v0.22.0 - NBA Team-Operator Demo

v0.22.0 - NBA Team-Operator Demo

Added

• Added a synthetic two-sovereign demo of the "team as operator" pattern: two
  team-shaped Network Authorities (BOS-NA, SAS-NA) recognize each other
  through a signed treaty and propagate a revocation across that boundary.
• Added public demo artifacts under examples/nba-demo-operators/ (signed
  genesis blocks, a validated trust bundle, the Connectome, and a redacted proof
  bundle).
• Added the docs/examples/nba-team-operators.md walkthrough and linked it from
  the adoption examples index.
• Linked the demo from the Aspayr NBA operator packet under ops/nba/ as its
  technical proof point.

Notes

• BOS-NA and SAS-NA are synthetic, locally generated demo sovereigns named
  after NBA cities to illustrate the operator pattern. They are not affiliated
  with, endorsed by, or operated by any NBA team, the NBA, or the NBPA, contain
  no real athlete data, and are deliberately kept out of the founding community
  operator cohort.

Changed

• Bumped the package version to 0.22.0.

Verified

• Ran the live proof remote flow between the two demo authorities, the Sphinx
  docs build with warnings as errors, the full pre-push hook stage, and the
  package build.

v0.21.2 - Operator Onboarding Status

v0.21.2 - Operator Onboarding Status

Added

• An "Onboarding and Initial Backers (proof pending)" section in the founding community operator documentation, recording that additional operators and backers are being onboarded and are preparing their own endpoints, treaties, and proof bundles.

Changed

• Made the verification gate explicit: a participant is named in the operator cohort only when public proof artifacts (a reachable sovereign endpoint, a signed treaty_id, and a redacted proof bundle) are committed under examples/.
• Bumped package metadata to 0.21.2.

Notes

• No organization, identity provider, or partner is named as an implementer or operator until its proof artifacts exist. This keeps the registry aligned with the external-operator proof workflow rather than asserting unverified adoption.

Verified

• Sphinx docs (warnings-as-errors), full pre-push hooks (mypy, compileall, sphinx, pytest), and package build passed.

v0.21.1 - RFC Prior Art and Design Lineage

v0.21.1 - RFC Prior Art and Design Lineage

Added

• docs/rfcs/prior-art.md mapping each RFC to the established public standards it generalizes — X.509/PKI (RFC 5280), Ed25519 (RFC 8032), W3C DIDs/VCs, SAML 2.0 federation, OpenID Federation 1.0, OCSP (RFC 6960), Certificate Transparency (RFC 9162), DNS-SD/mDNS (RFC 6762/6763), OAuth 2.0 scopes, capability tokens, SPIFFE, PKI path building (RFC 4158), PGP web-of-trust, and managed PKI / RA delegation.
• A contrast section explaining how sovereign recognition differs from federated identity: no permanent center, portable recognition, cross-boundary revocation, and coordination without control.

Changed

• Linked the lineage from the RFC index and added it to the RFC toctree.
• Bumped package metadata to 0.21.1.

Notes

• This document is design provenance, not an adoption record. It makes no claim that any organization, identity provider, or partner has implemented or endorsed Genesis Mesh. Real third-party adoption remains gated on the external-operator proof workflow.

Verified

• Sphinx docs (warnings-as-errors), full pre-push hooks (mypy, compileall, sphinx, pytest), and package build passed.

v0.21.0 - RFC Program Batch 1

v0.21.0 - RFC Program Batch 1

Added

• First batch of Genesis Mesh protocol RFCs under docs/rfcs/, covering sovereign identity, recognition treaties, trust bundles, revocation feeds, capability manifests, the Connectome model, operator continuity, and the managed operator role.
• RFC index recording draft status and mapping each RFC to its reference implementation module.
• Wired the RFC section into the documentation tree and linked it from the RFC program direction document.

Changed

• Linked the RFC program's initial sequence to the published draft documents.
• Bumped package metadata to 0.21.0.

Verified

• 297 pytest tests passed.
• Mypy, compileall, Sphinx docs (warnings-as-errors), full pre-push hooks, and package build passed.

v0.20.0 - Phase 2 Ecosystem Baseline

v0.20.0 - Phase 2 Ecosystem Baseline

Added

• Phase 2 ecosystem baseline documentation for RFCs, Atlas, governance, independent implementation, and application-layer adoption.
• Provenance documentation connecting the 2017 enterprise trust pattern to the current Genesis Mesh protocol and ecosystem baseline.
• Development documentation for Atlas, governance baseline, and the RFC program.

Changed

• Updated roadmap and development history to make the Phase 2 transition explicit after v0.19.0 operator continuity.
• Replaced the Windows-blocked large-file pre-push hook with a local stdlib hook.
• Restricted mutating formatting hooks to pre-commit so pre-push validation does not rewrite dirty docs.
• Bumped package metadata to 0.20.0.

