ContractSpecContractSpec

Start with OSS

Back to changelog index

6.7.1

Jun 01, 2026 · 3 packages · 8 unique changes · 1 release entry

appsBreaking changes

This release affects the solutions family.

Run contractspec connect adoption resolve --family solutions to see how it impacts your project.

Release summaries

  • api-monolith-elysia-convergence

    Converge api-library builder/channel/control-plane/webhook/schema hosting into the api-application-monolith Elysia host (AuthOS service principals + Drizzle/RLS); api-library reduced to markdown + webhooks.

    maintainer

    api-application-monolith becomes a single Elysia host (api/index.js @vercel/node entry; vercel.elysia.json prepared builds config, NOT yet active). All 39 Next routes are re-authored as Elysia handlers. Auth unifies on AuthOS + identity-rbac via better-auth; webhook/cron machine callers resolve to AuthOS service principals (D2-B monolith-contained projection, managed_companyos_service_principals + reused authos_projections). Channel/builder runtime persists via FORCE-RLS tables under managed_companyos_channel / managed_companyos_builder schemas, reusing the integration.runtime/builder Postgres stores on a leak-proof tenant-scoped pool. control_plane_skill_installations is a deliberate GLOBAL platform registry (not tenant-scoped).

    integrator

    Endpoint host moves from the api-library Vercel project to the api-application-monolith project. api-library now serves ONLY /mdx markdown + the provider webhook ingress (Slack/Telegram/GitHub/ WhatsApp), kept LIVE until provider webhook URLs are repointed. cli-contractspec's blackbox test imports channelControlPlaneHandler + the channel runtime resource accessors from the monolith package entry (C4). CONTROL_PLANE_API_CAPABILITY_GRANTS is retired in favor of identity-rbac capabilities projected from the machine token.

    maintainer

    Control-plane reads are now tenant-scoped; cross-tenant aggregation requires the explicit control-plane.platform-audit capability, provisioned via a dedicated platform-operator service principal (CONTROL_PLANE_PLATFORM_OPERATOR_TOKEN → [control-plane.audit, control-plane.platform-audit], no tenant). The two in-process schedulers become Vercel crons (/api/cron/channel-dispatch + /api/cron/connect-review-sweep), each iterating active tenants per-tenant on RLS-scoped connections.

Deprecations

  • - api-library no longer hosts builder/channel/control-plane/schema or the in-process schedulers; those are served by the monolith.
  • - The CONTROL_PLANE_API_CAPABILITY_GRANTS env string is retired; capabilities are projected from the machine principal (identity-rbac).

Migration guide

  • Move webhook/cron/control-plane env vars to the monolith

    Required

    Set on the api-application-monolith Vercel project: SLACK_SIGNING_SECRET, TELEGRAM_WEBHOOK_SECRET_TOKEN, WHATSAPP_META_APP_SECRET/WHATSAPP_META_VERIFY_TOKEN/WHATSAPP_TWILIO_AUTH_TOKEN, GITHUB_WEBHOOK_SECRET, CHANNEL_DISPATCH_TOKEN, CRON_SECRET, CONTROL_PLANE_API_TOKEN, the channel/builder runtime DB URL (LSSM_STUDIO_DATABASE_URL), and (optionally) CONTROL_PLANE_PLATFORM_OPERATOR_TOKEN. Retire CONTROL_PLANE_API_CAPABILITY_GRANTS.

  • Vercel project responsibility shift

    Required

    The api-application-monolith project becomes the Elysia host (apply the prepared vercel.elysia.json builds config at the deploy-flip — human-gated). The contractspec-library-api project is retained for markdown + the gated webhook survivor.

  • Provider webhook re-registration runbook (human-gated, OQ-2)

    Required

    Before the deploy-flip, repoint each provider webhook URL (Slack/Telegram/GitHub/WhatsApp Meta+Twilio) from the api-library domain to the monolith host in the provider dashboards; confirm inbound traffic on the monolith. Keep api-library webhook routes LIVE until each URL is confirmed repointed (documented inbound-outage window + rollback = revert the provider URL). Strip api-library webhook routes in a FOLLOW-UP after repoint is confirmed. The vercel.json deploy-flip + webhook-route strip are NOT part of this change.

