Release v8.0.0

AxonFlow Python SDK v8.0.0

Installation

pip install axonflow==8.0.0

Major release. The headline feature is the new decision-history client API:
list_decisions for paging through recorded decisions, alongside the
get_decision_explain method shipped in v7.4.0 — callers can now both list
and drill in. Bundled into a major because the v8 line also tightens the
telemetry contract — see Removed at the bottom of this entry for that.

Added

• client.list_decisions(opts) method. Pages over recorded decision
  history from the orchestrator, mirroring GET /api/v1/decisions.
  Companion to the v7.4.0 get_decision_explain method — callers can
  now both list and drill in. Already shipped on main and
  graduated into the v8.0 line with this release. See type
  ListDecisionsOptions and DecisionListItem in axonflow.decisions.

Migration guide (v7 → v8)

• AxonFlow(...) no longer accepts the telemetry keyword argument.
  Code passing AxonFlow(..., telemetry=True) or
  AxonFlow(..., telemetry=False) will raise TypeError at construction
  time. Migration:
• If you were using it to disable telemetry, set
  AXONFLOW_TELEMETRY=off in the environment instead — that's the
  sole opt-out lever as of v8.0.
• If you were using it to force-enable, the default is now ON for
  every mode so the argument is no longer needed.
• AxonFlowConfig.telemetry field removed. Code that constructed
  the dataclass directly with AxonFlowConfig(..., telemetry=...) will
  fail to instantiate. Drop the field; rely on the env var.

Telemetry

• AXONFLOW_TELEMETRY=off is the sole opt-out. AxonFlow(..., telemetry=...) keyword argument + AxonFlowConfig.telemetry field both removed; sandbox-mode clients now fire on the same 7-day heartbeat schedule as production (was suppressed pre-v8), tagged stream="sandbox" so dev pings stay distinguishable.
• Heartbeat payload v1 schema additions on the wire: new telemetry_type and deployment_mode fields. Existing receivers continue working unchanged — strictly additive.

Release v7.1.0

AxonFlow Python SDK v7.1.0

Installation

pip install axonflow==7.1.0

Companion release to platform v7.7.0. The Python SDK now sends an
X-Axonflow-Client identification header on every governed request, which
the agent uses to derive the SDK request scope and validate it against any
license token's audience claim per the ADR-050 license matrix.

Added

• X-Axonflow-Client: sdk-python/<version> header on every governed
  outbound request. Set automatically by the SDK transport; not
  configurable. Agents at v7.7.0+ derive request scope from this header
  and reject cross-quadrant token misuse (e.g. a SaaS Plugin Pro token
  paired with an SDK request) at the validator boundary. Older agents
  (pre-v7.7.0) ignore the header and continue to work unchanged.

Compatibility

• No public API changes. Existing v7.0.x callers pip install --upgrade axonflow and rebuild against v7.1.0 with no source changes.
• Backward-compatible against pre-v7.7.0 agents. The header is
  silently dropped by older agents; the SDK behaves identically against
  v7.0.x / v7.1.x / v7.6.x agents as before.
• Forward-compatible. Future agent releases that require the header
  on specific governed surfaces will work with this SDK without further
  client changes.

Companion releases (same day)

• Platform v7.7.0 — V1 SaaS Plugin Pro launch, license matrix,
  per-tenant tier resolution, GDPR right-to-erasure
  (CHANGELOG)
• Go SDK v7.1.0 / TypeScript SDK v7.1.0 /
  Java SDK v7.1.0 — same X-Axonflow-Client injection
• Plugins — Claude Code / Cursor / Codex v1.2.0; OpenClaw v2.2.0
  with Pro license token paste activating Pro features

axonflow-sdk-rust remains at v0.1.0 (preview); SDK-Rust will gain the
header in a future preview release.

Release v7.0.0

AxonFlow Python SDK v7.0.0

Installation

pip install axonflow==7.0.0

Upgrade strongly recommended. Over the past month we've shipped substantial production, quality, and security hardening across the AxonFlow SDKs and platform — upgrade to the latest major for a more secure, reliable, and bug-free experience.

