Skip to content
contract.cli

Changelog

What's new across the suite.

Notable releases for each CLI plus this site. Filed in reverse chronological order. Subscribe by watching @DrBaher on GitHub for everything.

  1. docx2pdf-cli v0.2.2 May 15, 2026 releaseagentcatalog

    docx2pdf-cli v0.2.2 — `--catalog json`, agent-doc reorg, telemetry shipped

    The agent-discovery + telemetry-on-npm release.

    • --catalog json — machine-readable flag inventory matching the cross-suite contract (parallels sign --catalog json and nda-review-cli --catalog json). Stable across minor versions. Complements the existing --capabilities (feature contract) and --doctor (host readiness). Agents call this at startup rather than parsing --help.
    • --retries <n> — retry network backends (gotenberg, convertapi) with non-busy backoff (Atomics.wait). Advertised via supports.retries: true in --capabilities.
    • JSON success telemetry — every success row in --json mode now carries backend, input, output, outputBytes, and durationMs. Failure rows carry exitCode so a batch consumer can branch per file. NDJSON shape is documented in docs/reference/json-output.md.
    • CliError.kind — structured error class (e.g. "NO_BACKEND") so library callers branch on error type, not message text.
    • Doc reorg adopted — new AGENTS.md (replaces the prior docs/AGENT_INTEGRATION.md), docs/setup/ per-backend (LibreOffice, Gotenberg, ConvertAPI, Pages, Word), docs/reference/ for concept docs (backends, doctor JSON shape, exit codes, json-output), and a new schemas/doctor.schema.json so the --doctor output is now formally schema-validated.
    • README restructured around audience: “Run this” (docx2pdf --doctor) → “Where to go next” decision tree → human quickstart → agent affordances. Human path precedes the agent section now.

    Install: npm i -g docx2pdf-cli (already on npm).

  2. nda-review-cli v0.5.1 May 15, 2026 releaseagentcatalog

    nda-review-cli v0.5.1 — `--catalog json`, `sample-nda`, `doctor --check-llm`, doc reorg

    Cuts the agent-discovery + onboarding-polish work as v0.5.1.

    • nda-review-cli --catalog json — machine-readable inventory of every subcommand and flag, including the nested negotiate <sub> tree (23 top-level commands, 12 nested negotiate subcommands). Stable across minor versions. Matches the cross-suite contract used by sign --catalog json and docx2pdf --catalog json. Agents call this at startup rather than parsing --help.
    • sample-nda --out PATH — drops the bundled sample NDA fixture into a user-chosen path so first-run users have something substantial to point review at without knowing the fixture’s filesystem location. The fixture is a representative SaaS-style mutual NDA with clauses that reliably trip rule-engine findings (jurisdiction mismatch, indefinite-survival carve-out, term length).
    • doctor --check-llm — sends a 1-token round-trip to the configured LLM provider (from config/llm.json or NDA_LLM_* env vars) to confirm reachability, model name, and auth. Closes the most common LLM-setup stumble: “I edited config/llm.json, did it work?”
    • --help epilogs with concrete examples for the four most user-facing subcommands: review, draft, doctor, and negotiate init. Replaces a README round-trip with in-place discovery.
    • First-run hint adapts to invocation form — detects whether the user invoked as ./nda_review_cli.py or nda-review-cli (pipx) and prints the matching prefix in every example. Disambiguates the three onboarding paths (tutorial / quickstart / setup --quick --yes).
    • Wheel-bundling fixpyproject.toml’s manifest now uses a templates/*.md glob so all bundled templates (including Common Paper Mutual NDA v1.0) ship in the wheel. The previous per-file allowlist silently omitted templates.
    • Sandboxed web demo under web/ with one-click deployment to Railway / Fly.io / Render. Stdlib-only Python service wrapping the CLI behind three browser flows (draft / review / negotiation simulator). Per-session UUID sandboxes auto-expire after 30 minutes.
    • Doc reorg adopted — new top-level AGENTS.md, docs/setup/ (per-LLM-provider setup: Anthropic, OpenAI, Ollama, OpenAI-compatible, plus integrations.json hooks for handing off to docx2pdf-cli and sign-cli), and docs/reference/ for concept deep-dives (policy, stance, fatigue, scoring, state-file, exit codes, LLM data-flow). README trimmed from 619 to 280 lines.

