From 6d0fab8bd9c699f53f7ecfdcf420ca46202369e0 Mon Sep 17 00:00:00 2001 From: Greg Soucy Date: Fri, 20 Mar 2026 22:55:53 -0400 Subject: [PATCH] Finalize v1.1.0 release blockers --- CHANGELOG.md | 26 +++++++++++--- SECURITY_PROVENANCE.md | 4 +-- SPEC.md | 1 + checksums.txt | 10 +++--- .../invalid/900-verify.receipt.invalid.json | 4 +-- manifest.json | 2 +- releases/v1.1.0.md | 36 ++++++++++++------- .../authorize/authorize.receipt.schema.json | 1 + .../checkout/checkout.receipt.schema.json | 5 +-- .../purchase/purchase.receipt.schema.json | 5 +-- scripts/validate-all.mjs | 2 +- 11 files changed, 59 insertions(+), 37 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 126f798..dee98b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,12 +2,28 @@ ## v1.1.0 -Current release. +Repository-validated current release line for final Commons-style publication. -- adopts the flat per-verb schema layout under `schemas/v1.1.0/` -- treats `v1.1.0` as the canonical line for new integrations -- retains `v1.0.0` as a published legacy line for compatibility and audit -- ships release metadata, examples, and checksum tooling aligned to the current line +### Added + +- added flat per-verb request and receipt schemas under `schemas/v1.1.0/` for `authorize`, `checkout`, `purchase`, `ship`, and `verify` +- added current-line valid and invalid conformance fixtures under `examples/v1.1.0/` +- added package manifest, checksum ledger, and integrity tooling for the v1.1.0 shipped boundary +- added explicit governed actor grammar for `payer`, `payee`, `merchant`, `provider`, `carrier`, and `verifier` +- added explicit x402 payment grammar covering `payment_requirement`, `payment_session`, `payment_input`, and `payment_proof` + +### Changed + +- changed the current line from the historical nested path model to a flat self-contained schema layout +- changed schema identities and package exports to point directly at the v1.1.0 canonical paths +- changed commercial receipts to normalize actor, reference, settlement, and verification semantics across verbs +- changed release metadata to describe v1.1.0 as the current repository-validated line while keeping publication claims declarative +- changed checksum validation to cover the shipped payload boundary excluding `checksums.txt` itself + +### Removed + +- removed current-line dependency on the legacy `schemas/v1.0.0/_shared/` tree +- removed v1.0.0 from the shipped package surface while retaining it in-repository as historical source material ## v1.0.0 diff --git a/SECURITY_PROVENANCE.md b/SECURITY_PROVENANCE.md index 6c9a6df..ef590c1 100644 --- a/SECURITY_PROVENANCE.md +++ b/SECURITY_PROVENANCE.md @@ -2,7 +2,7 @@ ## Release posture -Current release line: `v1.1.0` (repository-validated, not yet asserted as publicly published) +Current release line: `v1.1.0` (current repository-validated line; external publication is not asserted by this repository) Canonical shipped npm package surface: @@ -27,7 +27,7 @@ Checksum-covered shipped payload: Release integrity state for this repository: -- `manifest.json` marks `v1.1.0` as the current draft line and avoids asserting a completed external publication date. +- `manifest.json` marks `v1.1.0` as the current line and records that the repository does not yet assert an external publication date. - `checksums.txt` records repository-local SHA-256 digests for the canonical shipped payload excluding the ledger file itself. - `index.js` resolves the package root export to `schemas/v1.1.0/index.json`. - Canonical schema `$id` values resolve to the commandlayer.org release paths for `v1.1.0`. diff --git a/SPEC.md b/SPEC.md index 6642730..8b79329 100644 --- a/SPEC.md +++ b/SPEC.md @@ -118,6 +118,7 @@ Protocol-Commercial v1.1.0 uses one payment language across the family: - `payment_requirement` = pre-payment terms or authorization preconditions - `payment_session` = live x402 negotiation/session state +- `payment_input` = caller-supplied payment instrument or tender input for direct capture flows - `payment_proof` = final authorization or settlement evidence Requests SHOULD carry the earliest payment layer the caller can truthfully provide. Receipts MUST carry the latest payment layer the verb has canonically established. Successful capture receipts for `checkout` and `purchase` MUST carry `payment_proof`. `ship` MUST link to the upstream commercial transaction and MAY carry payment evidence by reference rather than re-embedding settlement state. diff --git a/checksums.txt b/checksums.txt index df2bfd7..b81b6d6 100644 --- a/checksums.txt +++ b/checksums.txt @@ -25,18 +25,18 @@ abd0e8a97943c458a85d788b758206d05d9ccef3ba8635f613340ad526dfe496 examples/v1.1. a004cb1385b1ca173b89df702e2b52d63f870521652f98f023359d30009b8df0 examples/v1.1.0/commercial/ship/valid/900-ship.receipt.valid.json f268080d0fadbd2b78ea0ab66348b137a07fe8764066af3337f8c7354335f4c7 examples/v1.1.0/commercial/ship/valid/901-ship.receipt.valid.json a2a5e61fa04e12786a848e03bbabbc3f9d066ca55a6f48cb1ae1140f6373bf94 examples/v1.1.0/commercial/verify/invalid/001-verify.request.invalid.json -8933801c0b4fc007ead2e57d0a5f8e1a1b8a8b91a5c759e54778f65fff865c11 examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json +b83c5b6dc532a5a7c142e44979f0101598fc6d5ad0687efa2fffcba9f59b6ab4 examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json 56d02915471d62f7687e3f6258d75754c8e7a44ca717e4ca0906dd4bb6fc34fb examples/v1.1.0/commercial/verify/valid/001-verify.request.valid.json 9492d90ea14ad35eeb8acd03248ce6061ccdc04a7aff4ed538d8c42be3abc015 examples/v1.1.0/commercial/verify/valid/002-verify.request.valid.json 50874f3eea69a51ac132873b05e39318e4c2241078ca5e258e466934935ec945 examples/v1.1.0/commercial/verify/valid/900-verify.receipt.valid.json 455d19ad1b7ef98e436d8f1c675fee7f2716eb17d301da8d2cc4e2e2c51e624a examples/v1.1.0/commercial/verify/valid/901-verify.receipt.valid.json 6b0461ac0138c9ba356cbe99ccfaa8c904296c41b6fe26808aef5bac44b29478 index.js -da3ad7f894942068b7848038cad9da3a84fe6d88cfe988fc9404c3f59161eb64 manifest.json -4d1178e63f6c5a9e1e4d9cc4d386fbad023dd5a85c000ff193285b1fed9af243 schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json +6d0c507d979d7fa4c03570ac624e52f1e76db31234c1591fbd9080f5865dcaae manifest.json +93aee99366ac3917027f3d153f646929d77ccf178e543086518efd14d1d68fe4 schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json ef5da55ba5acdd43e8d2715204938762a63819dd370ebc8dfedad014617259c3 schemas/v1.1.0/commercial/authorize/authorize.request.schema.json -66e39d85a503ec2fa096d789b5b3136a451387186fa33424c4bcb07ce9aea49b schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json +db850c38415809fd823abd9b49fd56502c79fd00d4cf4899dc849ef653d8db23 schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json c4ca52ae4c5054a151c099d6108af57b17025ed7d86a99889c2cf7ffc9a341fa schemas/v1.1.0/commercial/checkout/checkout.request.schema.json -e4613661a5764379d0512d5b6ee05c8862089d30fc1e134694df045172019e45 schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json +a26030e08210a7d6f891a4448a8100d358fc9b11f99e68d56d591137a0e3d8b1 schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json e9b62cf29d5f58fed922e9bc77c8d3e13e6f7ed04785baad7a7e4fc600ab44b8 schemas/v1.1.0/commercial/purchase/purchase.request.schema.json 209f3449f0c580f919a5d9d93cf863b37b70cdcf873a49fbbb57241c361034dd schemas/v1.1.0/commercial/ship/ship.receipt.schema.json b876f8ffbfd87e5554374de114414f9e4091ba09c80d07b9b99a40ff1befd7c5 schemas/v1.1.0/commercial/ship/ship.request.schema.json diff --git a/examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json b/examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json index e704a2b..83ef44c 100644 --- a/examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json +++ b/examples/v1.1.0/commercial/verify/invalid/900-verify.receipt.invalid.json @@ -2,7 +2,7 @@ "protocol": "commercial", "version": "1.1.0", "verb": "verify", - "receipt_id": "bad-verifyrcpt-001", + "receipt_id": "verifyrcpt-missing-reason-001", "issued_at": "2026-03-19T10:20:02Z", "request_id": "verifyreq-001", "status": "not_verified", @@ -22,5 +22,5 @@ "id": "proof-2001" } ], - "basis": "Canonical settlement proof was found, but the ledger amount did not reconcile." + "basis": "Verifier determined the settlement proof failed reconciliation, but this invalid fixture intentionally omits the required reason field." } diff --git a/manifest.json b/manifest.json index 55ceafd..fa163a2 100644 --- a/manifest.json +++ b/manifest.json @@ -2,7 +2,7 @@ "name": "@commandlayer/commercial", "class": "commercial", "version": "1.1.0", - "status": "current-draft", + "status": "current", "description": "Canonical x402-first commercial schemas, examples, and release metadata for CommandLayer.", "repository": "https://github.com/commandlayer/protocol-commercial", "homepage": "https://commandlayer.org", diff --git a/releases/v1.1.0.md b/releases/v1.1.0.md index 83a7ffc..b4b180e 100644 --- a/releases/v1.1.0.md +++ b/releases/v1.1.0.md @@ -2,9 +2,7 @@ ## Release summary -This file is a repository-local draft. It does not by itself assert that npm publication, a GitHub Release, or signed provenance publication has already occurred. - -Protocol-Commercial v1.1.0 is the current canonical commercial line for CommandLayer and is described here as a checked-in release-note draft for a future publication step. +Protocol-Commercial v1.1.0 is the current canonical commercial line for CommandLayer. This release note records the repository-validated release surface and the final publication inputs without asserting that npm publication, a GitHub Release, or signed provenance publication has already occurred. Scope of this release: @@ -13,7 +11,7 @@ Scope of this release: - package-root entrypoint `index.js` resolving to `schemas/v1.1.0/index.json` - release metadata limited to `manifest.json`, `checksums.txt`, `LICENSE`, and `README.md` - explicit actor grammar: `payer`, `payee`, `merchant`, `provider`, `carrier`, `verifier` -- explicit x402 payment grammar: `payment_requirement`, `payment_session`, `payment_proof` +- explicit x402 payment grammar: `payment_requirement`, `payment_session`, `payment_input`, `payment_proof` - retained `v1.0.0` as repository-only historical material for audit or migration reference ## Canonical line @@ -26,13 +24,26 @@ Scope of this release: ## What changed in v1.1.0 -- moved the current line to a flat per-verb schema layout -- removed current-line dependency on a shared `_shared/` schema tree -- aligned request and receipt schema identities to exact mirror-safe public paths -- normalized actor and payment grammar across authorize, checkout, purchase, ship, and verify -- published current-line valid and invalid conformance examples per verb -- narrowed the npm package surface to the active `v1.1.0` line only -- aligned checksum and integrity tooling to the shipped `v1.1.0` boundary +### Added + +- flat per-verb request and receipt schemas for `authorize`, `checkout`, `purchase`, `ship`, and `verify` +- current-line valid and invalid conformance examples for each commercial verb +- deterministic manifest, checksum, and package-surface metadata for the v1.1.0 shipped boundary +- governed commercial actor grammar covering `payer`, `payee`, `merchant`, `provider`, `carrier`, and `verifier` +- x402 payment grammar covering `payment_requirement`, `payment_session`, `payment_input`, and `payment_proof` + +### Changed + +- the active line now uses a flat self-contained schema layout rather than the historical nested path model +- schema `$id` values and package exports now point directly at the canonical