dependabot[bot] opened a new pull request, #3110: URL: https://github.com/apache/cxf/pull/3110
Bumps [org.atmosphere:atmosphere-runtime](https://github.com/Atmosphere/atmosphere) from 3.1.0 to 4.0.44. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/releases";>org.atmosphere:atmosphere-runtime's releases</a>.</em></p> <blockquote> <h2>Atmosphere 4.0.44</h2> <h3>Added</h3> <ul> <li>predictable-AI primitives — three framework-level capabilities that close gaps Bonér's "Herding LLMs" deck flagged for distributed-system reliability, all declared on every framework runtime so the matrix closes without <code>@Beta</code> shims: <ul> <li><code>BUDGET_ENFORCEMENT</code> (<code>a4fae39464</code>) — new <code>AiBudget</code> value record (max input / output / total tokens, max steps, max wall clock) installed via <code>pipeline.setDefaultBudget(...)</code> or per-request <code>ai.budget</code> metadata. <code>BudgetCapturingSession</code> decorator slots into the AiPipeline session-decorator stack between metrics and guardrail layers; on breach it routes a typed <code>AiBudgetExceededException extends AiException</code> through <code>session.error(...)</code> and short-circuits subsequent <code>send</code> / <code>usage</code> / <code>progress</code> / <code>emit</code> / <code>complete</code> calls so the wire protocol's "one terminal frame" invariant holds. Distinct from <code>org.atmosphere.ai.budget.StreamingTextBudgetManager</code> (long-running per-tenant cumulative spend); this capability is the per-call death-spiral guard. 13 new unit tests cover every breach reason, default vs. per-request ov erride, and the post-trip swallow. Wall-clock limits trip universally; token / step limits depend on <code>TOKEN_USAGE</code> (every runtime except Spring AI Alibaba honors both).</li> <li><code>CONFIDENCE_SCORES</code> (<code>a4fae39464</code>) — new <code>AiConfidence</code> record with <code>OptionalDouble aggregate</code>, <code>List<TokenLogprob></code> tokens, and <code>Source</code> enum (<code>LOGPROBS_NATIVE</code> / <code>MODEL_REPORTED_FIELD</code> / <code>HEURISTIC</code>). <code>StreamingSession.confidence(AiConfidence)</code> default method auto-emits <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata mirroring the <code>usage(TokenUsage)</code> convention; <code>DelegatingStreamingSession</code> gains the matching forwarding override. Universal model-reported path via the new <code>AiConfidenceElicitation</code> plus the <code>ConfidenceCapturingSession</code> decorator: pipeline appends an opt-in cue to the system prompt, decorator parses the model-emitted <code>{"confidence": 0.x}</code> field on stream completion (same regex shape as the existing <code>ConfidenceThresholdGuardrail</code >) and fires <code>session.confidence</code> ahead of the terminal frame. >Decorator self-suppresses when a runtime already invoked ><code>confidence(...)</code> directly with <code>LOGPROBS_NATIVE</code>. >Skipped when structured-output mode is in play because the schema parser owns >the response shape — callers add a <code>confidence</code> field to their >record schema in that mode. 14 new unit tests cover record validation, the >elicitation cue, parser fallbacks, runtime-explicit override, per-request >override of the pipeline default, and the structured-output skip.</li> <li><code>PASSIVATION</code> (<code>a4fae39464</code>) — new <code>AgentSnapshot</code> record in <code>modules/ai</code> (persistable subset of <code>AgentExecutionContext</code> — message, system prompt, identity columns, history, JSON-clean metadata, response type name, reason, paused-at). New <code>AgentPassivation</code> static helper in <code>modules/checkpoint</code> with <code>passivate(runtime, ctx, store, reason): String</code>, <code>resume(runtime, store, id, externalSignal, base, session)</code>, and <code>loadSnapshot(store, id)</code>. <code>resume</code> merges the snapshot onto a caller-supplied base context (which carries the runtime references — tools, memory, listeners, retry policy — that don't survive a JVM restart) and re-runs <code>runtime.execute(...)