v0.47.1: caller-owned workflow search attributes

Summary

• stop auto-injecting SessionID into Temporal workflow search attributes for sessionful runs
• keep session ownership strict by rejecting mismatched caller-supplied SessionID values and any SessionID on one-shot runs
• document workflow search attributes as caller-owned engine metadata

Verification

• go test ./runtime/agent/runtime
• make test
• make lint

v0.46.11: replay-safe activity retries

Summary

• make hook publishing and execute-tool retries replay-safe through stable logical identities and durable result replay
• restore default retries for hook and execute-tool activities once exact-once contracts are in place
• keep Temporal completion/query behavior and generated registry output aligned with the new retry-safe defaults

Verification

• make lint
• make test
• go test ./runtime/agent/runtime ./codegen/agent/...

v0.46.10: durable workflow contract hardening

Summary

• move Temporal queue-wait and liveness tuning behind the engine while keeping runtime timing semantics engine-agnostic
• harden durable RunCompleted repair across Wait, lazy reads, non-empty tail pages, and restart-time recovery
• preserve transcript replay compatibility for legacy persisted tool-call and thinking event payloads, and keep provider completion metadata intact through Temporal error serialization

Verification

• go test ./runtime/agent/runtime ./runtime/agent/engine/... ./runtime/agent/memory ./runtime/agent/transcript ./runtime/agent/hooks ./codegen/agent -count=1

v0.46.9: Runtime-owned bounded result contracts

Why this release matters

v0.46.9 makes bounded tool outputs a strict runtime contract instead of a best-effort convention. This removes ambiguity at tool/result boundaries, hardens await flows, and keeps model-facing payloads clean while preserving complete metadata for runtime consumers.

Highlights

• Runtime-owned bounds contract

  • Bound metadata (returned, total, truncated, optional continuation fields) is now owned and enforced by the runtime across all ingress paths (normal execution and await-provided results).
  • Bounded tools must provide bounds on success; unbounded/error paths cannot smuggle bounds metadata.

• Canonical result materialization and encoding

  • Tool result encoding/materialization now applies a single canonical path for bounded metadata.
  • Registry/executor paths now carry bounds explicitly and reconstruct planner bounds deterministically.

• Codegen alignment with runtime contracts

  • Generated executors/providers project and emit bounds in the runtime-owned shape.
  • Bounded-result schema generation and transforms are unified around a shared contract definition.

• DSL + docs + tests synchronized

  • DSL validation, runtime docs, and golden/runtime tests were updated together so authored templates and emitted contracts agree.
  • Result hint semantics are explicit: semantic payload under .Result, bounded metadata under .Bounds.

Contract changes to be aware of

These are intentional strictness upgrades:

• Successful bounded results without bounds are rejected.
• Truncated bounded results must include continuation (next_cursor) or refinement_hint.
• Provided await tool results enforce strict envelope semantics at the boundary.

If you were relying on permissive behavior or inferred bounds from payload shape, update to the explicit runtime-owned contract.

Included PRs

• #97 — runtime/codegen: enforce runtime-owned bounded result contracts

Verification

• CI on main is green for the release commit.

Full diff

• v0.46.8...v0.46.9

v0.46.8

Highlights

• The planner boundary now carries executed tool history as canonical ToolOutputs rather than ToolResults, preserving raw payload/result bytes and omitted-result metadata across workflow boundaries.
• Nested agent runs can now finalize with a canonical FinalToolResult, letting child planners own the parent tool contract directly.
• Runtime-side agent-tool aggregation and finalizer shims have been removed, shrinking the runtime surface and keeping parent adaptation focused on durable transport plus child-run linkage.

Upgrade notes

• planner.PlanResumeInput and runtime.PlanActivityInput now expose ToolOutputs as the sole planner-facing execution-history field. Code that previously depended on ToolResults at that boundary must switch to ToolOutputs.
• Nested planners that own the outer tool contract should return PlanResult.FinalToolResult instead of relying on runtime-side agent-tool finalization behavior.
• Runtime-side agent-tool aggregation hooks have been removed. Integrations using AgentToolConfig.JSONOnly, AgentToolConfig.Finalizer, aggregate-key configuration, or the old aggregation payload helpers must move that ownership into the child planner/runtime.
• The runtime now rejects invalid terminal planner results that set both FinalResponse and FinalToolResult.

Verification

• go test ./runtime/agent/runtime
• make lint

v0.46.7

Highlights

• Agent-as-tool registrations may omit consumer-side prompt content. When no content is configured, the child run’s initial user message defaults to the canonical JSON tool payload bytes.
• Consumer-side rendering knobs are grouped under AgentToolContent.

Upgrade notes

• If you construct AgentToolConfig with a composite literal and set Templates, Texts, PromptSpecs, or Prompt, move those into the embedded AgentToolContent field:
  • AgentToolConfig{AgentToolContent: runtime.AgentToolContent{Texts: ...}}
  • Option-based configuration (WithText, WithTemplate, WithPromptSpec, etc.) is unchanged.

Docs

• Updated runtime + DSL docs to reflect the provider-owned prompt rendering model and the payload-bytes default.

v0.46.6: explicit one-shot run contract

Highlights

• Add an explicit one-shot execution API for sessionless request/response flows:
  • Runtime.RunOneShot(...)
  • AgentClient.OneShotRun(...)
• Keep sessionful execution strict while making sessionless execution first-class and explicit.

Runtime contract changes

• Sessionful starts (Run/Start) remain strict and continue to require a valid session.
• One-shot starts reject session-bound semantics (SessionID/SessionID search attribute) by contract.
• One-shot events append to the canonical run log while bypassing session store and session-stream side effects.

Internal quality

• Refactor client input construction to reduce duplication and clarify execution-mode contracts.
• Add dedicated tests for one-shot start behavior and hook/runlog semantics.

Pull request

• #93

v0.46.5

What's Changed

• runtime: make tool DisplayHint typed and durable by @raphael in #92

Full Changelog: v0.46.4...v0.46.5

v0.46.4: preserve child ToolArgs handoff contract

Summary

• preserve canonical parent tool payload bytes when populating child run ToolArgs for agent-as-tool handoff
• remove silent ToolArgs loss path caused by re-encoding raw payload bytes through typed payload codecs
• add runtime regression coverage to lock canonical ToolArgs propagation across parent->child boundaries

Highlights

This release fixes a contract regression where child runs could receive null ToolArgs even when the parent tool payload was present, causing prompt template rendering failures in nested planners.

v0.46.3: RawJSON boundary hardening and stable codegen tests

Awesome release highlights

• Hardens workflow/activity JSON boundaries by migrating runtime tool payload/result fields to rawjson.RawJSON.
• Removes duplicate/unused rawjson imports in generated service executors with a single-source import decision.
• Stabilizes golden tests across generated header variants (goa vs goa vX) to avoid noisy false failures.
• Adds dedicated rawjson unit coverage (empty/null normalization, invalid JSON rejection, round-trips).
• Aligns runtime tests/lint expectations for empty payload semantics under RawJSON.

Verification

• make test passes on the release commit.
• PR checks green before merge (build, integration-tests).