Skip to content

Releases: paiml/forjar

Nightly Build

28 Apr 05:38
@github-actions github-actions
nightly
e99a12d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Nightly Build Pre-release
Pre-release

Automated nightly build from main.

Date: 2026-04-27T15:46:13Z
Commit: e99a12d

This is a prerelease. For stable releases, see the latest tagged version.

Loading

v1.3.0

25 Apr 16:49
@noahgift noahgift
v1.3.0
362ddab

Choose a tag to compare

View all tags
v1.3.0 Latest
Latest

[1.3.0] - 2026-04-25

Added

  • forjar reseal recovery subcommand for re-creating sidecar BLAKE3 integrity files (#118, #119)
  • Contract trait enforcement expanded from 7/13 to 13/13 implementations
  • pv codegen contract macros for build-time generation (Refs PMAT-120)
  • Contract call-site instrumentation for hash_data + execute_isolated (Refs PMAT-122)
  • vendored-openssl feature flag for cross-compilation reliability (Refs PMAT-067)
  • AllImplemented enforcement policy — build now fails on contract gaps
  • Sovereign-CI self-hosted runner adoption with PR authorization gate
  • Nightly Criterion benchmarks via reusable workflow

Changed

  • Migrated from archived provable-contractsaprender-contracts (#117, Refs PMAT-163)
  • Bumped major dependency versions: aprender-contracts(-macros) 0.30 → 0.31, bzip2 0.5 → 0.6, toml 0.8 → 1.1, criterion 0.5 → 0.8 (dev-dep)
  • cargo update: tokio 1.50 → 1.52, indexmap 2.7 → 2.14, regex 1.x → 1.12, openssl 0.10.x → 0.10.78, async-trait 0.1.x → 0.1.89, plus dozens of compatible bumps across the tree
  • Replaced deprecated criterion::black_box with std::hint::black_box in benches
  • pmat repo-score compliance improved from 79.0 → 91.5
  • README: added Features section, docs.rs badge, cookbook link, CI/crates.io badges, MSRV badge corrected to 1.89.0
  • .gitignore: added .claude/ (Claude Code session state) so it doesn't block clean publishes

Fixed

  • Sidecar BLAKE3 errors now propagate instead of being silently swallowed (#118, #119)
  • Removed hardcoded /mnt/nvme-raid0 path from .cargo/config.toml (#109, #110)
  • Doctor SSH test handles missing ssh binary in CI containers
  • generate_installer complexity reduced for CB-200 compliance (Refs PMAT-131)
  • generated_contracts.rs is now a build artifact (gitignored, replaced 5858-line stale stub)
  • 11 silently-ignored CLI flags now emit warnings
  • ingest_state_dir errors are logged instead of silently discarded
  • Security advisories: tar 0.4.45 (RUSTSEC-2026-0067/0068), rustls-webpki 0.103.10 (RUSTSEC-2026-0049)
  • Contract-trait enforcement test added (provable-contracts §23)
  • Parser whitelist now recognizes top-level dist: field — previously forjar fmt → forjar validate --strict failed and many commands logged spurious "unknown field 'dist'" warnings against dist-aware configs
  • Race condition in cli::colors tests serialized via per-module Mutex — global NO_COLOR atomic could be flipped by a parallel test mid-assertion, causing intermittent CI failures

Security

  • Updated multiple deps for RUSTSEC-2026-{0007,0009,0041,0044-0049,0067,0068}
  • deny.toml: explicit advisory ignores documented with reason + review date
  • RUSTSEC-2026-0104 (rustls-webpki CRL panic) acknowledged with mitigation note
Assets 12
Loading

v1.2.0

10 Mar 17:23
@github-actions github-actions
v1.2.0
5fb2243

Choose a tag to compare

View all tags
v1.2.0

What's Changed

  • ci: add clean-room gate CI + release workflows by @noahgift in #6
  • fix: remove hard-coded paths and patch overrides by @noahgift in #28
  • style: cargo fmt (unified CI prep) by @noahgift in #35
  • ci: unified CI pipeline — lint + pmat + clean-room by @noahgift in #36
  • ci: add clean-room gate CI + release workflows by @noahgift in #31
  • feat: platform spec implementation — FJ-2102 layer builder, E5/E6 remediation by @noahgift in #38

New Contributors

Full Changelog: v1.1.1...v1.2.0

Contributors

noahgift
Loading