Changelog

All notable changes to the portfolio. Format loosely follows Keep a Changelog; the project itself is a Next.js site, not a library, so versions are semantic over feature batches rather than over public-API breaks.

[0.5.0] — 2026-04-30

Fixed — model-posture truth

**P0 / Task 1** — scripts/check-models.mjs regex extended to flag

bare Gemini 3.1 Pro / gemini-3.1-pro (superseded by Gemini 3 Pro preview, blog.google 2026-04-22) plus the retired o1-mini, o1-preview, o3-mini, o3-pro, o4-mini prefixes.

**P0 / Task 2** — scripts/check-projects.mjs re-run: 6 shipping

products green, VAJRA now-building, PyVerseAI absent.

**P0 / Task 3** — New scripts/check-registry.mjs. For every

endpoint declared in /agents-registry.json, verifies a corresponding Next.js route file exists. Wired into npm test.

**P1 / Task 4** — /llms-full.txt model-posture line refreshed:

date stamp 2026-04-29 → 2026-04-30; gemini-3.1-pro → gemini-3-pro-preview; new audio: gemini-3.1-flash-tts (eval-only) sub-line; new watch-list: deepseek-v4-pro, mistral-medium-3.5 (not in production routing) footnote.

**P1 / Task 5** — /writing 7-day freshness re-audit. The 2026-04-27

*32-Day Window* Medium piece remains index 0 (still ≤ 7 days) — no newer Medium / Substack entry has landed.

Added — new public surfaces

**F1** — /identity-posture page + /identity-posture.json machine

twin. Three-card declaration of the agent-identity stack: Okta NHI (GA 2026-04-30), W3C DID + Verifiable Credential, capability-lease envelope. Each card cites its primary source. Linked from the footer + the Okta-NHI section on /agentic-genai.

**F2** — /api/quote/schema.json v0.2. Adds optional

okta_nhi_token (Okta for AI Agents GA, 2026-04-30) and bedrock_invocation_arn (AWS Bedrock Managed Agents preview, 2026-04-28). Both log-only; not yet cryptographically verified. version + lastModified keys added to the schema body. Handler in app/api/quote/route.ts accepts and echoes the new fields and raises the rate limit from 30 → 60 / hr / IP. New tests/quote-schema.spec.ts.

**F3** — /uses adds an "Agent identity (3-layer)" section

(Okta NHI · DID · capability lease) and an AWS Bedrock Managed Agents row in Infrastructure. Updated: stamp moved to 2026-04-30.

**F4** — <MarketSignalCard /> reusable component (requires a

primarySourceUrl prop) + content/market-signals-2026-04-30.ts with 8 ≤ 7-day signals + new section on /agentic-genai. Auto-prune via scripts/check-market-signals.mjs (stale-after 14 days unless pinned).

Added — context cards on /agentic-genai

**P1 / Task 6** — Vendor-lock-in posture aside citing the

Microsoft–OpenAI partnership restructure (blogs.microsoft.com, 2026-04-27).

**P1 / Task 7** — Okta-for-AI-Agents GA section (Okta Showcase 2026,

2026-04-30) linking to /identity-posture + /identity-posture.json.

**P2 / Task 9** — Anthropic Claude for Creative Work (9 first-party

MCP connectors, 2026-04-28) advisory line appended to the existing CVE-2026-30623 MCP-STDIO posture section.

Added — context lines on /projects

**P2 / Task 8** — agent-airlock card now ships an Interop bullet

citing AWS Bedrock Managed Agents (Codex / GPT-5.5 limited preview, 2026-04-28). The interop data field is now actually rendered (was defined but unused).

**P2 / Task 10** — agent-audit-kit card description cites

OpenObserve Observability 3.0 + autonomous AI-SRE (2026-04-29) as a category-comparable runtime layer.

Changed — A2A discovery + truthful posture line

**P2 / Task 11** — `<link rel="alternate" type="application/json"

href="/agents-registry.json">` added to root layout so any A2A crawler discovers the manifest from any route.

