Skip to content

v0.5.0

Choose a tag to compare

View all tags
@john-broadway john-broadway released this 19 Jun 05:59
v0.5.0
cc99d6f

0.5.0 — three additive, backward-compatible features:

  • SIGNET — signed A2A agent cards. Opt-in ES256/JWS signatures over the AgentCard (RFC 8785 canonicalization), operator public key published as a JWKS at /.well-known/jwks.json. alg pinned to ES256 on signer and verifier — HS256 algorithm-confusion is structurally refused. Ships verifier_for_jwk, a client-side pinned verifier that resists key substitution by a MITM.
  • pve_task_wait — block until an async Proxmox task (migrate / backup / restore / clone / rollback / snapshot+guest create) reaches a terminal state or a timeout, returning a structured, fail-closed result. Read-only. (Proximo's native UPID model — not the removed MCP Tasks protocol.)
  • Blast-radius op-class #5 — storage nodes-restrict. pve_storage_update with a restricted nodes list now NAMES the guests it would strand (excluded-node guests with a disk on the storage), mirroring the storage-delete class.

Tool surface 144 → 145; 2308 tests, ruff + pyright clean. Full notes in CHANGELOG.md.

Assets 2
Loading