Announcements

Release notes and updates for the Codifide Programming Language.

v4.0 — May 2026

What v4.0 adds — the usability release

v4.0 closes the gap between research prototype and usable tool. Runtime type enforcement makes sig declarations trustworthy. A standard library covers file I/O, HTTP, JSON, and date arithmetic. 450 tests passing, 0 skipped.

Runtime type enforcement

sig declarations are now enforced at every call boundary. Passing a String where Int is declared raises TypeViolation. Any accepts all values. Number accepts both Int and Float.

# v4.0 — type mismatch caught at call boundary
def double
  intent "double an integer"
  sig    (n: Int) -> Int
  effects {}
  cand
    add(n, n)

# double("hello") → TypeViolation: parameter 'n' expects Int but got String

New TypeViolation error · 20 new tests · best-effort (untagged values pass)

File I/O and HTTP

io.read, io.write, io.exists for filesystem access. http.get, http.post for HTTPS requests. Path traversal defense built in. HTTPS-only enforcement.

def fetch_and_save
  intent "fetch a URL and save to disk"
  sig    (url: String, path: String) -> Unit
  effects {http.fetch, io.write}
  cand
    body <- http.get(url)
    io.write(path, body)

{io.read} · {io.write} · {http.fetch} · 30s timeout · 16 MiB limit

JSON and date arithmetic

json.parse and json.encode are pure — no effect declaration needed. clock.today, clock.parse, clock.add_days, clock.format for date work.

def days_until
  intent "days from today until a target date"
  sig    (target: String) -> Int
  effects {clock.read}
  cand
    today_ts <- clock.parse(clock.today())
    target_ts <- clock.parse(target)
    div(sub(target_ts, today_ts), 86400)

json.parse · json.encode · clock.today · clock.parse · clock.add_days · clock.format

V4-4 deferred — network-safe server

Bearer token auth and TLS for the RPC server were scoped for v4.0 but deferred. The public registry (V4-3) must demonstrate multi-machine use cases before the security investment in network exposure is justified. The server remains local-only for now.

Full changelog → Browse the registry → Agent quickref

v3.0 — May 2026

What v3.0 adds

Three requirements shipped. Refusal reasons make bottom diagnosable. Remote symbol resolution makes content-addressed composition work across machines. Parallel import support closes the last known gap in the parallel evaluator. 383 tests passing, 0 skipped.

Refusal reasons — `bottom "reason"`

bottom now accepts an optional string payload. The reason propagates through RefusalError for diagnostics. Bare bottom is unchanged — existing hashes are not invalidated.

# v3.0 — reason propagates through RefusalError
believe result
  ge(conf(result), 0.85) => result
  else                   => bottom "confidence below threshold"

AST · runtime · canonical form · Rust · 24 new tests

Remote symbol resolution

Push a symbol to a remote registry and resolve it from any machine. codifide serve --read-only enables public registry deployments.

python3 -m codifide store push sha256:1c01… \
  --registry https://registry.example.com

python3 -m codifide run pipeline.cod \
  --registry https://registry.example.com

RemoteStore · fetch-and-cache · hash-verified · --read-only flag

Parallel evaluator import support

Branch interpreters in the parallel evaluator previously ran with empty resolved_imports, making imported symbols unavailable inside parallel branches. Fixed — imported-symbol calls are now eligible for parallel evaluation.

# Imported symbols now work inside parallel branches
import classify_content = sha256:3770…

def main
  intent "classify in parallel"
  sig    () -> List
  effects {}
  cand
    list(
      classify_content("message one"),
      classify_content("message two")
    )

AUD-OVERNIGHT-02 closed · branch interpreters carry resolved imports

V3-4 deferred — no adoption evidence

Time-indexed types (T@timestamp) were on the v3.0 roadmap but deferred. No agent session produced evidence that the feature was needed. Adoption evidence outranks intuition — the feature stays on the roadmap until real usage justifies it.

Full changelog → Agent quickref

v2.0 — May 2026

What v2.0 adds, fixes, and enables

Every friction point that blocked agents from completing Program 5 — content-addressed composition — is now fixed. Four requirements, four weeks of adoption evidence, one governance review.

RPC API — Program 5 without the ceremony

Content-addressed composition previously required four CLI commands, an index ceremony, and a runtime flag. Now: start the server, POST canonical forms, import by the returned hashes. No index. No flag.

python3 -m codifide serve

# Publish a symbol
curl -X POST http://localhost:7777/symbols \
  -H 'Content-Type: application/cbor' \
  --data-binary @- < canonical.cbor

# Import by hash in your program
import classify_content = sha256:1c01b8b5…

POST /symbols · GET /symbols/{hash} · GET /symbols/{hash}/imports · idempotent writes · 36 tests · Sable-audited

Static bind-before-when detection

The most common footgun in Codifide — using a bound name in a when guard before the body runs — was a confusing runtime error. It is now a parse error with a one-line fix message.

# Before v2.0: runtime error "unknown callable: 'label'"
# After v2.0: parse error with fix hint
cand
  label <- moderate(message)
  when   eq(label, "unsafe")   # ← caught at parse time
  "blocked"

Python parser + Rust parser · 12 regression tests

from-import in the Rust runtime

from sha256:<hash> import name1, name2 previously required CODIFIDE_RUNTIME=python. That workaround is gone. Both runtimes support from-imports as of v2.0.

# Works in both Python and Rust runtimes
from sha256:a8b5f554… import classify_content,
                               moderate,
                               route_message

Rust parser + Rust interpreter · --store flag · 2 conformance tests

Capability manifest `docs` field

The machine-readable capability manifest now links to human-readable documentation. An agent fetching the manifest gets a pointer to the quickref, cookbook, and getting-started guide — no separate discovery step.

python3 -m codifide capability --hash
# sha256:42d73647ba8de29a7d219bf2218bad0a42dc2a11d7878cac12ee931be2a1a185

curl https://www.codifide.com/capability.json | jq .docs

New manifest hash · publicsite updated · docs/CAPABILITY.md schema updated

Validated by four external agent sessions

v2.0 requirements were driven by real adoption evidence — not speculation. Four models (GPT-4o, Gemini 2.5 Pro, Claude, GPT-5.4) ran the pipeline task spec and documented every failure. The friction points they hit became the v2.0 requirements. The B-Team governance review (GPT-5.4, live interpreter) closed the release.

4 external models tested

5/5 programs completed by all models

12 cookbook failure modes documented

341 tests passing

Full changelog → Agent cookbook