v4.6.0

4.6.0 (2026-05-09)

Features

• webhooks: public to_wire_dict() serialization seam (#602) (6a06e88)

Bug Fixes

• decisioning: re-validate params through platform method's stricter subclass annotation (#597) (3d269f5)
• webhooks: add canceled/rejected/auth-required to A2A status map; fail fast on unknowns (#606) (89f9491)
• webhooks: correct type annotations for extract_webhook_result_data and payload builders (#600) (e624b5c)
• webhooks: reject unknown AdCP status in create_a2a_webhook_payload (#605) (37d2cda)

Documentation

• contributing: document PR title format to prevent silent CHANGELOG drops (#580) (2c5ec64)

v4.5.0

4.5.0 (2026-05-07)

Features

• auth: per-leg header config + agent-card bearerAuth scheme (#595) (52f45ef)

Bug Fixes

• client: preserve agent_uri trailing slash; widen MCP URL fallbacks (#582) (1db3ce3)

v4.4.3

4.4.3 (2026-05-05)

Bug Fixes

• server: A2A auth middleware populates current_principal contextvars (#592) (5430942)

v4.4.2

4.4.2 (2026-05-05)

Bug Fixes

• deps: re-pin a2a-sdk<1.0.2, add protobuf>=6 floor + matrix canary (#588) (1e16d6f)

v4.4.1

4.4.1 (2026-05-05)

Bug Fixes

• client: add extra_headers escape hatch for multi-tenant servers (#585) (66b7456)
• deps: bump a2a-sdk to >=1.0.2,<1.1 (#586) (2fd640c)

v4.4.0

v4.4.0 — DecisioningPlatform foundation, Tier 2 commercial identity, durable infra

The largest release since the SDK's restructure. ~90 features and ~30 fixes across five weeks of work, anchored by the new DecisioningPlatform Protocol architecture and end-to-end Tier 2 commercial-identity flow. Highlights below; the auto-generated CHANGELOG (appended at the end of this release's body or in CHANGELOG.md) has the full per-PR list.

Headline themes

1. DecisioningPlatform — unified Protocol architecture (#316)

A single Protocol surface for building AdCP servers, replacing the legacy handler-by-tool pattern. Six Protocol breadth-sprint batches ship the surface adopters need:

• Sales (existing) + CampaignGovernance (#334)
• Signals + Audience (#332)
• CreativeBuilder + CreativeAdServer (#333)
• BrandRights + ContentStandards + PropertyLists + CollectionLists (#335)
• MockAdServer with /_debug/traffic counters (#383, #405)

2. Tier 2 commercial identity (v3 signing)

End-to-end RFC 9421 signed-request flow for the v3 buyer-agent registry:

• BuyerAgentRegistry + dispatch wire-up + AuthInfo v3 fields (#349, #359)
• PgBuyerAgentRegistry durable Postgres backend (#364, #380, #407)
• BrandJsonJwksResolver + CapabilityCache v3 Tier 1 (#345)
• AuthInfo.from_verified_signer bridge to RFC 9421 (#365)
• verify_from_agent_url single-call resolver+verifier (#401)
• async_resolve_agent JWKS bootstrap via brand.json (#389)

3. Multi-tenant routing

• PlatformRouter + multi-platform proof (#477, #490)
• LazyPlatformRouter for tenant-on-first-request construction (#552)
• SubdomainTenantRouter + CallableSubdomainTenantRouter for DB-backed lookups (#355, #368, #544)
• create_tenant_store opinionated multi-tenant AccountStore (#473)
• createOAuthPassthroughResolver (#472), createRosterAccountStore (#471)

4. Durable Postgres infrastructure

• PostgresTaskRegistry for HITL task state (#361)
• PgWebhookDeliverySupervisor for multi-worker delivery (#360)
• PgBackend idempotency for multi-worker durable replay (#555)
• WebhookDeliverySupervisor + SQLAlchemy A2A stores (#348)

5. transport="both" — single-binary MCP + A2A (#354, #370)

Host both MCP and A2A on the same process, with structured-error parity (#530, #536) and structuredContent.adcp_error on MCP error responses (#509, #525).

6. Validation, by default (validation=strict in serve())

Breaking — serve() now defaults to strict wire-conformance validation (#439). Servers that previously passed lax validation may surface new errors. Set validation="warn" or validation=None to opt out. See ADCP_VALIDATION_MODE env var (#391, #385) for global override.

Companion DX: oneOf near-miss validator hints + issues[].hint on every VALIDATION_ERROR (#476).