Security highlights from this release cycle:

• Webhook signing-key now exposed by SDK request type (this release). The webhook_signing_key (HMAC-SHA256) field on RegisterRequest was missing from the SDK type, so callers had no way to retrieve the signing key and webhook signature verification was effectively un-implementable. The field is now wired through end-to-end. Documented in GHSA-7f4h-6264-89fr.
• DO_NOT_TRACK opt-out removed in favor of AXONFLOW_TELEMETRY=off (this release). DO_NOT_TRACK was unreliable because host CLIs and runtimes commonly inject DO_NOT_TRACK=1 regardless of user intent; an explicit AxonFlow-scoped opt-out is the only signal we honor now.
• Nightly integration in strict mode against try.getaxonflow.com (this release). A canary that catches platform-side regressions affecting the SDK before they reach a release; failures auto-file a GitHub issue.

Major release across the AxonFlow SDK family. Companion releases ship the same day: TypeScript v7.0.0 / Python v7.0.0 / Go v7.0.0 (with /v7 module path migration) / Java v7.0.0. The full set of platform-side security fixes shipped alongside this release is documented in the consolidated platform advisory GHSA-9h64-2846-7x7f.

Reliability and bug-fix highlights:

• retry_context + idempotency_key for cross-step de-duplication (last cycle, v6.x). Workflow steps that retry across pod restarts no longer record duplicate audit entries; idempotency_key flows end-to-end through MAP HITL approve/reject responses.
• atexit flush so short-lived processes deliver telemetry (last cycle, v6.x). Previously a Python script that registered the client and exited immediately could lose the ping; the queue is now flushed on interpreter exit.
• Wire-shape contract CI + baseline burndown (last cycle, v6.x). PR-blocking gate that catches drift between SDK types and platform OpenAPI before consumers hit it; baseline drift list shrunk from 36 to 24 entries with 0 unannotated.

BREAKING

• DO_NOT_TRACK is no longer honored as an AxonFlow telemetry opt-out. Use AXONFLOW_TELEMETRY=off instead. Host tools and CLIs commonly inject DO_NOT_TRACK=1 regardless of user intent, which makes it unreliable as a signal.

Changed

• Telemetry switched to a 7-day delivered-heartbeat. At most one anonymous ping per environment every 7 days, with the stamp advanced only after the POST returns 2xx — a transient network failure doesn't silence telemetry until the next window. Concurrent threads are de-duplicated by an in-flight gate. Restricted environments where no cache dir is available (e.g. AWS Lambda) fall back transparently to the previous "one ping per process" behavior.
• StaticPolicy and PolicyVersion now serialize wire fields in snake_case to match the OpenAPI spec (created_at, updated_at, organization_id, tenant_id, has_override, changed_at, changed_by, change_type). camelCase aliases remain accepted on input via validation_alias=AliasChoices(...). Round-trip identity is no longer preserved for callers that built these models from camelCase dicts — code that signs, hashes, or byte-compares serialized model bodies will see a one-time shape change.

Added

• ClientRequest.skip_llm — optional flag to run policy evaluation only and return without invoking the LLM.

Fixed

• The DO_NOT_TRACK=1 is deprecated... logger.warning is no longer emitted on every client construction when DO_NOT_TRACK=1 is set.

Release v6.9.0

AxonFlow Python SDK v6.9.0

Installation

pip install axonflow==6.9.0

Minor release. New LLM-provider listing API + pagination wrappers, plus full surfacing of the LLMProvider wire shape that previous SDK versions silently dropped on parse. Coordinated cycle: TypeScript v6.2.0 / Go v6.0.0 (major: see SDKCompatibility breaking type change in that release) / Java v6.2.0 ship same day.

Added

• client.list_providers() — list configured LLM providers and their health status. Calls GET /api/v1/llm-providers, returns a list of LLMProvider records (each with optional LLMProviderHealth). Supports provider_type and enabled filters. Both async and sync entry points. Closes the parity gap with the Java SDK and the in-platform listing endpoint that's been live since v4.4.
• LLMProvider now surfaces the full provider shape: endpoint, model, region, rate_limit, timeout_seconds, and settings. Previously these fields were silently dropped on parse, so deployments couldn't introspect provider configuration via the SDK.
• client.list_providers_paged() — same arguments as list_providers() plus page / page_size, returns the full LLMProviderListResponse with pagination metadata. Use this when you need to walk multi-page responses or display pagination controls.
• client.list_all_providers() — convenience wrapper that walks every page (default page_size=100, the server-side cap) and returns the combined list. Closes the silent-truncation-at-20-providers bug in list_providers().