/agents-registry.json request_schema_version: "0.2",

rate_limit.requests: 60, last_updated: 2026-04-30. New /identity-posture.json endpoint added.

lib/models.ts LATEST_GOOGLE gemini-3-1-pro →

gemini-3-pro-preview. New LATEST_GOOGLE_TTS and WATCH_LIST_MODELS exports.

app/layout.tsx keywords updated Gemini 3.1 Pro → Gemini 3 Pro.

Verification

npm test: 61/61 + 5 check scripts (projects, substack-canonical,

models, registry, market-signals) all green.

npx tsc --noEmit: clean.
npx next build --webpack: clean. New routes ship: /identity-posture

static (1d), /identity-posture.json static (1d), /api/quote/schema.json v0.2 static (1d).

Local production smoke test confirmed all surfaces.
Local Lighthouse desktop: Perf 100 / A11y 100 / BP 96 / SEO 100

(no regression vs. 0.4.0).

Sources

Microsoft, *The next phase of the Microsoft–OpenAI partnership*

(2026-04-27): https://blogs.microsoft.com/blog/2026/04/27/the-next-phase-of-the-microsoft-openai-partnership/

AWS, *Bedrock OpenAI Models (Codex) Managed Agents* (2026-04-28):

https://aws.amazon.com/about-aws/whats-new/2026/04/bedrock-openai-models-codex-managed-agents/

Anthropic, *Claude for Creative Work* (2026-04-28):

https://www.anthropic.com/news/claude-for-creative-work

Okta, *Showcase 2026 — Okta for AI Agents GA* (2026-04-30):

https://www.okta.com/newsroom/press-releases/showcase-2026/

DeepSeek V4-Pro / V4-Flash (2026-04-24):

https://api-docs.deepseek.com/news/news260424

Mistral Medium 3.5 (2026-04-29): https://releasebot.io/updates/mistral
OpenObserve Observability 3.0 + AI SRE (2026-04-29):

https://www.morningstar.com/news/business-wire/20260429034926/openobserve-introduces-ai-native-observability-platform-with-autonomous-ai-sre-agent-to-unify-infrastructure-application-and-llm-monitoring

Google, *Gemini 3 Pro preview* (2026-04-22):

https://blog.google/products/gemini/

[0.4.0] — 2026-04-29

Fixed — truth + canonical-URL hygiene

**Task 1** — Substack canonical-URL sweep + new

scripts/check-substack-canonical.mjs CI gate. Legacy sattyamjjain.substack.com host blocked from resurfacing in any app/, public/, content/, components/, or lib/ file. The newsletter canonical is https://theproductionagent.substack.com/.

**Task 2** — Frontier-model regression CI gate

(scripts/check-models.mjs). Bans Opus 4.6 / Sonnet 5 / Sonnet 4.7 / GPT-4o / bare GPT-5 / Claude 3.x / Haiku 3.x / Gemini 2.x outside the documented fallback context. Caught two real regressions on first run: bare "GPT-5" in app/layout.tsx keywords (now upgraded to GPT-5.5 / 5.5 Pro / Opus 4.7 / Sonnet 4.6 / Haiku 4.5 / Gemini 3.1 Pro), and an "Opus 4.6" doc-comment in lib/models.ts.

**Task 3** — Re-ran scripts/check-projects.mjs: 6 shipping

products green, VAJRA now-building, PyVerseAI absent.

**Task 4** — /llms-full.txt model-posture date roll-forward

2026-04-28 → 2026-04-29. Body line unchanged (no new vendor releases).

**Task 8** — X handle case canonicalised to lowercase

x.com/sattyamjjain across 11 surfaces (AGENTS.md ×2, /resume, /about, structured-data, profile.ts, footer, article-schema, portfolio-data, json-ld test).

Added — net-new agent-readable surfaces

**F1 / Task 6** — /api/quote/schema.json — public JSON Schema

(draft 2020-12) for the signed-capability-lease envelope. Buyer-agents validate locally before POSTing. References Anthropic Project Deal + Cisco Agentic Workforce Identity.

