Execution Baseline
| Track | Value | State | Notes |
|---|---|---|---|
| Stable Release | v0.27.0 | Shipped | Released March 25, 2026. |
| Runtime Context Contract | tenant_id only | Shipped | Gateway auth and RLS context paths are aligned to tenant-only semantics. |
| Language Drivers | Rust, Zig | Shipped | Primary production driver surface. |
| Direct SDKs | TS, Swift, Kotlin | Shipped | Public direct SDK visibility is enabled. |
| Node.js Native Binding | Deferred | Deferred | Not in the active delivery scope while direct SDK tracks are prioritized. |
| Database Targets | PostgreSQL, Qdrant | Shipped | Native cache remains part of runtime internals. |
Milestone Ledger
| Milestone | State | Version | Exit Criteria |
|---|---|---|---|
| First-Class Relations | Shipped | v0.16.0 | Typed joins with relation-proof query path. |
| Multi-Tenant Isolation (RLS) | Shipped | v0.15.6 | Tenant context propagation with policy-safe execution path. |
| PostgreSQL Schema DDL | Shipped | v0.18.5 | Core objects, programmable objects, and policy constructs. |
| Database Introspection | Shipped | v0.18.5 | AST-native pull path from live PostgreSQL schema. |
| Migration Engine | Shipped | v0.15.9 | Diff classes, shadow flow, and safety gates. |
| Unified Driver Runtime | Shipped | v0.14.13 | PostgreSQL + Qdrant + cache under one runtime contract. |
| CLI Toolchain | Shipped | v0.15.7 | init, pull, diff, migrate, typed codegen. |
| Schema-as-Proof | Shipped | v0.16.0 | Compile-time proof path for columns, joins, filters, and RLS witness. |
| Native Versioning | Planned | - | Branch-like data workflow semantics at application layer. |
| Infrastructure-Aware Compiler | Planned | - | Compile/build validation against declared infra resources. |
Current Hardening Workstream
| Work Item | State | Target | Expected Outcome |
|---|---|---|---|
| Tenant-only runtime semantics | Shipped | v0.26.0 | Gateway auth and RLS runtime context aligned to tenant_id. |
| Schema-as-Proof foundation | Shipped | v0.16.0+ | Typed columns, relation graph proofs, and proof witness execution hooks. |
| Semantic analyzer default path | Active | Current cycle | Default diagnostics for N+1 and correctness violations. |
| Wire-protocol hardening | Active | Current cycle | Panic-path removal and stronger decode/IO safety in hot runtime paths. |
| QAIL IR validator path (syn removed) | Shipped | v0.26.0+ | Semantic scanner/IR path is active for diagnostics; no runtime analyzer dependency on syn. |
| Migration safety defaults | Shipped | v0.25.1+ | Destructive-change controls, lock-risk guards, receipt integrity checks, and strict post-apply verification are in the default path. |
| Enterprise PostgreSQL auth parity | Deferred | Deferred phase | SCM auth decode baseline shipped; true SCM auth, native SSPI provider, and full SCRAM channel-binding parity remain pending. |
Next Queue (Post-Hardening)
| Item | State | Dependency | Planned Deliverable |
|---|---|---|---|
| Native versioning flow | Planned | Hardening cycle exit | Branch identifiers with copy-on-write semantics. |
| Branch-oriented CLI commands | Planned | Native versioning primitives | Create, checkout, and merge-ready data branch workflows. |
| Compiler-time infrastructure checks | Planned | Infra declaration schema | Validation for bucket, queue, and topic declarations. |
| Build-time state verification | Planned | Provider adapters | Terraform/cloud state validation inside build gates. |
Scope Boundaries
| Surface | Current State | Decision | Boundary |
|---|---|---|---|
| Language Drivers | Rust, Zig | Shipped | Primary supported production drivers. |
| Direct SDKs | TypeScript, Swift, Kotlin | Shipped | Supported SDK track for application integration. |
| Node.js Native Binding | Deferred | Deferred | Out of active scope until direct SDK priorities are complete. |
| Data Targets | PostgreSQL, Qdrant | Shipped | Current supported query/runtime targets. |
| Runtime Contract | Tenant-first | Active | Hardening and diagnostic improvements continue under tenant-only semantics. |
This page is a technical planning artifact, not a release promise. Ordering can change if security, correctness, or protocol compatibility work becomes higher priority.