v2.3.1

v2.3.1 - Version Alignment Release

Fixed

• Aligned all version references across package metadata

Changed

• Now downloads capiscio-core v2.3.1

v2.3.0 Highlights (included in this release)

Added

• E2E Test Suite: Comprehensive end-to-end test coverage for CLI wrapper workflows
• Documentation: Complete CLI documentation audit and restructure
• Dark Mode: MkDocs documentation now supports dark mode

Fixed

• Documentation: Removed duplicate documentation files causing build warnings
• Goal-Centric Navigation: Restructured docs for goal-oriented navigation

See CHANGELOG.md for full details.

v2.1.2

CapiscIO CLI v2.1.2

CapiscIO CLI has been renamed!

This release marks the transition of our npm package from capiscio-cli to capiscio. This change aligns our package naming across all platforms (Node.js, Python, Go) for a consistent developer experience.

📦 New Package Name

Please update your installation to use the new package name:

# Uninstall the old package
npm uninstall -g capiscio-cli

# Install the new package
npm install -g capiscio

🔄 Repository Update

The GitHub repository has been renamed to capiscio-node to better reflect that this is the Node.js implementation of the CapiscIO CLI.

🛠 Changelog

Changed

• PACKAGE: Renamed npm package to capiscio.
• REPO: Updated repository references to capiscio-node.
• DOCS: Updated installation instructions and badges.

Deprecated

• The capiscio-cli package is now deprecated and will no longer receive updates.

v2.1.0

CapiscIO CLI v2.1.0

We are excited to announce CapiscIO CLI v2.1.0, a major architectural evolution that unifies our validation logic across all platforms.

🚀 Major Architecture Change

The Node.js CLI has been re-engineered as a lightweight wrapper around the high-performance capiscio-core Go binary.

• Unified Logic: Ensures 100% consistency between the CLI, the web validator, and other tools.
• Performance: Drastically improved validation speed and stability.
• Automatic Management: The CLI automatically downloads, verifies, and manages the correct binary version for your platform.

📜 License Update

• Apache 2.0: The project license has been updated from MIT to Apache License, Version 2.0.

⚠️ Breaking Changes

• Removed --conservative flag: The conservative validation mode is no longer supported. All validations now use the unified scoring logic.
• Output Format: Error messages now follow the capiscio-core format, which may differ slightly from previous versions.
• Scoring Adjustments: Test expectations for scores may need to be updated (e.g., baseline scores have been calibrated).

📦 Installation

Node.js (Recommended)

npm install -g capiscio-cli

Standalone Binary

If you prefer not to use a package manager, you can download the standalone binary directly from the capiscio-core releases.

🛠 Full Changelog

Changed

• ARCHITECTURE: Replaced pure Node.js implementation with capiscio-core binary wrapper.
• LICENSE: Changed to Apache 2.0.
• CI/CD: Updated workflows to support binary caching and new architecture.

Fixed

• Resolved high-severity npm vulnerabilities.
• Fixed binary download logic for various platforms.

v2.0.0

v2.0.0 - Major Release: Scoring System + Live Testing + Spec Alignment

🎯 Major Release: Breaking Changes

This release introduces three major feature sets: three-dimensional scoring, full transport protocol support for live testing, and 100% alignment with A2A v0.3.0 specification.

🚀 What's New

1. Three-Dimensional Scoring System

Multi-dimensional evaluation replacing single score:

Compliance Score (0-100) - A2A v0.3.0 specification adherence

• Core Fields (60 pts), Skills Quality (20 pts), Format Compliance (15 pts), Data Quality (5 pts)

Trust Score (0-100) - Security and authenticity evaluation

• Cryptographic Signatures (40 pts), Provider Trust (25 pts), Security Posture (20 pts), Documentation (15 pts)
• Trust Confidence Multiplier: 1.0x (valid signature), 0.6x (no signature), 0.4x (invalid signature)

Availability Score (0-100) - Operational readiness (requires --test-live)

• Primary Endpoint (50 pts), Transport Support (30 pts), Response Quality (20 pts)

Production Readiness Thresholds:

• Compliance ≥95, Trust ≥60, Availability ≥80

2. Full Transport Protocol Support for Live Testing

Complete --test-live implementation with real agent endpoint testing:

• JSONRPC Transport: JSON-RPC 2.0 envelope with method/params
• HTTP+JSON Transport: Direct message sending without RPC wrapper
• Transport-aware parsing: Handles JSONRPC .result field extraction
• Exit codes for automation: 0 (success), 1 (validation), 2 (network), 3 (protocol)
• Real message validation: Task, StatusUpdate, ArtifactUpdate, Message types

Use cases:

• CI/CD post-deployment verification
• Cron-based health monitoring
• Pre-production testing
• Third-party agent evaluation