**F2** — /agents-registry.json — public A2A-protocol manifest.

Declares all outward-facing agent endpoints (/api/quote, /api/health, /api/badges/agent-audit-kit, /now.json, /now-physical-ai.json, /llms.txt, /llms-full.txt, /AGENTS.md) with per-endpoint method, rate limit, and capability-lease requirements.

**F3** — /uses Physical AI subsection bumped to fully-pinned:

JetPack 6.3 (L4T r36.4.x), ROS 2 Jazzy 0.13, NanoOWL @ 0.4.2, GR00T N1.7 (commit-pinned), Cosmos 3 sim assets v3.1.

**F4** — <CapabilityLeaseBadge /> reusable component. Mounted on

/agentic-genai agent-commerce section; ready for additional mounts on /projects agent-airlock card.

**F5** — /changelog route — auto-renders CHANGELOG.md with

per-section anchored URLs. Added to sitemap + sync-route-dates.

**Task 7** — NIST AI RMF Profile-for-Agents v1.0 framing on the

agent-audit-kit project card with (mapping in progress) honesty caveat — verify GA on nist.gov before flipping to "mapped".

LLM discovery

/llms.txt Optional section gains /agents-registry.json,

/api/quote/schema.json, and /changelog bullets.

Sitemap + sync-route-dates extended to include /changelog.

Deferred (per Open Issues)

Per-route dynamic OG via next/og — VAJRA / talks-2026 / changelog

still on static OG.

Wikidata Q-item still queued (sameAs[] gap).
/api/atlas-pings remains console-log stub; F2 quote widget POSTs

there for now.

Stanford AI Index 89% — still cited from secondary coverage; verify

against the official 2026 AI Index PDF before next reuse.

[0.3.0] — 2026-04-26

Fixed — truth corrections

**Task CC** — Replaced Claude Sonnet 5 → Claude Sonnet 4.6 site-wide.

Anthropic's GA Sonnet is 4.6 (platform.claude.com); yesterday's Task V landed Sonnet 5 copy from a leak/speculation source. lib/models.ts is now authoritative; tests/model-strings.spec.ts fails the build if Sonnet 5 ever creeps back. Updated: lib/models.ts, lib/schema/profile.ts, scripts/generate-llms-txt.ts, components/faq-schema.tsx, components/structured-data.tsx, app/page.tsx, app/projects/page.tsx, app/agentic-genai/page.tsx, app/agentic-genai/layout.tsx, data/portfolio-data.json.

**Task DD** — Re-purged PyVerseAI from /projects (regression of

2026-04-21 Task N). tests/projects-no-pyverseai.spec.ts blocks future regressions.

**Task EE** — /api/health route now declares

export const dynamic = "force-dynamic" so VERCEL_GIT_COMMIT_SHA reads at request time (it is NOT injected into the build env). .github/workflows/post-deploy-health-assert.yml polls the live endpoint after every push to main and opens a health-wire-regression labelled issue if commit returns "local". (Vercel system env vars)

**Task FF** — Replaced the stale generic-tooling knowsAbout[] in

components/structured-data.tsx (OpenAI GPT-4, Claude AI, Microservices Architecture, …) with the canonical 12-entry topic-authority array (AI agents, Multi-agent systems, Model Context Protocol (MCP), LLM orchestration, Agentic AI security, OWASP Agentic Top-10, Production GenAI platforms, AgentOps, Capability leases, LLM red-teaming, Python, TypeScript). lib/schema/profile.ts trimmed to match. tests/knowsabout-content.spec.ts enforces drift parity between the two schemas.

Added — market signals

**Task GG** — New "Where this work fits the 2026 frontier-security

stack" section on /agentic-genai with three Apr-2026 cards: Anthropic Mythos Preview / Project Glasswing (anthropic.com/glasswing), LangChain-ChatChat 0.3.1 RCE via MCP STDIO (thehackerwire.com), Claude Code v2.1.117 sandbox hardening (code.claude.com/docs/en/changelog). Posture aside added to /llms-full.txt model-posture blockquote noting Mythos is explicitly excluded from production posture. Gemini 3.1 Pro added as eval-only model in posture.

