Chirp 0.8.2

Production-readiness wave — auth S-tier hardening, AI surface, passkeys, pelt E4/E6, contract diff tooling, signal topic scoping, and Furatena docs-extraction fixes (patitas 0.4, CSP, debug pages).

Focus: unblock Furatena and downstream apps with a published PyPI wheel, while shipping the production-readiness burndown accumulated since 0.8.1.

This is a patch release on top of 0.8.1. It lands the framework fixes Furatena needs to consume Chirp from PyPI (patitas 0.4, markdown sanitization, debug-page ANSI stripping, CSPdata:images, docs frontmatter for Bengal site extraction), plus a large wave of auth hardening, AI tooling, passkeys, pelt transport/runtime work, hypermedia contract diff tooling, and signal topic scoping. Review migration notes below before upgrading production apps.


Highlights

Furatena — docs extraction + patitas 0.4

The live docs app now lives in the Furatena repo. This release ships the framework side:patitas[syntax]>=0.4.0, tighter markdown sanitization, ANSI-free debug error pages,data:URI images allowed in the default CSP, and simplified docs frontmatter parsing so Bengal site data (collections, glossary, url rewrites) and the document-catalog protocol compile cleanly.

Furatena can pinbengal-chirp==0.8.2instead of installing from git.

Auth — secure-by-default, fail-loud, contract-checked

A full auth hardening wave:secure_stack()one-call wiring, session cookies Secure by default in production (secure="auto"), HMAC-SHA-256 session signing, declarativeAuthSpec parity with @requires, permission/policy/scope registries, bearer token revocation, access grants +kick_user, passkeys/WebAuthn behind chirp[passkeys], and a dozen new env-aware app.check()categories that catch miswired auth before deploy.

AI surface — stable exports + agent loop

Phase 1 AI primitives (LLM, ToolRegistry, …) are now stable top-level exports. Phase 2 adds the agent loop, MCP client, andchirp new --ai. Phase 3 adds structured-output retry, additional providers (Gemini/Azure/Bedrock), and chirp.testing.evalhelpers.

Contract diff — baselines, CLI, MCP, CI

chirp check gains JSON baselines and diff support. chirp diff APP --base REF compares hypermedia contract reports against a git ref. An MCP tool (chirp_surface_diff) and advisory PR comments round out the agent/CI workflow.

Signals — topic scoping (#317)

signal_connect() now finalizes a scoped /_chirp/live?topics=…URL at end-of-render, so async sources pump only for bound topics and derived dependencies.


Also in this release

  • Ops probes — auto-mounted/health + /readyon every app (including minimal scaffold).
  • Islands — blessedoptimistic_applyprimitive with zero-server-state guardrails.
  • Pelt — E4 transport/auth I/O edge + E6 free-threading runtime probes.
  • Streaming — request context flows into all streamed renders; SSE resilience fixes.
  • Middleware — explicitpriority=ordering; general-purpose keyed rate limiter.
  • Migrations — checksum drift detection;chirp migrate CLI + CHIRP_SKIP_MIGRATIONS.
  • chirp-ui — floor bumped to>=0.11.0; cross-version CI release gate matrix.

See the full changelog for the complete list.


Migration notes

  • Session cookiesSessionConfig.secure defaults to "auto"(Secure in production/staging). Apps served over plain HTTP in production must opt out with SessionConfig(secure=False).
  • Auth audit events — declarative and imperative gates now emit the same authz.permission.denied shape; details["missing"]is a sorted list, not a string.
  • AuthSpec.policy — an unregistered policy name now raises 500 (misconfiguration), not 403.
  • Password verify — corrupt hashes returnFalseinstead of 500.

Dependencies

  • markdown extra: patitas[syntax]>=0.4.0 (was >=0.3.5)
  • ui extra: chirp-ui>=0.11.0
  • passkeys extra: webauthn>=2.8,<3(new, optional)

Upgrading

pip install --upgrade bengal-chirp

For Furatena and apps that need the docs/markdown fixes:

pip install "bengal-chirp[markdown]==0.8.2"

Review the migration notes above if your app uses sessions, declarative auth, or SIEM audit event parsing.