dependabot[bot] opened a new pull request, #3119: URL: https://github.com/apache/cxf/pull/3119
Bumps [org.atmosphere:atmosphere-runtime](https://github.com/Atmosphere/atmosphere) from 3.1.0 to 4.0.45. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/releases";>org.atmosphere:atmosphere-runtime's releases</a>.</em></p> <blockquote> <h2>Atmosphere 4.0.45</h2> <h3>Added</h3> <ul> <li>capability-matrix snapshot + drift gate (<code>d22d18a7cd</code>) — new <code>.harness/capabilities.snapshot.json</code> is the canonical aggregate of the <code>AiCapability</code> enum (20 capabilities) and each runtime's pinned <code>expectedCapabilities()</code> (9 runtimes). Regenerated by <code>scripts/regen-capability-snapshot.sh</code> and validated by both <code>scripts/validate-capability-claims.sh</code> (wired into <code>scripts/pre-push-validate.sh</code> Tier 1) and the new <code>CapabilitySnapshotTest</code> in <code>modules/ai-test</code>. The per-runtime contract tests already pin per-runtime drift; this layer pins aggregate count claims in <code>modules/ai/README.md</code> against the snapshot so prose like "All 9 runtimes…" cannot drift from the running code without breaking the build. Adds a "What capability flags do <em>not</em> claim" disclosure block to <code>modules/ai/README.md</code> § Adapter Runtimes covering implementation p arity, limit numbers, provider-side guarantees, and production fitness — the four edges callers commonly assume from a capability flag and that the flag does not promise.</li> <li>drift-log + Stop-hook enforcement (<code>c685f9588f</code> + <code>4f6a51d3a8</code>) — new <code>.harness/drift-log.md</code> is the append-only record of every agent claim that diverged from ground truth (code, git history, runtime state). Two enforcement points: <code>scripts/validate-drift-log.sh</code> checks structural hygiene (chronological sections, no future dates, prior-section append-only invariant against <code>origin/main</code>) and is wired into pre-push Tier 1; <code>.claude/hooks/check-drift-log.sh</code> is a Claude Code Stop hook (registered in <code>.claude/settings.json</code>) that greps the session transcript for high-precision drift-correction patterns and blocks session end if the log was not modified. Together with the capability snapshot, this is the <strong>verification</strong> rail of the harness pattern documented by Anthropic (<a href="https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents";><em>Effective harnesses fo r long-running agents</em></a>) and OpenAI (<a href="https://openai.com/index/harness-engineering/";><em>Harness engineering</em></a>), applied to AI prose claims about this repo — measuring change failure rate by agent claim, not utilization. Operator notes live in <code>.harness/README.md</code>.</li> </ul> <h3>Fixed</h3> <ul> <li>AiPipeline input-assembly snapshot stale across guardrails+policies (<code>f16e9da396</code>) — the per-stage telemetry snapshot of <code>request.systemPrompt()</code> was captured before guardrails (<code>AiGuardrail.GuardrailResult.Modify</code>) and governance policies (<code>PolicyDecision.Transform</code>) had a chance to mutate the request. The runtime later executed the post-mutation request, so the system stage was under- or over-reported. Snapshot moved to after both loops have run, before pipeline-driven augmentations (structured-output schema, confidence cue) which are tracked separately. Regression test in <code>AiPipelineInputAssemblyTest</code>.</li> <li>BudgetCapturingSession wall-clock callback-lazy enforcement (<code>f16e9da396</code>) — wall-clock cap was sampled only at session-method boundaries, so a provider that hung silently after dispatch never tripped. Now the deadline is scheduled up-front via a daemon <code>ScheduledExecutorService</code>; on trip the decorator both routes the typed <code>AiBudgetExceededException</code> through <code>session.error</code> and fires a pipeline-supplied <code>onTrip</code> hook bound to <code>runtime.executeWithHandle</code>'s <code>handle::cancel</code>, so the in-flight runtime call is cancelled instead of left dangling. The task is cancelled on <code>complete()</code> / <code>complete(summary)</code> / <code>error()</code> so the scheduler thread is freed promptly. Existing wall-clock assertion loosened from <code>></code> to <code>>=</code> (<code>09b2d2b610</code>) because the scheduled task can fire exactly at the deadline. Regression test (<code>wallClockBudgetTripsWh enRuntimeMakesNoSessionCallbacks</code>) covers the no-callback path.</li> <li>McpToolSource transport leak on initialize/listTools failure (<code>f16e9da396</code>) — <code>connect(transport, label)</code> constructed an <code>McpClient</code> and called <code>initialize()</code> + <code>listTools()</code> without a failure cleanup path, leaking the underlying transport (subprocess pipes, sockets, HTTP connection pool) for the JVM lifetime if either threw. Wrapped in try/catch with <code>client.closeGracefully()</code> on failure (Ownership Invariant <a href="https://redirect.github.com/Atmosphere/atmosphere/issues/1";>#1</a>). Regression test stubs an <code>McpClientTransport</code> whose <code>connect()</code> returns <code>Mono.error</code> and asserts <code>closeGracefully</code> was called.