Skip to content

v1.0.0 — Stable GA

Choose a tag to compare

@jiashuoz jiashuoz released this 25 Jun 01:37
65d02e6

e2a v1.0.0 is the first generally-available release. The /v1 HTTP API is now a stable, frozen contract.

What GA means

  • No breaking changes within /v1 — endpoints, fields, and semantics are stable. Anything that must change goes to a future /v2 with a migration window.
  • Forward-compatible by design — response enums (event types, delivery/review status, etc.) are open: new values can be added without breaking strict clients. Clients must tolerate unknown values. See the versioning & stability policy.
  • One consistent error envelope, cursor pagination on every list, idempotency keys on unsafe mutations, and GET /v1/info for version/capability discovery.

Surface

Authenticated email for AI agents: SPF/DKIM-verified inbound mail, HMAC-signed delivery, webhook + WebSocket fan-out, a HITL review queue (/v1/reviews), domain sending identities, and per-account suppression.

Clients

  • Hosted API: https://api.e2a.dev
  • TypeScript SDK @e2a/sdk 3.0.0 · Python SDK e2a 3.0.0 (SDK majors version independently of the API; both target API v1)
  • CLI @e2a/cli 1.5.0 · MCP https://api.e2a.dev/mcp

Security hardening in this release

  • Per-IP rate limiters key only on the edge-set client IP (no X-Forwarded-For spoofing).
  • Outbound SMTP enforces TLS in production; PLAIN auth is never sent over cleartext.

Self-hosting runs the same ghcr.io/mnexa-ai/e2a:1.0.0 image (cosign-signed); convenience features on the hosted side are config + DNS, not closed-source.