7. Auth surface improvements

• serve(auth=BearerTokenAuth(...)) — A2A sibling + cross-transport shortcut (#566)
• ctx.auth_principal populated from bearer ContextVar (#574, fixes #571)
• ctx.auth_info.kind == "bearer" typed flow discriminator (#577, fixes #576)
• header_name + bearer_prefix_required on BearerTokenAuthMiddleware (#545)
• CreateMediaBuySubmittedResponse alias + handler return type covers all 3 branches (#575, fixes #570)

Migration callouts

• validation=strict is the new default in serve() (#439). To preserve prior behavior, pass validation="warn" or set ADCP_VALIDATION_MODE.
• AuthInfo flat-field synthesis warns now, removes in 4.5.0 — AuthInfo(kind="api_key", key_id=..., principal=...) triggers DeprecationWarning. Construct typed ApiKeyCredential/OAuthCredential/HttpSigCredential explicitly going forward.
• Bearer adopters reading ctx.auth_principal/ctx.auth_info (#571, #576) — these now populate for bearer flows. Adopter code gating on is None to detect bearer flow needs to switch to ctx.auth_info.kind == "bearer" checks.

Selected fixes

• TaskHandoff registry.fail/complete echo request context (#569)
• Tier 2 codes → spec-conformant PERMISSION_DENIED (#375, #393)
• MCP error responses populate structuredContent.adcp_error (#509, #525)
• Server/A2A structured-error parity with MCP (#530, #536)
• @IdempotencyStore.wrap supports arg-projected methods (#567, fixes #559)
• Schemas bundled as adcp.schemas package (#442) — eliminates inlined test copy

Acknowledgments

Triage / review automation expanded substantially in this cycle — Claude Code triage routine, no-triage label gate, and stuck-label sweep workflows now coordinate parallel work between the bot and humans (CLAUDE.md coordination rules updated #572).

---

Full per-PR CHANGELOG: see the auto-generated section below or CHANGELOG.md.

---

Auto-generated CHANGELOG (per-PR)

4.4.0 (2026-05-04)

Features

• auth: header_name + bearer_prefix_required on BearerTokenAuthMiddleware (#545) (b16d18f)
• auth: serve(auth=BearerTokenAuth(...)) — A2A sibling + cross-transport shortcut (#566) (4ead607)
• buyer-agent-registry: caching + rate-limit + audit emission (#380) (#407) (5a1e6b6)
• client: looks_like_v3_capabilities — drop the v2-downgrade footgun on capabilities-validation failure (#475) (385dc80)
• decisioning: Account v3 projection helpers — bank-details write-only guard (#356) (#366) (5d898b6)
• decisioning: Account.mode + sandbox-authority gate for comply_test_controller (Phase 1) (#483) (f5cd8cf)
• decisioning: adopt structured capabilities in v3 reference seller (8316105), closes #479
• decisioning: advertise_all kwarg + handler.get_advertised_tools (#529) (8b1b384)
• decisioning: align AccountStore.resolution literal with JS + Tier 1 docs (#330) (6490948)
• decisioning: AuthInfo.from_verified_signer — bridge to RFC 9421 verifier (#365) (5ae109b)
• decisioning: boot-time capabilities response shape validation (#422) (#446) (127f164)
• decisioning: boot-time validator for declared idempotency vs wired @wrap (#543) (7657ad4)
• decisioning: BrandRights/ContentStandards/PropertyLists/CollectionLists Protocols (breadth sprint Batch 4 — FINAL) (#335) (aeb2543)
• decisioning: built-in fields projection on get_products responses (#503) (06aaf51)
• decisioning: CampaignGovernancePlatform Protocol (breadth sprint Batch 3) (#334) (2ca828a)
• decisioning: composeMethod + security composer helpers (#466) (ddad4b9)
• decisioning: comprehensive Emma DX follow-up (P0/P1/P2 + examples) (#339) (985dcd9)
• decisioning: create_tenant_store — opinionated multi-tenant ...

v4.3.0

4.3.0 (2026-04-30)

Features

• server: public register_handler_tools seam + advertised_tools class attr (#318) (d96822a)
• signing: SigningProvider Protocol for KMS-backed signing (#283) (#323) (4de648e)

Bug Fixes

• examples: close last 5 storyboard fixture-dependent failures (#319) (#322) (d92cfb1)
• examples: seed_product complete defaults + format_ids agent_url normalization (#319) (#321) (046b15e)

Documentation

• handler-authoring: expand with salesagent migration production patterns (#326) (ce4c5df)

v4.2.0

4.2.0 (2026-04-30)

Features

• examples: DemoStore overrides for force_create_media_buy_arm, force_task_completion, and seed_* scenarios (#313) (e2a2707)
• sdk: per-instance adcp_version pin + wire emission (Stage 2 + 3a) (#294) (4aa7a6d)
• server: add force_create_media_buy_arm + force_task_completion controller scenarios (#282) (9818250)
• test-controller: add seed_creative_format scenario; advertise force_session_status in capabilities (#315) (ce7e9ab)

