v2.0.0

Breaking Changes

Project Rename

• Package: @cdot65/daystrom → @cdot65/prisma-airs-cli
• CLI binary: daystrom → airs
• Data directory: ~/.daystrom/ → ~/.prisma-airs/
• Docker image: cdot65/daystrom → cdot65/prisma-airs-cli

Migration

Move your existing data directory:

mv ~/.daystrom ~/.prisma-airs

Update install:

npm uninstall -g @cdot65/daystrom
npm install -g @cdot65/prisma-airs-cli

All commands now use airs instead of daystrom:

airs runtime scan --profile my-profile "test prompt"
airs runtime topics generate
airs redteam targets list
airs model-security groups list

Other Changes

Documentation Restructuring

• All 5 capabilities (Runtime Security, Guardrail Generation, AI Red Teaming, Model Security, Profile Audits) now have equal weight in the docs nav
• Deep-dive pages (Core Loop, Memory System) moved to Architecture section
• Reference pages (Metrics, Topic Constraints, Resumable Runs) moved to Reference section
• Examples section renamed to Guides

v1.15.0

CLI Restructuring

Guardrail generation and audit commands are now nested under runtime:

New path	Old (deprecated)
daystrom runtime topics generate	daystrom generate
daystrom runtime topics resume	daystrom resume
daystrom runtime topics report	daystrom report
daystrom runtime topics runs	daystrom list
daystrom runtime profiles audit	daystrom audit

Top-level aliases still work with deprecation warnings.

v1.14.2

What's Changed

Fixes

• Remove non-existent profiles get and topics get from CLI documentation (SDK has no get method)
• Update architecture overview with runtime config management commands
• Add Runtime Security feature card to docs homepage

Docs

• Improve README UX: prominent docs link callout, scan logs in command table
• Fix all CLI reference docs to match actual source code implementation

Full Changelog: v1.14.1...v1.14.2

v1.14.1

What's Changed

Features

• Runtime security config CRUD — full CLI coverage for AIRS management resources:
  • daystrom runtime profiles — security profile CRUD
  • daystrom runtime topics — custom topic CRUD
  • daystrom runtime api-keys — API key CRUD + regeneration
  • daystrom runtime customer-apps — customer app CRUD
  • daystrom runtime deployment-profiles — deployment profile listing
  • daystrom runtime dlp-profiles — DLP profile listing
  • daystrom runtime scan-logs — scan log querying
• Two-phase generation with domain-specific companion allow topic
• --set-profile-allow flag for guardrail default action

Fixes

• Correct field mappings for deployment profiles (dp_name), DLP profiles (uuid), and scan logs (scan_result_for_dashboard)
• Replace --config with inline --interval/--unit flags for api-keys regenerate
• Include topic revision in profile + domain-specific companion + guardrailAction
• save-tests falls back to last iteration when bestIteration is 0
• Scan logs unit must be hours (plural) — updated CLI help text

Docs

• Slimmed README to bare minimum with redirect to GitHub Pages
• Added all runtime config CRUD subcommands to CLI reference
• Added configuration management section to runtime security feature doc
• Added v1.14.0/v1.14.1 release notes

v1.14.0

Highlights

Fixed 0% TNR on block-intent custom topic guardrails — the root cause was that assignTopicsToProfile() omitted the revision field in profile topic-list entries. AIRS pins topic content to the specified revision, defaulting to revision 0 (original creation content) when omitted. Coverage went from permanent 0% to ~46% on block-intent topics.

Features

• Domain-specific companion allow topics (#156, #158) — block-intent generation now creates an allow topic sharing vocabulary with the block topic (e.g., "Legal Tax Planning" for "Tax Evasion"), enabling AIRS to distinguish benign from malicious content
• guardrailAction architecture (#157, #158) — block-intent uses guardrailAction='allow' (default allow, block topics carve out violations); allow-intent uses guardrailAction='block'
• --save-tests flag (#147) — export best iteration test cases to CSV
• --set-profile-allow flag (#157) — experimental flag (later removed in #158 as the correct architecture was identified)

Fixes

• Include topic revision in profile updates (#158) — fetch current revision via listTopics() and include in topic-list entries; re-assign profile after every updateTopic() on iter 2+
• prompt_detected.topic_violation as sole detection signal (#150) — more reliable than action field
• save-tests falls back to last iteration when bestIteration is 0 (#152)
• Bypass SDK JSON.parse for CSV template download (#144)

Breaking Changes

• Removed --set-profile-allow CLI flag and setProfileAllow from UserInput type
• Block-intent runs now always set guardrailAction='allow' on profiles

v1.12.2

Bug Fixes

• fix: decay poll retry level per-sweep not per-batch (#139) — Retry level was decaying per-batch-success within a sweep, causing it to oscillate 0↔1 forever with many scan IDs. Now only decays after a full successful sweep.

Documentation

• docs: fix review findings (#140) — Add resume-poll to runtime subcommands listing in CLAUDE.md; fix AIRS constraint units from "chars" to "bytes (UTF-8)".

v1.12.1

Bug Fix

• fix: poll retry decays instead of resetting, sweep all pending per cycle — Retry level now decays by 1 on success instead of resetting to 0. Previously, sustained rate limits caused an infinite loop of "retry 1 in 10s" messages that never escalated. All pending scan IDs are now queried per sweep cycle (batched in 5s) with inter-batch delays that scale with rate limit pressure. (#133, #134)

Stats

• 495 tests passing
• 4/4 CI checks green

v1.12.0

What's New

Bug Fixes

• fix: retry pollResults on rate limit with exponential backoff — Polling no longer crashes on AIRS rate limit errors. Retries with exponential backoff (10s base, up to 5 retries) and shows retry messages in terminal. (#129, #130)

New Features

• feat: add session_id to bulk-scan — All prompts in a bulk-scan share a session ID for grouping in the AIRS Sessions UI dashboard. Auto-generated per run or set via --session-id <id>. (#131, #132)

Stats

• 494 tests passing
• 4/4 CI checks green (lint, typecheck, test, docs-build)

v1.11.1

Bug Fix

• fix: retry pollResults on rate limit with exponential backoff — pollResults() no longer crashes on AIRS rate limit errors. Retries automatically with exponential backoff (10s, 20s, 40s, 80s, 160s) and shows retry messages in the terminal. Non-rate-limit errors still throw immediately. (#129, #130)

Stats

• 492 tests passing
• 4/4 CI checks green

v1.11.0

What's New

Bug Fix

• fix: parse CSV prompt column in runtime bulk-scan — bulk-scan was sending entire CSV rows as prompts. Now detects .csv files, parses them with RFC 4180 quoting, and extracts the prompt column by header. .txt/extensionless files retain line-per-prompt behavior. (#125, #126)

New Feature

• feat: persist bulk-scan IDs and add resume-poll command — Scan IDs are saved to ~/.daystrom/bulk-scans/ before polling, surviving rate limit crashes. New daystrom runtime resume-poll <stateFile> resumes polling from saved state. (#127, #128)

Stats

• 487 tests passing
• 4/4 CI checks green (lint, typecheck, test, docs-build)