v0.1.22

kars v0.1.22

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.22
ghcr.io/azure/kars-inference-router:v0.1.22
ghcr.io/azure/kars-a2a-gateway:v0.1.22
ghcr.io/azure/kars-conformance-runner:v0.1.22
ghcr.io/azure/kars-sandbox-base:v0.1.22
ghcr.io/azure/openclaw-sandbox:v0.1.22

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.22
ghcr.io/azure/kars-runtime-hermes:v0.1.22
ghcr.io/azure/kars-runtime-maf-python:v0.1.22
ghcr.io/azure/kars-runtime-anthropic:v0.1.22
ghcr.io/azure/kars-runtime-openai-agents:v0.1.22
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.22

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.22
ghcr.io/azure/kars-agentmesh-registry:v0.1.22

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(memory): send MCP Accept header from runtime thin clients (fixes memory end-to-end) by @pallakatos in #475

Full Changelog: v0.1.21...v0.1.22

v0.1.21

kars v0.1.21

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.21
ghcr.io/azure/kars-inference-router:v0.1.21
ghcr.io/azure/kars-a2a-gateway:v0.1.21
ghcr.io/azure/kars-conformance-runner:v0.1.21
ghcr.io/azure/kars-sandbox-base:v0.1.21
ghcr.io/azure/openclaw-sandbox:v0.1.21

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.21
ghcr.io/azure/kars-runtime-hermes:v0.1.21
ghcr.io/azure/kars-runtime-maf-python:v0.1.21
ghcr.io/azure/kars-runtime-anthropic:v0.1.21
ghcr.io/azure/kars-runtime-openai-agents:v0.1.21
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.21

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.21
ghcr.io/azure/kars-agentmesh-registry:v0.1.21

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• docs: launch rebuild — public-facing README, quickstart, site IA + untrack docs/internal by @pallakatos in #468
• fix(upgrade): repair the kars upgrade flow (rollback, value preservation, health gating, version detection) by @pallakatos in #473

Full Changelog: v0.1.20...v0.1.21

v0.1.20

kars v0.1.20

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.20
ghcr.io/azure/kars-inference-router:v0.1.20
ghcr.io/azure/kars-a2a-gateway:v0.1.20
ghcr.io/azure/kars-conformance-runner:v0.1.20
ghcr.io/azure/kars-sandbox-base:v0.1.20
ghcr.io/azure/openclaw-sandbox:v0.1.20

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.20
ghcr.io/azure/kars-runtime-hermes:v0.1.20
ghcr.io/azure/kars-runtime-maf-python:v0.1.20
ghcr.io/azure/kars-runtime-anthropic:v0.1.20
ghcr.io/azure/kars-runtime-openai-agents:v0.1.20
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.20

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.20
ghcr.io/azure/kars-agentmesh-registry:v0.1.20

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(memory): use underscore scope convention everywhere (fix v0.1.19 CEL regression) by @pallakatos in #469

Full Changelog: v0.1.19...v0.1.20

v0.1.19

kars v0.1.19

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.19
ghcr.io/azure/kars-inference-router:v0.1.19
ghcr.io/azure/kars-a2a-gateway:v0.1.19
ghcr.io/azure/kars-conformance-runner:v0.1.19
ghcr.io/azure/kars-sandbox-base:v0.1.19
ghcr.io/azure/openclaw-sandbox:v0.1.19

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.19
ghcr.io/azure/kars-runtime-hermes:v0.1.19
ghcr.io/azure/kars-runtime-maf-python:v0.1.19
ghcr.io/azure/kars-runtime-anthropic:v0.1.19
ghcr.io/azure/kars-runtime-openai-agents:v0.1.19
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.19

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.19
ghcr.io/azure/kars-agentmesh-registry:v0.1.19

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(dev): stream docker save without buffering in kind image load by @pallakatos in #464
• fix(dev): load local-dev image names (:dev) into kind, not ACR :latest by @pallakatos in #465
• fix(memory): consolidate Foundry Memory Store on the router; heal RBAC on upgrade by @pallakatos in #467