Fixed

• A single malformed health snapshot on one provider in a list_providers() response no longer crashes the entire call. The bad provider's health is set to None and a warning is logged; well-formed siblings parse normally.
• health_check_detailed() no longer crashes with AttributeError: 'dict' object has no attribute 'split' when the platform returns per-language min_sdk_version and recommended_sdk_version maps (the actual on-the-wire shape since v4.8.0). SDKCompatibility now declares both fields as dict[str, str] and exposes min_sdk_version_for(language) / recommended_sdk_version_for(language) helpers, matching the Java + TypeScript SDKs. Legacy bare-string responses from older platforms are normalised to a python-keyed dict so callers don't have to branch on platform version.
• examples/openai_integration.py — replaced two bare except Exception: blocks with narrow handlers (openai.OpenAIError / PolicyViolationError). The old broad catch masked SDK regressions, schema drift, and governance failures.
• examples/wcp_retry_idempotency.py — env-var name corrected from AXONFLOW_BASE_URL to AXONFLOW_AGENT_URL to match the rest of the SDK and the other examples.

Release v6.8.0

AxonFlow Python SDK v6.8.0

Installation

pip install axonflow==6.8.0

Minor release. Surfaces fields the AxonFlow agent has emitted since v7.1.0 (Plugin Batch 1) but the SDK didn't declare. Pure field-additions on existing methods — no new SDK methods, no breaking changes. Documented in OpenAPI via platform v7.4.3.

Coordinated cycle: TypeScript v6.1.0 / Go v5.8.0 / Java v6.1.0 ship same day with the same field set.

Added

• MCPCheckInputResponse gains 5 optional Plugin Batch 1 fields:
  • decision_id: str | None — audit correlator
  • risk_level: Literal["low", "medium", "high", "critical"] | None
  • policy_matches: list[ExplainPolicy] | None — per-policy explainability records
  • override_available: bool | None — whether session override is permitted for the matched policies
  • override_existing_id: str | None — already-active override consumed by this decision (if any)
• MCPCheckOutputResponse gains 3 optional fields:
  • decision_id
  • policy_matches: list[ExplainPolicy] | None
  • redacted_message: str | None — text-redaction counterpart to redacted_data (used when the connector returned a string message rather than tabular rows; e.g. execute-style responses)
• ExplainPolicy is now re-exported from axonflow.types (it was previously only in axonflow.decisions). Same Pydantic model — Python's snake_case convention naturally aligns wire-shape and SDK types, so no separate model is needed.

All fields default to None. Pre-v7.1.0 platforms return None for every field; callers should treat absence as "context not available" rather than an error.

Deferred

client.explain_decision(decision_id) and the full ExplainRule / DecisionExplanation type surface are tracked separately as feature work. This release ships only field-surfacing on existing methods.

Release v6.7.0

AxonFlow Python SDK v6.7.0

Installation

pip install axonflow==6.7.0

Minor release. Purely additive — new fields default to None, deprecated aliases preserved for compile-time compat. Coordinated with TypeScript v6.0.0 / Java v6.0.0 / Go v5.7.0 SDK releases. The wire-shape contract gate's pinned OpenAPI spec SHA bumps with the platform v7.4.2 spec corrections; one baseline drift entry (DynamicPolicyInfo) auto-resolves.

