Changelog

Every version, every change, every date. Format follows Keep a Changelog; SteelSpine adheres to Semantic Versioning.

1.1.0 Unreleased In development

Compliance-mode auto-notarization (RFC 3161 / eIDAS) and optional ML-DSA-65 post-quantum signing — for EU AI Act audits and long-archive use cases that must remain valid past the arrival of cryptographically-relevant quantum computers.

Added

  • compliance_mode config flag — set "compliance_mode": true in ~/.prime/config.json to auto-enable RFC 3161 timestamping on every captured run, defaulting to an eIDAS-accredited Timestamp Authority (Sectigo) instead of the free dev TSA. EU AI Act / ISO 42001 audit defaults in one line.
  • --no-notarize flag on steelspine run — disable notarization for a single run even when compliance_mode is on.
  • --pq-sign flag on steelspine run — add a post-quantum signature (ML-DSA-65, NIST FIPS 204) to the run record, additive to Ed25519. Quantum-resistant. Stored as ml_dsa_65_signature in run_meta.json. Requires liboqs-python.
  • steelspine verify-run automatically verifies the post-quantum signature when present.
  • SDK functions in prime.pathshim: ss_ml_dsa_65_generate, ss_ml_dsa_65_sign, ss_ml_dsa_65_verify, ss_ml_dsa_65_pubkey_b64.
  • --require-approval flag on steelspine run — EU AI Act Article 14 human-oversight mode. Prompts operator at TTY before the wrapped command executes. Approval/decline sealed into run_meta.json as article_14_approval. Declined runs do not execute and are saved with final_state: "declined_at_oversight" for the audit trail.
  • --auto-approved-by NAME and --auto-approval-reason TEXT flags — preserve audit trail in non-interactive contexts (CI, cron). Without these in a non-TTY shell, --require-approval declines safely.
  • steelspine verify-run Article 14 status — surfaces approval status with approver, method, and timestamp.
  • Pluggable signing backend interface — new SigningBackend base class in prime.pathshim with registry (register_signing_backend, unregister_signing_backend, get_signing_backend, list_signing_backends, list_available_signing_backends). Built-ins (HMAC, Ed25519, ML-DSA-65) auto-registered. Third parties can plug in custom backends (HSM, cloud KMS, future PQ algorithms) without modifying SteelSpine core.

Fixed

  • prime-run argument parser now correctly consumes optional flags (--notarize, --no-notarize, --pq-sign, --require-approval, --auto-approved-by, --auto-approval-reason, --tsa-url) before passing the rest as the wrapped command. Previously these fell through to the catch-all and were passed to the wrapped binary, causing "command not found" errors.
  • tests/run_all.sh resolves PRIME_SRC robustly: prefers $PRIME_HOME only if it points to a valid install (has bin/), otherwise uses the script's own location. Stale $PRIME_HOME exports (e.g. pointing at long-deleted /tmp/ss_bundle_test_* paths) no longer cause silent cp -r failures and 293-test cascades. Test pass rate: 211/504 → 877/877.

Changed

  • Notarization resolution order is now explicit: --no-notarize → off; --notarize → on; notarize key in config (if present) → that value; otherwise default per compliance_mode.
  • Run signing canonical form factored into a single canonical_signing_payload shared by both Ed25519 and ML-DSA-65 — both signatures cover identical fields.

Notes

  • Existing installs with notarize: false (or no key) keep current behavior. The change is opt-in via the new compliance_mode flag.
  • ML-DSA-65 signatures are ~3.3 KB vs Ed25519's 64 bytes (~50× larger). Per-run impact negligible; high-volume captures may want to plan storage accordingly.
  • Both flags can be combined: steelspine run --pq-sign python3 agent.py with compliance_mode: true produces a run with HMAC + Ed25519 + ML-DSA-65 + RFC 3161 TSA timestamp — quadruple-rooted integrity.
1.0.1 Patch April 26, 2026

Multi-tab session tagging and proactive storage-pressure warnings — quality-of-life improvements for long-running developer workflows.

Added

  • --session NAME flag on steelspine run — tag a run as part of a logical session for grouping across multiple terminals. Also reads STEELSPINE_SESSION env var.
  • steelspine run list --session NAME — filter listings to a specific session.
  • Automatic storage-pressure warnings — every steelspine run checks current storage usage after capture. Amber notice at 80% of budget; red warning at 90%+ with action paths. Configurable via storage_budget_mb in ~/.prime/config.json.