3. A2A v0.3.0 Specification Alignment

100% alignment with official A2A TypeScript types:

• Made preferredTransport optional (defaults to "JSONRPC")
• Made provider optional (organization & url required when present)
• Added required fields: capabilities, defaultInputModes, defaultOutputModes, skills
• Added provider.url as required when provider present
• Added skills.tags as required field (non-empty array)
• Non-empty skills array validation (at least one skill required)
• Runtime message validators for live testing

💥 Breaking Changes

Output Format Changed

• Before: Single "Score: X/100"
• After: Three-dimensional breakdown (Compliance, Trust, Availability)

Validation Rules Updated

• provider now optional but validates organization/url when present
• capabilities, defaultInputModes, defaultOutputModes now required
• Skills must have non-empty tags array

No Backward Compatibility

• JSON output structure changed: use result.scoringResult.compliance, .trust, .availability
• Stricter validation may fail agent cards that previously passed

📚 Documentation

• New: docs/scoring-system.md - Complete scoring guide
• Updated: --test-live documentation with exit codes and use cases
• Updated: Main README and Python package README
• Updated: CHANGELOG with comprehensive migration guide

🔄 Migration Guide

For CLI Users

• Enjoy richer scoring feedback automatically!
• Review new required fields if validation fails
• Use --test-live for operational readiness testing

For Automation/CI/CD

• Update scripts expecting single "Score: X/100" format
• Use --json flag and extract from result.scoringResult object
• Leverage new exit codes (0/1/2/3) for better error handling
• Add --test-live for post-deployment health checks

For Agent Card Authors

• Ensure capabilities, defaultInputModes, defaultOutputModes are present
• Ensure skills[].tags is non-empty array
• preferredTransport is now optional (defaults to "JSONRPC")
• provider is optional but must include organization & url when present

📦 Install

# npm
npm install -g capiscio-cli@2.0.0

# pip  
pip install capiscio==2.0.0

# Or download standalone binaries from releases

v1.2.6

Capiscio CLI v1.2.6 Release Notes

September 30, 2024

🚀 Enhanced Transport Protocol Testing

This release significantly improves transport endpoint testing with comprehensive protocol validation and better error handling.

✨ New Features

• Comprehensive Transport Testing - Full validation for JSONRPC, gRPC, and HTTP+JSON protocols with real connectivity checks
• Transport Consistency Validation - Ensures equivalent functionality across all protocols per A2A §5.6.4 requirements
• Enhanced Error Categorization - Improved logic for distinguishing between primary and additional interface failures
• Better Connectivity Testing - Real endpoint accessibility verification with proper timeout handling

🔧 Improvements

• Standardized Binary Names - All platforms now use consistent capiscio binary name (no more .exe suffix on Windows)
• Windows Distribution - Windows binaries now distributed as compressed zip files for better download experience
• Enhanced Validation Pipeline - Improved error reporting and validation flow
• Expanded Test Coverage - Better test coverage for transport endpoint functionality

🐛 Bug Fixes

• Skills Requirement - Corrected skills requirement validation to be optional per A2A specification
• TypeScript Cleanup - Removed unused parameters in transport test methods
• Test Mock Setup - Fixed test mock configuration for network validation scenarios

📦 Distribution

This release continues to support all distribution channels:

• npm: npm install -g @capiscio/cli
• PyPI: pip install capiscio
• Standalone Binaries: Download for Windows, macOS, and Linux

🔄 Breaking Changes

Binary Naming: Windows users should now use capiscio instead of capiscio.exe (standardized across all platforms)

🛡️ Security & Compatibility

• Continues JWS signature verification from v1.2.0+
• Enhanced cryptographic validation from v1.2.5+
• Full backward compatibility with A2A protocol versions
• HTTPS-only JWKS endpoints for secure key distribution

---

Full Changelog: v1.2.5...v1.2.6

v1.2.5

v1.2.5 - What's New in v1.2.5

🚀 Enhanced Distribution & Availability

New Distribution Channels:

• PyPI Package: Now available via pip install capiscio-cli for Python developers
• Pre-built Binaries: Download ready-to-use executables for all major platforms
• Automated Releases: Streamlined release process for faster updates

Binary Downloads:

• Linux x64: ~18.2MB compressed
• macOS Intel: ~18.3MB compressed
• macOS ARM64: ~16.6MB compressed
• Windows x64: ~41.3MB compressed

📦 Installation Options

npm (Node.js developers):

npm install -g capiscio-cli

PyPI (Python developers):

pip install capiscio-cli

Direct Binary Download:
Download platform-specific binaries from the releases page or visit capisc.io/downloads.