    Install: clone the repo or pipx install git+https://github.com/DrBaher/nda-review-cli.git. PyPI publishing is being set up — once enabled, pipx install nda-review-cli will fetch the latest release directly.

  3. sign-cli v0.6.1 May 15, 2026 releasepadesverification

    sign-cli v0.6.1 — `pdf inspect` for ANY signed PDF + pre-sign visibility + verify `--recipient`

    A small, focused release that closes three real-world gaps surfaced in production signing flows.

    • sign pdf inspect — new top-level command that inspects PADES signatures on any signed PDF (yours, Adobe’s, DocuSign’s, Dropbox Sign’s, SignWell’s). Returns per-signature signer CN/email, cert subject + issuer, validity window, fingerprint, trust label (self_signed_local / self_signed_other / ca_signed / unknown), message-digest match, and parse warnings. Pure read — no DB interaction, no audit events. Pairs with request verify-signed-pdf (which adds request-level signer-match against the local DB); use pdf inspect when you don’t have a request to bind against — e.g. inspecting an incoming counterparty PDF. Companion: new MCP tool pdf_inspect_signatures and HTTP route POST /v1/pdf/inspect-signatures — same validateDocumentPath guard as the other PDF surfaces.
    • Pre-sign signature visibilitysigner fetch-document (CLI + MCP signer_fetch_document + HTTP POST /v1/signer/fetch-document) now includes an existingSignatures field in every response. Fields: count, hasSignature, allDigestsOk (false if any prior signature is broken — tamper or parse failure), signers[] (subject / issuer / validity / fingerprint / trust / per-signer digestOk), warnings[]. So a signer fetching a PDF for countersignature can see what they’re about to countersign before they sign. Best-effort: if inspection throws on a malformed PDF, the field is populated with a degenerate summary plus a warning rather than failing the fetch.
    • request verify-signed-pdf --recipient <email> — narrows the signer_match check to a single recipient instead of requiring the full persisted-signer roster. Mirrors the semantics of request show --recipient. Useful mid-flight on multi-signer requests (verify Alice’s signature without failing because Bob hasn’t signed yet). Refuses unknown recipients with SIGNER_NOT_RECIPIENT rather than silently passing on vacuous truth.

    Fixed#

    • request verify-signed-pdf no longer falsely reports signer_mismatch against per-signer certs whose subjects contain RFC 4514 escapes — Node’s X509Certificate.subject returns the LDAP DN string, which backslash-escapes reserved chars (+, <, >, ,). A per-signer cert subject like CN=Baher Test \<baher\+dcc@example.com\> was being compared with a raw subject.includes("baher+dcc@example.com") and failing — even though the signature was cryptographically valid (digest_ok: true). The matcher now strips backslash escapes before the substring check. Surfaced by a real-world signing test against GBrain agreements on 2026-05-14.

    Docs#

    • The doc reorg adopted across the three-CLI suite this week is captured in this release block too — new top-level AGENTS.md, docs/setup/ for provider-specific setup (Dropbox / DocuSign / SignWell / embedded), and docs/reference/ for concept docs (audit-chain, exit-codes, profiles, security model, security controls, legal posture, architecture, comparison).

    Install: npm i -g sign-cli once the npm publish lands (see release notes for the workflow state).

  4. sign-cli v0.6.0 May 14, 2026 releasemcpsecurityprofiles

    sign-cli v0.6 — cross-surface parity, profiles, path-traversal guards

    The biggest sign-cli release since the offline PAdES signer landed.