Fixed

  • Help surface (steelspine help run, steelspine help storage) updated to document new flags and warning behavior.
1.0.0 Initial Release April 25, 2026

First public release. EU AI Act Article 12 compliance, tamper-evident observability, replay for any AI agent. One command. Zero code changes.

Capture

  • steelspine run <command> — wrap any binary, capture stdout + stderr + exit code with zero code changes
  • Auto-compare on repeat runs — diff fires automatically without a separate command
  • Run IDs (run_0001, …) and human labels (--label)
  • steelspine run list / show / prune — manage captured runs

Debug

  • steelspine compare — run-to-run diff with first-divergence detection
  • steelspine compare --strict — exit code 2 on regression (CI gating)
  • steelspine diagnose <run_id> — step-level root cause analysis
  • steelspine baseline — pin a known-good run; detect drift from it
  • steelspine eval — score runs in CI (--min-pass-rate, --max-failures, --forbid)
  • steelspine what — natural-language triage across all runs
  • steelspine patterns — recurring failures across runs
  • steelspine search — full-text search across run output
  • steelspine stats — pass rate, failure trends, streak analysis
  • steelspine tail [-f] — show / stream events from recent runs
  • steelspine monitor — background daemon that alerts on real-time failures

Memory

  • steelspine start — memory proxy on OLLAMA_HOST=http://localhost:11435
  • steelspine memory — view profile facts, session history; inject context into ChatGPT / Claude.ai
  • Persistent memory adapters (filesystem-drop, passive-watch, raw-log-capture)
  • LLM-backed entity promotion + recall

Prove

  • steelspine verify-run — signed audit report with HMAC-SHA256 + Ed25519 chain
  • steelspine verify-run --compliance-html — EU AI Act Art.12 + ISO 42001 compliance receipt
  • steelspine replay-run — offline replay, no live system, no API calls
  • steelspine policy — pre-execution guardrails (forbid patterns, cap failures)
  • steelspine audit-quality — automated suspicion engine with 6 heuristics
  • steelspine label — human confirmation loop (confirmed / false-positive / false-negative)
  • steelspine simulate — branch alternative futures from any captured state
  • Tamper-evident hash chain across all events

Setup & Tooling

  • setup.sh with auto-PATH, signing key generation, smoke test
  • steelspine doctor — 13-point self-diagnosis with --fix
  • steelspine init — guided first-time setup
  • steelspine status — live health check
  • steelspine ui [page] — browser dashboard with auto-port
  • steelspine project — workspace isolation per agent
  • steelspine storage — prune, archive, compress, USB export
  • steelspine import — restore archived runs
  • steelspine noise — suppress expected/noisy failures
  • steelspine otel-receiver — accept OpenTelemetry spans from LangChain, LlamaIndex, any OTel framework

Integrations

  • LangChain callback handler (steelspine_langchain pip package, ships in packages/)
  • Python HTTP client example
  • Node HTTP client example
  • Game NPC memory example
  • Compliance audit example
  • steelspine_helpers.js for browser embedding

Security

  • Auto-generated per-install Ed25519 signing key at ~/.prime/.keys/signing.key (chmod 600)
  • HMAC-SHA256 hash chain across event log
  • Source obfuscation via PyArmor BCC (compiles Python to native C)
  • Stable hashed machine ID (hostname + MAC + machine-id + platform) — opaque, defeats hostname-spoofing for trial multiplication
  • Clock-rollback detection — refuses license if system time appears to have moved backwards
  • Patents Pending. Proprietary — see LICENSE.

Platforms

  • Linux x86_64 (primary)
  • WSL on Windows
  • macOS (install scripts in dist/macos/)
  • Windows (USB install workflow in dist/windows/)

Known limitations

  • Single-machine signing by default; multi-user / org signing requires STEELSPINE_ORG_KEY
  • Memory agent requires Ollama or compatible LLM endpoint
  • UI assumes localhost — remote access requires SSH tunneling or similar
  • steelspine run <missing-command> records the failure but doesn't compute a verdict
← Back to home Get started →