</code>; base wins on metadata-key collision so caller-injected refs (e.g. trace context) are not clobbered by stale snapshot values. Helper lives in <code>modules/checkpoint</code> rather than on <cod e>AgentRuntime</code> itself because <code>modules/ai → modules/checkpoint</code> introduces a <code>ai → checkpoint → coordinator → ai</code> cycle; the reverse direction is acyclic. Capability flag declared on every runtime — flag advertises "this runtime cooperates with <code>AgentPassivation</code>," honest because every runtime threads <code>context.history()</code> through its dispatch path so a resumed call observes the same conversation the paused call saw. 10 new unit tests cover snapshot round-trip, resume flow with external signal, signal-less replay of pending message, missing-checkpoint errors, metadata filtering (non-String values dropped pre-snapshot), metadata merge precedence, unique IDs across passivations, and null-arg rejection.</li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li><code>AiCapability</code> enum gains 3 entries — total 20 capabilities (was 17). <code>AbstractAgentRuntimeContractTest.expectedCapabilities()</code> pin updated for all 9 framework runtimes: BuiltIn, Spring AI, LangChain4j, ADK, Embabel, Koog, AgentScope, Spring AI Alibaba, Semantic Kernel. <code>BuiltInAgentRuntime</code> capability count test bumped from 13 to 16. Capability matrix in <code>modules/ai/README.md</code> extended with <code>BE</code> / <code>CS</code> / <code>PSV</code> columns plus a "Predictable-AI primitives" section documenting each capability's decorator placement, source enum, and runtime-by-runtime caveats (Spring AI Alibaba's <code>BUDGET_ENFORCEMENT</code> is wall-clock-only because the runtime does not surface <code>TOKEN_USAGE</code>).</li> </ul> <h3>Tests</h3> <ul> <li>Playwright e2e coverage for the predictable-AI primitives (<code>4be20c240c</code>) — <code>ai-budget-circuit-breaker.spec.ts</code>, <code>ai-confidence-elicitation.spec.ts</code>, <code>ai-passivation.spec.ts</code> exercise the full <code>AiPipeline</code> session-decorator stack through Atmosphere's wire transport. Each spec drives a dedicated test handler (<code>BudgetCircuitBreakerTestHandler</code> / <code>ConfidenceElicitationTestHandler</code> / <code>PassivationTestHandler</code>) registered in <code>AiFeatureTestServer</code> so the harness sees <code>AiBudgetExceededException</code> on the wire's error frame, the <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata frames the <code>confidence(...)</code> default sink emits, and the snapshot/resume round-trip across two sequential WebSocket connections. <code>modules/integration-tests/pom.xml</code> bumps <code>atmosphere-checkpoint</code> from test to compile scope so <code> PassivationTestHandler</code> can call <code>AgentPassivation</code> directly. <code>modules/integration-tests/playwright.config.ts</code> registers the three new spec project entries.</li> </ul> <h3>Fixed</h3> <ul> <li>CLI standalone-scaffold compile against the released parent POM (<code>7383eb0ee2</code>) — twenty <code>samples/spring-boot-*/pom.xml</code> files now declare <code><netty.version>4.2.13.Final</netty.version></code> in their own <code><properties></code> block so the sample is self-contained: scaffold-then-compile against the released <code>org.atmosphere:atmosphere-project:4.0.43</code> parent (which predates the netty bump and therefore does not declare <code>netty.version</code>) no longer fails with <code>Non-resolvable import POM: io.netty:netty-bom:pom:${netty.version}</code>. <code>cli/e2e-test-cli-runtime.sh</code> also fixes a long-standing comment-vs-code drift: the script was exporting <code>ATMOSPHERE_CLI_VERSION</code> while <code>cli/atmosphere</code> only ever read <code>ATMOSPHERE_VERSION_OVERRIDE</code>, so the SNAPSHOT-against-SNAPSHOT lane silently degraded to release-pin coverage. Renaming the export aligns the script with the CLI's act ual contract.</li> </ul> <h2>Atmosphere 4.0.43</h2> <h3>Added</h3> <ul> <li>per-request runtime extension helpers (<code>f1493c3f9c</code>) — small <code>attach(context, ...)</code> / <code>from(context)</code> helpers (modeled on the existing <code>CacheHint</code>) that let callers stash framework-native composition objects in <code>AgentExecutionContext.metadata()</code>, so a runtime can apply them per-request without growing the unified <code>AgentRuntime</code> SPI with framework-specific knobs. Runtimes covered: <code>SpringAiAdvisors</code> (Spring AI <code>Advisor</code> chain — RAG / memory / guardrails / observability), <code>LangChain4jAiServices</code> (LangChain4j <code>AiServices</code> / <code>TokenStream</code>), <code>KoogStrategy</code> (Koog <code>AIAgentGraphStrategy</code> DSL), <code>AdkRootAgent</code> (ADK <code>BaseAgent</code> / <code>SequentialAgent</code> / <code>ParallelAgent</code> / <code>LoopAgent</code> topology), and <code>ToolLoopPolicies</code> (per-request <code>ToolLoopPolicy</code> honored by <code>BuiltInAg entRuntime</code>'s OpenAI-compatible tool loop). The other shipped runtimes (<code>AgentScope</code>, <code>Embabel</code>, <code>SemanticKernel</code>, <code>SpringAiAlibaba</code>) do not yet have a per-request bridge — Embabel got native streaming via <code>StreamingPromptRunnerBuilder.streaming().generateStream()</code> in the same merge but no sidecar. Also added: <code>AgentLifecycleListener.onModelStart</code> / <code>onModelEnd</code> / <code>onModelError</code> hooks with <code>fireXxx</code> fan-out helpers, and <code>AiEventForwardingListener</code> adapter that translates lifecycle hooks to wire-format <code>AiEvent.Progress</code> frames (opt-in via <code>context.withListeners(...)