Skip to content

v3.1.9

@RyjoxTechnologies RyjoxTechnologies tagged this 15 May 08:55
Follow-up to 3.1.8. Addresses the two remaining cloud-side items from
the May 2026 audit.

  DELETE /v1/agents/{agent_id}?purge=true now does a real hard delete
  across five namespaces (runtime:agents, agents, metrics, auditv2,
  audit) and returns rows_deleted + by_namespace breakdown. Closes
  the GDPR/CCPA delete-on-request gap the auditor flagged.

  POST /v1/agents/{agent_id}/decision now mirrors every decision into
  the audit-v2 hash-chained ledger, returning audit_v2_row_id in the
  response. Previously the SDK log_decision() wrote a legacy audit:*
  row without a hash chain, so the README's "tamper-evident" claim
  wasn't true on the default code path. Now it is — every decision
  is provably part of the per-agent hash chain, verifiable via
  GET /v1/auditv2/verify-chain.

Regression: 29/29 unit tests + 6/6 smoke pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Assets 2
Loading