</li> <li>AgentPassivation responseType ignored on resume (<code>f16e9da396</code>) — <code>AgentSnapshot</code> persisted <code>responseTypeName</code> but <code>resume()</code> rebuilt the context from <code>base.responseType()</code>, so a structured-output agent resumed with a base context that lacked the type lost typed parsing despite the snapshot carrying the field. New <code>resolveResponseType</code> helper resolves the snapshot's class name via the thread-context classloader (with fallback to <code>base.responseType()</code> plus a one-line WARN if the class is not on the resumer's classpath). Regression test in <code>AgentPassivationTest</code>.</li> <li>off-by-one in <code>modules/ai/README.md</code> § ToolLoopPolicy "the other six runtimes" → "the other seven runtimes". With Built-in and Koog handling <code>COMPLETE_WITHOUT_TOOLS</code> natively and 9 runtimes total, the count of "other" runtimes is 7, not 6. Surfaced by the new capability-matrix verification work.</li> </ul> <h3>Documentation</h3> <ul> <li><code>atmosphere.github.io</code> capability claims aligned with the snapshot. Cross-validated against <code>.harness/capabilities.snapshot.json</code>; fixed <code>docs/.../reference/ai.md</code> TOOL_APPROVAL list (Embabel and SK were wrongly excluded), <code>docs/.../tutorial/26-foundation-primitives.md</code> gateway-consumer count ("seven of nine" → all nine — every runtime calls <code>admitThroughGateway</code>), added 5 missing capability rows (<code>BUDGET_ENFORCEMENT</code>, <code>CONFIDENCE_SCORES</code>, <code>PASSIVATION</code>, <code>MODEL_ENUMERATION</code>, <code>MULTI_AGENT_HANDOFF</code>) to <code>tutorial/11-ai-adapters.md</code>, and refreshed four pre-Koog/SK/AgentScope/Alibaba narrative enumerations to the current 9-runtime set. Website main: <code>13fe8c4</code>.</li> <li><code>.harness/README.md</code> — operator manual for the harness directory (canonical files, validators, hooks, regen + append protocols).</li> </ul> <h2>Atmosphere 4.0.44</h2> <h3>Added</h3> <ul> <li>predictable-AI primitives — three framework-level capabilities that close gaps Bonér's "Herding LLMs" deck flagged for distributed-system reliability, all declared on every framework runtime so the matrix closes without <code>@Beta</code> shims: <ul> <li><code>BUDGET_ENFORCEMENT</code> (<code>a4fae39464</code>) — new <code>AiBudget</code> value record (max input / output / total tokens, max steps, max wall clock) installed via <code>pipeline.setDefaultBudget(...)</code> or per-request <code>ai.budget</code> metadata. <code>BudgetCapturingSession</code> decorator slots into the AiPipeline session-decorator stack between metrics and guardrail layers; on breach it routes a typed <code>AiBudgetExceededException extends AiException</code> through <code>session.error(...)</code> and short-circuits subsequent <code>send</code> / <code>usage</code> / <code>progress</code> / <code>emit</code> / <code>complete</code> calls so the wire protocol's "one terminal frame" invariant holds. Distinct from <code>org.atmosphere.ai.budget.StreamingTextBudgetManager</code> (long-running per-tenant cumulative spend); this capability is the per-call death-spiral guard. 13 new unit tests cover every breach reason, default vs. per-request ov erride, and the post-trip swallow. Wall-clock limits trip universally; token / step limits depend on <code>TOKEN_USAGE</code> (every runtime except Spring AI Alibaba honors both).</li> <li><code>CONFIDENCE_SCORES</code> (<code>a4fae39464</code>) — new <code>AiConfidence</code> record with <code>OptionalDouble aggregate</code>, <code>List<TokenLogprob></code> tokens, and <code>Source</code> enum (<code>LOGPROBS_NATIVE</code> / <code>MODEL_REPORTED_FIELD</code> / <code>HEURISTIC</code>). <code>StreamingSession.confidence(AiConfidence)</code> default method auto-emits <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata mirroring the <code>usage(TokenUsage)</code> convention; <code>DelegatingStreamingSession</code> gains the matching forwarding override. Universal model-reported path via the new <code>AiConfidenceElicitation</code> plus the <code>ConfidenceCapturingSession</code> decorator: pipeline appends an opt-in cue to the system prompt, decorator parses the model-emitted <code>{"confidence": 0.x}</code> field on stream completion (same regex shape as the existing <code>ConfidenceThresholdGuardrail</code >) and fires <code>session.confidence</code> ahead of the terminal frame. >Decorator self-suppresses when a runtime already invoked ><code>confidence(...)