dependabot[bot] opened a new pull request, #3238: URL: https://github.com/apache/cxf/pull/3238
Bumps [org.atmosphere:atmosphere-runtime](https://github.com/Atmosphere/atmosphere) from 3.1.0 to 4.0.54. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/releases";>org.atmosphere:atmosphere-runtime's releases</a>.</em></p> <blockquote> <h2>Atmosphere 4.0.54</h2> <h3>Added</h3> <ul> <li><strong>Rich human-in-the-loop approval payloads.</strong> A reviewer can now resolve a tool approval with more than approve/deny: <strong>approve-with-edited-arguments</strong> (the tool runs with the reviewer's arguments) or <strong>respond</strong> (the reviewer answers on the tool's behalf — structured JSON or free-form text — and the tool does not run). Wire protocol: <code>/__approval/<id>/approve {"arguments":{…}}</code> and <code>/__approval/<id>/respond {…}</code>. Fail-safe: a malformed edited-args payload denies. Session-scoped in-memory (not crash-durable). The legacy boolean resolution path is unchanged.</li> <li><strong>Eval flywheel.</strong> <code>JournalDatasetPromoter</code> turns a recorded <code>CoordinationJournal</code> interaction into an <code>EvalCase</code> dataset row (trace→dataset), and <code>SampledLiveScorer</code> grades a configurable fraction of live turns into <code>EvalRun</code> verdicts (online scoring). Both are wired into <code>EvalController</code> with admin REST routes (<code>/api/admin/evals/dataset</code>, <code>/dataset/promote</code>, <code>/score</code>).</li> <li><strong>OAuth on-behalf-of credential vault.</strong> <code>OAuthOnBehalfOfCredentialStore</code> is a concrete <code>CredentialStore</code> that performs an RFC 8693 token exchange — swapping a user's stored subject token for a short-lived access token scoped to a downstream tool, so an agent calls external APIs <em>as the user</em>. Fail-closed (no token → no fallback credential), token-cached until expiry. Opt in with <code>atmosphere.ai.identity.oauth-obo.enabled=true</code>.</li> <li><strong>Realtime voice bridge.</strong> <code>VoiceBridge</code> + the <code>RealtimeVoiceProvider</code> SPI bridge client audio frames over the existing WebSocket broadcaster to a speech-to-speech provider, fanning synthesized audio (<code>Content.Audio</code>) and transcripts back to the client. A dependency-free <code>LoopbackVoiceProvider</code> ships as the runnable reference (echoes audio); OpenAI Realtime / Gemini Live providers implement the same SPI.</li> <li><strong>Content-safety moderation guardrail.</strong> <code>ModerationGuardrail</code> blocks turns whose request and/or response is flagged for hate / harassment / self-harm / sexual / violence / illicit content, on the existing fail-closed guardrail pipeline. Pluggable detector: zero-dep <code>RuleBasedModerationDetector</code> (default) or cross-runtime <code>LlmModerationDetector</code>. Fail-closed by default (a detector outage blocks the turn; <code>.failOpen()</code> is the explicit opt-out). Opt in with <code>atmosphere.ai.guardrails.moderation.enabled=true</code> (<code>...detector=llm</code> for the model tier).</li> <li><strong>Self-healing structured output.</strong> <code>@AiEndpoint(structuredOutputRetries = N)</code> (or the <code>ai.structured.retry</code> request-metadata key on the <code>AiPipeline</code> path) re-prompts the model with the schema-validation error as feedback when a typed response fails to parse, up to <code>N</code> extra attempts, then fails closed. Works identically on the websocket and channel-bridge paths.</li> <li><strong>OpenAPI → governed tools.</strong> <code>OpenApiToolImporter</code> turns an OpenAPI 3.x spec (JSON or YAML, with local <code>$ref</code> resolution) into <code>ToolDefinition</code>s whose executor performs the HTTP call. The imported operations ride the same policy-admission and plan-and-verify path as hand-written <code>@AiTool</code> methods; <code>approvalForWrites</code> routes mutating verbs through the HITL gate.</li> <li><strong>MCP client depth.</strong> <code>McpClientOptions</code> adds per-server tool filtering and display-only renaming (the executor still calls the server's original tool name), plus elicitation/sampling callback handlers advertised during <code>initialize</code>. <code>McpServerRegistry</code> aggregates several servers into one</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Atmosphere/atmosphere/blob/main/CHANGELOG.md";>org.atmosphere:atmosphere-runtime's changelog</a>.</em></p> <blockquote> <h2>[4.0.54] - 2026-06-13</h2> <h3>Added</h3> <ul> <li><strong>Rich human-in-the-loop approval payloads.</strong> A reviewer can now resolve a tool approval with more than approve/deny: <strong>approve-with-edited-arguments</strong> (the tool runs with the reviewer's arguments) or <strong>respond</strong> (the reviewer answers on the tool's behalf — structured JSON or free-form text — and the tool does not run). Wire protocol: <code>/__approval/<id>/approve {"arguments":{…}}</code> and <code>/__approval/<id>/respond {…}</code>. Fail-safe: a malformed edited-args payload denies. Session-scoped in-memory (not crash-durable). The legacy boolean resolution path is unchanged.</li> <li><strong>Eval flywheel.