    • Cross-surface parity. Every operationally-useful CLI command now exists as both an MCP tool and an HTTP route. The MCP surface grew from 8 to 19 tools (added: pdf_detect_signature_field, pdf_detect_date_field, pdf_inspect_signatures, profile_list, profile_show, pdf_stamp_text, preview, document, signer_reissue_token, audit_scan, request_receipt). The HTTP surface grew to 20 routes under /v1/*, all with the same input shape, the same path-traversal guards, and the same read-only gating.
    • Named profiles. sign profile init / list / show / use / set / unset / delete bundles provider, dbPath, strictProvider, and a credentials block under a name. Credentials use {{env:VAR}} references that resolve from the shell at call time — secrets never live in the profile file. Activate via --profile prod, SIGN_PROFILE=prod, or implicitly via a project-level sign-profile.json (git/npm-style upward-walk discovery).
    • Path-traversal guards on every input and output. validateDocumentPath / validateOutputPath reject paths that escape the working directory; opt out with SIGN_ALLOW_ABSOLUTE_DOCS=1. Closes the gap where a malicious or buggy MCP client could read arbitrary files via pdf_path or write sealed PDFs anywhere on disk.
    • One-shot sign document. Takes a .docx (or .pdf), converts via the bundled docx2pdf-cli, auto-places, stamps, PAdES-seals, and verifies the chain — all in one call against a scoped temp database that’s deleted on exit.
    • sign preview for offline placement iteration. Stamps a signature image or rendered name onto a PDF without producing a PAdES envelope or touching the DB. Surfaces the same quality warnings (STAMP_OFF_PAGE, STAMP_OVERLAPS_TEXT) as the sealed flow.
    • Auto-place with multi-candidate selectors. --auto-place accepts true, first, last, all, page:N, or index:N. Closes the AUTO_PLACE_AMBIGUOUS foot-gun where the user knew the rule but had no way to tell the CLI.
    • Date detection + pdf stamp-text. Detection now recognizes date anchors alongside signature anchors (English, French/EU conventions). sign pdf detect-date-field returns ranked date candidates with an alreadyFilled flag; sign pdf stamp-text stamps plain text without an envelope. Skips already-filled anchors by default.
    • Aspect-ratio preservation on visible-signature stamps (default ON). Shrink-to-fit instead of stretching. PNG inputs gain --signature-image-auto-crop true to trim white margins and replace near-white with transparent. Pure-JS PNG decoder, no native deps.
    • sign doctor preflight. Structured per-check report: Node version, DB-path writability, provider env vars, provider API reachability, filesystem permissions. Exit 0 ok, 1 any failed. Branch on checks[].name for agent self-recovery.
    • sign workflow nda. Renders the bundled mutual-NDA template into a PDF and creates a signing request in one shot. Method-consent clause baked in per the legal-posture guide. Missing placeholders surface in one error before any PDF is written.
    • Trust labels in signed-PDF inspection. request verify-signed-pdf adds a trust field per signer: self_signed_local, self_signed_other, ca_signed, unknown. Structural and descriptive — no trust-store lookup, no expiry check.
    • Extended audit export bundles. audit export emits bundleVersion: 2: audit.json + signed.pdf + original.pdf + manifest.json + README.md + receipts/<signer-email>.json (per-signer event subsets, isolated). request receipt still emits the cryptographically-signed bundleVersion: 1 with detached manifest.sig + manifest.cert.pem.
    • STORAGE_UNWRITABLE structured error. openDatabase wraps EACCES / EROFS / EPERM into a SignCliError with a code, message, and hint pointing at SIGN_DB_PATH, ~/.sign-cli/, or a profile dbPath. Replaces a raw Node stack trace with an agent-actionable envelope.
    • Strict provider mode. --strict-provider true (or SIGN_STRICT_PROVIDER=true) rejects mismatches between the resolved provider and a request’s persisted provider with STRICT_PROVIDER_MISMATCH. Every command prints [sign] resolved provider: <provider> (<source>) to stderr on start so you can see what’s about to talk to whom.

    Full notes in CHANGELOG.md.

  5. site v0.3.0 May 10, 2026 site

    Site v0.3 — search, OG images, comparison page, embedded demo

    A meaningful round of site polish. Headline things:

    • Search. Press ⌘K (or Ctrl+K on Linux/Windows) anywhere to open a Pagefind-backed instant search. Indexes every page at build time.
    • Real OG images. Per-page PNGs generated at build via satori + @resvg/resvg-js using bundled fonts. Twitter, LinkedIn, and Slack previews now look intentional.
    • Embedded demo. The nda-review-cli page now renders the live Railway sandbox in an inline frame so people can try it without leaving the page.
    • Comparison page. New /compare page — honest table of where the CLIs win versus SaaS contract suites and where SaaS still wins.
    • Live version badges. Each tool card and tool page shows the latest published version, fetched at build time from npm or PyPI (with a repo pyproject.toml fallback).
    • Sitemap + robots. Standard SEO basics added, including a sitemap-index.xml.
    • Changelog. This page exists now.
  6. site v0.2.0 May 9, 2026 site

    Site v0.2 — dark mode, asciinema demos, animated workflow

    The first big polish pass.

