You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Agents evolve. Breaking changes ship. Consumers need time to migrate. Yet today, ARD provides no mechanism for publishers to communicate:
How many versions are concurrently available — Can consumers still use v1.x while v2.0 is live? For how long?
What's coming next — Is a breaking change imminent? Can I discover preview/beta versions to plan ahead?
Migration expectations — How long do I have before the old version disappears? Will I be force-upgraded?
Impact assessment — Is this a minor patch or a rewrite that breaks my integration?
The existing spec has only an optional version string with no semantics. #45 (@marianogonzalez) adds lifecycle and deprecation — which answers "this version is dying." But consumers also need the forward-looking signal: "here's what's coming, when, and what it means for you."
This is especially critical in multi-registry/federated environments where consumers may be in a different organization than the publisher, with no out-of-band channel to learn about upcoming changes.
Prior Art & Dependencies
Spec Proposal: No Lifecycle or Deprecation Model #45 (@marianogonzalez) — Lifecycle / Deprecation Model: Defines deprecated.replacedBy, endOfLifeDate, breakingChanges, migrationGuide. Our proposal is the forward-looking complement — signaling what's coming before deprecation happens, and formalizing the multi-version availability contract.
Spec Proposal: Deployment metadata #44 (@marianogonzalez) — Deployment Metadata: Different versions may have different instance deployments (v2 only in us-east-1 during canary). Release policy and deployment metadata compose naturally.
Spec Proposal: Dependencies manifest #42 (@marianogonzalez) — Dependencies Manifest: A new version may change its dependency requirements (e.g., identityType moves from API key to OBO). Release notes should surface dependency-breaking changes so consumers can pre-flight before upgrading.
Semver (semver.org) — Industry standard for version numbering. This proposal does not mandate semver but provides a field to declare the versioning strategy.
Proposal: releasePolicy
Add an optional releasePolicy object to catalog entries that communicates the publisher's version management contract:
Versioning scheme used (semver, calver, incremental, custom)
concurrentVersionsSupported
integer
OPTIONAL
How many versions the publisher runs simultaneously (e.g., 2 = current + previous)
migrationWindow
duration (ISO 8601)
OPTIONAL
Default time given to consumers between a new release and the previous version's EOL
availableVersions
array
REQUIRED
All currently available (or announced) versions
releaseNotes
object
OPTIONAL
Keyed by version string; describes changes
deprecationPolicy
object
OPTIONAL
Publisher's commitment on how deprecation is handled
availableVersions[] Entry
Field
Type
Required
Description
version
string
REQUIRED
Version identifier
status
enum
REQUIRED
preview
releasedAt
datetime
OPTIONAL
When this version became available
expectedRelease
datetime
OPTIONAL
For preview — when GA is planned
lastModifiedAt
datetime
OPTIONAL
When this version's card content was last updated (without a version bump). Consumers can use this to detect if their cached discovery result is stale
contentDigest
string
OPTIONAL
Hash of the version's card content (algorithm-prefixed, e.g. sha256:...). Enables consumers to verify their cached copy matches the current canonical content without re-fetching the full card
supportedUntil
datetime
OPTIONAL
When support/availability ends
url
uri
OPTIONAL
Version-specific endpoint (if different from the entry's url)
releasePolicy is the forward-looking complement to #45's deprecation model. Together: #45 says "v1 is deprecated"; releasePolicy says "v3 is coming in 90 days with these breaking changes"
The Problem
Agents evolve. Breaking changes ship. Consumers need time to migrate. Yet today, ARD provides no mechanism for publishers to communicate:
The existing spec has only an optional
versionstring with no semantics. #45 (@marianogonzalez) adds lifecycle and deprecation — which answers "this version is dying." But consumers also need the forward-looking signal: "here's what's coming, when, and what it means for you."This is especially critical in multi-registry/federated environments where consumers may be in a different organization than the publisher, with no out-of-band channel to learn about upcoming changes.