</strong> <code>JournalDatasetPromoter</code> turns a recorded <code>CoordinationJournal</code> interaction into an <code>EvalCase</code> dataset row (trace→dataset), and <code>SampledLiveScorer</code> grades a configurable fraction of live turns into <code>EvalRun</code> verdicts (online scoring). Both are wired into <code>EvalController</code> with admin REST routes (<code>/api/admin/evals/dataset</code>, <code>/dataset/promote</code>, <code>/score</code>).</li> <li><strong>OAuth on-behalf-of credential vault.</strong> <code>OAuthOnBehalfOfCredentialStore</code> is a concrete <code>CredentialStore</code> that performs an RFC 8693 token exchange — swapping a user's stored subject token for a short-lived access token scoped to a downstream tool, so an agent calls external APIs <em>as the user</em>. Fail-closed (no token → no fallback credential), token-cached until expiry. Opt in with <code>atmosphere.ai.identity.oauth-obo.enabled=true</code>.</li> <li><strong>Realtime voice bridge.</strong> <code>VoiceBridge</code> + the <code>RealtimeVoiceProvider</code> SPI bridge client audio frames over the existing WebSocket broadcaster to a speech-to-speech provider, fanning synthesized audio (<code>Content.Audio</code>) and transcripts back to the client. A dependency-free <code>LoopbackVoiceProvider</code> ships as the runnable reference (echoes audio); OpenAI Realtime / Gemini Live providers implement the same SPI.</li> <li><strong>Content-safety moderation guardrail.</strong> <code>ModerationGuardrail</code> blocks turns whose request and/or response is flagged for hate / harassment / self-harm / sexual / violence / illicit content, on the existing fail-closed guardrail pipeline. Pluggable detector: zero-dep <code>RuleBasedModerationDetector</code> (default) or cross-runtime <code>LlmModerationDetector</code>. Fail-closed by default (a detector outage blocks the turn; <code>.failOpen()</code> is the explicit opt-out). Opt in with <code>atmosphere.ai.guardrails.moderation.enabled=true</code> (<code>...detector=llm</code> for the model tier).</li> <li><strong>Self-healing structured output.</strong> <code>@AiEndpoint(structuredOutputRetries = N)</code> (or the <code>ai.structured.retry</code> request-metadata key on the <code>AiPipeline</code> path) re-prompts the model with the schema-validation error as feedback when a typed response fails to parse, up to <code>N</code> extra attempts, then fails closed. Works identically on the websocket and channel-bridge paths.</li> <li><strong>OpenAPI → governed tools.</strong> <code>OpenApiToolImporter</code> turns an OpenAPI 3.x spec (JSON or YAML, with local <code>$ref</code> resolution) into <code>ToolDefinition</code>s whose executor performs the HTTP call. The imported operations ride the same policy-admission and plan-and-verify path as hand-written <code>@AiTool</code> methods; <code>approvalForWrites</code> routes mutating verbs through the HITL gate.</li> <li><strong>MCP client depth.</strong> <code>McpClientOptions</code> adds per-server tool filtering and display-only renaming (the executor still calls the server's original tool name), plus elicitation/sampling callback handlers advertised during <code>initialize</code>. <code>McpServerRegistry</code> aggregates several servers into one</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Atmosphere/atmosphere/commit/123d5c9eb49ec6af65112a39659bae7d85beed1c";><code>123d5c9</code></a> release: Atmosphere 4.0.54</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/662655d6ad536330ff488f41897eb9842327e37f";><code>662655d</code></a> fix(spring-boot): decouple transport auth from a TokenValidator bean</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/e446e8e935325c28ab040a834d28c369f479a55f";><code>e446e8e</code></a> feat(sample): operator auth for the guarded-email Validation tab</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/f1943a934c7ac3864063b657b1cdbdb9ed109a79";><code>f1943a9</code></a> fix(spring-boot): authenticate console admin writes + preserve redirect query</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/f844e8069189b5905e7d3e298763344f37200718";><code>f844e80</code></a> chore(deps): upgrade Spring AI 2.0.0-M6 -> 2.0.0 GA</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/791eea8dc0a24c1780c46d113d07d25eed022f8b";><code>791eea8</code></a> ci(samples): run the multi-agent startup-team verifier tests in CI</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/43292b0d8dccc61b1b815ea518c8380e0b2c2e17";><code>43292b0</code></a> docs(samples): deepen multi-agent verifier README with plan AST, refusal mech...</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/79b1223b23d4818f939bec6c80e9fea7b059c818";><code>79b1223</code></a> docs(harness): mark SMT-branch gap resolved (cc7f31f777) + doc broadened (55d...</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/ddd453a99accb92f1f0552530c96f29762a97094";><code>ddd453a</code></a> feat(samples): add plan-and-verify guardrails to the multi-agent startup team</li> <li><a href="https://github.com/Atmosphere/atmosphere/commit/317b645b788847a235e29e41ce8bd72b56350287";><code>317b645</code></a> docs(harness): log verifier-doc fabrication caught pre-publish (+ concurrent-...</li> <li>Additional commits viewable in <a href="https://github.com/Atmosphere/atmosphere/compare/atmosphere-project-3.1.0...atmosphere-4.0.54";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