    • Dark mode with system-preference detection plus a manual toggle.
    • Animated workflow diagram — traveling dots flow across the arrows in sequence.
    • Asciinema demo casts on each tool page (quickstart, negotiate, sign-cli demo, docx2pdf doctor + batch).
    • Copy-to-clipboard buttons on every code block.
    • Install-method tabs — pipx/pip/source for Python, npm/pnpm/yarn/npx for Node.
    • Try-it-in-browser panels linking to the live sandboxes.
    • Hover micro-interactions on tool cards and reveal-on-scroll on workflow steps (respects prefers-reduced-motion).
  7. sign-cli v0.5.0 May 7, 2026 releasemcpagent

    sign-cli v0.5 — agent-as-signer, MCP stdio server, structured errors, cryptographic receipts

    The release that made sign-cli first-class for agents. Same per-signer-token asymmetry that gates the human-in-the-loop signing gesture — but now expressed across MCP, declarative policy, structured errors, and the self-documenting catalog.

    • Agent-as-signer flow for --provider local. sign sign, signer list, signer fetch-document, signer decline — all gated by per-signer token authentication. Pre-sign safety checks (--require-hash, --require-title, --require-signer-email) throw with structured error codes before any state mutation. New audit events: request.signed_by_signer, request.signer_declined, request.signer_fetched_document.
    • MCP stdio server (8 tools). sign mcp serve exposes signer_list, signer_fetch_document, sign, signer_decline, request_show, request_status, request_watch, audit_verify over JSON-RPC 2.0. Plus three resource shapes: request://<id> snapshot, request://<id>/document PDF blob, request://<id>/audit chain. request_watch streams notifications/progress when the client supplies a progressToken. Tool args validated against each tool’s inputSchema.
    • Structured error envelopes. { ok, error: { code, message, hint?, details? } } on stderr with stable code values (TOKEN_EXPIRED, PRE_SIGN_HASH_MISMATCH, NON_LOCAL_PROVIDER, …). Toggle to plain text via SIGN_ERROR_FORMAT=text.
    • Enriched request show. Adds signedBy[], declinedBy, per-approval tokenHint / expiresAt / expired / signed, and a nextSteps[] array of suggested commands.
    • Token recovery. signer reissue-token mints a fresh token in place of an expired/lost one. signer list now includes tokens[] with expiresAt / expired / expiresSoon.
    • Spec-file requests. request create --spec ./request.json [--param key=value] lets a single template be reused across counterparties with variable substitution.
    • Declarative signer policy. signer policy run --spec ./policy.json [--dry-run true] and signer policy run-all --tokens-file …. Two-layer model: non-negotiable expectations (titleMatches, documentSha256, signerEmail) + first-match-wins rules (sign / decline / report).
    • Cryptographic receipts. request receipt --request-id <id> --out ./receipt/ produces an audit-export bundle plus a detached manifest.sig + manifest.cert.pem that openssl can verify directly.
    • Per-signer PAdES identity. Each signer gets a stable on-disk RSA-2048 key/cert keyed by email. signedBy[] entries now carry certFingerprintSha256 + certSubjectCommonName, so multi-party requests have cryptographically distinguishable per-signer identities at the audit-chain level.
    • Cross-provider signedBy parity. New signer_signing_states table fed by both local sign/decline and Dropbox/SignWell webhook ingestion. request show for hosted-provider requests now returns a populated signedBy[] instead of null.
    • Webhook notifications. SIGN_LOCAL_NOTIFY_URL fires fire-and-forget JSON POSTs on allow-listed audit events (request.signed_by_signer, request.signer_declined, request.final_pdf_downloaded, …).
    • Self-documenting CLI. sign --help (grouped index), sign <cmd> --help (focused per-command), sign --catalog json (machine-readable index), sign examples (7 curated walkthroughs), sign --version, sign mcp tools (catalog without booting the server).
    • Shell completion. sign completion bash|zsh|fish.
  8. docx2pdf-cli v0.2.1 May 5, 2026 releaseagentdoctor

    docx2pdf-cli v0.2 — agent-first framing, capabilities flag, smarter doctor

    The agent-integration release. v0.2.0 made the agent affordances first-class; v0.2.1 polished the onboarding path when no backend is installed.