</code>). Each bridge ships with a unit-level <code>*BridgeTest</code> proving the runtime honors the sidecar.</li> </ul> <h3>Fixed</h3> <ul> <li>Quarkus extension closes the <code>/api/console/info</code> parity gap — the bundled Atmosphere Console UI gets the same <code>subtitle / endpoint / runtime / mode</code> payload it gets from the Spring Boot starter, instead of falling through to the Vue defaults on a 404. New <code>AtmosphereConsoleInfoServlet</code> (HttpServlet, registered at build time via a second <code>ServletBuildItem</code> mapped to <code>/api/console/info</code>) reuses the same package-prefix mode-detection heuristic as <code>AtmosphereConsoleInfoEndpoint</code> (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → <code>"ai"</code>, anything else including <code>ManagedAtmosphereHandler</code> → <code>"broadcast"</code>). Endpoint auto-detection prefers the canonical <code>/atmosphere/ai-chat</code> when registered (samples like <code>quarkus-ai-chat</code> ship multiple <code>@AiEndpoint</code>s), then <code>/atmosphere/agent/*</code>, then any other <code>/atmosphere/* </code>. New config keys <code>quarkus.atmosphere.console-subtitle</code> and <code>quarkus.atmosphere.console-endpoint</code> mirror the Spring <code>atmosphere.console-subtitle</code> / <code>atmosphere.console-endpoint</code> properties. JSON is hand-rolled so the runtime POM stays Jackson-free; <code>AgentRuntimeResolver</code> is reached via reflection so the servlet keeps no compile-time link to <code>modules/ai</code>. Empirically verified in chrome-devtools against <code>quarkus-ai-chat</code> — <code>/api/console/info</code> now returns <code>{"subtitle":"Runtime: langchain4j","endpoint":"/atmosphere/ai-chat","runtime":"langchain4j","mode":"ai"}</code>, the Vue Console shows the runtime label in the header subtitle, and the cross-tab isolation matrix continues to pass on the Quarkus leg.</li> <li>bundled Atmosphere Console now auto-detects AI vs. broadcast endpoints (<code>c1e8e36c7b</code>) — <code>/api/console/info</code> adds a <code>mode</code> field (<code>"ai"</code> for <code>@AiEndpoint</code> / <code>@Agent</code> / <code>@Coordinator</code>, <code>"broadcast"</code> for <code>@ManagedService</code> chats); <code>AtmosphereConsoleInfoEndpoint#detectMode</code> classifies via the registered handler's package prefix (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → ai, everything else including <code>ManagedAtmosphereHandler</code> → broadcast), so the check stays compile-time independent of <code>modules/ai</code> and <code>modules/agent</code>. The Vue frontend swaps empty-state copy ("Start a conversation" + "AI assistant" → "Start a broadcast" + "every connected client on this endpoint will receive it") and the default subtitle ("Runtime: <!-- raw HTML omitted -->" → " Multi-client broadcast chat") based on the detected mode. Closes the misleading-UI half of the cross-tab leak follow-up: pre-fix, <code>spring-boot-mcp-server</code> and <code>spring-boot-otel-chat</code> rendered the AI-assistant copy despite being broadcast-shared by design. Empirically verified in chrome-devtools against both broadcast samples and <code>spring-boot-ai-chat</code>. Per-sample <code>atmosphere.console-subtitle</code> overrides still win over the mode-aware default. 5 new contract tests in <code>AtmosphereConsoleInfoEndpointModeTest</code> pin the four classification paths plus the override interaction.