Full Changelog: v0.1.18...v0.1.19

v0.1.18

kars v0.1.18

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.18
ghcr.io/azure/kars-inference-router:v0.1.18
ghcr.io/azure/kars-a2a-gateway:v0.1.18
ghcr.io/azure/kars-conformance-runner:v0.1.18
ghcr.io/azure/kars-sandbox-base:v0.1.18
ghcr.io/azure/openclaw-sandbox:v0.1.18

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.18
ghcr.io/azure/kars-runtime-hermes:v0.1.18
ghcr.io/azure/kars-runtime-maf-python:v0.1.18
ghcr.io/azure/kars-runtime-anthropic:v0.1.18
ghcr.io/azure/kars-runtime-openai-agents:v0.1.18
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.18

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.18
ghcr.io/azure/kars-agentmesh-registry:v0.1.18

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(controller): bound CRD watch timeout to stop reflector staleness on AKS (#451) by @pallakatos in #456

Full Changelog: v0.1.17...v0.1.18

v0.1.17

kars v0.1.17

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.17
ghcr.io/azure/kars-inference-router:v0.1.17
ghcr.io/azure/kars-a2a-gateway:v0.1.17
ghcr.io/azure/kars-conformance-runner:v0.1.17
ghcr.io/azure/kars-sandbox-base:v0.1.17
ghcr.io/azure/openclaw-sandbox:v0.1.17

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.17
ghcr.io/azure/kars-runtime-hermes:v0.1.17
ghcr.io/azure/kars-runtime-maf-python:v0.1.17
ghcr.io/azure/kars-runtime-anthropic:v0.1.17
ghcr.io/azure/kars-runtime-openai-agents:v0.1.17
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.17

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.17
ghcr.io/azure/kars-agentmesh-registry:v0.1.17

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• feat(up): Foundry auto-setup, best-model selection, memory CRD parity + fix kars up hang by @pallakatos in #454
• feat(upgrade): failsafe kars upgrade for existing clusters by @pallakatos in #455

Full Changelog: v0.1.16...v0.1.17

v0.1.16

kars v0.1.16

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.16
ghcr.io/azure/kars-inference-router:v0.1.16
ghcr.io/azure/kars-a2a-gateway:v0.1.16
ghcr.io/azure/kars-conformance-runner:v0.1.16
ghcr.io/azure/kars-sandbox-base:v0.1.16
ghcr.io/azure/openclaw-sandbox:v0.1.16

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.16
ghcr.io/azure/kars-runtime-hermes:v0.1.16
ghcr.io/azure/kars-runtime-maf-python:v0.1.16
ghcr.io/azure/kars-runtime-anthropic:v0.1.16
ghcr.io/azure/kars-runtime-openai-agents:v0.1.16
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.16

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.16
ghcr.io/azure/kars-agentmesh-registry:v0.1.16

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(ootb): onboarding hardening + keyless web search (v0.1.16) by @pallakatos in #453

Full Changelog: v0.1.15...v0.1.16

v0.1.15

kars v0.1.15

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.15
ghcr.io/azure/kars-inference-router:v0.1.15
ghcr.io/azure/kars-a2a-gateway:v0.1.15
ghcr.io/azure/kars-conformance-runner:v0.1.15
ghcr.io/azure/kars-sandbox-base:v0.1.15
ghcr.io/azure/openclaw-sandbox:v0.1.15

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.15
ghcr.io/azure/kars-runtime-hermes:v0.1.15
ghcr.io/azure/kars-runtime-maf-python:v0.1.15
ghcr.io/azure/kars-runtime-anthropic:v0.1.15
ghcr.io/azure/kars-runtime-openai-agents:v0.1.15
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.15

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.15
ghcr.io/azure/kars-agentmesh-registry:v0.1.15

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(up): idempotent AKS RBAC role assignments + Docker not required for --release (v0.1.15) by @pallakatos in #452