    • --capabilities. Machine-readable feature flags — backend availability, supported flags, capability spec version, tool version, backend fidelity map, strict-fidelity policy hints. An agent can introspect what this binary can do without parsing prose.
    • AGENTS.md + llms.txt + agent-defaults.json. Default-routing guidance so coding/automation agents can treat docx2pdf-cli as the default DOCX→PDF tool. docs/AGENT_INTEGRATION.md covers wire-up. examples/agent-defaults.json ships the recommended defaults for agent invocations.
    • JSON Schemas under schemas/. Formal schemas for agent metadata and capability output. Lets agents validate the contract before relying on it.
    • Smarter onboarding when no backend is installed. The “no conversion backend” error gets a platform-specific recommendation and per-backend install commands inline. If Docker is detected, leads with docker run gotenberg/gotenberg:8 so the user doesn’t need to install LibreOffice (~700MB).
    • --doctor JSON enriched with actionable setup data. Adds platform (darwin / linux / win32), platformKey (linux-apt, linux-dnf, …), tools.docker / tools.unzip / tools.fcList, a backends[name] object with available / fidelity / reason / install (platform-specific install command), and a top-level recommendation field — single best next step for this host.
    • CliError.kind. Optional kind property (e.g. "NO_BACKEND") on error envelopes, so library callers branch on error type instead of message text.
    • commandExists switched from sh -lc to sh -c. The login shell was reading user init files and rebuilding PATH, sometimes returning probes for commands that spawn() couldn’t actually find.
    • npm keyword + allowlist updates. docx2pdf, ai-agent, automation added to keywords. Agent docs and examples now ship in the npm tarball.

    Recommended defaults for agent invocations:

    docx2pdf --strict-fidelity --json --out-dir ./pdfs *.docx
  9. nda-review-cli v0.5.0 May 5, 2026 releasenegotiation

    nda-review-cli v0.5 — fatigue concession, web demo, profile learning

    Headline release for the negotiation engine.

    • Fatigue concession. When a clause bounces past max_clause_bounces (default 4), the next proposer is force-conceded deterministically. Solves the conservative-vs-conservative stalemate without resorting to randomness.
    • Counterparty profile learning. Pass --learn-profile on a review and the CLI builds a per-counterparty stance profile from the patterns it sees. Next round, that profile is applied automatically.
    • Web demo in web/. A sandboxed Flask-style server that exposes the three headline flows (draft, review, negotiate-simulator) for trying without installing.
    • Stalemate detection still trips on hard non-negotiable conflicts and surfaces them for human escalation rather than auto-resolving.
  10. sign-cli v0.4.0 April 22, 2026 releasepadesrfc3161

    sign-cli v0.4 — offline PAdES signer, RFC 3161 anchors, SignWell + embedded signing

    The release that turned sign-cli into a complete signing tool you can use without signing up for anything.

    • Built-in offline PAdES signer. --provider local produces real PKCS#7 signed PDFs in /ByteRange, with a self-issued X.509 cert. request verify-signed-pdf re-parses the file, recomputes the digest, and validates the chain end-to-end. Zero signups, no API keys, no third-party SaaS. Suitable for internal docs, CI / testing, and anywhere you don’t need an external trust anchor.
    • RFC 3161 timestamping. audit timestamp anchors the head of the hash-chained audit log against a public Timestamp Authority. Durable evidence that an event existed by a given date — survives even if the signing provider disappears later.
    • SignWell provider. Email send, embedded signing, and webhook ingest. Joins Dropbox Sign and DocuSign in the multi-provider surface. Same primitives, same audit behavior across all three.
    • Embedded signing across all hosted providers. request send --embedded, launch-embedded, and signer-side sign-url generation for browser-based signing UIs (HelloSign Embedded JS for Dropbox; DocuSign recipient view with clientUserId; SignWell embedded). Final PDF retrieval via fetch-final regardless of which provider sent it.
    • Webhook ingest + verification. Per-provider webhook endpoints on sign serve capture status transitions and persist them into the audit chain, so request show reflects current state without polling.
    • PKCS#7 inspection. request verify-signed-pdf parses the embedded PKCS#7, extracts X.509 signer certificates (subject + issuer + validity + fingerprint + serial), and reports per-signer details an auditor can use.
    • Bulk CSV sends. request bulk --csv roster.csv — send the same document to many signers, or many documents to one signer, from a single CSV file. NDJSON output per row for streaming consumers.
    • doctor providers capability matrix. Per-provider readiness probe: env vars present, API reachability, embedded support, webhook configuration.
    • Production hardening. Input validation across every flag (path traversal, email shape, return-URL safety, payload sizes). Secret redaction in error envelopes + HTTP debug logs. Idempotent request send — refuses to double-send unless --force true. db backup / db verify with SQLite WAL mode.

Edit this page on GitHub