Tags give the ability to mark specific points in history as being important
-
v0.14.0
protectedRelease: v0.14.0d09b1f3f · ·v0.14.0 — generated Python, Rust, and Zig client SDKs Adds config-driven generation of polyglot client SDKs (Python stdlib-only async, Rust async tokio/reqwest, Zig std-only sync) as peers of the Go and TypeScript clients, covering REST/WebSocket/GraphQL/MCP and every auth mode, with per-language HMAC interop keystones proven byte-identical to securex, native unit tests, real-socket e2e, and fuzzing. Existing Go/TS client output is unchanged. See docs/POLYGLOT_CLIENTS.md.
-
v0.13.0
protectedRelease: v0.13.0b8390ede · ·v0.13.0 Highlights since v0.12.5: - feat: react-ui service explorer — dependency-free generated React explorer (gen/client/react-ui/) with tabbed REST/WS/GraphQL/MCP panels, live Try-it panels, multi-language code samples (curl/Go/Python/TypeScript), and CSS-variable theming. Enabled via client.react_ui: true. - feat: live GraphQL subscriptions wired through graphQLSubscribe<Field>() (graphql-transport-ws over WebSocket) with bounded frame log. - security: appsec review hardening (rounds 1-3) — token placeholders in code samples, OIDC issuer handling, webhook badge, auth gating, dead-code cleanup. - fix: repair CI-only test fallbacks (tsc-absent path) and harden a timing-sensitive htpx rate-limit test. See docs/REACT_UI_EXPLORER.md for mount instructions and limitations.
-
v0.12.5
protectedRelease: v0.12.5833e4bed · ·v0.12.5 — resync gen/+testgen hashx mirror with the verify-time KDF DoS fix gen/ and testgen/ vendor a mirror of pkg/securex/hashx; the cost-ceiling changes in v0.12.3 left those copies stale, failing the generate:drift full-regen diff. Regenerated via 'make generate'; the drift gate is now clean.
-
v0.12.4
protectedRelease: v0.12.474db2719 · ·v0.12.4 — resync repo-root self-host mirror (fixes generate:drift) Regenerated the repo-root self-host mirror (api/, gql/, mcp/, types/) from configs/full.json so it carries the generated HashSecrets(ctx) methods + handler hashing calls it was missing. Purely additive; the generate:drift CI gate now passes (8 files in sync).
-
v0.12.3
protectedRelease: v0.12.35bd61618 · ·v0.12.3 — fuzz-found hashx verify-time DoS fix + fuzz crasher artifacts fix: bound verify-time KDF cost parameters (pbkdf2 i, scrypt N*r*p, bcrypt cost, argon2 m*t) so an attacker-influenced encoded hash cannot pin the CPU for seconds (CWE-400). Found by FuzzVerifyEncoded; crashers committed as regression seeds. ci: both fuzz jobs now upload fuzz-findings/ as on_failure artifacts for repro.
-
v0.12.2
protectedRelease: v0.12.2f88d4320 · ·v0.12.2 — gap-analysis closure 2026-06-16 Closes GAP-0096 (array-of-$ref item.Valid()), GAP-0055 (RBAC <10ms benchmarks + ABAC extensibility contract), GAP-0054 (in-repo Compass-metrics producer), GAP-0056 (verified non-Go harness integration path), GAP-0066 (htpx sub-surface REQ split); GAP-0089 documented won't-do. Zero open gaps in docs/GAP_ANALYSIS.md.
-
v0.12.1
protectedRelease: v0.12.1dbb1fead · ·v0.12.1 — audit remediation (appsec/quality/perf/gap) Closes the 2026-06-15 audit cycle across security, quality, performance, and requirements-gap reviews. 19 appsec findings (0 Critical/High), QG-084..091, GAP-0090..0095, PERF-0076 — all fixed test-first. Four review iterations converged with zero new findings from /security:appsec-review and /codepros:audit. Highlights: nested-$ref secret echo-back guard, fail-closed pepper startup, RBAC iss/aud binding, dev-bypass hardening (4 gates + release panic), MCP WS deadlines, WS fragment cap, trusted-proxy rate-limit keying, MCP inputSchema $defs resolution, gqlx batch-clone N→1.