🛠️ Usage

All installation methods provide the same capiscio command:

# Validate an A2A agent card
capiscio validate https://example.com/agent-card.json
capiscio validate ./agent-card.json

✨ What This Means

• Python Developers: No more Node.js dependency - install directly with pip
• No Dependencies: Standalone binaries work without any runtime installation
• Cross-Platform: Native executables for all major operating systems
• Easier CI/CD: Direct binary downloads for automated workflows

---

Full Changelog: v1.2.0...v1.2.5

v1.2.0

🚀 Capiscio CLI v1.2.0 - Security & Distribution Enhancement

Overview

Major release introducing JWS signature verification for agent card authenticity and consistent distribution formats across all platforms. This release focuses on security, user experience, and professional distribution standards.

🔐 New Security Features

JWS Signature Verification (RFC 7515 Compliant)

• Secure by default - Automatic signature verification for all agent cards
• Cryptographic validation - Verify agent card authenticity and publisher identity
• JWKS support - Fetch JSON Web Key Sets from trusted HTTPS endpoints
• Detached signatures - Support for external signature validation
• Opt-out available - Use --skip-signature when signatures aren't needed

# Automatic signature verification (new default)
capiscio validate ./agent-card.json

# Skip verification when not needed
capiscio validate ./agent-card.json --skip-signature

🛠️ Technical Improvements

Website Integration

• capisc.io links - Strategic placement for SEO and domain authority
• Web validator discovery - Drive traffic to online validation tools
• Brand consistency - Unified user experience across touchpoints

🔧 Installation & Usage

Quick Installation

# npm (Node.js 18+)
npm install -g capiscio-cli

New Security-First Usage

# Secure validation (default behavior)
capiscio validate ./agent-card.json

# Production deployment validation
capiscio validate ./agent-card.json --strict --registry-ready

# CI/CD with signature verification
capiscio validate https://agent.com --json --strict

🚨 Breaking Changes

⚠️ Signature Verification Default

• Signature verification is now enabled by default
• Agent cards without valid signatures will show warnings
• Use --skip-signature to maintain v1.1.x behavior
• No breaking changes for valid signed agent cards

📈 Performance & Reliability

Security Enhancements

• HTTPS-only JWKS - Secure key fetching from trusted sources
• Signature caching - Improved performance for repeated validations
• Error handling - Graceful fallbacks for signature validation failures

🌐 Ecosystem Integration

Web Platform Integration

• capisc.io integration - Seamless discovery of web-based tools
• Documentation hub - Centralized resources at capisc.io/cli
• Community building - Enhanced discoverability and engagement

🎯 Migration Guide

For Existing Users

1. Update to v1.2.0 using your preferred package manager
2. Test signature verification with your existing agent cards
3. Add --skip-signature if you need to maintain old behavior temporarily

For New Users

• Use default settings - Signature verification provides security out of the box
• Try web validator - Visit capisc.io/validator for browser-based validation
• Explore documentation - Complete guides at capisc.io/cli

🔗 Resources

• Documentation: capisc.io/cli
• Web Validator: capisc.io/validator
• GitHub: github.com/capiscio/capiscio-cli
• npm: npmjs.com/package/capiscio-cli

---

For questions or issues, please visit capisc.io or open an issue.

v1.0.1

Capiscio CLI v1.1.0

New Features

• --verbose flag - Shows detailed validation steps and timing for debugging

capiscio validate ./agent.json --verbose

What's Changed

• Added verbose logging with timestamps and step details
• Enhanced debugging for validation failures
• No breaking changes

Full Changelog: v1.0.0...v1.1.0

v1.0.0

🎉 Capiscio CLI v1.0.0 - Initial Release

The definitive CLI tool for validating A2A (Agent-to-Agent) protocol agent cards is now available!

✨ Features

• A2A v0.3.0 Compliance - Full validation of agent cards according to the latest specification
• Multiple Validation Modes - Progressive (default), Strict, and Conservative validation
• Schema-Only Mode - Fast validation without network calls
• Cross-Platform Support - Works on Node.js 16+, tested on 18.x and 20.x
• Multiple Output Formats - Beautiful console output or JSON for CI/CD integration
• File & URL Support - Validate local files or remote agent cards

🛠️ Installation

npm install -g capiscio-cli

📖 Usage

# Validate an agent card
capiscio validate agent.json

# Schema-only validation (fast)
capiscio validate agent.json --schema-only

# JSON output for CI/CD
capiscio validate agent.json --json

# Different validation modes
capiscio validate agent.json --strict
capiscio validate agent.json --conservative

🎯 What's Validated

• Required fields (protocolVersion, name, url, etc.)
• Transport protocol compatibility (JSONRPC, GRPC, HTTP+JSON)
• Semantic versioning compliance
• URL format validation
• Schema structure validation

🔒 Security & Quality

• 0 production vulnerabilities
• Comprehensive test suite (52 tests)
• Cross-platform compatibility tested
• Professional CI/CD pipeline

Ready to validate your A2A agent cards! 🚀