--- title: "HELM Changelog" canonical: "https://helm.docs.mindburn.org/changelog" source: "helm-ai-enterprise/CHANGELOG.md" edit: "https://github.com/Mindburn-Labs/helm-ai-enterprise/edit/main/CHANGELOG.md" section: "changelog" access: "public" sensitivity: "public" last_reviewed: "2026-05-05" checksum_sha256: "sha256:eeffde2bf69e89e91e5f6a8aed0c00dbc565ea901193de041dd54718390825a1" build_timestamp: "2026-05-24T13:40:27.882Z" --- # Changelog ## Audience This changelog is for developers, operators, security reviewers, and evaluators tracking public HELM product, Console, Teams, Enterprise, and reference changes across releases. ## Outcome After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. ## Source Truth - Public route: `changelog` - Source document: `helm-ai-enterprise/CHANGELOG.md` - Public manifest: `helm-ai-enterprise/docs/public-docs.manifest.json` - Source inventory: `helm-ai-enterprise/docs/source-inventory.manifest.json` - Validation: `corepack pnpm run docs:coverage`, `corepack pnpm run docs:truth`, and `npm run coverage:inventory` from `docs-platform` Do not expand this page with unsupported product, SDK, deployment, compliance, or integration claims unless the inventory manifest points to code, schemas, tests, examples, or an owner doc that proves the claim. ## Troubleshooting | Symptom | First check | | --- | --- | | A link or route is missing from the docs website | Check `docs/public-docs.manifest.json`, `llms.txt`, search, and the per-page Markdown export before changing navigation. | | A claim is not backed by code or tests | Remove the claim or add the missing code, example, schema, or validation command before publishing. | All notable changes to the HELM AI Enterprise/control-plane surface are documented in this file. HELM AI Kernel release notes are surfaced here as a pointer because the HELM docs site also hosts the OSS pages under `/helm-ai-kernel/*`. ## HELM AI Kernel v0.4.0 — 2026-04-25 Latest public Kernel release: . Use [/helm-ai-kernel/changelog](/helm-ai-kernel/changelog) for the full Kernel release notes. The `v0.4.0` GitHub release published platform binaries for Darwin, Linux, and Windows, `SHA256SUMS.txt`, `sbom.json`, `release-attestation.json`, `evidence-pack.tar`, `release.high_risk.v3.toml`, `helm-ai-enterprise.mcpb`, and `helm-ai-enterprise.rb`. The tag is `v0.4.0`; no public major-version HELM AI Kernel GitHub release was found in the 2026-05-05 release audit. ## [3.0.0] — 2026-02-21 ### Added - **`@mindburn/helm-ai-enterprise` CLI v3** — `npx @mindburn/helm-ai-enterprise` for one-command verification with progressive disclosure, cryptographic proof (Ed25519 + real Merkle tree), and HTML evidence reports. - **v3 bundle format spec** (`docs/cli_v3/FORMAT.md`) — canonicalization rules, Merkle tree construction, attestation schema. - **Key rotation policy** (`docs/cli_v3/KEYS.md`). - **Release pipeline** — evidence bundle build job with Ed25519 attestation signing in `release.yml`. - **Verification guide** (`docs/verify.md`). ### Security - **Removed `.env.release`** containing plaintext tokens from repo and git history. - **Purged 376MB of compiled binaries** from `artifacts/` tracked in git history via `git filter-repo`. - **Hardened `.gitignore`** — secrets hard lock (`.env*`, `*.key`, `*.pem`), `artifacts/` blanket ignore. - Removed committed encrypted cookie from `core/pkg/console/.auth/`. ### Removed - `cli/` directory (v2, superseded by `packages/mindburn-helm-ai-enterprise-cli/`). - Internal planning docs: `OSS_CUTLINE.md`, `UNKNOWNs.md`, TITAN docs, investment memo. - Dead redirect stubs for `HELM_Unified_Canonical_Standard.md`. ## [0.1.1] — 2026-02-19 ### Fixed - Resolved `MockSigner` build failure in `core/pkg/guardian` by implementing missing `PublicKeyBytes`. - Fixed redundant signature assignment in `Ed25519Signer.SignDecision`. - Standardized `ImmunityVerifier` hashing logic and cleaned up misleading test comments. - Corrected version display in `helm-ai-enterprise` CLI help output. ### Improved - Increased `governance` package test coverage from 60.8% to 79.5%. - Added comprehensive unit tests for `LifecycleManager`, `PolicyEngine`, `EvolutionGovernance`, `SignalController`, and `StateEstimator`. ## [0.1.0] — 2026-02-15 ### Added - **Proxy sidecar** (`helm-ai-kernel proxy`) — OpenAI-compatible reverse proxy. One line changed, every tool call gets a receipt. - **SafeExecutor** — single execution boundary with schema validation, hash binding, and signed receipts. - **Guardian** — policy engine with configurable tool allowlists and deny-by-default. - **ProofGraph DAG** — signed nodes (INTENT, ATTESTATION, EFFECT, TRUST_EVENT, CHECKPOINT) with Lamport clocks and causal `PrevHash` chains. - **Trust Registry** — event-sourced key lifecycle (add/revoke/rotate), replayable at any height. - **WASI Sandbox** — deny-by-default (no FS, no net) with gas/time/memory budgets and deterministic trap codes. - **Approval Ceremonies** — timelock + deliberate confirmation + challenge/response, suitable for disputes. - **EvidencePack Export** — deterministic `.tar.gz` with sorted paths, epoch mtime, root uid/gid. - **Replay Verify** — offline session replay with full signature and schema re-validation. - **CLI** — 11 commands: `proxy`, `export`, `verify`, `replay`, `conform`, `doctor`, `init`, `trust add/revoke`, `version`, `serve`. - **SDK Stubs** — TypeScript and Python client libraries. - **Regional Profiles** — US, EU, RU, CN with Island Mode for network partitions. - **12 executable use cases** with scripted validation. - **Conformance gates** — L1 (kernel invariants) and L2 (profile-specific). ### Security - Fail-closed execution: undeclared tools are blocked, schema drift is a hard error. - Ed25519 signatures on all decisions, intents, and receipts. - ArgsHash (PEP boundary) cryptographically bound into signed receipt chain. - 8-package TCB with forbidden-import linter. ## Diagram ```mermaid flowchart TD subgraph Ingestion["1. Ingestion & Context Plane"] source["Changelog"] s0["HELM AI Kernel v0.4.0 — 2026-04-25"] s1["[3.0.0] — 2026-02-21"] s2["[0.1.1] — 2026-02-19"] s3["[0.1.0] — 2026-02-15"] output["Reader outcome"] end %% Operational Flow Edges source --> s0 s0 --> s1 s1 --> s2 s2 --> s3 s3 --> output %% Premium Styling Rules ```