Skip to content
Forge Docs

v1.2.0 — Commercial Layer

Released: 2026-04-16

Forge becomes a purchasable product. This release adds offline license validation, tier-gated features, Stripe-integrated key delivery, binary distribution via Cloudflare R2, and the forge.ironpinelabs.com landing page.

Added

Section titled “Added”

License System

Section titled “License System”
  • New forge-core::license module with Ed25519 license key validation. Keys are JSON payloads signed with an Ed25519 private key held only by Patrick and a Cloudflare Worker; the Forge binary has the matching public key compiled in at build time.
  • Types: License, Tier (Community / Solo / Pro / Team), LicenseError
  • validate_key() — fully offline signature and expiration verification. No network call required.
  • load_license() / save_license() — JSON persistence to ~/.forge/license.json
  • is_feature_enabled(), current_tier(), features_for_tier() helpers
  • 11 feature-flag constants matching the product pricing tiers

License Keygen (Developer Tool)

Section titled “License Keygen (Developer Tool)”
  • New forge-license crate with forge-keygen binary — not included in distributed releases, developer tool for Patrick only.
  • forge-keygen generate / batch / verify / keypair subcommands

Feature Gating

Section titled “Feature Gating”
  • New forge-core::gate module with check() and community_mode_message()
  • Workflow tools (forge_prepare, forge_validate, forge_understand) require Solo tier or higher
  • Semantic/hybrid search in forge_search requires Solo; Community falls back to keyword-only
  • SCIP ingestion (CLI + MCP) requires Pro tier
  • forge ci (stub) requires Pro tier
  • forge serve --dashboard requires Solo tier (soft gate: prints message, continues without dashboard)
  • 18 of 21 MCP tools remain available in Community mode

New CLI Commands

Section titled “New CLI Commands”
CommandDescription
forge activate <license-key>Validates and installs a license key
forge licenseShows current license status, masked email, expiration
forge update [--check]Checks R2 manifest for newer version; offers in-place binary replacement
forge stats [--json] [--reset]Local usage statistics — data never leaves the machine
forge ciCI mode stub (full implementation in a future release)

Stats Collection

Section titled “Stats Collection”
  • New forge-core::stats module — atomic JSON persistence to ~/.forge/stats.json
  • MCP tool dispatcher records per-tool call counts and latencies
  • forge health records P0/P1/P2 counts over time (last 20 runs retained)

Cloudflare Worker Backend

Section titled “Cloudflare Worker Backend”
  • New workers/forge-license-webhook/ TypeScript project
  • Stripe webhook handler: verifies HMAC signatures, handles customer.subscription.created/updated/deleted, checkout.session.completed
  • Ed25519 key signing via @noble/ed25519 (Workers-compatible — no Node.js crypto dependency)
  • License delivery email via Resend API (HTML + plain text templates)
  • D1 database for license records (customer support and analytics — validation is fully offline)
  • Stripe Customer Portal redirect endpoint for self-service upgrades/downgrades

Release Pipeline

Section titled “Release Pipeline”
  • scripts/release.sh — cross-compiles for 6 targets, computes SHA256 checksums, generates latest.json manifest, uploads to R2 via wrangler
  • scripts/RELEASE.md — release procedure reference

Landing Page and Marketing Site

Section titled “Landing Page and Marketing Site”
  • Canonical site at ~/repos/ironpine-labs/forge-site/ (Astro + Cloudflare Pages, forge.ironpinelabs.com)
  • Landing page, pricing page, docs (28 pages), 3 launch blog posts, privacy policy, terms of service
  • Blog content collection at forge-site/src/content/blog/

Changed

Section titled “Changed”
  • Workspace membership: forge-license crate added (publish=false)
  • forge status now prints a license summary line
  • forge-core/Cargo.toml: added ed25519-dalek, base64
  • forge-cli/Cargo.toml: added reqwest, sha2, futures-util
  • MCP tool dispatcher wraps every call with timing and stats recording
  • Workspace version bumped from 1.1.0 to 1.2.0

Security

Section titled “Security”
  • License validation is fully offline — no network call at activation or at runtime. (v1.3.0 adds a weekly license-hash heartbeat — see the v1.3.0 changelog.)
  • Private Ed25519 key exists in exactly two places: Patrick’s machine (encrypted) and the Cloudflare Worker secret. Never committed, never in the distributed binary.
  • D1 stores SHA-256 hash of license keys, not plaintext
  • Stripe webhook signatures verified constant-time (HMAC-SHA256)

Notes

Section titled “Notes”
  • The public key compiled into this release is a DEV keypair. Before production launch, generate a fresh production keypair via forge-keygen keypair, update FORGE_PUBLIC_KEY_HEX in forge-core/src/license.rs, and deploy the new private key to the Cloudflare Worker secret.
  • All Stripe price IDs, Checkout URLs, Cloudflare Analytics token, and Resend API keys are unpopulated placeholders. See the Patrick setup guide for wiring these in.
  • CI mode, Dashboard, and Plugin System are gated but partially stubbed. Full implementations land in subsequent releases — the gates are in place so license validation works from day one.

Known Issue (Fixed in v1.3.0)

Section titled “Known Issue (Fixed in v1.3.0)”
  • P1-1: forge activate success message was hardcoded to the Solo feature list regardless of the activated tier. Fixed in v1.3.0.