Prior Art & Dependencies
deprecated.replacedBy,endOfLifeDate,breakingChanges,migrationGuide. Our proposal is the forward-looking complement — signaling what's coming before deprecation happens, and formalizing the multi-version availability contract.us-east-1during canary). Release policy and deployment metadata compose naturally.identityTypemoves from API key to OBO). Release notes should surface dependency-breaking changes so consumers can pre-flight before upgrading.Proposal:
releasePolicyAdd an optional
releasePolicyobject to catalog entries that communicates the publisher's version management contract:{ "identifier": "urn:air:acme.com:finance:invoice-processor", "version": "2.0.0", "releasePolicy": { "versioningStrategy": "semver", "concurrentVersionsSupported": 2, "migrationWindow": "P90D", "availableVersions": [ { "version": "1.5.2", "status": "stable", "releasedAt": "2025-11-01T00:00:00Z", "supportedUntil": "2027-01-01T00:00:00Z", "url": "https://api.acme.com/agents/invoice/v1" }, { "version": "2.0.0", "status": "stable", "releasedAt": "2026-06-01T00:00:00Z", "lastModifiedAt": "2026-06-25T14:00:00Z", "contentDigest": "sha256:a3f2b8c9d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1", "url": "https://api.acme.com/agents/invoice/v2" }, { "version": "3.0.0-beta", "status": "preview", "expectedRelease": "2026-09-01T00:00:00Z", "url": "https://preview.acme.com/agents/invoice/v3" } ], "releaseNotes": { "3.0.0-beta": { "breakingChanges": [ "Authentication changed from API key to OAuth2", "Response schema now uses ISO 8601 dates", "Removed legacy XML output format" ], "newCapabilities": ["batch_processing", "multi_currency"], "removedCapabilities": ["xml_export"], "dependencyChanges": [ { "identifier": "urn:air:salesforce.com:mcp:sales-cloud", "change": "minVersion bumped from 2.x to 3.0.0" } ], "impactAssessment": "high", "migrationGuide": "https://docs.acme.com/invoice-v3-migration" } }, "deprecationPolicy": { "minimumNotice": "P60D", "gracePeriodAfterEOL": "P30D", "forceUpgradeAllowed": false } } }Field Definitions
Top-Level Fields
versioningStrategysemver,calver,incremental,custom)concurrentVersionsSupported2= current + previous)migrationWindowavailableVersionsreleaseNotesdeprecationPolicyavailableVersions[]EntryversionstatuspreviewreleasedAtexpectedReleasepreview— when GA is plannedlastModifiedAtcontentDigestsha256:...). Enables consumers to verify their cached copy matches the current canonical content without re-fetching the full cardsupportedUntilurlurl)releaseNotes[version]breakingChangesnewCapabilitiesremovedCapabilitiesdependencyChangesimpactAssessmentlowmigrationGuidedeprecationPolicyminimumNoticegracePeriodAfterEOLforceUpgradeAllowedDiscovery Value
supportedUntilimpactAssessment: high+breakingChanges= don't auto-upgrade blindlydependencyChangestells you if your credentials/access still work after upgradedeprecationPolicy.minimumNotice= contractual guarantee on migration timelastModifiedAt+contentDigestlets any consumer detect if their cached v2.0 card has gone stale — even without a version bumpcontentDigestlocally before re-fetching, reducing unnecessary network calls while ensuring accuracyforceUpgradeAllowed: false= publisher commits to not pulling the rugInteraction With Other Proposals
releasePolicyinteractsreleasePolicyis the forward-looking complement to #45's deprecation model. Together: #45 says "v1 is deprecated";releasePolicysays "v3 is coming in 90 days with these breaking changes"releaseNotes.dependencyChangessurfaces when a new version changes its downstream requirementspreviewversion may only be deployed in specific regions/environments —availableVersions[].urlcan point at the preview instancereleasePolicysyncs from canonical source — downstream registries get visibility into the publisher's release timelineDiscussion Questions
availableVersionsinclude all historical versions (full changelog) or only currently-accessible ones?status: "preview"entries be excluded from default search results (opt-in discovery)?impactAssessment(low/medium/high) too subjective? Should we define criteria, or leave it publisher-declared?deprecationPolicybe per-version or per-agent (i.e., does the publisher commit to the same policy for all versions)?