</code> directly with <code>LOGPROBS_NATIVE</code>. >Skipped when structured-output mode is in play because the schema parser owns >the response shape — callers add a <code>confidence</code> field to their >record schema in that mode. 14 new unit tests cover record validation, the >elicitation cue, parser fallbacks, runtime-explicit override, per-request >override of the pipeline default, and the structured-output skip.</li> <li><code>PASSIVATION</code> (<code>a4fae39464</code>) — new <code>AgentSnapshot</code> record in <code>modules/ai</code> (persistable subset of <code>AgentExecutionContext</code> — message, system prompt, identity columns, history, JSON-clean metadata, response type name, reason, paused-at). New <code>AgentPassivation</code> static helper in <code>modules/checkpoint</code> with <code>passivate(runtime, ctx, store, reason): String</code>, <code>resume(runtime, store, id, externalSignal, base, session)</code>, and <code>loadSnapshot(store, id)</code>. <code>resume</code> merges the snapshot onto a caller-supplied base context (which carries the runtime references — tools, memory, listeners, retry policy — that don't survive a JVM restart) and re-runs <code>runtime.execute(...)</code>; base wins on metadata-key collision so caller-injected refs (e.g. trace context) are not clobbered by stale snapshot values. Helper lives in <code>modules/checkpoint</code> rather than on <cod e>AgentRuntime</code> itself because <code>modules/ai → modules/checkpoint</code> introduces a <code>ai → checkpoint → coordinator → ai</code> cycle; the reverse direction is acyclic. Capability flag declared on every runtime — flag advertises "this runtime cooperates with <code>AgentPassivation</code>," honest because every runtime threads <code>context.history()</code> through its dispatch path so a resumed call observes the same conversation the paused call saw. 10 new unit tests cover snapshot round-trip, resume flow with external signal, signal-less replay of pending message, missing-checkpoint errors, metadata filtering (non-String values dropped pre-snapshot), metadata merge precedence, unique IDs across passivations, and null-arg rejection.</li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li><code>AiCapability</code> enum gains 3 entries — total 20 capabilities (was 17). <code>AbstractAgentRuntimeContractTest.expectedCapabilities()</code> pin updated for all 9 framework runtimes: BuiltIn, Spring AI, LangChain4j, ADK, Embabel, Koog, AgentScope, Spring AI Alibaba, Semantic Kernel. <code>BuiltInAgentRuntime</code> capability count test bumped from 13 to 16. Capability matrix in <code>modules/ai/README.md</code> extended with <code>BE</code> / <code>CS</code> / <code>PSV</code> columns plus a "Predictable-AI primitives" section documenting each capability's decorator placement, source enum, and runtime-by-runtime caveats (Spring AI Alibaba's <code>BUDGET_ENFORCEMENT</code> is wall-clock-only because the runtime does not surface <code>TOKEN_USAGE</code>).</li> </ul> <h3>Tests</h3> <ul> <li>Playwright e2e coverage for the predictable-AI primitives (<code>4be20c240c</code>) — <code>ai-budget-circuit-breaker.spec.ts</code>, <code>ai-confidence-elicitation.spec.ts</code>, <code>ai-passivation.spec.ts</code> exercise the full <code>AiPipeline</code> session-decorator stack through Atmosphere's wire transport. Each spec drives a dedicated test handler (<code>BudgetCircuitBreakerTestHandler</code> / <code>ConfidenceElicitationTestHandler</code> / <code>PassivationTestHandler</code>) registered in <code>AiFeatureTestServer</code> so the harness sees <code>AiBudgetExceededException</code> on the wire's error frame, the <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata frames the <code>confidence(...)</code> default sink emits, and the snapshot/resume round-trip across two sequential WebSocket connections. <code>modules/integration-tests/pom.xml</code> bumps <code>atmosphere-checkpoint</code> from test to compile scope so <code> PassivationTestHandler</code> can call <code>AgentPassivation</code> directly. <code>modules/integration-tests/playwright.config.ts</code> registers the three new spec project entries.</li> </ul> <h3>Fixed</h3> <ul> <li>CLI standalone-scaffold compile against the released parent POM (<code>7383eb0ee2</code>) — twenty <code>samples/spring-boot-*/pom.xml</code> files now declare <code><netty.version>4.2.13.Final</netty.version></code> in their own <code><properties></code> block so the sample is self-contained: scaffold-then-compile against the released <code>org.atmosphere:atmosphere-project:4.0.43</code> parent (which predates the netty bump and therefore does not declare <code>netty.version</code>) no longer fails with <code>Non-resolvable import POM: io.netty:netty-bom:pom:${netty.version}</code>. <code>cli/e2e-test-cli-runtime.sh</code> also fixes a long-standing comment-vs-code drift: the script was exporting <code>ATMOSPHERE_CLI_VERSION</code> while <code>cli/atmosphere</code> only ever read <code>ATMOSPHERE_VERSION_OVERRIDE</code>, so the SNAPSHOT-against-SNAPSHOT lane silently degraded to release-pin coverage. Renaming the export aligns the script with the CLI's act ual contract.