Verified

• 297 pytest tests passed.
• Mypy, compileall, Sphinx docs, pre-commit, full pre-push hooks, and package build passed.

Genesis Mesh v0.19.0

Genesis Mesh v0.19.0

v0.19.0 turns the v0.18.0 founding community operator proof into an active operator continuity track.

Highlights:

• Adds public founding community operator documentation at docs/operators/founding-community-operators.md.
• Links founding community operators from README, the Sphinx operator docs, and the docs toctree.
• Adds ops/plan-v0.19.0.md for Active Sovereign Operator Continuity.
• Extends examples/founding-community-operators/operators.json with the v0.19.0-active-sovereign-operator-continuity milestone and continuity expectations.
• Bumps package metadata to 0.19.0.

Validation:

• operators.json parsed successfully.
• genesis-mesh trust-bundle validate --bundle examples/official-operators/usg-nb/trust-bundle.json --format json passed with 9 active recognition edges in the bundle.
• python -m sphinx -b html -W docs docs/pages passed.
• pre-commit run --all-files passed with only check-added-large-files skipped because Windows Application Control blocks that hook wrapper.
• pre-commit run --all-files --hook-stage pre-push passed, including pytest.
• python -m build produced the 0.19.0 sdist and wheel.

Genesis Mesh v0.18.0

Genesis Mesh v0.18.0

• Adds public official operator artifacts under examples/official-operators/ for MiraOS-NA, 001-NA, anonymous-NA, AMINE-M6-NA, ONS-A-NA, and USG-NB.
• Includes a refreshed USG-NB trust bundle exported from http://164.92.250.135:8443 after connectome validation, showing 9 active recognition edges at export time.
• Bumps package metadata from 0.17.11 to 0.18.0.
• Keeps runtime homes, logs, process IDs, databases, local configs, and private keys ignored.

Validation:

• JSON syntax validation for all staged operator artifacts.
• genesis-mesh trust-bundle validate --bundle examples/official-operators/usg-nb/trust-bundle.json --na http://164.92.250.135:8443 --format json.
• pre-commit run --all-files and pre-commit run --all-files --hook-stage pre-push; check-added-large-files was skipped only because Windows Application Control blocked the pre-commit wrapper, and the same hook implementation was run directly to verify added file sizes.
• python -m build produced the 0.18.0 sdist and wheel.

v0.17.11 - Azure Deployment Verification Hardening

v0.17.11 - Azure Deployment Verification Hardening

Changed

• Production Network Authority systemd unit now defaults to GENESIS_LOG_FORMAT=json.
• Azure release deployment workflow now uses /opt/genesis-mesh/.venv/bin/python for the Connectome probe instead of relying on a bare system python command.

Verified

• Pre-commit passed, including mypy, compileall, Sphinx, and pytest in pre-push.
• Deployment workflow was re-run against the tagged release.

v0.17.10 - Observability and Operator UX Hardening

v0.17.10 - Observability and Operator UX Hardening

Added

• First-class JSON log fields for Network Authority access and API error events.
• Direct --operator-key and --operator-key-id support for genesis-mesh admin invite and genesis-mesh admin revoke.
• --config alias for genesis-mesh federation bootstrap acceptor signing config.
• --na as the preferred alias for genesis-mesh sovereign inspect.

Changed

• Applied shared JSON formatting across Genesis Mesh, Network Authority, Werkzeug, and Gunicorn loggers.
• Routed local na start development-server startup output through configured logging.
• Sanitized ANSI control sequences from structured log messages.
• Made init --home <dir> write config under <dir>/genesis-mesh.toml when --config is omitted.
• Made unsafe init --force from inside the target directory fail with a clear operator error.
• Made federation bootstrap report persisted treaty state and cleanup guidance when post-issue trust-path verification fails.

Verified

• python -m pytest -q passed: 297 tests.
• python -m sphinx -b html -W docs docs/_build/html passed.
• python -m pre_commit run --all-files passed.
• Local JSON-log smoke for genesis-mesh na start produced 0 non-JSON stderr lines.

v0.17.6 - Operator Console Trust View Polish

v0.17.6 - Operator Console Trust View Polish

This patch tightens the operator-facing trust views after the v0.17.5 dashboard release.

Changed

• Added live Network Authority screenshots for the Connectome and sovereign health dashboard examples.
• Documented current versus historical recognition edge visibility in the Connectome docs.
• Documented the dashboard's human-readable trust-change summaries alongside repeatable demo assets.
• Updated project history and maintainer planning for v0.17.6.
• Bumped the package version to 0.17.6.

Verified

• python -m pytest genesis_mesh/tests -q
• python -m mypy genesis_mesh --ignore-missing-imports
• python -m compileall genesis_mesh docs/examples/assets/scripts -q
• python -m sphinx -b html -W docs docs/pages
• git diff --check
• python -m pre_commit run --all-files