Release 1.0.0

ASIBackbone 1.0.0

ASIBackbone 1.0.0 is the first stable release of the ASIBackbone .NET package family.

In this project, ASI means Accountable Systems Infrastructure. ASIBackbone is governance infrastructure for accountable decision flow. It does not implement artificial superintelligence, host AI models, control robots, or guarantee legal or regulatory compliance.

Release identity

Field	Value
Package version	1.0.0
Release tag	v1.0.0
Assembly version	1.0.0.0
File version	1.0.0.0
Citation version	1.0.0
Zenodo metadata version	1.0.0

No preview or -alpha suffix is expected for the stable package artifacts.

Highlights

This release stabilizes the initial ASIBackbone package family around a practical governance spine:

Intent or request
  -> policy context
  -> constraint evaluation
  -> governance decision
  -> optional acknowledgment
  -> audit residue or ledger record
  -> optional capability boundary
  -> host-owned execution

The 1.0.0 release provides the initial stable foundation for:

• framework-neutral governance primitives;
• actor context modeling;
• constraint evaluation;
• governance decision outcomes;
• operation result handling;
• audit residue and ledger contracts;
• acknowledgment and responsibility-handshake workflows;
• capability-token abstractions;
• ASP.NET Core host integration;
• in-memory validation storage;
• EF Core host-owned persistence support.

Stable package family

Package	Stable role
CDCavell.AsiBackbone.Core	Framework-neutral governance primitives, decisions, constraints, audit contracts, acknowledgment contracts, capability-token abstractions, and operation results.
CDCavell.AsiBackbone.Storage.InMemory	Non-durable in-memory audit sink and ledger helpers for tests, samples, and local validation.
CDCavell.AsiBackbone.EntityFrameworkCore	EF Core model configuration and audit ledger persistence through a host-owned DbContext.
CDCavell.AsiBackbone.AspNetCore	Thin ASP.NET Core host adapters for actor context, request correlation, HTTP result mapping, and acknowledgment challenge support.

Future or provider-specific packages are not automatically part of the 1.0.0 stable contract unless they are explicitly released as stable.

What changed since the alpha line

Core governance primitives

The Core package now provides the shared public language for governed decision flow, including:

• actor context primitives for human, service, agent, system, and unknown actors;
• constraint evaluation contracts and result shapes;
• governance decision outcomes for allowed, warning, denied, deferred, acknowledgment-required, and escalation-recommended states;
• operation result primitives with reason codes and warnings;
• audit residue contracts and decision-derived audit residue helpers;
• audit ledger record shape and storage contract;
• acknowledgment and responsibility-handshake primitives;
• capability-token abstractions for scoped, time-bound permission boundaries;
• policy version, policy hash, correlation ID, trace ID, and schema-version fields where relevant.

Policy evaluator pipeline

The default evaluator provides a framework-neutral way to compose constraint results into governance decisions.

Hosts can define their own constraints and optionally apply a decision policy after constraint composition. The evaluator remains independent of ASP.NET Core, EF Core, AI model packages, robotics packages, and host templates.

Storage and persistence

The package family includes two storage-related paths:

• CDCavell.AsiBackbone.Storage.InMemory for non-durable tests, samples, and local validation;
• CDCavell.AsiBackbone.EntityFrameworkCore for host-owned persistence using EF Core model configuration and ledger storage helpers.

The EF Core package does not own the host database. The host owns the DbContext, provider, connection string, migrations, deployment, retention, access controls, and operational lifecycle.

ASP.NET Core adapters

The ASP.NET Core package provides thin host adapters for web applications. It helps translate HTTP request context into Core-compatible governance context and translate Core outcomes into HTTP-friendly shapes when explicitly used by the host.

It does not register authentication, authorization, MVC, Razor Pages, Minimal API endpoints, EF Core, policy evaluators, persistence stores, middleware enforcement, UI rendering, or external execution behavior by default.

Validation

The 1.0.0 release path includes package-shaped validation intended to confirm downstream consumer readiness.

Validation includes:

• release package generation;
• package version consistency validation;
• generated .nupkg metadata validation;
• external consumer smoke-test validation;
• restore and package consumption from a local NuGet source;
• verification that a clean external xUnit project can consume the package family without repository project references.

This validation is a package-consumer confidence check. It is not a production host template.

Compatibility

After 1.0.0, stable packages are expected to follow Semantic Versioning:

• patch releases fix defects without intentionally breaking stable public APIs;
• minor releases may add compatible APIs, options, adapters, and behavior;
• major releases are reserved for breaking changes;
• preview packages or preview APIs may change before being promoted to stable.

The stable API surface includes public types, public members, documented extension points, documented service-registration methods, and stable persisted or serialized artifact shapes that are explicitly documented as stable.

Internal implementation details, samples, generated smoke-test hosts, local validation scripts, and preview provider packages are not part of the same compatibility promise unless they are explicitly documented as stable.

Privacy and signing boundaries

The 1.0.0 release includes signing-ready fields such as policy version, policy hash, schema version, timestamps, correlation IDs, and record IDs. These fields support future signing and verification providers, but they do not create cryptographic protection by themselves.

1.0.0 does not provide built-in signing, key management, tamper-evident storage, privacy classification, or compliance guarantees.

Consumers should review the project documentation before using audit records or metadata in production systems.

Known limitations

This first stable release intentionally keeps several responsibilities outside the package boundary:

• no built-in AI model hosting, training, inference, or orchestration;
• no robot or physical-system control implementation;
• no built-in signing provider or key-management provider;
• no built-in tamper-evident ledger or immutable storage provider;
• no package-owned database lifecycle or migrations;
• no automatic metadata classification, redaction, tokenization, encryption, or privacy scanning;
• no legal, regulatory, audit-framework, or compliance certification;
• no replacement for host authentication, authorization, claims transformation, or endpoint protection;
• no automatic enforcement middleware that executes or blocks host operations without host code;
• no guarantee that in-memory storage is durable or production-safe.

These are intentional boundaries. The package is designed to keep consequential execution and operational policy under host control.

Upgrade notes from alpha packages

Consumers moving from alpha versions should review:

• namespace and package references;
• documented public API names;
• host-owned EF Core setup and migrations;
• ASP.NET Core service registration and options;
• audit record schema-version expectations;
• metadata privacy and signing boundaries;
• external consumer smoke-test guidance.

Because alpha packages may have changed before 1.0.0, consumers should test upgrades in a development environment before using the stable package line in production.

Related documentation

• 1.0.0 Quickstart
• 1.0.0 Release Readiness Checklist
• API Compatibility and SemVer
• Schema Versioning
• Privacy and Signing Boundaries
• EF Core Host Ownership and Migrations
• ASP.NET Core Integration Boundary