ascorbic
diff --git a/‎.changeset/oauth-scope-query-form.md‎
Lines changed: 0 additions & 5 deletions b/‎.changeset/oauth-scope-query-form.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎.changeset/sync-1-1-compliance.md‎
Lines changed: 0 additions & 16 deletions b/‎.changeset/sync-1-1-compliance.md‎
Lines changed: 0 additions & 16 deletions
diff --git a/‎.changeset/sync-get-latest-commit.md‎
Lines changed: 0 additions & 7 deletions b/‎.changeset/sync-get-latest-commit.md‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎packages/oauth-provider/CHANGELOG.md‎
Lines changed: 6 additions & 0 deletions b/‎packages/oauth-provider/CHANGELOG.md‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎packages/oauth-provider/package.json‎
Lines changed: 1 addition & 1 deletion b/‎packages/oauth-provider/package.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎packages/pds/CHANGELOG.md‎
Lines changed: 25 additions & 0 deletions b/‎packages/pds/CHANGELOG.md‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎packages/pds/package.json‎
Lines changed: 1 addition & 1 deletion b/‎packages/pds/package.json‎
Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,11 @@
 # @getcirrus/oauth-provider
 
+## 0.4.1
+
+### Patch Changes
+
+- [#175](https://github.com/ascorbic/cirrus/pull/175) [`54ab459`](https://github.com/ascorbic/cirrus/commit/54ab459588393a58ea906977c1ffc8996d8d0700) Thanks [@ascorbic](https://github.com/ascorbic)! - Fix `parseScope` rejecting valid granular scopes that use the query-only form (e.g. `repo?collection=a&collection=b`) with `Unknown scope resource`. The parser previously only looked for `:` as the prefix delimiter, but per `@atproto/oauth-scopes` syntax a scope can use `prefix:positional`, `prefix?query`, or both. This affected permission sets whose `repo` permission listed multiple collections, since those expand to a single query-form token.
+
 ## 0.4.0
 
 ### Minor Changes
 
@@ -1,6 +1,6 @@
 {
 	"name": "@getcirrus/oauth-provider",
-	"version": "0.4.0",
+	"version": "0.4.1",
 	"description": "OAuth 2.1 Provider with AT Protocol extensions for Cloudflare Workers",
 	"type": "module",
 	"main": "dist/index.js",
 
@@ -1,5 +1,30 @@
 # @getcirrus/pds
 
+## 0.16.0
+
+### Minor Changes
+
+- [#171](https://github.com/ascorbic/cirrus/pull/171) [`bf2f857`](https://github.com/ascorbic/cirrus/commit/bf2f857b0df9cc9e8eaeb7e336114107596473af) Thanks [@ascorbic](https://github.com/ascorbic)! - The firehose now emits the sync 1.1 message shape, matching what the bsky.network relay and other AT Protocol consumers expect. Existing subscribers will start seeing new fields and new event types; nothing has to change on the consumer side, but the warnings some relays were logging against Cirrus hosts (notably `missing prevData field`) will stop.
+
+  What changed on the wire:
+  - `#commit` messages now include `prevData` (the prior commit's MST root CID), so relays can verify each commit inductively without re-fetching the repo. The CAR slice now also carries the MST covering-proof blocks needed for that verification.
+  - Each `ops[]` entry on update and delete now includes `prev`, the previous CID of the touched record. Creates omit it as before.
+  - `tooBig` is always `false`. It was previously set based on payload size, which never matched the field's meaning under sync 1.1.
+  - New `#account` events are emitted on activation and deactivation, so relays learn about account status changes without polling. Deactivation reports `status: "deactivated"`; activation reports `active: true` with no status.
+  - New `#sync` events are emitted on activation (after migration or initial setup), giving relays the current commit block without a diff.
+  - `#identity` events now allow the `handle` field to be omitted, per spec.
+  - A `#info` frame with `name: "OutdatedCursor"` is sent when a client connects with a cursor older than the retained event window. The stream continues from the oldest available event instead of disconnecting.
+  - `applyWrites` rejects calls with more than 200 operations, matching the spec cap.
+
+- [#168](https://github.com/ascorbic/cirrus/pull/168) [`71b988e`](https://github.com/ascorbic/cirrus/commit/71b988e485d5128b185fb4970aaa35011bf67e04) Thanks [@simnaut](https://github.com/simnaut)! - Implement `com.atproto.sync.getLatestCommit`.
+
+  This sync XRPC endpoint was previously unimplemented, so requests fell through to the XRPC proxy and returned `501 MethodNotImplemented`. Relays call `getLatestCommit` during their crawl bootstrap, so a freshly created repo could never be indexed by a fresh `requestCrawl`. The endpoint now returns the repo's head commit as `{ cid, rev }` (sourced from the same `rpcGetRepoStatus` data used by `getRepoStatus`/`listRepos`).
+
+### Patch Changes
+
+- Updated dependencies [[`54ab459`](https://github.com/ascorbic/cirrus/commit/54ab459588393a58ea906977c1ffc8996d8d0700)]:
+  - @getcirrus/oauth-provider@0.4.1
+
 ## 0.15.2
 
 ### Patch Changes
 
@@ -1,6 +1,6 @@
 {
 	"name": "@getcirrus/pds",
-	"version": "0.15.2",
+	"version": "0.16.0",
 	"description": "Cirrus – A single-user AT Protocol PDS on Cloudflare Workers",
 	"type": "module",
 	"main": "dist/index.js",
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@getcirrus/oauth-provider",`
`3`		`- "version": "0.4.0",`
	`3`	`+ "version": "0.4.1",`
`4`	`4`	`"description": "OAuth 2.1 Provider with AT Protocol extensions for Cloudflare Workers",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"main": "dist/index.js",`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@getcirrus/pds",`
`3`		`- "version": "0.15.2",`
	`3`	`+ "version": "0.16.0",`
`4`	`4`	`"description": "Cirrus – A single-user AT Protocol PDS on Cloudflare Workers",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"main": "dist/index.js",`