Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
c4b0855
docs: reshape onboarding tutorials
jeremi Jun 28, 2026
fdd1531
docs: add "Records stay home" explanation pilot page
claude Jun 28, 2026
077dcb0
docs(records-stay-home): fix archive links and tighten security claims
claude Jun 28, 2026
578cf68
docs: add Stage-1 Trust & Security explanation set; refresh the Relay…
claude Jun 29, 2026
98867c9
docs: correct trust/credential claims against the implementation
claude Jun 29, 2026
1f6e72b
docs: converge disclosure, revocation, and anonymous-surface accuracy
claude Jun 29, 2026
fd06aa9
docs: refine credential-status, delegated-attestation, and disclosure…
claude Jun 29, 2026
5e51ab0
docs: qualify absolute limitation claims that are conditional in the …
claude Jun 29, 2026
1ecd22f
docs: snapshot-cache + exists-not_available caveats; align threat mod…
claude Jun 29, 2026
a7869fa
Merge main into onboarding tutorial branch
jeremi Jul 1, 2026
b714bb0
Merge branch 'pr-174' into docs/makeover
jeremi Jul 2, 2026
6b61b79
docs: honest standalone-Notary framing, platform fallback, DHIS2 tuto…
jeremi Jul 2, 2026
79519b6
docs: apply style guide mechanics to trust and security pages
jeremi Jul 2, 2026
3d2a1b1
docs: link Notary audit scopes gap to tracking issue #178
jeremi Jul 2, 2026
eee526c
docs: record that Notary audit now captures exercised scopes
jeremi Jul 2, 2026
8d900aa
docs: build the Security section
jeremi Jul 2, 2026
11b29dd
docs: split see-it-live into Quickstart and credential tour
jeremi Jul 2, 2026
074b7f8
docs: rework homepage into fast path, two products, security strip
jeremi Jul 2, 2026
56eef75
docs: restructure navigation to the target information architecture
jeremi Jul 2, 2026
1f802e5
Merge remote-tracking branch 'origin/main' into docs/makeover
jeremi Jul 2, 2026
64402c7
docs: address reader-persona review findings
jeremi Jul 2, 2026
f5d1b64
Merge branch 'main' into docs/makeover
jeremi Jul 2, 2026
4103702
docs(relay): replace frozen pre-monorepo doc links with relative paths
jeremi Jul 2, 2026
20757d0
docs(notary,manifest): point doc links and SDK coordinates at the mon…
jeremi Jul 2, 2026
930c6f3
docs: publish linked adopter-facing product docs on the site
jeremi Jul 2, 2026
c69762f
docs(notary): replace em dashes with house punctuation
jeremi Jul 2, 2026
7788ee7
fix(docs): close four style-tooling gaps
jeremi Jul 2, 2026
a5c1504
docs(manifest): drop stale warning issue links
jeremi Jul 2, 2026
6a26e06
docs: catch stale config terms in generated pages
jeremi Jul 2, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions crates/registry-relay/docs/configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ Keep standard-facing meaning in the manifest: catalog, datasets, entities,
fields, constraints, vocabularies, codelists, profiles, conformance claims, and
descriptive ODRL policy metadata.

See [metadata.md](https://github.com/jeremi/registry-relay/blob/3938fdf3930e134d6dca97360baf64ac3a16bed2/docs/metadata.md) for the manifest schema, static publication, and
See [metadata.md](metadata.md) for the manifest schema, static publication, and
the `metadata.manifest.*` / `runtime.binding.*` startup error codes.

ODRL policy belongs in the portable metadata manifest, not in runtime dataset
Expand Down Expand Up @@ -499,7 +499,7 @@ Token verification failures map to specific `auth.*` codes so audit pipelines ca
| `auth.invalid_credential` | 401 | JWT decode failure not covered by a more specific variant |
| `auth.jwks_unavailable` | 503 | JWKS fetch failed; Registry Relay cannot verify any token |

For a worked example of running Registry Relay against a local OIDC provider (using the project's dev Zitadel stack), see [development.md](https://github.com/jeremi/registry-relay/blob/3938fdf3930e134d6dca97360baf64ac3a16bed2/docs/development.md).
For a worked example of running Registry Relay against a local OIDC provider (using the project's dev Zitadel stack), see [development.md](development.md).

## Audit

Expand Down Expand Up @@ -977,7 +977,7 @@ publicschema:
| `schema_url` | `https://publicschema.org/schemas/{target}.schema.json` | `credentialSchema.id` in the issued VC |
| `credential_type` | `{target}` | `type[1]` value in the issued VC |

See [provenance.md](https://github.com/jeremi/registry-relay/blob/3938fdf3930e134d6dca97360baf64ac3a16bed2/docs/provenance.md) for CEL context variables, issuance behavior, audit records, and the build and test commands for this feature.
See [provenance.md](provenance.md) for CEL context variables, issuance behavior, audit records, and the build and test commands for this feature.

## Aggregates

Expand Down Expand Up @@ -1058,7 +1058,7 @@ The `provenance` block is optional. When absent or `enabled: false`, the gateway

The key is named `provenance` for compatibility; it governs the response-credential issuer (DID, signing key, claim validity, and accepted media types). These credentials are W3C VCDM 2.0 VC-JWT with a Registry Relay JSON-LD context; they are not W3C PROV-O.

See [provenance.md](https://github.com/jeremi/registry-relay/blob/3938fdf3930e134d6dca97360baf64ac3a16bed2/docs/provenance.md) for the full signer, DID, schema, context, and rotation contract.
See [provenance.md](provenance.md) for the full signer, DID, schema, context, and rotation contract.

## Production checklist

Expand Down
13 changes: 13 additions & 0 deletions crates/registryctl/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
`fingerprint.commitment` in YAML.
Generated configs reference fingerprint env vars only; local raw keys and matching
fingerprint values remain in `secrets/local.env`.
- The generated benefits sample now uses a richer three-sheet workbook
(`Households`, `Persons`, `Applications`) and a broader Bruno collection covering
discovery, row reads, relationship expansion, purpose-header failures, and aggregates.
- The generated Relay sample config now includes focused YAML comments that explain auth
fingerprints, source tables, public entities, relationships, filters, and aggregates.
- `registryctl init relay <dir>` no longer generates a duplicate split `relay/metadata.yaml`
manifest for the local sample; Relay derives standards metadata from `relay/config.yaml`
unless a project explicitly opts into split metadata.

### Fixed

- The generated Relay sample no longer binds `person.id` to the API-key principal id,
which made the Bruno "Read sample people" request return an empty result set.

## [0.1.0] - 2026-06-12

Expand Down
Loading
Loading