Added

• WebhookSubscription.secret — HMAC-SHA256 signing key now exposed on the response from create_webhook. Required to verify the X-AxonFlow-Signature header on inbound webhook deliveries; without it, callers couldn't validate payload authenticity. Also adds org_id and tenant_id (ownership scoping).
• StepGateRequest carries tokens_in, tokens_out, cost_usd so budget-based policies can evaluate gate-time cost estimates.
• StepGateResponse.decision_id — unique audit correlator that links a gate response to its audit row.
• ListWorkflowsResponse.limit / offset — pagination echo, surfaced on the response.
• StaticPolicy.policy_id / priority — wire-canonical fields surfaced.
• CreateStaticPolicyRequest.priority / tags and UpdateStaticPolicyRequest.priority / tags — match the spec.
• UpdatePlanRequest.metadata — accept arbitrary plan metadata, opaque to the platform.
• UsageBreakdownItem.group_by — dimension name (provider/model/agent/etc.) is now exposed on each item.
• BudgetAlert.acknowledged — alert dismissal flag.
• Budget.org_id / tenant_id — ownership scoping.
• UsageRecord gains created_at, success, error_message, latency_ms, team_id, tenant_id, user_id, workflow_id to match the wire. Legacy timestamp field is DEPRECATED (orphan read; the wire emits created_at).
• WorkflowStatusResponse.metadata — arbitrary workflow metadata.
• CreateWorkflowResponse.started_at — wire-canonical timestamp. Legacy created_at and source are DEPRECATED (orphan reads on the create response).
• ExecutionSnapshot.retry_count — number of retry attempts on a step.
• Finding.article — regulatory article reference (e.g. MAS FEAT principle number).
• PolicyOverride.id / enabled_override — wire-canonical fields. active is DEPRECATED (orphan read).
• PolicyVersion.id / policy_id / change_summary / snapshot — match the wire shape (versions are immutable snapshots, not before/after diffs). change_description, previous_values, new_values are DEPRECATED orphan reads.
• DynamicPolicyMatch.message — wire-canonical name. reason is DEPRECATED (orphan read).
• ExfiltrationCheckInfo.exceeded / limit_type — match the wire. within_limits is DEPRECATED.
• CancelPlanResponse.success — wire-canonical boolean. message is DEPRECATED (orphan read).
• PlanResponse gains the wire top-level fields success, version, result, error, workflow_execution_id, policy_info.
• ResumePlanResponse.result — final aggregated result (canonical wire field). Six fields (workflow_id, message, step_result, next_step, next_step_name, total_steps) are now DEPRECATED — none of them were populated by the resume decoder against the actual server response.
• MCPCheckInputRequest.client_id / tenant_id / user_id / user_role / user_token and MCPCheckOutputRequest.client_id / tenant_id / user_id / user_token — match the spec scoping fields.

Notes

The above is an audit-driven sweep against the wire-shape contract gate. All changes are additive (new fields default to None) or DEPRECATED-marked alias fields kept for compile-time compat. Removal scheduled for v7.

The earlier overnight claim that "Python baseline is clean" was wrong — that was a key-name confusion (Python uses per_model_drift, the others use per_type_drift); a proper audit found 36 drift entries similar in pattern to the TS+Go SDK sweeps. After this sweep, 26 drift entries remain (mostly DEPRECATED aliases retained for source-compat + Cat C entries to file separately + Plugin Batch 1 SDK additions pending platform-side spec coverage).

Two platform-side spec corrections filed alongside this work, for issues the audit surfaced where the spec was wrong (server emits the SDK's name): AISystemRegistry.materiality_classification and DynamicPolicyInfo schema. No SDK change for those — the SDK is correct.

Release v6.6.2

AxonFlow Python SDK v6.6.2

Installation

pip install axonflow==6.6.2

Fixed

• Runtime axonflow.__version__ correctly reports the installed version.
  Wheels for v6.6.1 shipped with axonflow.__version__ stuck at "6.6.0"
  because the release workflow was targeting the wrong file when bumping
  the version constant (it was rewriting axonflow/__init__.py, but the
  real constant lives in axonflow/_version.py and __init__.py only
  re-exports from there). Package metadata read by pip show was correct,
  so install/upgrade worked fine; the drift only affected code that read
  axonflow.__version__ at runtime (telemetry self-identification,
  version-gated feature detection in user code, log output). No functional
  changes — this release ships the same binary behavior as v6.6.1 with
  the runtime version correctly set to 6.6.2.