-
v0.12.0
protectedRelease: v0.12.045270e7a · ·v0.12.0 — config-driven password/secret hashing Add FIPS-140-3-aware password/secret hashing to the genapi generator. - pkg/securex/hashx: salted, self-describing (PHC/bcrypt-crypt) one-way hashing + constant-time verify. Argon2id (default), bcrypt, scrypt (non-FIPS) and PBKDF2-HMAC-SHA-256/512 (FIPS, stdlib crypto/pbkdf2). Optional HMAC pepper, upgrade-on-login (needsRehash), adversarial-input hardened (FuzzHashVerify, FuzzVerifyEncoded). - Config: SchemaProp.secret/hash + security.password_hash policy. Generation fails closed if a non-FIPS algorithm is used under security.fips=true. - Generator emits HashSecrets(ctx) on every request type and invokes it after Valid() and before the handler on REST/MCP/GraphQL seams; secret fields are redacted in logs and forbidden in responses. hash on WebSocket/nested schemas is rejected at generation (no silent bypass). Guarantee proven end-to-end: a non-hashed value never reaches the handler.
-
v0.11.1
protectedRelease: v0.11.1df7e2da8 · ·v0.11.1 Audit-driven fix release. Two full /codepros:audit + /security:appsec-review iterations closed 36 findings; iteration 3 confirmation clean. Highlights: - PERF-0064: gqlx fragment-bomb remote CPU DoS bounded (memoization + saturating arithmetic) - SEC-0049: MCP per-tool default-deny authorization - SEC-0051: request body caps (form/multipart/JSON) enforced - SEC-0050: golang.org/x/net v0.55.0 (clears GO-2026-5025..5030) - SEC-0052/0053/0054/0055: htpx debug read cap, MCP stdio error logging, gosec annotation, RFC 6455 control-frame hardening - PERF-0021: verified-JWT LRU cache (lock-free hot path) - QG-066..083: server config validation, wsx limiter bound, GraphQL subscription fixes, shared internal/jwtalg alg-confusion guard, and more See docs/{SECURITY,QUALITY,PERF}_GAP_ANALYSIS.md and docs/APPSEC_REVIEW_2026-06-09*.md. -
v0.11.0
protectedRelease: v0.11.0c31bce13 · ·v0.11.0 — downstream bug fixes (L-30..L-34) + TS/React client feature expansion (TSC-01..18) Generator bugs (docs/GENERATOR_BUGS.md), all closed: - L-30 (High): WS handlers now receive the authenticated principal — the verifier-mutated request context is threaded into conn.Context() (mirrors REST). - L-31 (Med): WS routes gain a per-route "name" override + method-name collision validation + generic-name warnings (mirrors REST L-15); also applied to GraphQL-subscription method names. - L-32 (Med): TS/React client gains 401-refresh-retry, binary/Blob responses + public requestRaw, typed query params, and a unified HTTPError (status/code/parsed body/cause) with network-error normalization. - L-33 (Low): generated Go formatted with goimports grouping (imports.Process); the test-gen + openapi emission paths are formatted too — goimports -l ./gen ./testgen is clean (reopened+closed L-28). - L-34 (Med): TS client emits the strict-safe body: cond ? null : (...) form, exactOptionalPropertyTypes-clean. TS/React client feature requests (docs/DOWNSTREAM_FEATURE_REQUESTS_caast-ui.md, TSC-01..18): - BREAKING: DTOs are now camelCase with a snake/camel boundary mapper (wire stays snake_case). - RN/Hermes-safe by default: portable base64/uuid/utf8; capability-guarded crypto.subtle/Blob/WebSocket. - react-query interop: augmented plain hooks (enabled, v5 state aliases, mutateAsync, bounded QueryCache with dedup+invalidate+gcTime/LRU, retry-on-retryable) + an opt-in @tanstack/react-query variant (generated query-key factory + auto-invalidation). - Auth & ergonomics: ambient token holder + React Context/useClient, unverified JWT decoder + hasRole (RN-safe base64), export barrel. - Per-request options (signal/headers/timeoutMs) + Accept; exported API_PREFIX. Also raises go test -race -timeout to 25m for the larger cmd/genapi suite.
-
v0.10.0
protectedRelease: v0.10.0ff09d8c8 · ·v0.10.0 - audit gap closure: 21 findings closed + audit-convergence Security: SEC-0046 (recursive schema $ref guard blocking TS-SDK code injection, incl. nested-array bypass F-1), SEC-0047 (Go 1.26.4, closes GO-2026-5037/5039), SEC-0048. Features: rest-interface-name generator flag (collision-safe self-hosting), string format:date-time RFC3339 validation, root-mirror drift gate, per-package coverage floors, gqlx bench-gate. Performance: gqlx LRU document cache (~55% faster repeated queries), single per-request deadline, lazy maps, json/v2 resolver binding. BREAKING: audit sink kind syslog/cef is now rejected at config validation (previously a silent no-op); go.mod requires go 1.26.4. See docs/AUDIT_SUMMARY_2026-06-07.md.