</li> <li>cross-tab isolation matrix extended from 11 → 15 samples (<code>c1e8e36c7b</code>) — adds <code>quarkus-ai-chat</code> (cross-runtime parity, proves the targeted-dispatch fix from <code>1fbb0958f0</code> survives Quarkus's distinct <code>QuarkusJSR356AsyncSupport</code> path), <code>spring-boot-checkpoint-agent</code> (<code>@Coordinator</code> with analyzer/approver fleet + checkpoint store), <code>spring-boot-ms-governance-chat</code> (<code>@AiEndpoint</code> with <code>@AgentScope</code> classification interceptors stacked in front), and <code>spring-boot-channels-chat</code> (omnichannel <code>@AiEndpoint</code> with Telegram/Slack/WhatsApp/Messenger channel-bridge adapters). New fixture entries in <code>e2e/fixtures/sample-server.ts</code> for the checkpoint and ms-governance samples; quarkus-ai-chat reuses the existing fixture. Out-of-scope docstring corrected to remove <code>spring-boot-channels-chat</code> (it's actually an isolated <code>@AiEndpoint</code>, not a broadcast chat) and to explicitly tag <code>spring-boot-a2a-agent</code> as out-of-scope (A2A JSON-RPC has no two-tab Console scenario). All 15 cases pass locally in 3.5m.</li> <li><code>OpenAiCompatibleClient</code> Javadoc placement broke JDK 26 strict mode (<code>28703ea064</code>) — two stacked Javadoc blocks on <code>forwardResponsesApiUsage</code> raised <code>documentation comment is not attached to any declaration</code> under <code>-Xlint:all</code> <code>-Werror</code> on JDK 26 (silent on JDK 21). Merged into a single coherent block; CI: Core (JDK 21/26) green.</li> <li><code>cli/samples.json</code> and <code>cli/atmosphere</code> template map referenced deleted <code>spring-boot-embabel-chat</code> sample (<code>3a9373e875</code>) — <code>cli/test-cli.sh</code> failed with "samples missing README.md: spring-boot-embabel-chat". Entry removed from samples.json + template-map case statement.</li> </ul> <h2>Atmosphere 4.0.42</h2> <h3>Added</h3> <ul> <li>atmosphere-verifier — plan-and-verify (Meijer "Guardians of the Agents") New module modules/verifier/ + sample samples/spring-boot-guarded-email-agent/ — sealed Workflow AST, ServiceLoader-discovered PlanVerifier chain (Allowlist/WellFormed/Capability/Taint/Automaton/SmtChecker SPI), <a href="https://github.com/Sink";><code>@Sink</code></a> + <a href="https://github.com/RequiresCapability";><code>@RequiresCapability</code></a> scanners, PlanAndVerify orchestrator, WorkflowExecutor with partial-env on failure, verify CLI; sample REST + UI exercises the inbox-exfiltration scenario end-to-end (refused before any tool fires) — 74 unit + 4 boot + 6 Playwright tests, all CI green on the feature branch.</li> </ul> <h3>Fixed</h3> <ul> <li>fail-closed verifier empty-chain, JSON-escape govern. deny, deflake wasync PlanAndVerify.withDefaults + VerifyCli runChain throw / emit chain-empty violations when ServiceLoader yields no providers (P1: silent fail-open under shading / native-image / fat-jar relocation); governance-deny tool result routes every interpolated field through ToolBridgeUtils.escapeJson via a new buildGovernanceDenyJson helper (P2: backslash/newline/control char break); ChatIntegrationTest.socketStatusTransitions polls for status transition rather than asserting in the same instant the OPEN handler fires (release-pipeline timing flake). 5 new verifier tests + 6 governance-JSON tests.</li> </ul> <h3>Changed</h3> <ul> <li>drop org.json:json — Jackson 3 only (CVE hygiene) RoomProtocolCodec + SimpleRestInterceptor migrated to tools.jackson; brace-balanced reader preserves SwaggerSocket header/body chunk semantics; ALLOW_SINGLE_QUOTES kept for wire compatibility; org.json removed from parent + 3 spring-boot samples.</li> <li>bump version to 4.0.41</li> <li>prepare for next development iteration 4.0.42-SNAPSHOT</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/blob/main/CHANGELOG.md";>org.atmosphere:atmosphere-runtime's changelog</a>.</em></p> <blockquote> <h2>[4.0.44] - 2026-05-08</h2> <h3>Added</h3> <ul> <li>predictable-AI primitives — three framework-level capabilities that close gaps Bonér's "Herding LLMs" deck flagged for distributed-system reliability, all declared on every framework runtime so the matrix closes without <code>@Beta</code> shims: <ul> <li><code>BUDGET_ENFORCEMENT</code> (<code>a4fae39464</code>) — new <code>AiBudget</code> value record (max input / output / total tokens, max steps, max wall clock) installed via <code>pipeline.setDefaultBudget(...)</code> or per-request <code>ai.budget</code> metadata. <code>BudgetCapturingSession</code> decorator slots into the AiPipeline session-decorator stack between metrics and guardrail layers; on breach it routes a typed <code>AiBudgetExceededException extends AiException</code> through <code>session.error(...)</code> and short-circuits subsequent <code>send</code> / <code>usage</code> / <code>progress</code> / <code>emit</code> / <code>complete</code> calls so the wire protocol's "one terminal frame" invariant holds. Distinct from <code>org.atmosphere.ai.budget.StreamingTextBudgetManager</code> (long-running per-tenant cumulative spend); this capability is the per-call death-spiral guard. 