jup.sh 0.1.0-alpha.10 Draft Release Notes

Status: draft.

v0.1.0-alpha.10 is planned as the first review-state checkpoint. It adds local persisted Risk Review decisions on top of the read-only Intent API and status model.

This draft still does not add wallet signing, swap execution, Solana Pay transaction request generation, custody, remote backend persistence, authentication, payment confirmation, or receipts.

What This Draft Adds

• Local review decision API:
  • POST /api/intents/:intentId/review.
• CLI review decision commands:
  • jup-sh intent approve <intent_id> --json;
  • jup-sh intent reject <intent_id> --json.
• Additive reviewDecision object on status summaries.
• Review approval moves a review-required intent to ready_for_authorization.
• Review rejection moves a review-required intent to rejected.
• Server API smoke coverage for persisted approval and conflict handling.
• Alpha CLI smoke coverage for persisted approval.

Status Summary Shape

After approval:

{
  "intentId": "intent_xxx",
  "status": "ready_for_authorization",
  "decision": "review_required",
  "nextAction": "ready_for_authorization",
  "riskLevel": "medium",
  "reviewUrl": "https://www.jup.sh/pay/intent_xxx",
  "reviewCommand": "npx jup-sh@alpha review intent_xxx",
  "reviewDecision": {
    "decision": "approved",
    "reviewer": "local",
    "reason": "known vendor",
    "reviewedAt": "2026-05-12T00:00:00.000Z"
  },
  "createdAt": "2026-05-12T00:00:00.000Z"
}

The original policy decision remains review_required; it records why the intent needed human review. The nextAction and status fields represent what the system can do after review.

Safety Boundary

Review approval does not mean payment completion. It only means the intent may continue to a future authorization layer.

The local API refuses review decisions for intents that are not waiting for review. This keeps already approved, rejected, or auto-pay intents from being mutated through the review endpoint.

Current Boundary

The review decision is persisted in the local intent JSON file. It is not a hosted backend, authenticated audit trail, or production approval system.

The npm alpha package remains jup-sh@0.1.0-alpha.7 until a runtime release is prepared and published.

Verification

Run:

npm run release:check

The release gate covers docs contract checks, SDK smoke tests, server API smoke tests, alpha CLI smoke tests, npm package dry-run, and Rust workspace tests.