expanded | SDK parity across Python, TypeScript, Go, and CLI | Python e TypeScript supportano tenant/operator bearer mode e backend methods per streams, events, windows, checkpoints, fork evidence, connectors e Local Vault. |
| Hardened | SDK and CLI release gates | Contracts, verifier matrix, dependency security, registry readiness, CI e manifest hashing includono Go e CLI; version parity obbligatoria. |
| Added | certification readiness guide | Guide per ISO/IEC 27001, SOC 2 Type II, ISO/IEC 27701, Cyber Essentials Plus, NEN 7510, ENSIA/BIO ed eIDAS 2.0 alignment senza certification claims. |
| Added | public Security Management guide | Trust-center guide su ISMS scope, risk/asset/supplier/incident registers, audit plan, management review, evidence sources e claim boundaries senza record privati. |
| Added | guide category filtering, favicon, and ISO alignment evidence | Docs homepage con category filter, favicon Attesto e ISO/IEC 27001 audit-readiness alignment; pipeline con ISO alignment pack e guardrail. |
| Expanded | documentation hub depth | Docs con explorer collapsible stile Stripe, guide-card tags e Implementation Recipes per SDKs, API, Proofstream, verification, webhooks, connectors, Local Vault e rollout. |
| Released | Python SDK on PyPI | Package Python attesto disponibile su PyPI come 0.2.0; install smoke conferma imports e default https://verify.attesto.eu. |
| Released | TypeScript SDK on npm | @attesto/sdk disponibile su npm come 0.2.0; 0.1.0 con maps rimosso, artifacts attuali limitati a runtime JS, declarations, README e metadata. |
| Added | CLI and Go SDK roadmap | CLI e Go SDK sono official production surfaces; public install commands attendono real behavior, tests, artifact policy, smoke, readiness, docs e changelog evidence. |
| Defined | package naming strategy | Namespace ufficiale per SDKs, verifier, Local Vault, witness e connectors documentato; niente placeholders vuoti dead-end. |
| Hardened | SDK package release metadata | Python è attesto, TypeScript @attesto/sdk; public packages senza sourcemaps, source, tests, caches, archives, frontend bundles, API keys o secret-like material. |
| Added | SDK registry readiness gate | Gate verifica metadata pubblica PyPI/npm per dichiarare developer distribution completa solo quando install commands risolvono current release versions. |
| Released | Stripe live billing cutover | Billing server-side in live Stripe mode; prices allineati a tenant upgrade flow, webhook attivo e secrets/object IDs/payment payloads fuori da docs, frontend e reports. |
| Expanded | Stripe-style adoption paths | Docs home come user manual, developer portal e trust center con Developer, Architect, Operator, Compliance e Research Paths. |
| Clarified | Nova circuit claim boundary | Primo Proof of Evolution circuit usa Poseidon state-root transition su committed Pallas scalar digests; semantic checks più forti restano limitati fino al successor circuit reviewed. |
| Added | active navigation and language selector | Navigation condivisa marca current tab e aggiunge language selector con browser detection, scelta locale e link a sette handbooks. |
| Added | category-defining docs structure | Docs attorno ad adoption path: Getting Started, Attesto 1.0, Attesto 2.0 Proofstream, Witness Plane, Verifier System, Local Vault/connectors, Proof of Evolution, Regulatory Evidence e Operators. |
| Added | trust center and verification docs | Manuals per verifier-first evidence, Trust Boundaries, Failure Modes, verifier bundles, verifier matrix, fork evidence, quorum e independent offline verification. |
| Added | multilingual public handbooks | Public handbooks per inglese, neerlandese, tedesco, francese, spagnolo, polacco e italiano; inglese resta canonical API/SDK contract language. |
| Hardened | docs HTTPS headers | docs.attesto.eu pubblica HSTS e security headers su HTML, assets e health responses; live smoke copre HTTPS-only behavior. |
| Expanded | developer implementation guides | Docs API, SDK, webhook, connector, Local Vault e Proofstream con request/response shapes, idempotency, signature verification, diagnostics, offline verifier behavior e safety boundaries. |
| Added | docs.attesto.eu production docs hub | Public static docs site con search, manuals, changelog policy, Docker image, Swarm routing, SSL via Traefik Let's Encrypt e contract contro contenuti internal o secret-like. |
| Added | Proofstream public documentation | Public guidance per receipts, windows, checkpoints, witness/quorum evidence, anchors, bundles, offline verification, SDK v2, connectors e Local Vault customer-edge usage. |