**Task HH (deferred)** — Today's OX-MCP-STDIO Medium piece is not yet

in the ingested feed (RSS hasn't propagated). Will land on the next ingest run; no manual entry needed.

Added — net-new product features

**Feature Q1** — /now page (Edge runtime, 15-min revalidate). Pulls

last 14 days of GitHub PushEvents across the 6 production repos (agent-airlock, agent-audit-kit, verdict, mnemo, ferrumdeck, aboutme), last 30 days of writing from content/external-writing.generated.ts, and calendar links. JSON twin at /now.json. Surfaced in /llms.txt ## Optional. (nownownow.com)

**Feature Q2** — /uses page (the uses.tech convention).

Daily revalidate. Sections: Editor + agent loop, Models in production rotation, Runtime, Infrastructure, Security tooling, Observability, Hardware. Each line cites primary source. Surfaced in /llms.txt.

**Feature Q3** — /api/badges/agent-audit-kit Shields.io-format JSON

endpoint. Pulls live rule count + version from content/products.generated.ts (PRODUCTS.agent_audit_kit). Embeddable in README / Substack / Medium via https://shields.io/endpoint?url=https%3A%2F%2Fwww.sattyamjjain.in%2Fapi%2Fbadges%2Fagent-audit-kit.

[anthropic-models]: https://platform.claude.com/docs/en/about-claude/models/overview [glasswing]: https://www.anthropic.com/glasswing [mcp-disclosure]: https://www.thehackerwire.com/p/the-mcp-disclosure-week [cc-changelog]: https://code.claude.com/docs/en/changelog [nownownow]: https://nownownow.com [usestech]: https://uses.tech

[0.2.0] — 2026-04-25

Added — frontier-model truth + topical authority + wrap-up

**lib/models.ts** — single source of truth for frontier-model

identifiers and the FRONTIER_POSTURE_LINE string. Bumps land here first; downstream consumers import. (OpenAI: GPT-5.5, Anthropic: models overview)

**Person.knowsAbout[]** — agent-security topical signals added

(AI agents, Agentic AI security, OWASP Agentic Top-10, Production GenAI platforms) and frontier model bumps (Sonnet 5, GPT-5.5). (knowsAbout authority signal)

**Per-route ProfilePage.dateModified** — scripts/sync-route-dates.ts

emits content/route-dates.generated.ts from git log -1 --format=%cI per route; ProfilePageSchema is now a client component reading usePathname(). Each canonical route emits its own @id and a real freshness timestamp. (schema.org/dateModified)

**Wikidata sameAs (staged)** — WIKIDATA_QID: string | null constant

+ buildSameAs() helper in lib/schema/profile.ts; auto-appends https://www.wikidata.org/wiki/<QID> to Person.sameAs[] when set. Submission steps + 4 citation URLs in docs/wikidata-evidence.md. (Wikidata as KG trigger)

**/api/health** — returns {commit (7-char), branch, deployedAt}

from Vercel system env vars (VERCEL_GIT_COMMIT_SHA, VERCEL_GIT_COMMIT_REF, VERCEL_DEPLOYMENT_CREATED_AT). Falls back to "local" when env is unset. (Vercel system env vars)

**/feed.xml April-2026 stop-gap** — 4 most recent Medium URLs

prepended to the hardcoded articles array; mirrored in content/writing.yml as future-proof source of truth pending the auto-ingest cron rewrite.

**Regression tests** — tests/llms-full-truth.spec.ts (asserts the

current frontier-model strings are present) and tests/json-ld-knowsabout.spec.ts (asserts knowsAbout[] shape + Wikidata wiring). Run via npm test (node:test, no new deps).

