Developers and agents

Give your coding agent the Bumpgrade public contracts first.

Bumpgrade publishes source-data routes, an agent manifest, public docs, llms.txt, and write-safety rules so agents can cite evidence, follow stable IDs, and respect permission boundaries before they suggest changes.

Start here

What agents can read and where to begin

Public resources are safe to read. Writes remain owner-gated until a route names the confirmation, idempotency, stale-state, audit, and redaction rules.

Read contracts

Core public contracts

The full manifest lists 34 public contracts. Start with these high-signal routes, then use the manifest when an agent needs exact stable IDs or boundaries.

Surface overview
PublicOpen

Feature catalog

Read feature status, Distinguish live from pending, Cite feature evidence

Stable IDsfeatureId, issue, status
BoundaryFeature status changes must land through GitHub issue/PR work and admin work-log updates.
PublicOpen

Public roadmap

Read public-safe roadmap state, Find blockers and next milestones, Cite issue evidence

Stable IDsroadmapItemId, featureId, issue, status
BoundaryRoadmap moves require an issue/PR or approved admin append path, not chat-only edits.
PublicOpen

Competitor comparisons and source evidence

Resolve competitor claims, Read retrieved dates, Cite official source URLs

Stable IDscompetitorId, sourceId, seoTargetId
BoundaryRefresh competitor claims from official sources before changing dated pricing, packaging, or feature claims.
PublicOpen

Competitor importers

Read supported importer platforms, Resolve importer routes from competitor IDs, Inspect input kinds, platform-specific source checklists, export match templates, preflight signal labels, redacted sourceChecklistReview maps, exportFileAnalysis fields, platformExportMatches, private importReview metadata persistence, private structured import-record contracts, safe extractedFields plans, subscriberImportDepth metadata, subscriberImportPreflight actions, subscriberImportCreation actions, subscriberAudiencePromotion actions, owner-only privateSubscriberRecords inspection rules, owner-only subscriberPrivateExport metadata, private record review routes, review-action routes, extracted-field edit actions, duplicate-review fields, rollback routes, and saved private plan parts, Identify verified-publisher private-draft, private record review, private record review-action, and rollback routes for supported importer platforms, Cite safety gates and unsupported fields before describing migration capability, Cite issue #467 for the active importer feature request

Stable IDsimporterPlatformId, competitorId, sourceId, importInputKind, importSourceChecklistItemId, importDraftEntity, importReviewAreaStatus, importReview, importRecords, extractedFields, subscriberImportDepth, subscriberImportPreflight, subscriberImportCreation, subscriberAudiencePromotion, privateSubscriberRecords, privateRecordReviewRoute, privateRecordReviewActionApiRoute, edit_extracted_field, record_subscriber_import_preflight, create_subscriber_import_records, promote_subscriber_import_records_to_audience, export_private_subscriber_records
BoundaryImporter source-data is read-only. Platform-specific source checklists and export match templates describe what a prospect can bring before private plan creation. Public preflight review routes return redacted import maps, sourceChecklistReview status, exportFileAnalysis structure, and platformExportMatches without persisting records or echoing pasted source material, raw rows, raw file text, export file names, customer rows, credentials, sessions, or payment data. Private-draft importer APIs require a verified publisher session, exact confirmation, idempotency, and redacted responses; new private drafts persist safe importReview metadata with export analysis, platform export matches, and recognized match IDs only, then create private importRecords, safe extractedFields target plans, and subscriberImportDepth metadata for audience records without public source-data exposing private record content, raw values, raw contact rows, emails, names, sequence enrollments, sends, or exports. Private record review routes require the same verified publisher owner and can show safe structure plus saved private importer subscriber contact records after confirmed creation; public source-data, public preview routes, unauthenticated responses, and public agent contracts expose counts and redaction rules only. Private record review-action routes can mark records ready or needing cleanup, edit extracted field labels/status/prompts, record subscriberImportPreflight readiness/cleanup metadata, create private importer subscriber records from a confirmed fresh upload, add those saved contacts to the audience review list as imported_pending_review rows, and prepare an owner-only private subscriber CSV with redacted JSON responses and idempotency/confirmation evidence. Subscriber import creation stores private email/name data only in owner-scoped importer subscriber records and returns counts only; subscriberAudiencePromotion writes audience_subscribers and non-sending tag assignments, but creates no consent events, sequence enrollments, private exports, sends, or go-live effects. SubscriberPrivateExport returns private emails only in the same-owner CSV download; public source-data, unauthenticated responses, and JSON API responses expose counts and redaction rules only. Source URL and export file name duplicate review can reuse a matching private import plan. Private rollback routes archive importer-created plans and preserve saved plan content, structured import records, steps, and audit history, while public publishing, live checkout, subscriber sends, domains, fulfillment, account transfer, payment credential migration, and customer passwords remain outside this contract.
PublicOpen

