v1.28.1 — Phase 4 Enterprise Hardening Complete

Phase 4 Enterprise Hardening — Complete Release

This release consolidates all Phase 4 work (v1.25.1 through v1.28.1) into a single verified baseline.

Highlights

Operator Control Plane

• 12 authenticated REST API endpoints under /api/operator/
• Self-contained HTML dashboard at /dashboard with real-time metrics
• Archive CSV export + download with path-traversal protection
• Settlement Telegram commands (/settlement, approve, deny)

Enterprise Hardening

• 26 CI-enforced architecture invariant tests (blocking gate)
• Automated retention pruning (6h) + nightly data cleanup
• Rate limit: 60/min localhost, 10/min external
• Telemetry auto-recording (hourly snapshots)
• Workflow + Pipeline SQLite persistence

Unified Policy Boundary

• 5/9 callers migrated to evaluate_runtime_action()
• RuntimePolicyDecision enriched with resolved_policy + policy_metadata
• Gateway, review, build callers routed through unified boundary

Production Fixes

• /api/operator/report wiring fix (was passing wrong args to OperatorReportService)
• Memory injection: provenance/kind filtering, truthful framing
• Structured 400 responses on all operator API query params
• Pipeline control_plane_state → control_plane fix
• Archival: deployment-safe paths, no host filesystem leak

Payment Settlement Foundation

• Service wired into orchestrator with API endpoint
• Telegram approve/deny surface
• Foundation-level: no auto-retry loop, in-memory state, no dashboard UI yet

Stats

• 1608 tests pass, 4 skipped
• ~2500 lines of new production code
• 57 new tests across operator API, dashboard, settlement, archival
• 15 files modified in core agent

Full Changelog

See CHANGELOG.md for detailed per-version breakdown (v1.25.1 → v1.28.1).