Changed — model-name sweep

Replaced Claude Sonnet 4.6 → Claude Sonnet 5 and GPT-5.2 /

GPT-5/GPT-5.2 → GPT-5.5 (and GPT-5.5 / GPT-5.5 Pro where the paired form was used) across: - scripts/generate-llms-txt.ts (model-posture blockquote in /llms-full.txt) - data/portfolio-data.json (RAG chatbot knowledge base — 5 chunks) - components/faq-schema.tsx (FAQ JSON-LD answer) - app/page.tsx (home featured-card tags + skills array) - app/projects/page.tsx (Agentify card tags) - app/agentic-genai/page.tsx (case-study tech-stack chips + cascading-router caption) - app/agentic-genai/layout.tsx (page metadata description)

Skipped (per direction)

**Atlas-traffic detector / /api/atlas-pings** — deferred until

Vercel KV is provisioned. In-memory storage would lose pings on cold start; not useful telemetry.

[0.1.5] — 2026-04-24

Added — ProfilePage schema + Next.js CVE pin + LLM discovery + capability-lease tagline

**lib/schema/profile.ts** + components/profile-page-schema.tsx —

Google-compliant ProfilePage JSON-LD with @id anchored at /about#person. Per-spec at developers.google.com/search/docs/appearance/structured-data/profile-page.

**Next.js 16.2.4 pin** — closes CVE-2026-23869 (RSC DoS) and

CVE-2026-29057 (http-proxy rewrite smuggling). New scripts/verify-next-cve.ts + .github/workflows/security.yml gate the patch floor in CI.

**LLM discovery <link> tags** — <link rel="llms">,

<link rel="alternate" type="text/llms-full+txt">, and a second sitemap link for /llms-sitemap.xml in root <head>. /accessibility added to /llms.txt Optional section.

**Capability-lease tagline** — appended `"builds signed capability

leases and agent-egress benches" to the / hero subtitle and rewrote the /agentic-genai` lede to lead with the signed-capability-lease primitive framing.

**/og** — noindex preview gallery of the 10 canonical OG cards.
**/api/health** — initial roster endpoint + nightly inbound-health

workflow that opens an inbound-404-labelled issue on any non-2xx/3xx.

Changed

/llms-full.txt header gained a model-posture blockquote noting

Anthropic's 2026-04-23 engineering postmortem and Opus 4.7 Auto Memory's opt-in / default-off status.

[0.1.4] — 2026-04-21

Added — honesty bugs + per-route OG + feed ingest + strict llms.txt

Per-route dynamic OG images (/, /about, /agentic-genai,

/projects, /experience, /resume, /writing) via next/og.

lib/og-card.tsx shared ImageResponse renderer.
scripts/ingest-feeds.ts — Medium + Substack RSS into

content/external-writing.generated.ts (no runtime deps).

scripts/sync-product-metrics.ts — live GitHub API → content/products.generated.ts.
scripts/check-links.ts — outbound URL HEAD/GET probe.
app/llms-sitemap.xml/route.ts — companion sitemap with lastmod

derived from git log -1 per route.

/writing "Latest" row pulling 6 most recent items from the

ingested feed.

/about photo + testimonials + Talks & Media sections.
/resume last-updated stamp + Talks/CFP sidebar.

Changed

/projects agent-audit-kit card now driven by live GitHub release

data (rule count, version, stars). Removed PyVerseAI from the featured grid.

/llms.txt rewritten to strict llmstxt.org v1 (H1 + blockquote +

Markdown link H2s with real canonical URLs).

app/sitemap.ts lastModified now per-route via git log.

[0.1.3] — 2026-04-20

Trust-bar reframe: "Trusted by" → "Where I've built".
Homepage testimonials expanded to 5 LinkedIn recommendations.
Comprehensive digital-presence audit fixes.

[gpt55]: https://openai.com/index/introducing-gpt-5-5/ [anthropic-models]: https://platform.claude.com/docs/en/about-claude/models/overview [knowsabout]: https://aubreyyung.com/knowsabout-schema/ [datemodified]: https://schema.org/dateModified [wikidata-kg]: https://blog.reputationx.com/wikidata [vercel-env]: https://vercel.com/docs/environment-variables/system-environment-variables