Skip to content

v2.8.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 15 Jun 18:55
· 2 commits to main since this release
v2.8.0
f044b0e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • Revise nuget-readme.md for improved clarity by @EricCogen in #179
  • feat: EditorConfig + xUnit warnings + BenchmarkDotNet by @EricCogen in #180
  • feat: EditorConfig + benchmarks + test fixes + adversarial audit workflow by @EricCogen in #181
  • chore(deps): bump actions/dependency-review-action from 4 to 5 by @dependabot[bot] in #182
  • Refine language in STORY.md for clarity by @EricCogen in #183
  • Fix zero-finding Action output by @EricCogen in #185
  • Rule severity tuning and Cursor agent setup by @EricCogen in #186
  • docs: wire consolidated engineering rules and sync GCI0016 docs by @EricCogen in #187
  • feat(platform): delivery, domain gating, and paired-implementation rule by @EricCogen in #188
  • docs(tooling): rule audit scaffold and sanitized snapshot by @EricCogen in #189
  • feat(platform): PG-SEMANTICS and competitive eval scorecards by @EricCogen in #190
  • feat(redis): GCI0058 hardening, regression fixture, benchmark CI, case study by @EricCogen in #191
  • chore: stop tracking local NuGet package binaries by @EricCogen in #194
  • feat: add app.gauntletci.com HTML prototype by @EricCogen in #195
  • Add competitive eval harness with measured scorecards by @EricCogen in #196
  • Add GCI0059 guard-deletion rule, gold fixture #2, and EF Core benchmark by @EricCogen in #192
  • Fix global gauntletci tool resolution in pre-commit hooks by @EricCogen in #193
  • fix(repo): remove accidental .git-rewrite artifacts by @EricCogen in #197
  • fix(ci): fail release workflow when tests fail by @EricCogen in #198
  • fix(ci): gate main-branch NuGet push behind NUGET_PUSH_ENABLED by @EricCogen in #199
  • fix(security): block path traversal in StaticAnalysisRunner by @EricCogen in #200
  • fix(docs): replace inaccurate open source claims with ELv2 language by @EricCogen in #201
  • fix(ci): include GauntletCI.Cli.Tests in solution by @EricCogen in #202
  • fix(core): GCI0019, semantic witnesses, default analyze to staged by @EricCogen in #203
  • chore(site): standardize CI on pnpm, remove package-lock.json by @EricCogen in #204
  • docs: sync rule counts and mark GCI0019 as implemented by @EricCogen in #205
  • chore: remove duplicate dead deploy workflows by @EricCogen in #206
  • fix(licensing): reject non-JWT legacy license bypass by @EricCogen in #207
  • chore: centralize package version in Directory.Build.props by @EricCogen in #208
  • fix(GCI0056): scan repo for test framework evidence by @EricCogen in #209
  • chore: deduplicate .gitignore markdown exceptions by @EricCogen in #210
  • fix(site): add integration and privacy-modes routes to sitemap by @EricCogen in #211
  • fix(nuget): update package description to 37 rules by @EricCogen in #212
  • fix(site): resolve TypeScript errors and enforce build type-checking by @EricCogen in #213
  • fix(docs): sync rule count copy from 30+ to 37 active rules by @EricCogen in #214
  • fix(benchmarks): remove empty fixture shells and wire p21 manifests by @EricCogen in #215
  • fix(site): align benchmark page copy with 37 rules and 23 Silver metrics by @EricCogen in #216
  • ci: enforce Lighthouse assertions and add CodeQL for site JS by @EricCogen in #217
  • fix(site): add ESLint deps, config, and CI gate by @EricCogen in #218
  • docs: clarify historical corpus metrics and current rule counts by @EricCogen in #219
  • chore: repo hygiene — gitignore, dependabot, doc sync by @EricCogen in #220
  • Harden git subprocess args against injection by @EricCogen in #224
  • Remove stale GCI_SYN_AGG from corpus fixtures by @EricCogen in #227
  • Bump BenchmarkDotNet from 0.13.12 to 0.15.8 by @dependabot[bot] in #221
  • Bump coverlet.collector from 8.0.1 to 10.0.1 by @dependabot[bot] in #222
  • Bump Microsoft.ML.OnnxRuntimeGenAI.DirectML and Microsoft.ML.OnnxRuntimeGenAI.Managed by @dependabot[bot] in #226
  • Bump Microsoft.Extensions.Hosting from 8.0.1 to 10.0.8 by @dependabot[bot] in #225
  • Bump Microsoft.Data.Sqlite from 10.0.6 to 10.0.8 by @EricCogen in #228
  • Align coverlet.collector 10.0.1 across all test projects by @EricCogen in #229
  • Allowlist Slack and Teams webhook URLs by @EricCogen in #230
  • Authenticate local LLM daemon pipe clients by @EricCogen in #231
  • fix(docs): qualify remaining 100% local marketing claims by @EricCogen in #232
  • fix(licensing): tighten network validation fail-open behavior by @EricCogen in #233
  • fix(security): disable redirects on webhook HTTP client by @EricCogen in #234
  • fix(site): correct ELv2 language on NDepend compare page by @EricCogen in #235
  • fix(security): dedicated webhook HttpClient + repo-first pre-commit by @EricCogen in #239