</li> </ul> <h2>Atmosphere 4.0.43</h2> <h3>Added</h3> <ul> <li>per-request runtime extension helpers (<code>f1493c3f9c</code>) — small <code>attach(context, ...)</code> / <code>from(context)</code> helpers (modeled on the existing <code>CacheHint</code>) that let callers stash framework-native composition objects in <code>AgentExecutionContext.metadata()</code>, so a runtime can apply them per-request without growing the unified <code>AgentRuntime</code> SPI with framework-specific knobs. Runtimes covered: <code>SpringAiAdvisors</code> (Spring AI <code>Advisor</code> chain — RAG / memory / guardrails / observability), <code>LangChain4jAiServices</code> (LangChain4j <code>AiServices</code> / <code>TokenStream</code>), <code>KoogStrategy</code> (Koog <code>AIAgentGraphStrategy</code> DSL), <code>AdkRootAgent</code> (ADK <code>BaseAgent</code> / <code>SequentialAgent</code> / <code>ParallelAgent</code> / <code>LoopAgent</code> topology), and <code>ToolLoopPolicies</code> (per-request <code>ToolLoopPolicy</code> honored by <code>BuiltInAg entRuntime</code>'s OpenAI-compatible tool loop). The other shipped runtimes (<code>AgentScope</code>, <code>Embabel</code>, <code>SemanticKernel</code>, <code>SpringAiAlibaba</code>) do not yet have a per-request bridge — Embabel got native streaming via <code>StreamingPromptRunnerBuilder.streaming().generateStream()</code> in the same merge but no sidecar. Also added: <code>AgentLifecycleListener.onModelStart</code> / <code>onModelEnd</code> / <code>onModelError</code> hooks with <code>fireXxx</code> fan-out helpers, and <code>AiEventForwardingListener</code> adapter that translates lifecycle hooks to wire-format <code>AiEvent.Progress</code> frames (opt-in via <code>context.withListeners(...)</code>). Each bridge ships with a unit-level <code>*BridgeTest</code> proving the runtime honors the sidecar.</li> </ul> <h3>Fixed</h3> <ul> <li>Quarkus extension closes the <code>/api/console/info</code> parity gap — the bundled Atmosphere Console UI gets the same <code>subtitle / endpoint / runtime / mode</code> payload it gets from the Spring Boot starter, instead of falling through to the Vue defaults on a 404. New <code>AtmosphereConsoleInfoServlet</code> (HttpServlet, registered at build time via a second <code>ServletBuildItem</code> mapped to <code>/api/console/info</code>) reuses the same package-prefix mode-detection heuristic as <code>AtmosphereConsoleInfoEndpoint</code> (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → <code>"ai"</code>, anything else including <code>ManagedAtmosphereHandler</code> → <code>"broadcast"</code>). Endpoint auto-detection prefers the canonical <code>/atmosphere/ai-chat</code> when registered (samples like <code>quarkus-ai-chat</code> ship multiple <code>@AiEndpoint</code>s), then <code>/atmosphere/agent/*</code>, then any other <code>/atmosphere/* </code>. New config keys <code>quarkus.atmosphere.console-subtitle</code> and <code>quarkus.atmosphere.console-endpoint</code> mirror the Spring <code>atmosphere.console-subtitle</code> / <code>atmosphere.console-endpoint</code> properties. JSON is hand-rolled so the runtime POM stays Jackson-free; <code>AgentRuntimeResolver</code> is reached via reflection so the servlet keeps no compile-time link to <code>modules/ai</code>. Empirically verified in chrome-devtools against <code>quarkus-ai-chat</code> — <code>/api/console/info</code> now returns <code>{"subtitle":"Runtime: langchain4j","endpoint":"/atmosphere/ai-chat","runtime":"langchain4j","mode":"ai"}</code>, the Vue Console shows the runtime label in the header subtitle, and the cross-tab isolation matrix continues to pass on the Quarkus leg.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/blob/main/CHANGELOG.md";>org.atmosphere:atmosphere-runtime's changelog</a>.</em></p> <blockquote> <h2>[4.0.45] - 2026-05-12</h2> <h3>Added</h3> <ul> <li>capability-matrix snapshot + drift gate (<code>d22d18a7cd</code>) — new <code>.harness/capabilities.snapshot.json</code> is the canonical aggregate of the <code>AiCapability</code> enum (20 capabilities) and each runtime's pinned <code>expectedCapabilities()</code> (9 runtimes). Regenerated by <code>scripts/regen-capability-snapshot.sh</code> and validated by both <code>scripts/validate-capability-claims.sh</code> (wired into <code>scripts/pre-push-validate.sh</code> Tier 1) and the new <code>CapabilitySnapshotTest</code> in <code>modules/ai-test</code>. The per-runtime contract tests already pin per-runtime drift; this layer pins aggregate count claims in <code>modules/ai/README.md</code> against the snapshot so prose like "All 9 runtimes…" cannot drift from the running code without breaking the build. Adds a "What capability flags do <em>not</em> claim" disclosure block to <code>modules/ai/README.md</code> § Adapter Runtimes covering implementation p arity, limit numbers, provider-side guarantees, and production fitness — the four edges callers commonly assume from a capability flag and that the flag does not promise.