Aira

Releases

Versioned releases of the Aira platform — API, dashboard, SDKs, and self-hosted images.

All Aira components share a single version number. When we release, the API, dashboard, Python SDK, TypeScript SDK, and Docker images all get the same tag.

Install / upgrade:

pip install aira-sdk==3.5.1        # Python
npm install aira-sdk@3.5.1         # TypeScript
./upgrade.sh v3.5.1                # Self-hosted

v3.5.1 — June 5, 2026

Highlights

  • One-command self-hosted installercurl -sSL https://get.airaproof.com/install.sh | bash. Auto-generates secrets, configures HTTPS via Traefik, creates admin account.
  • Notifications — mark-as-read on notification click, full notifications page, mark all as read. Badge shows unread count.
  • Interactive API docs — Swagger UI and ReDoc enabled at /docs and /redoc on all deployments.
  • 9 new API reference pages — settlements, drift, models, SSO, reputation, notifications, credentials, API keys, approvers. All 127+ endpoints now documented.

API

  • POST /notifications/mark-read — mark specific notifications as read (JWT auth)
  • POST /notifications/mark-all-read — mark all pending as read (JWT auth)
  • GET /notifications/pending — now returns id, notification_key, read, unread_count
  • OpenAI SDK upgraded to v2.x (backward-compatible — no API changes)
  • Swagger UI (/docs) and ReDoc (/redoc) now available in production

Dashboard

  • Notifications page at /dashboard/notifications — table view with mark read
  • Notification bell shows unread count, click marks as read and navigates
  • Chat model selector: fixed empty dropdown during model loading
  • Models preferences: "No key" indicator, enable/disable all, max 3 for consensus
  • Cases creation: max 3 models enforced in UI
  • Login/register pages: social login buttons hidden in self-hosted mode

SDKs

  • Python (pip install aira-sdk==3.5.1): Fix sanitize_file() crash (was using non-existent self._session). Pin framework integration upper bounds. PyPI
  • TypeScript (npm install aira-sdk@3.5.1): Upgrade vitest 4.x, TypeScript 5.9, Node engine >=22. npm

Infrastructure

  • Zero-downtime deploys — all services use docker-rollout. New containers start and pass health checks before old ones are removed. No request is dropped.
  • PostgreSQL 16 → 17
  • Python 3.12 → 3.13
  • Node.js 20 → 22
  • OpenAI SDK 1.x → 2.x
  • All framework integration deps pinned with upper bounds
  • /metrics requires admin key (was open when key not set)
  • Admin endpoints return 404 instead of 403 on auth failure

Self-Hosted

  • One-command installer with auto-TLS, admin account creation, and version pinning
  • Zero-downtime upgrades./upgrade.sh uses docker-rollout for API and frontend
  • Single-domain architecture — Traefik routes /api/v1/* to backend, /api/auth/* to frontend, /* to frontend
  • Frontend uses relative URLs — no build-time API URL baking needed
  • upgrade.sh accepts version arg: ./upgrade.sh v3.5.1
  • backup.sh with 14-backup rotation
  • Social login buttons hidden by default (enable via env vars)
  • Server specs: 8 GB RAM / 4 vCPU minimum, 16 GB / 8 vCPU recommended

Docs

  • 35 API reference pages (was 26) — every endpoint documented
  • Self-hosted guide rewritten for one-command installer
  • API reference index: complete endpoint overview table
  • Interactive docs links: Swagger, ReDoc, OpenAPI spec

v3.5.0 — June 4, 2026

SDKs

  • 15 new methods each on Python Aira / AsyncAira and TypeScript Aira: sanitize, webhooks, usage, models, policy lifecycle
  • Gateway config helpers: gateway_openai_kwargs() / gatewayOpenAIConfig()
  • Python changelog · TypeScript changelog

v3.1.0 — April 14, 2026

DORA Compliance

  • Full EU Digital Operational Resilience Act support (Articles 17–19, 24–27, 28–44)
  • 12 new SDK methods: incidents, third-party register, resilience tests
  • Signed major-incident PDF reports
  • Dashboard: incident management, third-party register, test log
  • DORA guide · API reference

Earlier Releases

The platform shipped its foundational features before formal versioning:

  • EU AI Act — Article 12 logging, Article 9 risk categories, Article 6 right-to-explanation, Annex IV technical documentation
  • Cryptographic receipts — Ed25519 signatures, RFC 3161 timestamps, Merkle settlements
  • Multi-model consensus — parallel execution, structured output, disagreement scoring, human review
  • Agent governance — DID identity, drift detection, reputation, verifiable credentials, agent estate
  • Content scanning — PII/PHI detection, DICOM de-identification, tokenization
  • Evidence & compliance — sealed evidence packages, compliance bundles, time-travel queries
  • Gateway — transparent LLM proxy with policy enforcement
  • Escrow — liability ledger for high-stakes operations

See the changelog for detailed entries.

What is Aira?

The authorization and audit layer for AI agents. Every action intercepted before it runs, evaluated against policy, and cryptographically sealed after — with a public verification URL any regulator can hit.

Changelog

Notable changes across the Aira platform — backend, dashboard, SDKs, and docs. Reverse chronological. SDK releases are versioned and linked to PyPI / npm.

On this page

v3.5.1 — June 5, 2026HighlightsAPIDashboardSDKsInfrastructureSelf-HostedDocsv3.5.0 — June 4, 2026SDKsv3.1.0 — April 14, 2026DORA ComplianceEarlier Releases