Capsule v1.5.0

Hash chain concurrency protection. Prevents race conditions where concurrent writes could fork the chain.

Added

• Optimistic retry in seal_and_store() — if a concurrent writer claims the same sequence number, the UNIQUE constraint rejects the duplicate and the method retries with the updated chain head. Up to 3 retries before raising ChainConflictError.
• ChainConflictError exception — raised when seal_and_store() exhausts all retries due to sustained concurrent writes for the same tenant chain.
• UNIQUE constraint on sequence (SQLite) — CapsuleModel now enforces UNIQUE(sequence), preventing duplicate sequence numbers at the database level.
• UNIQUE constraint on tenant + sequence (PostgreSQL) — CapsuleModelPG now enforces UNIQUE(tenant_id, sequence), scoped per tenant.
• Global chain protection (PostgreSQL) — partial unique index for tenant_id IS NULL prevents duplicate sequences in the global chain.
• 36 new concurrency tests covering retry behavior, constraint enforcement, exception hierarchy, and integration.

Security

• TOCTOU race condition fixed — the add() → seal() → store() sequence previously allowed concurrent writers to silently fork the hash chain. Now protected at two layers: database constraints + application retry.

Install

pip install qp-capsule==1.5.0

Capsule v1.4.0

Ecosystem expansion: Go verifier, LiteLLM integration, and negative conformance vectors.

Added

• Go verifier library (capsule-go) — canonical JSON serialization, SHA3-256 hashing, Ed25519 signature verification, and structural/full/signature chain verification in Go. Passes all 16 golden conformance vectors. Verification-only (no capsule creation).
• LiteLLM integration (capsule-litellm) — CapsuleLogger callback that seals every LLM call into a Capsule. Sync and async. Captures prompt hash (SHA3-256), token metrics, latency, model identity, and error tracking.
• Invalid capsule fixtures (conformance/invalid-fixtures.json) — 15 negative test vectors across 5 error categories: missing fields, wrong types, invalid values, chain violations, and content tampering.
• Python tests for invalid fixtures — 33 tests validating the invalid fixture suite.
• Ecosystem documentation — README restructured with Reference Implementations and Ecosystem Libraries. Architecture doc adds ecosystem diagram.

Full Changelog

https://github.com/quantumpipes/capsule/blob/main/CHANGELOG.md#140---2026-03-15

py-v1.5.0

Capsule 1.5.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.5.0

Full Changelog: py-v1.4.0...py-v1.5.0

py-v1.4.0

Capsule 1.4.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.4.0

What's Changed

• deps(typescript): Bump vitest from 4.0.18 to 4.1.0 in /reference/typescript by @dependabot[bot] in #14
• ci: Bump actions/setup-node from 4.2.0 to 6.3.0 by @dependabot[bot] in #12
• ci: Bump actions/download-artifact from 8.0.0 to 8.0.1 by @dependabot[bot] in #11
• deps(typescript): Bump @vitest/coverage-v8 from 4.0.18 to 4.1.0 in /reference/typescript by @dependabot[bot] in #13

Full Changelog: v1.3.0...py-v1.4.0

Capsule v1.3.0

Capsule Protocol v1.3.0: CLI verifier and epoch-based key rotation

Added

• capsule CLI — verify, inspect, and manage keys from the command line
  • capsule verify <source> — structural, full (SHA3-256), and signature (Ed25519) verification
  • capsule inspect — display a capsule's full 6-section content
  • capsule keys info | rotate | export-public — keyring management
  • capsule hash <file> — SHA3-256 utility
• Epoch-based key rotation — NIST SP 800-57 aligned key lifecycle with backward-compatible verification across rotations
• Epoch-aware signature verification — Seal(keyring=kr) resolves the correct epoch's public key via fingerprint lookup

Install

pip install qp-capsule==1.3.0

See CHANGELOG.md for full details.

py-v1.3.0

Capsule 1.3.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.3.0

What's Changed

• Add NIST RFI submission artifacts (Docket NIST-2025-0035) by @bradleygauthier in #6
• Expand compliance into per-framework mappings by @bradleygauthier in #7
• Add Security Considerations to spec and cryptographic chain verification by @bradleygauthier in #8
• ci: Separate Python and TypeScript release tag triggers by @bradleygauthier in #9
• Add CLI verifier and epoch-based key rotation (v1.3.0) by @bradleygauthier in #10

New Contributors

• @bradleygauthier made their first contribution in #6

Full Changelog: v1.2.0...py-v1.3.0

v1.2.0

Capsule 1.2.0

See CHANGELOG.md for details.

Install

pip install qp-capsule==1.2.0

Full Changelog: v1.1.0...v1.2.0

v1.1.0 — High-Level API

High-level API for zero-boilerplate integration. One class, one decorator, one context variable.

Added

• Capsules class — single entry point that owns storage, chain, and seal. Zero-config default (Capsules() uses SQLite), PostgreSQL via URL string, or custom storage backend via storage= kwarg.
• @capsules.audit() decorator — wraps any async or sync function with automatic Capsule creation, sealing, and storage. Supports type, tenant_from, tenant_id, trigger_from, source, domain, and swallow_errors parameters.
• capsules.current() context variable — access and enrich the active Capsule during execution (set model, confidence, session, resources, summary).
• mount_capsules() FastAPI integration — mount three read-only endpoints (GET /, GET /{id}, GET /verify) onto any FastAPI application. FastAPI is not a hard dependency.
• 33 new tests (23 audit + 10 FastAPI)

Design Principles

• Zero new dependencies — uses only stdlib (contextvars, logging, inspect, functools)
• Additive only — no existing files modified. All 361 existing tests pass unchanged.
• Never blocks user code — capsule errors are swallowed by default. Decorated function's return value, exceptions, and timing are preserved exactly.

Install

pip install qp-capsule==1.1.0

https://github.com/quantumpipes/capsule/blob/main/CHANGELOG.md#110---2026-03-07

Initial Release

v1.0.0

Initial: Capsule Protocol Specification v1.0.0