13 new unit tests cover every breach reason, default vs. per-request ov erride, and the post-trip swallow. Wall-clock limits trip universally; token / step limits depend on <code>TOKEN_USAGE</code> (every runtime except Spring AI Alibaba honors both).</li> <li><code>CONFIDENCE_SCORES</code> (<code>a4fae39464</code>) — new <code>AiConfidence</code> record with <code>OptionalDouble aggregate</code>, <code>List<TokenLogprob></code> tokens, and <code>Source</code> enum (<code>LOGPROBS_NATIVE</code> / <code>MODEL_REPORTED_FIELD</code> / <code>HEURISTIC</code>). <code>StreamingSession.confidence(AiConfidence)</code> default method auto-emits <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata mirroring the <code>usage(TokenUsage)</code> convention; <code>DelegatingStreamingSession</code> gains the matching forwarding override. Universal model-reported path via the new <code>AiConfidenceElicitation</code> plus the <code>ConfidenceCapturingSession</code> decorator: pipeline appends an opt-in cue to the system prompt, decorator parses the model-emitted <code>{"confidence": 0.x}</code> field on stream completion (same regex shape as the existing <code>ConfidenceThresholdGuardrail</code >) and fires <code>session.confidence</code> ahead of the terminal frame. >Decorator self-suppresses when a runtime already invoked ><code>confidence(...)</code> directly with <code>LOGPROBS_NATIVE</code>. >Skipped when structured-output mode is in play because the schema parser owns >the response shape — callers add a <code>confidence</code> field to their >record schema in that mode. 14 new unit tests cover record validation, the >elicitation cue, parser fallbacks, runtime-explicit override, per-request >override of the pipeline default, and the structured-output skip.</li> <li><code>PASSIVATION</code> (<code>a4fae39464</code>) — new <code>AgentSnapshot</code> record in <code>modules/ai</code> (persistable subset of <code>AgentExecutionContext</code> — message, system prompt, identity columns, history, JSON-clean metadata, response type name, reason, paused-at). New <code>AgentPassivation</code> static helper in <code>modules/checkpoint</code> with <code>passivate(runtime, ctx, store, reason): String</code>, <code>resume(runtime, store, id, externalSignal, base, session)</code>, and <code>loadSnapshot(store, id)</code>. <code>resume</code> merges the snapshot onto a caller-supplied base context (which carries the runtime references — tools, memory, listeners, retry policy — that don't survive a JVM restart) and re-runs <code>runtime.execute(...)</code>; base wins on metadata-key collision so caller-injected refs (e.g. trace context) are not clobbered by stale snapshot values. Helper lives in <code>modules/checkpoint</code> rather than on <cod e>AgentRuntime</code> itself because <code>modules/ai → modules/checkpoint</code> introduces a <code>ai → checkpoint → coordinator → ai</code> cycle; the reverse direction is acyclic. Capability flag declared on every runtime — flag advertises "this runtime cooperates with <code>AgentPassivation</code>," honest because every runtime threads <code>context.history()</code> through its dispatch path so a resumed call observes the same conversation the paused call saw. 10 new unit tests cover snapshot round-trip, resume flow with external signal, signal-less replay of pending message, missing-checkpoint errors, metadata filtering (non-String values dropped pre-snapshot), metadata merge precedence, unique IDs across passivations, and null-arg rejection.</li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li><code>AiCapability</code> enum gains 3 entries — total 20 capabilities (was 17). <code>AbstractAgentRuntimeContractTest.expectedCapabilities()</code> pin updated for all 9 framework runtimes: BuiltIn, Spring AI, LangChain4j, ADK, Embabel, Koog, AgentScope, Spring AI Alibaba, Semantic Kernel. <code>BuiltInAgentRuntime</code> capability count test bumped from 13 to 16. Capability matrix in <code>modules/ai/README.md</code> extended with <code>BE</code> / <code>CS</code> / <code>PSV</code> columns plus a "Predictable-AI primitives" section documenting each capability's decorator placement, source enum, and runtime-by-runtime caveats (Spring AI Alibaba's <code>BUDGET_ENFORCEMENT</code> is wall-clock-only because the runtime does not surface <code>TOKEN_USAGE</code>).