</li> <li>drift-log + Stop-hook enforcement (<code>c685f9588f</code> + <code>4f6a51d3a8</code>) — new <code>.harness/drift-log.md</code> is the append-only record of every agent claim that diverged from ground truth (code, git history, runtime state). Two enforcement points: <code>scripts/validate-drift-log.sh</code> checks structural hygiene (chronological sections, no future dates, prior-section append-only invariant against <code>origin/main</code>) and is wired into pre-push Tier 1; <code>.claude/hooks/check-drift-log.sh</code> is a Claude Code Stop hook (registered in <code>.claude/settings.json</code>) that greps the session transcript for high-precision drift-correction patterns and blocks session end if the log was not modified. Together with the capability snapshot, this is the <strong>verification</strong> rail of the harness pattern documented by Anthropic (<a href="https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents";><em>Effective harnesses fo r long-running agents</em></a>) and OpenAI (<a href="https://openai.com/index/harness-engineering/";><em>Harness engineering</em></a>), applied to AI prose claims about this repo — measuring change failure rate by agent claim, not utilization. Operator notes live in <code>.harness/README.md</code>.</li> </ul> <h3>Fixed</h3> <ul> <li>AiPipeline input-assembly snapshot stale across guardrails+policies (<code>f16e9da396</code>) — the per-stage telemetry snapshot of <code>request.systemPrompt()</code> was captured before guardrails (<code>AiGuardrail.GuardrailResult.Modify</code>) and governance policies (<code>PolicyDecision.Transform</code>) had a chance to mutate the request. The runtime later executed the post-mutation request, so the system stage was under- or over-reported. Snapshot moved to after both loops have run, before pipeline-driven augmentations (structured-output schema, confidence cue) which are tracked separately. Regression test in <code>AiPipelineInputAssemblyTest</code>.</li> <li>BudgetCapturingSession wall-clock callback-lazy enforcement (<code>f16e9da396</code>) — wall-clock cap was sampled only at session-method boundaries, so a provider that hung silently after dispatch never tripped. Now the deadline is scheduled up-front via a daemon <code>ScheduledExecutorService</code>; on trip the decorator both routes the typed <code>AiBudgetExceededException</code> through <code>session.error</code> and fires a pipeline-supplied <code>onTrip</code> hook bound to <code>runtime.executeWithHandle</code>'s <code>handle::cancel</code>, so the in-flight runtime call is cancelled instead of left dangling. The task is cancelled on <code>complete()</code> / <code>complete(summary)</code> / <code>error()</code> so the scheduler thread is freed promptly. Existing wall-clock assertion loosened from <code>></code> to <code>>=</code> (<code>09b2d2b610</code>) because the scheduled task can fire exactly at the deadline. Regression test (<code>wallClockBudgetTripsWh enRuntimeMakesNoSessionCallbacks</code>) covers the no-callback path.</li> <li>McpToolSource transport leak on initialize/listTools failure (<code>f16e9da396</code>) — <code>connect(transport, label)</code> constructed an <code>McpClient</code> and called <code>initialize()</code> + <code>listTools()</code> without a failure cleanup path, leaking the underlying transport (subprocess pipes, sockets, HTTP connection pool) for the JVM lifetime if either threw. Wrapped in try/catch with <code>client.closeGracefully()</code> on failure (Ownership Invariant <a href="https://redirect.github.com/Atmosphere/atmosphere/issues/1";>#1</a>). Regression test stubs an <code>McpClientTransport</code> whose <code>connect()</code> returns <code>Mono.error</code> and asserts <code>closeGracefully</code> was called.</li> <li>AgentPassivation responseType ignored on resume (<code>f16e9da396</code>) — <code>AgentSnapshot</code> persisted <code>responseTypeName</code> but <code>resume()</code> rebuilt the context from <code>base.responseType()</code>, so a structured-output agent resumed with a base context that lacked the type lost typed parsing despite the snapshot carrying the field. New <code>resolveResponseType</code> helper resolves the snapshot's class name via the thread-context classloader (with fallback to <code>base.responseType()</code> plus a one-line WARN if the class is not on the resumer's classpath). Regression test in <code>AgentPassivationTest</code>.</li> <li>off-by-one in <code>modules/ai/README.md</code> § ToolLoopPolicy "the other six runtimes" → "the other seven runtimes". With Built-in and Koog handling <code>COMPLETE_WITHOUT_TOOLS</code> natively and 9 runtimes total, the count of "other" runtimes is 7, not 6. Surfaced by the new capability-matrix verification work.