Version Packages#5767
Open
aao-release-bot[bot] wants to merge 1 commit into
Open
Conversation
![aao-release-bot[bot]](https://avatars.githubusercontent.com/u/221690821?s=60&v=4){kind=small}
Contributor
Author
There was a problem hiding this comment.
Argus is not auto-reviewing this PR because it is a generated Changesets release PR.
A human release reviewer should verify CI, package/version/changelog changes, and generated dist/** artifacts. Argus will resume on source PRs before the next release PR is generated.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.
Releases
adcontextprotocol@3.2.0
Minor Changes
GET /api/registry/feed/streamas the 3.x Server-Sent Events transport for cursor-based registry feed pages, with heartbeat events while caught up and reconnect recovery through the persisted cursor.GET /api/registry/feedresponses now include requiredfreshnessmetadata (generated_at,latest_event_created_at,lag_seconds,retention_days) so consumers can monitor mirror lag for their selected type filter. Freshness and feed queries are bounded to the 90-day retention window; SDKs should treat the SSE endpoint as the preferred transport and fall back to polling/api/registry/feed.tmpx_providerson IdentityMatchResponse so the router preserves per-provider TMPX attribution across fan-out. The router collects one TMPX token per identity provider that emitted one and exposes them as aprovider_id→ token map; the publisher trafficks{TMPX_<provider_id>}in their ad server (GAM key-value, VAST URL macro, DOOH play-log field) and substitutes each value verbatim.provider_idinprovider-registration.jsongains a charset constraint (^[A-Za-z0-9_]+$, max 64) so the synthesized macro name is always a legal ad-server token without further encoding. The legacy single-tokentmpxfield is deprecated (still emitted by routers as a transitional convenience for consumers that haven't migrated; removed in 4.0). Router-architecture.mdx §"Identity Match fan-out" gains a normativeTMPX collectionparagraph that MUSTs the map on multi-provider fan-outs and forbids collapsing per-provider tokens into a single string. Schematmp/identity-match-response.jsonadds the new field; the IdentityMatchResponse and Provider Registration field tables in specification.mdx surface the new shape and the macro-trafficking model. Provider-declared macro names plus multi-chunk TMPX values are tracked as a follow-up gated on routers actually hitting the 255-char macro budget in production.Patch Changes
6f9bdff: Add
media_buy.governance_awarecapability toget-adcp-capabilities-responseand gate thegovernance_denied/governance_denied_recoverystoryboards on it, so sellers without outbound governance consultation gradenot_applicableinstead of false-failing on aGOVERNANCE_DENIEDthey cannot produce. Addresses governance_denied/_recovery have no requires_capability opt-out — mandatory via sync_governance with no not_applicable path #5665 (Option A).654fcfe: Clarify broadcast product/reporting ownership, correct the broadcast compliance channel fixture to
linear_tv, and document that scheduled broadcast buys should not be modeled asnon_guaranteedsolely because third-party audience measurement settles later.ba72da7: Fix hosted compliance auth defaults so static fixture API keys are only inferred for fixture-backed runs, align the async media-buy submitted-state fixture account with the create request, and mark governance-denial storyboards as multi-agent scenarios routed through seller and governance agents.
