Skip to content

Releases: quantumpipes/capsule

Capsule v1.5.2

18 Mar 04:18
@bradleygauthier bradleygauthier
v1.5.2
a8fb0b2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Capsule v1.5.2

Sealed dict serialization. Consumers can now serialize and deserialize complete sealed records without manual attribute extraction.

Added

  • Capsule.to_sealed_dict() — Serialize a Capsule including the cryptographic seal envelope (hash, signature, signature_pq, signed_at, signed_by). Returns everything from to_dict() plus the five seal fields. Use this when building API responses or exporting complete sealed records. to_dict() continues to return only the canonical content (the part that gets hashed).
  • Capsule.from_sealed_dict(data) — Inverse of to_sealed_dict(). Deserializes both canonical content and seal envelope from a single dict. Missing seal keys default to empty values, so it also accepts plain to_dict() output. Enables full roundtrip: seal → to_sealed_dict → from_sealed_dict → verify.
  • 21 new tests across 4 test files — unit, integration, FastAPI, and invariant tests.

Fixed

  • FastAPI endpoints omitting seal envelopeGET /capsules/ and GET /capsules/{id} were using to_dict(), which excludes seal fields by design. Responses now use to_sealed_dict() and include hash, signature, signature_pq, signed_at, and signed_by alongside the capsule content.

Install

pip install qp-capsule==1.5.2
Loading

py-v1.5.2

18 Mar 04:18
@github-actions github-actions
py-v1.5.2
a8fb0b2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
py-v1.5.2 Latest
Latest

Capsule 1.5.2

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.5.2

What's Changed

  • feat: add to_sealed_dict / from_sealed_dict, fix FastAPI seal omission by @bradleygauthier in #16

Full Changelog: py-v1.5.1...py-v1.5.2

Contributors

bradleygauthier
Assets 2
Loading

py-v1.5.1

17 Mar 06:03
@github-actions github-actions
py-v1.5.1
a380afa
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
py-v1.5.1

Capsule 1.5.1

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.5.1

What's Changed

  • fix: widen signed_at/signed_by columns to prevent PostgreSQL overflow by @bradleygauthier in #15

Full Changelog: py-v1.5.0...py-v1.5.1

Contributors

bradleygauthier
Loading

Capsule v1.5.0

15 Mar 19:56
@bradleygauthier bradleygauthier
v1.5.0
bf4fcf9

Choose a tag to compare

View all tags
Capsule v1.5.0

Hash chain concurrency protection. Prevents race conditions where concurrent writes could fork the chain.

Added

  • Optimistic retry in seal_and_store() — if a concurrent writer claims the same sequence number, the UNIQUE constraint rejects the duplicate and the method retries with the updated chain head. Up to 3 retries before raising ChainConflictError.
  • ChainConflictError exception — raised when seal_and_store() exhausts all retries due to sustained concurrent writes for the same tenant chain.
  • UNIQUE constraint on sequence (SQLite)CapsuleModel now enforces UNIQUE(sequence), preventing duplicate sequence numbers at the database level.
  • UNIQUE constraint on tenant + sequence (PostgreSQL)CapsuleModelPG now enforces UNIQUE(tenant_id, sequence), scoped per tenant.
  • Global chain protection (PostgreSQL) — partial unique index for tenant_id IS NULL prevents duplicate sequences in the global chain.
  • 36 new concurrency tests covering retry behavior, constraint enforcement, exception hierarchy, and integration.

Security

  • TOCTOU race condition fixed — the add()seal()store() sequence previously allowed concurrent writers to silently fork the hash chain. Now protected at two layers: database constraints + application retry.

Install

pip install qp-capsule==1.5.0
Loading

Capsule v1.4.0

15 Mar 14:52
@bradleygauthier bradleygauthier
v1.4.0
1a8cb94

Choose a tag to compare

View all tags
Capsule v1.4.0

Ecosystem expansion: Go verifier, LiteLLM integration, and negative conformance vectors.

Added

  • Go verifier library (capsule-go) — canonical JSON serialization, SHA3-256 hashing, Ed25519 signature verification, and structural/full/signature chain verification in Go. Passes all 16 golden conformance vectors. Verification-only (no capsule creation).
  • LiteLLM integration (capsule-litellm) — CapsuleLogger callback that seals every LLM call into a Capsule. Sync and async. Captures prompt hash (SHA3-256), token metrics, latency, model identity, and error tracking.
  • Invalid capsule fixtures (conformance/invalid-fixtures.json) — 15 negative test vectors across 5 error categories: missing fields, wrong types, invalid values, chain violations, and content tampering.
  • Python tests for invalid fixtures — 33 tests validating the invalid fixture suite.
  • Ecosystem documentation — README restructured with Reference Implementations and Ecosystem Libraries. Architecture doc adds ecosystem diagram.

Full Changelog

https://github.com/quantumpipes/capsule/blob/main/CHANGELOG.md#140---2026-03-15

Loading

py-v1.5.0

15 Mar 19:30
@github-actions github-actions
py-v1.5.0
bf4fcf9

Choose a tag to compare

View all tags
py-v1.5.0

Capsule 1.5.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.5.0

Full Changelog: py-v1.4.0...py-v1.5.0

Loading

py-v1.4.0

15 Mar 17:29
@github-actions github-actions
py-v1.4.0
1a8cb94

Choose a tag to compare

View all tags
py-v1.4.0

Capsule 1.4.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.4.0

What's Changed

  • deps(typescript): Bump vitest from 4.0.18 to 4.1.0 in /reference/typescript by @dependabot[bot] in #14
  • ci: Bump actions/setup-node from 4.2.0 to 6.3.0 by @dependabot[bot] in #12
  • ci: Bump actions/download-artifact from 8.0.0 to 8.0.1 by @dependabot[bot] in #11
  • deps(typescript): Bump @vitest/coverage-v8 from 4.0.18 to 4.1.0 in /reference/typescript by @dependabot[bot] in #13

Full Changelog: v1.3.0...py-v1.4.0

Contributors

dependabot
Loading

Capsule v1.3.0

09 Mar 06:12
@bradleygauthier bradleygauthier
v1.3.0
0829eba
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Capsule v1.3.0

Capsule Protocol v1.3.0: CLI verifier and epoch-based key rotation

Added

  • capsule CLI — verify, inspect, and manage keys from the command line
    • capsule verify <source> — structural, full (SHA3-256), and signature (Ed25519) verification
    • capsule inspect — display a capsule's full 6-section content
    • capsule keys info | rotate | export-public — keyring management
    • capsule hash <file> — SHA3-256 utility
  • Epoch-based key rotation — NIST SP 800-57 aligned key lifecycle with backward-compatible verification across rotations
  • Epoch-aware signature verificationSeal(keyring=kr) resolves the correct epoch's public key via fingerprint lookup

Install

pip install qp-capsule==1.3.0

See CHANGELOG.md for full details.

Loading

py-v1.3.0

09 Mar 03:53
@github-actions github-actions
py-v1.3.0
0829eba
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
py-v1.3.0

Capsule 1.3.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.3.0

What's Changed

New Contributors

Full Changelog: v1.2.0...py-v1.3.0

Contributors

bradleygauthier
Loading

v1.2.0

08 Mar 16:16
@github-actions github-actions
v1.2.0
84b98b1

Choose a tag to compare

View all tags
v1.2.0

Capsule 1.2.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.2.0

Full Changelog: v1.1.0...v1.2.0

Loading