  • Bump Microsoft.NET.Test.Sdk from 18.4.0 to 18.6.0 by @dependabot[bot] in #236
  • Bump ModelContextProtocol from 1.2.0 to 1.4.0 by @dependabot[bot] in #237
  • Bump Spectre.Console from 0.55.2 to 0.56.0 by @dependabot[bot] in #238
  • fix(licensing): allow runtime RSA public key override by @EricCogen in #240
  • fix(core): audit remediation for diff, Roslyn, delivery, and rules by @EricCogen in #241
  • fix(licensing): fail-closed paid features, network validation, and worker KV by @EricCogen in #242
  • fix(docs-ci): case study rule IDs, hooks, security workflow, E2E Release by @EricCogen in #243
  • fix(licensing): tier gates for MCP, baseline, trace, and paid analyze features by @EricCogen in #244
  • fix(security): harden outbound URLs, hooks, worker, and E2E strict mode by @EricCogen in #245
  • fix(docs): correct Round 3 marketing and integration truth claims by @EricCogen in #246
  • fix(docs): align marketing claims with adversarial audit findings by @EricCogen in #248
  • chore: reorganize repo root layout by @EricCogen in #249
  • fix: GCI0001 noise, corpus doctor, docker publish timing by @EricCogen in #250
  • fix(audit): doctor tiers, CI self-analysis gate, GCI0001 resweep by @EricCogen in #251
  • docs(eval): full GCI0001 gold resweep report by @EricCogen in #252
  • fix(corpus): pipeline_errors column names + merge ruleset docs by @EricCogen in #253
  • docs(eval): post-GCI0001 gold-noise sweep refresh by @EricCogen in #254
  • chore: version-control main ruleset required CI checks by @EricCogen in #255
  • fix(ci): resolve CodeQL NEUTRAL merge block by @EricCogen in #256
  • docs: ruleset merge blocker troubleshooting by @EricCogen in #257
  • docs: merge gating verification (ruleset follow-up) by @EricCogen in #258
  • chore: ruleset merge gating smoke test by @EricCogen in #259
  • fix(ruleset): loose required status checks + bypass docs by @EricCogen in #260
  • chore: ruleset blocker binary search by @EricCogen in #261
  • chore: test ruleset without update/creation rules by @EricCogen in #262
  • fix(ruleset): drop creation/update rules blocking PR merge by @EricCogen in #263
  • rule(GCI0001): expand routine companion files for .NET PRs by @EricCogen in #264
  • fix(audit): integration truth, stale Cursor rule, and GCI0001 companions by @EricCogen in #266
  • fix(action): parse findings-count from JSON output by @EricCogen in #267
  • docs(rules): refresh corpus validation metrics by @EricCogen in #268
  • Fix corpus score Manual LabelSource and refresh June metrics by @EricCogen in #269
  • Add corpus audit snapshot script and fix Completed status filter by @EricCogen in #270
  • Speed up corpus audit queries with read indexes by @EricCogen in #271
  • Document June 2026 discovery sweep on benchmark page by @EricCogen in #272
  • Clarify benchmark discovery vs Silver corpus separation by @EricCogen in #273
  • Add benchmark discovery metrics drift check by @EricCogen in #274
  • CI: benchmark discovery drift check on path changes by @EricCogen in #275
  • Add corpus audit-snapshot product CLI command by @EricCogen in #276
  • Benchmark: agent gold precision on Silver rule cards by @EricCogen in #277
  • Automate benchmark discovery sweep via eval JSON by @EricCogen in #278
  • chore(deps-dev): bump esbuild from 0.28.0 to 0.28.1 in /github-app-server in the npm_and_yarn group across 1 directory by @dependabot[bot] in #265
  • Fix benchmark gold metrics: latest completed run, not MAX(uuid) by @EricCogen in #279
  • Audit pass 2 follow-ups: FAQ, sweep JSON CI validation, esbuild by @EricCogen in #284
  • Fix worker esbuild Dependabot alerts and enable npm Dependabot by @EricCogen in #285
  • chore(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in #280
  • Bump Microsoft.Data.Sqlite from 10.0.8 to 10.0.9 by @dependabot[bot] in #281
  • Bump Spectre.Console from 0.56.0 to 0.57.0 by @dependabot[bot] in #283
  • Bump Microsoft.Extensions.Hosting to 10.0.9 by @EricCogen in #296
  • chore(deps-dev): bump tsx from 4.22.3 to 4.22.4 in /github-app-server by @dependabot[bot] in #286
  • chore(deps): bump @radix-ui/react-accordion from 1.2.12 to 1.2.13 in /site by @dependabot[bot] in #291
  • chore(deps-dev): bump tailwindcss from 4.2.2 to 4.3.1 in /site by @dependabot[bot] in #295
  • deps(site): bump radix dialog, tabs, alert-dialog, progress, tooltip by @EricCogen in #302
  • fix(eval): refresh rule-audit.json from snapshot #18 metrics by @EricCogen in #303
  • fix(eval): add rule-audit.json drift guard for CI by @EricCogen in #304
  • docs(eval): document agent corpus artifacts and drift workflow by @EricCogen in #305
  • fix(site): update integration docs to NuGet 2.7.1 and action v2.7.1 by @EricCogen in #306
  • release: v2.8.0 stable by @EricCogen in #307

Full Changelog: v2.7.1...v2.8.0

Contributors

EricCogen and dependabot
Assets 10
Loading