</li> </ul> <h3>Tests</h3> <ul> <li>Playwright e2e coverage for the predictable-AI primitives (<code>4be20c240c</code>) — <code>ai-budget-circuit-breaker.spec.ts</code>, <code>ai-confidence-elicitation.spec.ts</code>, <code>ai-passivation.spec.ts</code> exercise the full <code>AiPipeline</code> session-decorator stack through Atmosphere's wire transport. Each spec drives a dedicated test handler (<code>BudgetCircuitBreakerTestHandler</code> / <code>ConfidenceElicitationTestHandler</code> / <code>PassivationTestHandler</code>) registered in <code>AiFeatureTestServer</code> so the harness sees <code>AiBudgetExceededException</code> on the wire's error frame, the <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata frames the <code>confidence(...)</code> default sink emits, and the snapshot/resume round-trip across two sequential WebSocket connections. <code>modules/integration-tests/pom.xml</code> bumps <code>atmosphere-checkpoint</code> from test to compile scope so <code> PassivationTestHandler</code> can call <code>AgentPassivation</code> directly. <code>modules/integration-tests/playwright.config.ts</code> registers the three new spec project entries.</li> </ul> <h3>Fixed</h3> <ul> <li>CLI standalone-scaffold compile against the released parent POM (<code>7383eb0ee2</code>) — twenty <code>samples/spring-boot-*/pom.xml</code> files now declare <code><netty.version>4.2.13.Final</netty.version></code> in their own <code><properties></code> block so the sample is self-contained: scaffold-then-compile against the released <code>org.atmosphere:atmosphere-project:4.0.43</code> parent (which predates the netty bump and therefore does not declare <code>netty.version</code>) no longer fails with <code>Non-resolvable import POM: io.netty:netty-bom:pom:${netty.version}</code>. <code>cli/e2e-test-cli-runtime.sh</code> also fixes a long-standing comment-vs-code drift: the script was exporting <code>ATMOSPHERE_CLI_VERSION</code> while <code>cli/atmosphere</code> only ever read <code>ATMOSPHERE_VERSION_OVERRIDE</code>, so the SNAPSHOT-against-SNAPSHOT lane silently degraded to release-pin coverage. Renaming the export aligns the script with the CLI's act ual contract.</li> </ul> <h2>[4.0.43] - 2026-05-06</h2> <h3>Added</h3> <ul> <li>per-request runtime extension helpers — small <code>attach(context, ...)</code> / <code>from(context)</code> helpers (modeled on the existing <code>CacheHint</code>) that let callers stash framework-native composition objects in <code>AgentExecutionContext.metadata()</code>, so a runtime can apply them per-request without growing the unified <code>AgentRuntime</code> SPI with framework-specific knobs. The matrix closes on 4.0.43: all eight framework runtimes have a sidecar — <code>SpringAiAdvisors</code> (Spring AI <code>Advisor</code> chain — RAG / memory / guardrails / observability), <code>LangChain4jAiServices</code> (LangChain4j <code>AiServices</code> / <code>TokenStream</code>), <code>KoogStrategy</code> (Koog <code>AIAgentGraphStrategy</code> DSL), <code>AdkRootAgent</code> (ADK <code>BaseAgent</code> / <code>SequentialAgent</code> / <code>ParallelAgent</code> / <code>LoopAgent</code> topology), <code>EmbabelPromptRunner</code> (<code>UnaryOperator<PromptRunne r></code> customizer applied AFTER default wiring), <code>AgentScopeAgent</code> (per-request <code>ReActAgent</code>), <code>SemanticKernelInvocation</code> (per-request <code>InvocationContext</code> — unlocks <code>KernelHooks</code>, <code>withMaxAutoInvokeAttempts</code>, custom <code>PromptExecutionSettings</code>), <code>SpringAiAlibabaRunnableConfig</code> (per-request Alibaba <code>RunnableConfig</code> for <code>threadId</code>/<code>checkPointId</code>/<code>streamMode</code>/<code>metadata</code>/<code>store</code>), plus the cross-runtime <code>ToolLoopPolicies</code> honored by <code>BuiltInAgentRuntime</code>'s OpenAI-compatible tool loop. Initial five sidecars landed via <code>f1493c3f9c</code>; the remaining four runtimes plus the lifecycle hook fan-out below landed via <code>eec98890fe</code>. Also added: <code>AgentLifecycleListener.onModelStart</code> / <code>onModelEnd</code> / <code>onModelError</code> hooks with <code>fireXxx</code> fan-out helpers wired in all 8 framework runtimes (was Built-in only), and <code>AiEventForwardingListener</code> adapter that translates lifecycle hooks to wire-format <code>AiEvent.Progress</code> frames (opt-in via <code>context.withListeners(...)</code>). Each bridge ships with a unit-level <code>*BridgeTest</code> proving the runtime honors the sidecar.