Commerce contract

Read redacted commerce architecture, Separate sandbox from live billing, Inspect referral attribution evidence, Inspect review-only commission ledger evidence, Inspect owner review action boundaries, Inspect non-billing post-purchase decision evidence, Inspect write safety rules

Stable IDsproductId, priceId, checkoutIntentId, referralClickId, referralAttributionId, reviewOnlyCommissionLedgerId, commissionReviewActionId, postPurchaseDecisionId, auditCorrelationId
BoundaryNon-billing post-purchase decisions can be recorded only for trusted checkout state; billing-impacting and payable commission writes require exact confirmation, idempotency, stale-state checks, audit correlation, owner review, and webhook evidence.
PublicOpen

Pricing policy and free-build gates

Read the free build-before-go-live policy from issue #466, Distinguish live signed-in private Free Build workspace creation from paid go-live actions, Confirm logged-out anonymous structured playground recovery, browser-recovery save limits, owner-gated and scheduled cleanup, additive claim-to-private-draft and private claim-record creation, and signed-in Free Build workspace creation are live, Cite paid go-live gates for publishing, checkout, subscriber sends, domains, and fulfillment

Stable IDspricingPolicyId, freeBuildModeId, freeBuildCapabilityId, paidGoLiveGateId, pricingPlanSlug
BoundaryAgents may read the pricing policy only. Saving anonymous structured playground state is browser-scoped, rate-limited per browser recovery workspace, and redacted; owner cleanup and scheduled Cloudflare cleanup expire recovery without exposing private content; claim creates or reuses the verified account's Free Build workspace and adds a private launch draft plus private offer/product/audience/importer-review records without replacing existing work; creating signed-in Free Build workspaces uses authenticated account setup APIs; publishing, charging buyers, sending email, connecting domains, and fulfillment changes require paid-plan flows.

Docs

Agent documentation map

liveOpen

Agent docs index

Human and agent-friendly index for Bumpgrade read contracts, source evidence, MCP direction, and safety boundaries.

liveOpen

Bumpgrade agent surface

Orientation for what agents can read, what is planned, and what requires owner credentials.

liveOpen

Bumpgrade commerce contract

Stripe sandbox, checkout, webhook, billing, and confirmed-write safety boundaries.

liveOpen

Bumpgrade source evidence

How public claims resolve to source IDs, URLs, issues, PRs, work-log entries, and caveats.

liveOpen

Bumpgrade admin surfaces

Which admin pages require owner auth and which source-data routes are public-safe for agents.

liveOpen

Bumpgrade MCP roadmap

First MCP resources and tools planned on top of the same public-safe contracts.

MCP and writes

Tooling builds on the same contract, with stronger safety.

MCP roadmap

Ready contracts

36 MCP resource contracts are backed by live JSON routes.

Confirmed writes

Public, billing-impacting, admin, and creator-speech writes need confirmation, idempotency, stale-state checks, audit correlation, and redaction.

Source grounding

Public claims need source IDs, issue or PR evidence, work-log records, source URLs, and retrieved dates.