Full Changelog: v0.1.14...v0.1.15

v0.1.14

kars v0.1.14

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.14
ghcr.io/azure/kars-inference-router:v0.1.14
ghcr.io/azure/kars-a2a-gateway:v0.1.14
ghcr.io/azure/kars-conformance-runner:v0.1.14
ghcr.io/azure/kars-sandbox-base:v0.1.14
ghcr.io/azure/openclaw-sandbox:v0.1.14

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.14
ghcr.io/azure/kars-runtime-hermes:v0.1.14
ghcr.io/azure/kars-runtime-maf-python:v0.1.14
ghcr.io/azure/kars-runtime-anthropic:v0.1.14
ghcr.io/azure/kars-runtime-openai-agents:v0.1.14
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.14

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.14
ghcr.io/azure/kars-agentmesh-registry:v0.1.14

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(router): hot-reload ConfigMap edits (follow symlinks) + kars connect wait-for-ready (v0.1.14) by @pallakatos in #450

Full Changelog: v0.1.13...v0.1.14

v0.1.13

kars v0.1.13

Pre-built, cosign-signed artefacts — run kars with no compile,
no AGT clone:

# install the CLI from npm (SLSA build-provenance attested)
npm i -g @kars-runtime/cli
# …or the one-line installer:
# curl -fsSL https://raw.githubusercontent.com/Azure/kars/main/install.sh | bash
kars dev --release

Every container image is cosign keyless-signed (verifiable in the
Sigstore Rekor transparency log), ships an SPDX SBOM, and carries
a GitHub build-provenance (SLSA) attestation; the npm CLI is
provenance-attested too (npm audit signatures).

The downloadable release assets are signed. SHA256SUMS lists
every asset's hash, and is cosign keyless-signed
(SHA256SUMS.cosign.bundle) + build-provenance attested:

# integrity
sha256sum -c SHA256SUMS
# cosign signature of the manifest
cosign verify-blob --bundle SHA256SUMS.cosign.bundle \
  --certificate-identity-regexp '^https://github.com/Azure/kars/' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com SHA256SUMS
# SLSA provenance of the manifest
gh attestation verify SHA256SUMS --repo Azure/kars

These images bundle a kars build of the AGT mesh SDK pending
upstream microsoft/agent-governance-toolkit#3128.

Publishing to crates.io / MCR is in progress (see
docs/PUBLISHING.md) — the signed
GHCR images + npm CLI here are usable today.

Container images (PUBLIC GHCR)

Multi-arch linux/amd64,linux/arm64 — runs natively on Apple Silicon:

ghcr.io/azure/kars-controller:v0.1.13
ghcr.io/azure/kars-inference-router:v0.1.13
ghcr.io/azure/kars-a2a-gateway:v0.1.13
ghcr.io/azure/kars-conformance-runner:v0.1.13
ghcr.io/azure/kars-sandbox-base:v0.1.13
ghcr.io/azure/openclaw-sandbox:v0.1.13

Runtime adapter images (PUBLIC GHCR, amd64)

For kars add --runtime <name>. Each bundles the upstream AGT
governance wheels + kars-agt-mesh (kars's spec-compliant Python
MeshClient):

ghcr.io/azure/kars-runtime-langgraph:v0.1.13
ghcr.io/azure/kars-runtime-hermes:v0.1.13
ghcr.io/azure/kars-runtime-maf-python:v0.1.13
ghcr.io/azure/kars-runtime-anthropic:v0.1.13
ghcr.io/azure/kars-runtime-openai-agents:v0.1.13
ghcr.io/azure/kars-runtime-pydantic-ai:v0.1.13

AGT mesh images (PUBLIC GHCR, multi-arch)

The relay + registry that kars dev/up run for the mesh:

ghcr.io/azure/kars-agentmesh-relay:v0.1.13
ghcr.io/azure/kars-agentmesh-registry:v0.1.13

All signed with cosign keyless (verify via Sigstore Rekor). SBOMs
attached below.

What's Changed

• fix(distroless): router self-probe sweep + prompt-shields default + kind staleness + e2e gate (v0.1.13) by @pallakatos in #449

Full Changelog: v0.1.12...v0.1.13