</li> </ul> <h3>Fixed</h3> <ul> <li>Quarkus extension closes the <code>/api/console/info</code> parity gap — the bundled Atmosphere Console UI gets the same <code>subtitle / endpoint / runtime / mode</code> payload it gets from the Spring Boot starter, instead of falling through to the Vue defaults on a 404. New <code>AtmosphereConsoleInfoServlet</code> (HttpServlet, registered at build time via a second <code>ServletBuildItem</code> mapped to <code>/api/console/info</code>) reuses the same package-prefix mode-detection heuristic as <code>AtmosphereConsoleInfoEndpoint</code> (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → <code>"ai"</code>, anything else including <code>ManagedAtmosphereHandler</code> → <code>"broadcast"</code>). Endpoint auto-detection prefers the canonical <code>/atmosphere/ai-chat</code> when registered (samples like <code>quarkus-ai-chat</code> ship multiple <code>@AiEndpoint</code>s), then <code>/atmosphere/agent/*</code>, then any other <code>/atmosphere/* </code>. New config keys <code>quarkus.atmosphere.console-subtitle</code> and <code>quarkus.atmosphere.console-endpoint</code> mirror the Spring <code>atmosphere.console-subtitle</code> / <code>atmosphere.console-endpoint</code> properties. JSON is hand-rolled so the runtime POM stays Jackson-free; <code>AgentRuntimeResolver</code> is reached via reflection so the servlet keeps no compile-time link to <code>modules/ai</code>. Empirically verified in chrome-devtools against <code>quarkus-ai-chat</code> — <code>/api/console/info</code> now returns <code>{"subtitle":"Runtime: langchain4j","endpoint":"/atmosphere/ai-chat","runtime":"langchain4j","mode":"ai"}</code>, the Vue Console shows the runtime label in the header subtitle, and the cross-tab isolation matrix continues to pass on the Quarkus leg.</li> <li>bundled Atmosphere Console now auto-detects AI vs. broadcast endpoints (<code>c1e8e36c7b</code>) — <code>/api/console/info</code> adds a <code>mode</code> field (<code>"ai"</code> for <code>@AiEndpoint</code> / <code>@Agent</code> / <code>@Coordinator</code>, <code>"broadcast"</code> for <code>@ManagedService</code> chats); <code>AtmosphereConsoleInfoEndpoint#detectMode</code> classifies via the registered handler's package prefix (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → ai, everything else including <code>ManagedAtmosphereHandler</code> → broadcast), so the check stays compile-time independent of <code>modules/ai</code> and <code>modules/agent</code>. The Vue frontend swaps empty-state copy ("Start a conversation" + "AI assistant" → "Start a broadcast" + "every connected client on this endpoint will receive it") and the default subtitle ("Runtime: <!-- raw HTML omitted -->" → " Multi-client broadcast chat") based on the detected mode. Closes the misleading-UI half of the cross-tab leak follow-up: pre-fix, <code>spring-boot-mcp-server</code> and <code>spring-boot-otel-chat</code> rendered the AI-assistant copy despite being broadcast-shared by design. Empirically verified in chrome-devtools against both broadcast samples and <code>spring-boot-ai-chat</code>. Per-sample <code>atmosphere.console-subtitle</code> overrides still win over the mode-aware default. 5 new contract tests in <code>AtmosphereConsoleInfoEndpointModeTest</code> pin the four classification paths plus the override interaction.</li> <li>cross-tab isolation matrix extended from 11 → 15 samples (<code>c1e8e36c7b</code>) — adds <code>quarkus-ai-chat</code> (cross-runtime parity, proves the targeted-dispatch fix from <code>1fbb0958f0</code> survives Quarkus's distinct <code>QuarkusJSR356AsyncSupport</code> path), <code>spring-boot-checkpoint-agent</code> (<code>@Coordinator</code> with analyzer/approver fleet + checkpoint store), <code>spring-boot-ms-governance-chat</code> (<code>@AiEndpoint</code> with <code>@AgentScope</code> classification interceptors stacked in front), and <code>spring-boot-channels-chat</code> (omnichannel <code>@AiEndpoint</code> with Telegram/Slack/WhatsApp/Messenger channel-bridge adapters). New fixture entries in <code>e2e/fixtures/sample-server.ts</code> for the checkpoint and ms-governance samples; quarkus-ai-chat reuses the existing fixture. Out-of-scope docstring corrected to remove <code>spring-boot-channels-chat</code> (it's actually an isolated <code>@AiEndpoint</code>, not a broadcast chat) and to explicitly tag <code>spring-boot-a2a-agent</code> as out-of-scope (A2A JSON-RPC has no two-tab Console scenario). All 15 cases pass locally in 3.5m.