  • Apply 0006 channel/builder runtime migration

    Required

    Apply db/migrations/0006_channel_builder_runtime.sql (FORCE RLS + tenant_id DEFAULT current_setting + (tenant_id,id) unique + app-role grants; reversible via 0006_*.down.sql). Run companyos:db:prove-rls:test (incl. the scheduler-context cross-tenant zero-leak proof) against a real Postgres.

Upgrade steps

  • Adopt the converged Elysia host

    assisted

    Build with `bun run build:elysia`; the host composes auth, companyos/waitlist/special-ops, builder, webhooks, channel, crons, and schema; live behind the prepared (not-yet-active) builds config until the deploy-flip.

    Packages: @lssm-tech/app.api-application-monolith, @lssm-tech/app.api-library, @lssm-tech/app.cli-contractspec

Unique release changes

  • - api-library no longer hosts builder/channel/control-plane/schema or the in-process schedulers; those are served by the monolith.

    3 packages · 3 occurrences

  • - Apply db/migrations/0006_channel_builder_runtime.sql (FORCE RLS + tenant_id DEFAULT current_setting + (tenant_id,id) unique + app-role grants; reversible via 0006_*.down.sql). Run companyos:db:prove-rls:test (incl. the scheduler-context cross-tenant zero-leak proof) against a real Postgres.

    3 packages · 3 occurrences

  • - Before the deploy-flip, repoint each provider webhook URL (Slack/Telegram/GitHub/WhatsApp Meta+Twilio) from the api-library domain to the monolith host in the provider dashboards; confirm inbound traffic on the monolith. Keep api-library webhook routes LIVE until each URL is confirmed repointed (documented inbound-outage window + rollback = revert the provider URL). Strip api-library webhook routes in a FOLLOW-UP after repoint is confirmed. The vercel.json deploy-flip + webhook-route strip are NOT part of this change.

    3 packages · 3 occurrences

  • - Build with `bun run build:elysia`; the host composes auth, companyos/waitlist/special-ops, builder, webhooks, channel, crons, and schema; live behind the prepared (not-yet-active) builds config until the deploy-flip.

    3 packages · 3 occurrences

  • - Converge api-library builder/channel/control-plane/webhook/schema hosting into the api-application-monolith Elysia host (AuthOS service principals + Drizzle/RLS); api-library reduced to markdown + webhooks.

    3 packages · 3 occurrences

  • - Set on the api-application-monolith Vercel project: SLACK_SIGNING_SECRET, TELEGRAM_WEBHOOK_SECRET_TOKEN, WHATSAPP_META_APP_SECRET/WHATSAPP_META_VERIFY_TOKEN/WHATSAPP_TWILIO_AUTH_TOKEN, GITHUB_WEBHOOK_SECRET, CHANNEL_DISPATCH_TOKEN, CRON_SECRET, CONTROL_PLANE_API_TOKEN, the channel/builder runtime DB URL (LSSM_STUDIO_DATABASE_URL), and (optionally) CONTROL_PLANE_PLATFORM_OPERATOR_TOKEN. Retire CONTROL_PLANE_API_CAPABILITY_GRANTS.

    3 packages · 3 occurrences

  • - The api-application-monolith project becomes the Elysia host (apply the prepared vercel.elysia.json builds config at the deploy-flip — human-gated). The contractspec-library-api project is retained for markdown + the gated webhook survivor.

    3 packages · 3 occurrences

  • - The CONTROL_PLANE_API_CAPABILITY_GRANTS env string is retired; capabilities are projected from the machine principal (identity-rbac).

    3 packages · 3 occurrences

Impacted packages

  • @lssm-tech/app.api-application-monolith

    Layer: apps · 8 changes

  • @lssm-tech/app.api-library

    Layer: apps · 8 changes

  • @lssm-tech/app.cli-contractspec

    Layer: apps · 8 changes