Bug Fixes

• examples: seller_agent.py AdCP 3.0.1 storyboard compliance (items 1-6 of #304) (#310) (04966d7)
• server: comply_test_controller returns dict to fix controller_detected: false (#317) (9244d46)
• server: fix streamable-http ASGI error, host binding, and AdCP 3.0.1 scenario gaps (#296) (6be0232)

v4.1.0

4.1.0 (2026-04-30)

⚠ BREAKING CHANGES

• migration: FormatId.__name__ and __qualname__ change from "FormatId" to "FormatReferenceStructuredObject" because AdCP 3.0.1 polished the schema title on core/format-id.json. The public adcp.FormatId alias keeps working — Format(format_id= FormatId(...)) and isinstance(x, FormatId) are unchanged. Two niche cases break: pickled FormatId instances from 4.0 fail to unpickle on 4.1, and snapshot tests / log scrapers asserting on __name__ see the rename. See MIGRATION_v4.0_to_v4.1.md.
• a2a: ADCPClient.pending_task_id is now ADCPClient.active_task_id (same for A2AAdapter). The constructor's context_id= kwarg and reset_context() now raise TypeError (was ValueError) on non-A2A protocols — the string value is fine, the operation doesn't apply to MCP.

Features

• a2a: checkpoint/from_checkpoint API, harden context-id retention (a17ffb3)
• a2a: expose peer protocol versions, add force_a2a_version pin (3898c53)
• a2a: migrate to a2a-sdk 1.0 with 0.3 wire-compat shim (c07db7d)
• a2a: migrate to a2a-sdk 1.0 with 0.3 wire-compat shim (Release-As: 4.1.0) (28a4a13)
• adcp: support ADCP_BASE_URL env override in sync_schemas.py (#285) (a2bc977)
• adcp: sync canonical agent skills from protocol tarball (#275) (5312f05)
• agents: /claude-triage comment nudge (5af8b47)
• agents: /claude-triage comment nudge (d3b8b28)
• agents: add Claude Code routines scaffolding (aa23ef3)
• agents: add Claude Code routines scaffolding (d312abf)
• agents: add silent-triage path to triage prompt (6abb495)
• agents: commit .claude/agents/ experts for cloud routine access (55144f2)
• agents: migrate manual triage nudge to /triage slash-command-dispatch (#267) (6bd434d)
• agents: security + product review fixes for triage routine (cbafef5)
• agents: switch triage nudge prefix to @claude-triage (#265) (77bfce2)
• agents: triage bundles ready items, never splits issues (#266) (2227a6b)
• agents: triage default — execute when outcome is clear (e3f8a6c)
• agents: triage defer subtypes + partial-rollout linkage rule (#273) (c97aa95)
• agents: triage fires on comments + claude-triaging lifecycle label (#277) (604d795)
• agents: triage PR ergonomics — refs adcp#3121 (#279) (31606eb)
• agents: triage prompt handles RFC/epic/scope bucket/milestone (cac3525)
• agents: triage runs pre-PR build+test gate before expert review (#271) (8fcc5ee)
• agents: triage runs pre-PR expert review on diff before opening PR (#269) (46dd708)
• agents: triage v2 — expert consultation + race + coverage (bf6e18b)
• client: ADCPClient.from_mcp_client() factory for in-process MCP transport (#293) (d83aa53)
• signing: close 4 SSRF gaps and add opt-in port hardening (foundation audit) (84b837e)
• signing: default replay store, signed-fetch preset, migration guide (#272) (52019b8)
• signing: drain three foundation-audit deferreds (#298, #299, #300) (072998a)
• validation: schema-driven validation with client hooks and opt-in server middleware (5cbac87)
• validation: schema-driven validation with client hooks and opt-in server middleware (a38ff57)

Bug Fixes

• a2a: address expert-review feedback on 1.0 migration (7e54b97)
• adcp: skip eager httpx.AsyncClient alloc in WebhookSender.aenter on owned-client path (#301) (4bd45d1), closes #300
• agents: already-engaged check + tighten label creation (02baa89)
• agents: triage already-engaged + ship-more (missed in #259) (ca42d29)
• agents: webhook-miss sweep grace period (no double-fire) (#280) (3a5f1c2)
• deps: add types-protobuf to pip dev extras (801ac16)
• handlers: sync MEDIA_BUY_STATE_MACHINE with spec v3 enum (#289) (54fd18b)
• signing: validate-before-sign symmetry in deliver() + HMAC SSRF coverage + 4.1 migration notes (bc8da3a)
• triage: drop apostrophe from MODE text (port of adcp#3325) (#287) (2efa423)
• validation: address code + security review feedback ([...

v4.0.0

4.0.0 (2026-04-22)