</li> </ul> <h3>Documentation</h3> <ul> <li><code>atmosphere.github.io</code> capability claims aligned with the snapshot. Cross-validated against <code>.harness/capabilities.snapshot.json</code>; fixed <code>docs/.../reference/ai.md</code> TOOL_APPROVAL list (Embabel and SK were wrongly excluded), <code>docs/.../tutorial/26-foundation-primitives.md</code> gateway-consumer count ("seven of nine" → all nine — every runtime calls <code>admitThroughGateway</code>), added 5 missing capability rows (<code>BUDGET_ENFORCEMENT</code>, <code>CONFIDENCE_SCORES</code>, <code>PASSIVATION</code>, <code>MODEL_ENUMERATION</code>, <code>MULTI_AGENT_HANDOFF</code>) to <code>tutorial/11-ai-adapters.md</code>, and refreshed four pre-Koog/SK/AgentScope/Alibaba narrative enumerations to the current 9-runtime set. Website main: <code>13fe8c4</code>.</li> <li><code>.harness/README.md</code> — operator manual for the harness directory (canonical files, validators, hooks, regen + append protocols).</li> </ul> <h2>[4.0.44] - 2026-05-08</h2> <h3>Added</h3> <ul> <li>predictable-AI primitives — three framework-level capabilities that close gaps Bonér's "Herding LLMs" deck flagged for distributed-system reliability, all declared on every framework runtime so the matrix closes without <code>@Beta</code> shims: <ul> <li><code>BUDGET_ENFORCEMENT</code> (<code>a4fae39464</code>) — new <code>AiBudget</code> value record (max input / output / total tokens, max steps, max wall clock) installed via <code>pipeline.setDefaultBudget(...)</code> or per-request <code>ai.budget</code> metadata. <code>BudgetCapturingSession</code> decorator slots into the AiPipeline session-decorator stack between metrics and guardrail layers; on breach it routes a typed <code>AiBudgetExceededException extends AiException</code> through <code>session.error(...)</code> and short-circuits subsequent <code>send</code> / <code>usage</code> / <code>progress</code> / <code>emit</code> / <code>complete</code> calls so the wire protocol's "one terminal frame" invariant holds. Distinct from <code>org.atmosphere.ai.budget.StreamingTextBudgetManager</code> (long-running per-tenant cumulative spend); this capability is the per-call death-spiral guard. 13 new unit tests cover every breach reason, default vs. per-request ov erride, and the post-trip swallow. Wall-clock limits trip universally; token / step limits depend on <code>TOKEN_USAGE</code> (every runtime except Spring AI Alibaba honors both).</li> <li><code>CONFIDENCE_SCORES</code> (<code>a4fae39464</code>) — new <code>AiConfidence</code> record with <code>OptionalDouble aggregate</code>, <code>List<TokenLogprob></code> tokens, and <code>Source</code> enum (<code>LOGPROBS_NATIVE</code> / <code>MODEL_REPORTED_FIELD</code> / <code>HEURISTIC</code>). <code>StreamingSession.confidence(AiConfidence)</code> default method auto-emits <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata mirroring the <code>usage(TokenUsage)</code> convention; <code>DelegatingStreamingSession</code> gains the matching forwarding override. Universal model-reported path via the new <code>AiConfidenceElicitation</code> plus the <code>ConfidenceCapturingSession</code> decorator: pipeline appends an opt-in cue to the system prompt, decorator parses the model-emitted <code>{"confidence": 0.x}</code> field on stream completion (same regex shape as the existing <code>ConfidenceThresholdGuardrail</code >) and fires <code>session.confidence</code> ahead of the terminal frame. >Decorator self-suppresses when a runtime already invoked ><code>confidence(...)</code> directly with <code>LOGPROBS_NATIVE</code>. >Skipped when structured-output mode is in play because the schema parser owns >the response shape — callers add a <code>confidence</code> field to their >record schema in that mode. 14 new unit tests cover record validation, the >elicitation cue, parser fallbacks, runtime-explicit override, per-request >override of the pipeline default, and the structured-output skip.</li> <li><code>PASSIVATION</code> (<code>a4fae39464</code>) — new <code>AgentSnapshot</code> record in <code>modules/ai</code> (persistable subset of <code>AgentExecutionContext</code> — message, system prompt, identity columns, history, JSON-clean metadata, response type name, reason, paused-at). New <code>AgentPassivation</code> static helper in <code>modules/checkpoint</code> with <code>passivate(runtime, ctx, store, reason): String</code>, <code>resume(runtime, store, id, externalSignal, base, session)</code>, and <code>loadSnapshot(store, id)</code>. <code>resume</code> merges the snapshot onto a caller-supplied base context (which carries the runtime references — tools, memory, listeners, retry policy — that don't survive a JVM restart) and re-runs <code>runtime.execute(...)