v0.9.0-beta
Pre-release
Pre-release
v0.9.0-beta
Pre-release. Strict alignment with the OpenTelemetry entity-events spec (1.58.0)
and hardened read-surface security. Fully backward compatible.
Strict spec alignment (entity-events 1.58.0)
- Full AnyValue in
entity.description(#259). Descriptions carrying arrays
and nested maps are now ingested faithfully end to end (ingest → store →
projection → GraphQL/MCP), instead of dropping the non-scalar parts. Composite
values render as compact JSON, taggedarray/kvlist. Identity stays scalar
by contract (ADR 0018). ADR 0004 amended. entity.delete.reason(#260). The producer's motive on a delete (an open
enum —terminated,expired,evicted, …, never validated against a closed
set) is captured, persisted, and exposed on MCPrecent_changes/graph_diff
and GraphQLChangeEvent.deleteReason.entity.report.interval == 0(or absent) = no cadence (#261). Locked by a
conformance test: such an entity is only ever removed by an explicit
entity.delete, never expired by the liveness sweep.
Read-surface security (#262)
- Ingest auth and read auth are now decoupled. New opt-in
ingest_mtls_only
(TOISE_INGEST_MTLS_ONLY, requirestls_client_ca_file): OTLP ingest is
authenticated by mutual TLS alone — no bearer required — while GraphQL/MCP keep
requiring their per-client scoped tokens (role read / full, individually
revocable) or OIDC. Default off; the bearer-on-ingest posture is unchanged. - ADR 0028 amended; configuration guide and a consumer note added.
Producer SDK — pkg/emit v0.3.0
Entity.RichAttributes(map[string]any) emits the full AnyValue (arrays,
nested maps), symmetric with what Toise now ingests.Entity.DeleteReasonemitsentity.delete.reasonon a delete.- Additive: scalar-only producers are byte-for-byte unchanged; the published
conformance fixture still holds.
Compatibility
Every change is additive and backward compatible: existing producers, consumers,
and deployments keep working unchanged. The shared-password read path remains a
transitional fallback.