v1.1.0 paths +- receipt contracts now align actor, settlement, and verification semantics across the commercial verb family +- release metadata now describes v1.1.0 as the current repository-validated line without overclaiming external publication state +- integrity tooling now verifies the shipped payload boundary excluding `checksums.txt` itself + +### Removed + +- current-line dependency on the legacy `schemas/v1.0.0/_shared/` schema tree +- `v1.0.0` from the shipped package surface while retaining it in-repository for audit and migration reference ## Validation commands @@ -74,7 +85,7 @@ The checksum-covered shipped boundary for v1.1.0 is: ## Provenance summary - canonical schema `$id` values resolve to `https://commandlayer.org/schemas/v1.1.0/...` -- `manifest.json` marks `v1.1.0` as the current draft line and `v1.0.0` as retained historical repository material +- `manifest.json` marks `v1.1.0` as the current line and `v1.0.0` as retained historical repository material - `schemas/v1.1.0/index.json` and `manifest.json` agree on verb inventory and schema paths - integrity tooling verifies the shipped boundary before publication @@ -82,7 +93,6 @@ The checksum-covered shipped boundary for v1.1.0 is: Use `v1.1.0` for all new integrations. Keep `v1.0.0` only as repository-local historical source material unless you are performing a deliberate legacy migration outside the shipped package surface. - ## Packaging note `npm pack --dry-run` may additionally show npm-emitted `package.json` metadata in the tarball. CI treats that as packaging metadata only, not as an expansion of the canonical shipped boundary. diff --git a/schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json b/schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json index c635112..51589da 100644 --- a/schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json +++ b/schemas/v1.1.0/commercial/authorize/authorize.receipt.schema.json @@ -351,6 +351,7 @@ "status", "payer", "payee", + "merchant", "amount" ], "allOf": [ diff --git a/schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json b/schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json index 04fa922..7af61a7 100644 --- a/schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json +++ b/schemas/v1.1.0/commercial/checkout/checkout.receipt.schema.json @@ -444,10 +444,7 @@ "if": { "properties": { "status": { - "enum": [ - "failed", - "pending" - ] + "const": "failed" } } }, diff --git a/schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json b/schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json index 042c799..d7fc616 100644 --- a/schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json +++ b/schemas/v1.1.0/commercial/purchase/purchase.receipt.schema.json @@ -449,10 +449,7 @@ "if": { "properties": { "status": { - "enum": [ - "failed", - "pending" - ] + "const": "failed" } } }, diff --git a/scripts/validate-all.mjs b/scripts/validate-all.mjs index e956c75..f4f3d63 100644 --- a/scripts/validate-all.mjs +++ b/scripts/validate-all.mjs @@ -93,7 +93,7 @@ async function validateManifest() { const manifest = await loadJsonStrict(path.join(ROOT_DIR, "manifest.json")); assert(!("$schema" in manifest), "manifest.json must not carry a decorative $schema field"); assert(manifest.version === CURRENT_VERSION, `manifest version must be ${CURRENT_VERSION}`); - assert(manifest.status === "current-draft", "manifest status must be current-draft until publication is completed"); + assert(manifest.status === "current", "manifest status must identify v1.1.0 as the single current line"); assert(manifest.path_base === ".", "manifest path_base must anchor repo-relative paths"); assert(manifest.paths_are_repo_relative === true, "manifest must declare repo-relative path semantics"); assert(manifest.schemas_root === `schemas/v${CURRENT_VERSION}`, "manifest schemas_root drift");