Release v6.6.1

AxonFlow Python SDK v6.6.1

Installation

pip install axonflow==6.6.1

Fixed

• Retire dead staging endpoint across the SDK. The decommissioned
  staging-eu.getaxonflow.com host was still referenced in 11 places,
  including the public AxonFlow.sandbox() factory, every example's default
  endpoint, the fixture-recording script, SECURITY.md, and CONTRIBUTING.md.
  Callers hitting any of these defaults would silently connect to a dead host.
  • AxonFlow.sandbox() now targets a local community docker-compose stack
    at http://localhost:8080 with demo-client / demo-secret credentials.
    Docstring updated to point users at the hosted registration flow
    (POST /api/v1/register + AXONFLOW_TRY=1) for the live community SaaS.
  • examples/quickstart.py, examples/gateway_mode.py,
    examples/openai_integration.py, and scripts/record_fixtures.py now
    default AXONFLOW_AGENT_URL to http://localhost:8080.
  • SECURITY.md "credentials in code" example uses the neutral
    https://axonflow.example.com placeholder.
  • CONTRIBUTING.md "Running Examples" section now documents the local
    docker-compose setup, replaces the unused AXONFLOW_LICENSE_KEY
    reference with the correct AXONFLOW_CLIENT_ID / AXONFLOW_CLIENT_SECRET
    variables, and lists the four example files that actually exist
    (previously referenced stale basic_usage.py and interceptors.py).
• Telemetry pings now deliver reliably from short-lived processes (CLI, serverless, cold-starts).
• Telemetry path is bounded at _TIMEOUT_SECONDS (3s) total; the /health probe and checkpoint POST share a single deadline instead of stacking.

Release v4.2.1

AxonFlow Python SDK v4.2.1

Installation

pip install axonflow

Changes

See CHANGELOG.md for full release details.

Release v6.6.0

AxonFlow Python SDK v6.6.0

Installation

pip install axonflow==6.6.0

Added

• Rich ApproveStepResponse / RejectStepResponse — both pydantic models
  now carry the same shape as the step-gate response: decision resolves to
  "allow" / "block", retry_context mirrors the gate response retry state,
  approved_by / approved_at / rejected_by / rejected_at carry reviewer
  identity, approval_id is the deterministic HITL queue UUID, and
  policies_matched reconstructs the governance trail. Legacy fields
  (workflow_id, step_id, status) remain for back-compat; every new field
  is optional so older server responses still deserialize cleanly.
• plan_id on approve/reject responses — populated when the response
  comes from the MAP plan-scoped endpoint; empty on WCP plane responses.
  Same models work across both endpoints.
• get_pending_plan_approvals — new client method that lists MAP-plane
  pending approvals (GET /api/v1/plans/approvals/pending), the counterpart
  of get_pending_approvals for the WCP plane. Accepts an optional
  plan_id argument so reviewer tools can scope the listing to one plan.
  Available on Evaluation+ licenses (same tier gate as the MAP step
  approve/reject endpoints). Sync wrapper exposed via
  SyncAxonFlow.get_pending_plan_approvals.
• PendingApproval.plan_id — populated on MAP-plane entries, None on
  WCP-plane entries. Mirrors the approve/reject asymmetry. PendingApproval
  also gains step_index, decision, decision_reason, policies_matched,
  step_input, and approval_status so reviewer tools can render the full
  approval context without a second request.

Fixed

• approve_step / reject_step / get_pending_approvals endpoint URLs —
  all three previously targeted non-existent paths under
  /api/v1/workflow-control/ and would fail against a real AxonFlow server.
  Corrected to the canonical /api/v1/workflows/{id}/steps/{step_id}/(approve|reject)
  and /api/v1/workflows/approvals/pending routes. Customers using these
  methods against a live deployment were receiving 404s; this release makes
  them work.
• PendingApprovalsResponse field names aligned with the wire shape —
  the model previously declared approvals and total, which never matched
  the server response (pending_approvals and count). Renamed fields.
  Callers that read response.approvals or response.total must update to
  response.pending_approvals / response.count.

Deprecated

• DO_NOT_TRACK=1 as an AxonFlow telemetry opt-out — scheduled for removal after 2026-05-05 in the next major release. Use AXONFLOW_TELEMETRY=off instead. The SDK emits a one-line migration warning when DO_NOT_TRACK=1 is the active control and AXONFLOW_TELEMETRY=off is not also set.

Unchanged

• approve_step(workflow_id, step_id) / reject_step(workflow_id, step_id, reason)
  method signatures are unchanged — only the response fields grew.