c48c057: Clarify that
get_productspagination is valid in all buying modes, withbriefandrefinepagination bounding returnedproducts[]in curated results whilewholesalepagination walks the product feed. Add conformance coverage for the deterministic wholesale cursor walk without treating brief/refine as exhaustive catalog enumeration.d3f1af9: Add stable schema discovery pointers at
/schemas/index.jsonand/schemas/latest.json, mark prerelease schema directories in root discovery metadata, and keep major/minor schema aliases pointed at stable releases.81496a5: Apply residual prose cleanups to the
sponsored_context_accountabilitystoryboard: theprerequisites.descriptionsecond paragraph and thesi_send_message_presentation_acceptedstep narrative both still implied dynamic host-echo / different-identity substitution, contradicting the fixed Acme literal fixture the storyboard actually uses. Reword both spots to scope the prose to the static Acme fixture per @bokelley's feat(si): sponsored_context_accountability storyboard (first pass) #5551 review (2026-06-17 13:15 UTC).7c237fc: TMP: provider-scoped TMPX macro trafficking with declared macro names + multi-chunk support. Builds on the
tmpx_providersmap shipped in feat(trusted-match): tmpx_providers map + provider_id charset constraint #5689; reframes the contract to communicate exact macro/value pairs (not provider_id→token strings) and supports values that exceed a single ad-server macro slot.Provider registrations declare a stable, provider-namespaced list of ad-server macro names in
tmpx_macros(e.g.["PIN_TMPX_1", "PIN_TMPX_2"]) — the names the publisher actually trafficks in GAM / VAST URLs / DOOH play logs. The identity-agent response emitstmpx_macros[]as ordered{name, value}pairs filling those slots. The router merges per-provider intotmpx_providers: { provider_id: { macros: [{name, value}] } }on the response so the publisher walks each provider's pairs and substitutes eachvalueverbatim into the slot named byname. Multi-chunk values are capped at 2 per provider in v1; the cap MAY rise without a shape change. Macro names MUST NOT be derived fromprovider_idat runtime — trafficking is configured against the registered names ahead of time.Breaking change to an experimental surface (sanctioned by
x-status: experimental):tmpx_providerswas introduced in feat(trusted-match): tmpx_providers map + provider_id charset constraint #5689 asMap<provider_id, string>(opaque token per provider). It is reshaped here toMap<provider_id, {macros: [TmpxMacro]}>. Consumers that adopted the v1 shape between feat(trusted-match): tmpx_providers map + provider_id charset constraint #5689 and this change MUST migrate to read each provider'smacros[*].valuerather than a single string. The legacy singulartmpxfield remains supported through 3.x (removed in 4.0).Experimental notice window.
docs/reference/experimental-status.mdxrecommends ~6 weeks of published notice before a breaking change to an experimental surface.tmpx_providersshipped in feat(trusted-match): tmpx_providers map + provider_id charset constraint #5689 days ago, so the literal 6-week window can't apply here; in practice nobody could have adopted a field that didn't exist 6 weeks ago, so the risk is bounded. Adopters of the v1 shape (if any) should consult this changeset's migration sketch and pin to the latest schema release before deploying.Dual-shape alias waiver. The experimental policy asks for an alias accepting both the old (
Map<provider_id, string>) and new (Map<provider_id, {macros: [TmpxMacro]}>) forms "where feasible" — typically via aoneOfonadditionalPropertiesduring transition. Skipped here because the v1 shape is hours old and the surface isx-status: experimental; the dual-shape carrying cost (validator complexity, ambiguous consumer code paths, perpetual deprecation tail) outweighs the migration cost for a window where the field had no realistic adopters. Routers that want belt-and-suspenders compatibility for any caller that did read the v1 shape MAY mirror one provider's first-slotvalueinto the deprecated singulartmpxfield; that path is already specified.Schema updates:
tmp/provider-registration.jsonaddstmpx_macros;tmp/identity-match-response.jsonaddstmpx_macros(provider-side) and reshapestmpx_providers(router-merged), plus a sharedTmpxMacrodefinition. Spec narrative: IdentityMatchResponse and Provider Registration field tables surface the new fields and the reshape;§Inventory-specific behaviorwalks the per-macro substitution flow;§Identity Match fan-outin router-architecture.mdx gets a rewritten normative TMPX-collection paragraph.e8c21cc: Rename the canonical Trusted Match schema source directory from
tmptotrusted-match, update registry references and examples to the self-describing path, and add schema discovery metadata for protocol layers plus prerelease supersession. Hosted schema routing keeps legacy/schemas/{version}/tmp/...URLs working by falling back to the canonicaltrusted-matchfiles when a historicaltmpartifact is not present.