⚠ BREAKING CHANGES

• types: rename Asset content types to Content
• server: pluggable TaskStore on A2A — unblock production A2A adoption
• server: expert-review followups — tenant-scoped idempotency, A2A context_factory, ContextVar safety
• types: AssetsNN semantic aliases + format_category shim + downstream smoke
• sdk: ResolvedBrand.brand_manifest removed. Use .brand. CreateMediaBuyRequest.brand_manifest removed. Use brand. BrandManifest, FormatCategory, DeliverTo, PromotedProducts, PromotedOfferings, Pricing, PackageStatus imports now raise ImportError. See MIGRATION_v3_to_v4.md.
• webhooks: ADCPClient webhook verification now requires raw_body to be passed through from the HTTP handler. Callers that relied on the implicit re-serialize-from-payload fallback will start seeing ADCPWebhookSignatureError until they plumb the raw body through from their framework's pre-parse hook. Fix path:
• webhooks: get_adcp_signed_headers_for_webhook now signs the compact-separator JSON form of the payload. Callers that previously hand-serialized spaced JSON and POSTed it with content= will see signature mismatches after this change. The fix is to also serialize with separators=(",", ":") or switch to httpx json= which already uses that form.
• serve(mount=...) kwarg removed.
• Budget.authority_level is removed. Migrate to reallocation_threshold / reallocation_unlimited on plan.budget, and set plan.human_review_required for decisions affecting data subjects. See the rc.4 migration section in README.md.

Features

• A2A server support in serve() (d0c3015)
• A2A server support in serve() (4e5db4f), closes #175
• a2a: auto-retain contextId + taskId across multi-turn calls (0564635)
• a2a: auto-retain contextId + taskId across multi-turn calls (8a084ec)
• ADCP 3.0 server DX helpers, type guards, and schema sync (de4a079)
• ADCP 3.0 server DX helpers, type guards, and schema sync to latest (bf0d81d)
• AdCP RFC 9421 request-signing profile (ba53961)
• add collection_list and sync_governance task methods (2dbeac1)
• address PR review — real-world transforms and SDK error types (cfaa9c5)
• AssetsNN aliases, format_category shim, MCP adoption hooks — unblock salesagent (ed7d30a)
• auto-inject context passthrough in create_tool_caller (4d4fe5e)
• bump to 4.0.0b1 with test fixtures updated for new schema shape (dcd6709)
• bundle-based schema sync + Sigstore verify + 4.0.0b1 on latest (755071a)
• error translation helper for multi-transport servers (7825ed6)
• error translation helper for multi-transport servers (#176) (88126d1)
• examples: add seller_agent.py reference impl (40341c9)
• idempotency_key auto-injection, typed errors, and capability gate (af9dd2d)
• idempotency_key auto-injection, typed errors, and capability gate (12cc983)
• implement AdCP RFC 9421 request-signing profile (fc995e9)
• MCP response + error extraction per AdCP spec (d991b1e)
• MCP response + error extraction per AdCP spec (896beb8)
• mcp: auto-generate sync_governance inputSchema from Pydantic (ac1edb3)
• mcp: inline $defs in generated inputSchema (closes #208) (8eaeb4d)
• mcp: inline $defs in generated inputSchema (closes #208) (ffa58e5)
• migrate+types: v3->v4 codemod, strict-validation flag, version helpers, subclass test (0f50d39)
• migrate+types: v3->v4 codemod, strict-validation flag, version helpers, subclass test (32bfbeb)
• salesagent review feedback - typed error codes, state machine export, missing types (8ef8161)
• schemas: regen for AdCP 3.0 GA — custom pricing + experimental_features (4dfaffe)
• schemas: regen for AdCP 3.0 GA — custom pricing + experimental_features (db913ba), closes #204
• sdk: 4.0 beta cleanup — version wiring, brand_manifest drop, migration guide (ebaab12)
• server+migrate: round-1 feedback followups (dbbc390)
• server+migrate: round-1 feedback followups (0fe9cb5)
• server: AccountAwareToolContext + multi-tenant contract doc (69fd3da)
• server: AccountAwareToolContext + multi-tenant contract doc (3747939)
• server: context_factory, tenant_id, DISCOVERY_TOOLS — unblock MCP adoption (2203c1d)
• server: DISCOVERY_METHODS + document tools/list pre-auth posture (closes #222) (a26c948)
• server: DISCOVERY_METHODS + lock tools/list pre-auth posture (closes #222) (ba2de29)
• server: gate tools/list on method overrides (#220) (816d22c)
• server: gate tools/list on method overrides (closes #220) (fc1a788)
• server: idempotency middleware per AdCP #2315 spec (101713c)
• server: idempotency middleware per AdCP #2315 spec (f708ed2)
• server: middleware parity, auth, A2A parser hook, startup log ([549d190]...