</li> <li><code>OpenAiCompatibleClient</code> Javadoc placement broke JDK 26 strict mode (<code>28703ea064</code>) — two stacked Javadoc blocks on <code>forwardResponsesApiUsage</code> raised <code>documentation comment is not attached to any declaration</code> under <code>-Xlint:all</code> <code>-Werror</code> on JDK 26 (silent on JDK 21). Merged into a single coherent block; CI: Core (JDK 21/26) green.</li> <li><code>cli/samples.json</code> and <code>cli/atmosphere</code> template map referenced deleted <code>spring-boot-embabel-chat</code> sample (<code>3a9373e875</code>) — <code>cli/test-cli.sh</code> failed with "samples missing README.md: spring-boot-embabel-chat". Entry removed from samples.json + template-map case statement.</li> </ul> <h2>[4.0.42] - 2026-05-01</h2> <h3>Added</h3> <ul> <li>atmosphere-verifier — plan-and-verify (Meijer "Guardians of the Agents") New module modules/verifier/ + sample samples/spring-boot-guarded-email-agent/ — sealed Workflow AST, ServiceLoader-discovered PlanVerifier chain (Allowlist/WellFormed/Capability/Taint/Automaton/SmtChecker SPI), <a href="https://github.com/Sink";><code>@Sink</code></a> + <a href="https://github.com/RequiresCapability";><code>@RequiresCapability</code></a> scanners, PlanAndVerify orchestrator, WorkflowExecutor with partial-env on failure, verify CLI; sample REST + UI exercises the inbox-exfiltration scenario end-to-end (refused before any tool fires) — 74 unit + 4 boot + 6 Playwright tests, all CI green on the feature branch.</li> </ul> <h3>Fixed</h3> <ul> <li>fail-closed verifier empty-chain, JSON-escape govern. deny, deflake wasync PlanAndVerify.withDefaults + VerifyCli runChain throw / emit chain-empty violations when ServiceLoader yields no providers (P1: silent fail-open under shading / native-image / fat-jar relocation); governance-deny tool result routes every interpolated field through ToolBridgeUtils.escapeJson via a new buildGovernanceDenyJson helper (P2: backslash/newline/control char break); ChatIntegrationTest.socketStatusTransitions polls for status transition rather than asserting in the same instant the OPEN handler fires (release-pipeline timing flake). 5 new verifier tests + 6 governance-JSON tests.</li> </ul> <h3>Changed</h3> <ul> <li>drop org.json:json — Jackson 3 only (CVE hygiene) RoomProtocolCodec + SimpleRestInterceptor migrated to tools.jackson; brace-balanced reader preserves SwaggerSocket header/body chunk semantics; ALLOW_SINGLE_QUOTES kept for wire compatibility; org.json removed from parent + 3 spring-boot samples.</li> <li>bump version to 4.0.41</li> <li>prepare for next development iteration 4.0.42-SNAPSHOT</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Atmosphere/atmosphere/commit/b05a0e5f56ca6eaaebbd03fb1e0562a7e8ddd70c";><code>b05a0e5</code></a> release: Atmosphere 4.0.44</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/b175f5fa03e2e9323831d033fd92c14108c6bb4d";><code>b175f5f</code></a> fix(js): bump vi.waitFor timeout to 5s in 4 webtransport reconnect tests</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/9341600e5e6d4603fafdd4dfbf403804db00ff6c";><code>9341600</code></a> docs(changelog): cite squash hash + add e2e and CI-fix entries</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/558f6963332430b16255e8dba684e28be7cd539a";><code>558f696</code></a> docs: add Honesty and Integrity guardrails to AGENTS.md</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/7383eb0ee234b04edd4703e78a9a644a5e42230d";><code>7383eb0</code></a> fix(ci): self-contained netty.version + correct env-var name in CLI e2e</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/4be20c240c7269abf7ca8105774e128c5324b2ef";><code>4be20c2</code></a> test(ai): playwright e2e coverage for budget breaker, confidence, passivation</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/a4fae39464bb9eb281eade5ed9438307ae1d8f1d";><code>a4fae39</code></a> feat(ai): predictable-AI primitives — budget, confidence, passivation</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/3944171a66e90494097ae58315343f4b298ed5a7";><code>3944171</code></a> feat(mcp-client): outbound MCP — agents consume remote MCP server tools acros...</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/e3b4aaf47be38fb732a7c0a71ab4f76375e7c262";><code>e3b4aaf</code></a> ci(dependabot): ignore org.json:json security advisories</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/0a5e101eb5b11e136e8fb13468ce2087de902140";><code>0a5e101</code></a> test(ai): eliminate 10 contract-test skips + fix flaky cache threading test</li> <li>Additional commits viewable in <a href="https://github.com/Atmosphere/atmosphere/compare/atmosphere-project-3.1.0...atmosphere-4.0.44";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
