Releases: traverse-framework/Traverse
Traverse v0.6.0
Traverse v0.6.0
Release date: 2026-06-27
Traverse v0.6.0 is the governed model dependency execution release. It keeps the v0.5.0 public CLI app registration baseline intact while adding the runtime surface needed for downstream app hosts to execute app-declared model dependencies without provider-specific logic in WASM agents.
Consumers that only need public app validation and registration can remain pinned to v0.5.0. Consumers that need provider-neutral governed inference execution from registered app state should move to v0.6.0.
Highlights
- Adds a runtime-owned governed model dependency execution surface for app-declared
traverse.inference.generatedependencies. - Loads persisted app
model_dependenciesfrom CLI-produced workspace registration state into runtime application registrations. - Revalidates model dependencies at execution time, invokes the existing real local Ollama-backed provider, and returns public
ModelResolutionEvidencewith inference output. - Updates WASM agent authoring guidance so downstream agents no longer own provider-specific model API calls.
- Preserves provider selection, provider config, and model readiness evidence inside Traverse-owned runtime boundaries.
- Updates repository-facing metadata and README links for
traverse-framework/Traverse.
Compatibility Notes
- Traverse remains a
0.xproject. Public surfaces are governed and validated, but compatibility can still move before a1.0stability commitment. - The v0.5.0 public CLI app registration and durable workspace-state loading surfaces remain available.
- The v0.6.0 additions are backward-compatible in intent: they add a runtime execution bridge for governed model dependencies rather than changing existing app registration, HTTP/JSON, MCP, or workflow semantics.
- Downstream WASM agents should depend on Traverse's governed inference interface and app manifest model declarations, not provider-specific SDKs, URLs, or credentials.
- No cross-platform binary package is attached to this release. The release publishes source and release notes.
Validation
Release preparation must pass these local gates before tagging:
cargo test
cargo clippy -- -D warnings
bash scripts/ci/repository_checks.sh
bash scripts/ci/wasm_agent_authoring_guide_smoke.sh
bash scripts/ci/coverage_gate.sh
git diff --checkThe GitHub PR checks must also pass:
repository-checkscoverage-gatepr-hygienespec-alignment
Traceability
Traverse v0.5.0
Traverse v0.5.0
Release date: 2026-06-26
Traverse v0.5.0 is the public CLI app registration release. It keeps the v0.4.0 manifest and governed model-dependency baseline intact while adding the public downstream app setup commands, durable local workspace registration state, runtime loading from that state, and conformance evidence needed for downstream apps to bootstrap without private Traverse internals.
Consumers that need only application manifests and governed model dependency evidence can remain pinned to v0.4.0. Consumers that need stable traverse-cli app validate and traverse-cli app register setup flows should move to v0.5.0.
Highlights
- Adds approved Spec
046-public-cli-app-registration. - Adds
traverse-cli app validate --manifest <path> --jsonas the public read-only downstream app validation surface. - Adds
traverse-cli app register --manifest <path> --workspace <workspace-id> --jsonas the public local workspace registration surface. - Persists validated app registration evidence under
.traverse/workspaces/<workspace-id>/apps/<app-id>/<version>/registration.json. - Adds runtime loading from CLI-produced workspace app state so registered capabilities and workflows can be discovered without private setup code.
- Adds downstream public app registration smoke coverage and wires it into downstream app MVP conformance.
- Documents the boundary clearly: CLI app registration is local-dev workspace setup, not an HTTP app registration endpoint, service registry, downstream UI deployment mechanism, or runtime-owned admin API.
Compatibility Notes
- Traverse remains a
0.xproject. Public surfaces are governed and validated, but compatibility can still move before a1.0stability commitment. - The v0.3.0 public compatibility documents remain the historical first
youaskm3release baseline. - The v0.4.0 application manifest and governed model dependency surfaces remain available.
- The v0.5.0 additions are backward-compatible in intent: they add public CLI setup and workspace-state loading surfaces rather than removing the v0.3.0 HTTP/JSON or MCP paths.
- No cross-platform binary package is attached to this release. The release publishes source, release notes, and supply-chain evidence artifacts.
Validation
Release preparation must pass these local gates before tagging:
bash scripts/ci/repository_checks.sh
bash scripts/ci/rust_checks.sh
bash scripts/ci/coverage_gate.sh
bash scripts/ci/supply_chain_check.shThe downstream app MVP conformance path should also pass for the v0.5.0 public CLI registration baseline:
bash scripts/ci/downstream_app_mvp_conformance.shThe GitHub Release should attach the generated supply-chain evidence from target/supply-chain/:
traverse-sbom.cdx.jsonsupply-chain-summary.jsonartifact-verify-report.jsontraverse-cli.provenance.json
Traceability
Traverse v0.4.0
Traverse v0.4.0
Release date: 2026-06-22
Traverse v0.4.0 is the manifest and governed model-dependency release. It keeps the v0.3.0 source-build app and MCP consumer baseline intact while adding the application bundle, WASM component manifest, model dependency, local inference provider, trace evidence, and downstream conformance work needed for the next app-facing integration step.
Consumers that need only the first youaskm3 v0.3.0 baseline can remain pinned to v0.3.0. Consumers that need application manifests, component manifests, governed model dependency resolution, or downstream app MVP conformance evidence should move to v0.4.0.
Highlights
- Adds approved Specs
044-application-bundle-manifestand045-governed-model-dependency-resolution. - Adds application and WASM component manifest validation, including real example manifests for the expedition readiness app.