</code>; base wins on metadata-key collision so caller-injected refs (e.g. trace context) are not clobbered by stale snapshot values. Helper lives in <code>modules/checkpoint</code> rather than on <cod e>AgentRuntime</code> itself because <code>modules/ai → modules/checkpoint</code> introduces a <code>ai → checkpoint → coordinator → ai</code> cycle; the reverse direction is acyclic. Capability flag declared on every runtime — flag advertises "this runtime cooperates with <code>AgentPassivation</code>," honest because every runtime threads <code>context.history()</code> through its dispatch path so a resumed call observes the same conversation the paused call saw. 10 new unit tests cover snapshot round-trip, resume flow with external signal, signal-less replay of pending message, missing-checkpoint errors, metadata filtering (non-String values dropped pre-snapshot), metadata merge precedence, unique IDs across passivations, and null-arg rejection.</li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li><code>AiCapability</code> enum gains 3 entries — total 20 capabilities (was 17). <code>AbstractAgentRuntimeContractTest.expectedCapabilities()</code> pin updated for all 9 framework runtimes: BuiltIn, Spring AI, LangChain4j, ADK, Embabel, Koog, AgentScope, Spring AI Alibaba, Semantic Kernel. <code>BuiltInAgentRuntime</code> capability count test bumped from 13 to 16. Capability matrix in <code>modules/ai/README.md</code> extended with <code>BE</code> / <code>CS</code> / <code>PSV</code> columns plus a "Predictable-AI primitives" section documenting each capability's decorator placement, source enum, and runtime-by-runtime caveats (Spring AI Alibaba's <code>BUDGET_ENFORCEMENT</code> is wall-clock-only because the runtime does not surface <code>TOKEN_USAGE</code>).</li> </ul> <h3>Tests</h3> <ul> <li>Playwright e2e coverage for the predictable-AI primitives (<code>4be20c240c</code>) — <code>ai-budget-circuit-breaker.spec.ts</code>, <code>ai-confidence-elicitation.spec.ts</code>, <code>ai-passivation.spec.ts</code> exercise the full <code>AiPipeline</code> session-decorator stack through Atmosphere's wire transport. Each spec drives a dedicated test handler (<code>BudgetCircuitBreakerTestHandler</code> / <code>ConfidenceElicitationTestHandler</code> / <code>PassivationTestHandler</code>) registered in <code>AiFeatureTestServer</code> so the harness sees <code>AiBudgetExceededException</code> on the wire's error frame, the <code>ai.confidence.aggregate</code> / <code>.source</code> / <code>.tokens</code> metadata frames the <code>confidence(...)</code> default sink emits, and the snapshot/resume round-trip across two sequential WebSocket connections. <code>modules/integration-tests/pom.xml</code> bumps <code>atmosphere-checkpoint</code> from test to compile scope so <code> PassivationTestHandler</code> can call <code>AgentPassivation</code> directly. <code>modules/integration-tests/playwright.config.ts</code> registers the three new spec project entries.</li> </ul> <h3>Fixed</h3> <ul> <li>CLI standalone-scaffold compile against the released parent POM (<code>7383eb0ee2</code>) — twenty <code>samples/spring-boot-*/pom.xml</code> files now declare <code><netty.version>4.2.13.Final</netty.version></code> in their own <code><properties></code> block so the sample is self-contained: scaffold-then-compile against the released <code>org.atmosphere:atmosphere-project:4.0.43</code> parent (which predates the netty bump and therefore does not declare <code>netty.version</code>) no longer fails with <code>Non-resolvable import POM: io.netty:netty-bom:pom:${netty.version}</code>. <code>cli/e2e-test-cli-runtime.sh</code> also fixes a long-standing comment-vs-code drift: the script was exporting <code>ATMOSPHERE_CLI_VERSION</code> while <code>cli/atmosphere</code> only ever read <code>ATMOSPHERE_VERSION_OVERRIDE</code>, so the SNAPSHOT-against-SNAPSHOT lane silently degraded to release-pin coverage. Renaming the export aligns the script with the CLI's act ual contract.</li> </ul> <h2>[4.0.43] - 2026-05-06</h2> <h3>Added</h3> <ul> <li>per-request runtime extension helpers — small <code>attach(context, ...)</code> / <code>from(context)</code> helpers (modeled on the existing <code>CacheHint</code>) that let callers stash framework-native composition objects in <code>AgentExecutionContext.metadata()</code>, so a runtime can apply them per-request without growing the unified <code>AgentRuntime</code> SPI with framework-specific knobs. The matrix closes on 4.0.43: all eight framework runtimes have a sidecar — <code>SpringAiAdvisors</code> (Spring AI <code>Advisor</code> chain — RAG / memory / guardrails / observability), <code>LangChain4jAiServices</code> (LangChain4j <code>AiServices</code> / <code>TokenStream</code>), <code>KoogStrategy</code> (Koog <code>AIAgentGraphStrategy</code> DSL), <code>AdkRootAgent</code> (ADK <code>BaseAgent</code> / <code>SequentialAgent</code> / <code>ParallelAgent</code> / <code>LoopAgent</code> topology), <code>EmbabelPromptRunner</code> (<code>UnaryOperator<PromptRunne r></code> customizer applied AFTER default wiring), <code>AgentScopeAgent</code> (per-request <code>ReActAgent</code>), <code>SemanticKernelInvocation</code> (per-request <code>InvocationContext</code> — unlocks <code>KernelHooks</code>, <code>withMaxAutoInvokeAttempts</code>, custom <code>PromptExecutionSettings</code>), <code>SpringAiAlibabaRunnableConfig</code> (per-request