AGP Community Edition v0.0.9
AGP Community Edition v0.0.9 (private test release)
Pre-release build for private testing. The first public release will be v0.1.0.
New since v0.0.8
- Every service now reports its version.
agp statusshows the running version of each service, and a newagp versioncommand prints the CLI version alongside a service→version table — read live from each service's/health/live. Each service's health endpoints (/health/liveand/health/ready) now carryserviceandversionon a uniform contract, so version skew across a running stack is obvious at a glance. A service built from source or running an older build reportsdev/-rather than failing the command.
Fixed since v0.0.8
- Denied requests are now attributable to the agent. When a bridge presented an expired, stale, or revoked token, the Proxy logged the denial with an empty
agent_id— so you couldn't tell which agent's bridge was failing withoutlsof. The Identity service now returns the identity the rejected token claimed, and the Proxy records it on the denial (both the access log and the audit event). These values are clearly scoped to the denied request and are never used for authorization — attribution only. - Orphaned bridges no longer linger. When an MCP client (Codex, Claude Desktop) exits without cleanly closing the bridge's stdio, the bridge could keep running for hours and quietly retry against the Proxy. Bridges now detect that their launching parent has gone away and exit on their own, in addition to the existing clean-disconnect (stdin EOF) path.
- Bridges recover from token invalidation. A bridge whose token went stale or expired (for example after an agent was suspended and reactivated) could keep retrying the dead token until its next scheduled refresh (~15 min). The bridge's
tools/listwatcher now refreshes on a401and recovers on the next poll, matching the request-forwarding path — so a recoverable token heals in seconds, not minutes. - Quieter logs. The bridge's
tools/listchange-detection poll dropped from every 15s to every 60s, cutting routine Proxy log volume from idle bridges.
Changed: all components (every service stamps its version). The denial-attribution and bridge fixes additionally touch agp-identity, agp-proxy, and the agp CLI.
Upgrading from v0.0.8
agp fetch all # macOS/Linux
agp restart allThe bridge fixes (orphan exit, token recovery, quieter polling) and agp version ship in the agp CLI itself, so re-install the CLI to pick them up:
curl -fsSL https://raw.githubusercontent.com/getraksha/agp/main/install.sh | sh # macOS/LinuxOn Windows, agp fetch all then agp restart all (re-install the CLI for the latest agp binary: irm https://raw.githubusercontent.com/getraksha/agp/main/install.ps1 | iex).
Install
- macOS / Linux:
curl -fsSL https://raw.githubusercontent.com/getraksha/agp/main/install.sh | sh - Windows (PowerShell):
irm https://raw.githubusercontent.com/getraksha/agp/main/install.ps1 | iex
Then agp init · agp fetch all · agp start all · agp setup --agent-id my-agent --client claude-desktop.
Platforms
macOS (arm64, amd64) · Linux (amd64, arm64) · Windows (amd64, arm64)
Verify
All assets are listed with SHA-256 checksums in SHA256SUMS and manifest.json; the CLI and install scripts verify checksums automatically.