- Adds atomic application bundle registration so an app manifest and its component manifests register together or fail together.
- Adds Traverse CLI creation flows for new app and component manifest scaffolding.
- Adds governed model dependency contracts, schema validation, deterministic model selection, and evidence for selected and rejected model candidates.
- Adds a real local Ollama inference provider path while keeping local-provider execution opt-in for CI safety.
- Exposes model selection evidence through runtime traces and MCP-facing execution reports.
- Adds downstream app MVP conformance scripts covering app bundle registration, WASM workflow execution, model dependency evidence, HTTP/JSON trace paths, and MCP reporting.
- Adds lean Traverse ops guidance so long-running project work remains bounded and inspectable.
Compatibility Notes
- Traverse remains a
0.xproject. Public surfaces are governed and validated, but compatibility can still move before a1.0stability commitment. - The v0.3.0 public compatibility documents remain the historical first
youaskm3release baseline. - The v0.4.0 additions are backward-compatible in intent: they add manifest, model, trace, CLI, and conformance surfaces rather than removing the v0.3.0 HTTP/JSON or MCP paths.
- No cross-platform binary package is attached to this release. The release publishes source, release notes, and supply-chain evidence artifacts.
Validation
Release preparation must pass these local gates before tagging:
bash scripts/ci/repository_checks.sh
bash scripts/ci/rust_checks.sh
bash scripts/ci/coverage_gate.sh
bash scripts/ci/supply_chain_check.shThe downstream app MVP conformance path should also pass for the v0.4.0 manifest/model baseline:
bash scripts/ci/downstream_app_mvp_conformance.shThe GitHub Release should attach the generated supply-chain evidence from target/supply-chain/:
traverse-sbom.cdx.jsonsupply-chain-summary.jsonartifact-verify-report.jsontraverse-cli.provenance.json
Traceability
- Release issue: #470
- Governing specs:
001-foundation-v0-1,004-spec-alignment-gate,031-supply-chain-hardening,044-application-bundle-manifest,045-governed-model-dependency-resolution
Traverse v0.3.0
Traverse v0.3.0
Release date: 2026-06-06
Traverse v0.3.0 is the first GitHub Release after the historical v0.2.0 tag. The v0.2.0 tag remains part of the repository history, but it was not published as a GitHub Release. Consumers should pin v0.3.0 for the current app-consumable, supply-chain-hardened baseline.
Highlights
- Adds the HTTP/JSON application API surface for downstream apps, including local serve, discovery, registration, and execution paths.
- Adds workspace identity, auth, runtime grants, isolation policy, and audit evidence for app-facing execution.
- Adds OpenTelemetry-compatible runtime trace export so runtime decisions can be inspected outside Traverse-specific tooling.
- Adds WASI Host ABI v1 insulation so host imports are validated through a governed compatibility boundary.
- Adds connector plugin registry and resolution primitives for external integration growth.
- Adds the portable DataStore runtime model for the AP-leaning state path used by browser/offline-first consumers.
- Adds governed artifact signature verification, including Ed25519 and Sigstore trust paths.
- Adds supply-chain hardening evidence, including SBOM generation, provenance evidence, reproducibility checks, and artifact verification.
Compatibility Notes
- Traverse remains a
0.xproject. Public surfaces are governed and validated, but compatibility is still allowed to evolve before a1.0stability commitment. - The
v0.2.0tag exists as a historical workspace version bump and should not be treated as the current published release baseline. - No cross-platform binary package is attached to this release. The release publishes source, release notes, and supply-chain evidence artifacts.
Validation
Release preparation must pass these local gates before tagging:
bash scripts/ci/repository_checks.sh
bash scripts/ci/rust_checks.sh
bash scripts/ci/coverage_gate.sh
bash scripts/ci/supply_chain_check.shThe GitHub Release should attach the generated supply-chain evidence from target/supply-chain/:
traverse-sbom.cdx.jsonsupply-chain-summary.jsonartifact-verify-report.jsontraverse-cli.provenance.json
Traceability
- Release issue: #432
- Governing specs:
001-foundation-v0-1,031-supply-chain-hardening
Traverse v0.1.0
Traverse v0.1.0 is the first public app-consumable release of Traverse.
Supported use in this release:
- use Traverse as a governed runtime substrate
- use Traverse as an MCP substrate
- consume Traverse through documented public app-facing surfaces
- follow the first downstream-consumer path aligned with youaskm3
First start here:
- quickstart: quickstart.md
- canonical entry path: docs/app-consumable-entry-path.md
Authoritative release documents:
- consumer bundle: docs/app-consumable-consumer-bundle.md
- package release pointer: docs/app-consumable-package-release-pointer.md
- release checklist: docs/app-consumable-release-checklist.md
- acceptance path: docs/app-consumable-acceptance.md
- youaskm3 integration validation: docs/youaskm3-integration-validation.md
- youaskm3 compatibility conformance: docs/youaskm3-compatibility-conformance-suite.md
Validation commands:
- bash scripts/ci/app_consumable_package_release_pointer.sh
- bash scripts/ci/app_consumable_release_prep.sh
- bash scripts/ci/repository_checks.sh
Release intent:
- downstream apps own UI and product UX
- Traverse owns runtime execution, workflow/state behavior, traceability, and MCP-facing behavior
- this release is the first governed external-consumer baseline for Traverse