Alibaba <code>RunnableConfig</code> for <code>threadId</code>/<code>checkPointId</code>/<code>streamMode</code>/<code>metadata</code>/<code>store</code>), plus the cross-runtime <code>ToolLoopPolicies</code> honored by <code>BuiltInAgentRuntime</code>'s OpenAI-compatible tool loop. Initial five sidecars landed via <code>f1493c3f9c</code>; the remaining four runtimes plus the lifecycle hook fan-out below landed via <code>eec98890fe</code>. Also added: <code>AgentLifecycleListener.onModelStart</code> / <code>onModelEnd</code> / <code>onModelError</code> hooks with <code>fireXxx</code> fan-out helpers wired in all 8 framework runtimes (was Built-in only), and <code>AiEventForwardingListener</code> adapter that translates lifecycle hooks to wire-format <code>AiEvent.Progress</code> frames (opt-in via <code>context.withListeners(...)</code>). Each bridge ships with a unit-level <code>*BridgeTest</code> proving the runtime honors the sidecar.</li> </ul> <h3>Fixed</h3> <ul> <li>Quarkus extension closes the <code>/api/console/info</code> parity gap — the bundled Atmosphere Console UI gets the same <code>subtitle / endpoint / runtime / mode</code> payload it gets from the Spring Boot starter, instead of falling through to the Vue defaults on a 404. New <code>AtmosphereConsoleInfoServlet</code> (HttpServlet, registered at build time via a second <code>ServletBuildItem</code> mapped to <code>/api/console/info</code>) reuses the same package-prefix mode-detection heuristic as <code>AtmosphereConsoleInfoEndpoint</code> (<code>org.atmosphere.{ai,agent,coordinator}.*</code> → <code>"ai"</code>, anything else including <code>ManagedAtmosphereHandler</code> → <code>"broadcast"</code>). Endpoint auto-detection prefers the canonical <code>/atmosphere/ai-chat</code> when registered (samples like <code>quarkus-ai-chat</code> ship multiple <code>@AiEndpoint</code>s), then <code>/atmosphere/agent/*</code>, then any other <code>/atmosphere/* </code>. New config keys <code>quarkus.atmosphere.console-subtitle</code> and <code>quarkus.atmosphere.console-endpoint</code> mirror the Spring <code>atmosphere.console-subtitle</code> / <code>atmosphere.console-endpoint</code> properties. JSON is hand-rolled so the runtime POM stays Jackson-free; <code>AgentRuntimeResolver</code> is reached via reflection so the servlet keeps no compile-time link to <code>modules/ai</code>. Empirically verified in chrome-devtools against <code>quarkus-ai-chat</code> — <code>/api/console/info</code> now returns <code>{"subtitle":"Runtime: langchain4j","endpoint":"/atmosphere/ai-chat","runtime":"langchain4j","mode":"ai"}</code>, the Vue Console shows the runtime label in the header subtitle, and the cross-tab isolation matrix continues to pass on the Quarkus leg.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Atmosphere/atmosphere/commit/520823332974d169c2dd72602dcc7d5b396537f8";><code>5208233</code></a> release: Atmosphere 4.0.45</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/a961fcc16a98d4b64e332e4cffcc06895fae9193";><code>a961fcc</code></a> fix(samples): wrap classroom presence broadcast in RawMessage</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/25e7abf8a73f229cf00ba8e01da591f785b9c2fb";><code>25e7abf</code></a> fix(samples): re-pin netty 4.1.133 + bump brotli4j 1.16→1.23 (closes 20 CVEs)</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/f73ba39d8242e10e660c788dbacf8689aa8854e0";><code>f73ba39</code></a> feat(samples): wire offline-queue, optimistic, presence into spring-boot-ai-c...</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/a3a3fd103cf66dd35c7ce1610a55c6a55b5fd6ca";><code>a3a3fd1</code></a> docs(harness): drift-log entry <a href="https://redirect.github.com/Atmosphere/atmosphere/issues/33";>#33</a> — test-pass ≠ native-image-pass on netty bump</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/e2cd03677d1066929cb942130cd0d754ae3c766f";><code>e2cd036</code></a> revert(samples): roll Quarkus samples back to netty 4.1.132 (BrotliDecoder na...</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/bc2837a3c3849e475c674fd4b0461808fab061bf";><code>bc2837a</code></a> fix(security): CodeQL XSS + path-injection in McpHandler/ConsoleServlet</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/8d7bac43af104b3d83509df9f81d093e4663a59f";><code>8d7bac4</code></a> build(ci-js): raise atmosphere.js core bundle cap 40KB → 50KB</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/e7c1729f38d60b1149223c64e83de066a7858ff3";><code>e7c1729</code></a> feat(js): useOptimistic for React/Vue/Svelte/RN + spring-boot-chat sending state</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/7a778291d44170fdabe1535967e429623f13499d";><code>7a77829</code></a> feat(samples): presence count chip in spring-boot-chat + RN re-export gate</li> <li>Additional commits viewable in <a href="https://github.com/Atmosphere/atmosphere/compare/atmosphere-project-3.1.0...atmosphere-4.0.45";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
