Skip to content

AGP Community Edition v0.0.9

Choose a tag to compare

@getraksha-ops getraksha-ops released this 17 Jun 06:10

AGP Community Edition v0.0.9 (private test release)

Pre-release build for private testing. The first public release will be v0.1.0.

New since v0.0.8

  • Every service now reports its version. agp status shows the running version of each service, and a new agp version command prints the CLI version alongside a service→version table — read live from each service's /health/live. Each service's health endpoints (/health/live and /health/ready) now carry service and version on a uniform contract, so version skew across a running stack is obvious at a glance. A service built from source or running an older build reports dev/- rather than failing the command.

Fixed since v0.0.8

  • Denied requests are now attributable to the agent. When a bridge presented an expired, stale, or revoked token, the Proxy logged the denial with an empty agent_id — so you couldn't tell which agent's bridge was failing without lsof. The Identity service now returns the identity the rejected token claimed, and the Proxy records it on the denial (both the access log and the audit event). These values are clearly scoped to the denied request and are never used for authorization — attribution only.
  • Orphaned bridges no longer linger. When an MCP client (Codex, Claude Desktop) exits without cleanly closing the bridge's stdio, the bridge could keep running for hours and quietly retry against the Proxy. Bridges now detect that their launching parent has gone away and exit on their own, in addition to the existing clean-disconnect (stdin EOF) path.
  • Bridges recover from token invalidation. A bridge whose token went stale or expired (for example after an agent was suspended and reactivated) could keep retrying the dead token until its next scheduled refresh (~15 min). The bridge's tools/list watcher now refreshes on a 401 and recovers on the next poll, matching the request-forwarding path — so a recoverable token heals in seconds, not minutes.
  • Quieter logs. The bridge's tools/list change-detection poll dropped from every 15s to every 60s, cutting routine Proxy log volume from idle bridges.

Changed: all components (every service stamps its version). The denial-attribution and bridge fixes additionally touch agp-identity, agp-proxy, and the agp CLI.

Upgrading from v0.0.8

agp fetch all       # macOS/Linux
agp restart all

The bridge fixes (orphan exit, token recovery, quieter polling) and agp version ship in the agp CLI itself, so re-install the CLI to pick them up:

curl -fsSL https://raw.githubusercontent.com/getraksha/agp/main/install.sh | sh   # macOS/Linux

On Windows, agp fetch all then agp restart all (re-install the CLI for the latest agp binary: irm https://raw.githubusercontent.com/getraksha/agp/main/install.ps1 | iex).

Install

  • macOS / Linux: curl -fsSL https://raw.githubusercontent.com/getraksha/agp/main/install.sh | sh
  • Windows (PowerShell): irm https://raw.githubusercontent.com/getraksha/agp/main/install.ps1 | iex

Then agp init · agp fetch all · agp start all · agp setup --agent-id my-agent --client claude-desktop.

Platforms

macOS (arm64, amd64) · Linux (amd64, arm64) · Windows (amd64, arm64)

Verify

All assets are listed with SHA-256 checksums in SHA256SUMS and manifest.json; the CLI and install scripts verify checksums automatically.