Releases: Kiransekar/maisha
Release list
v0.3.1 — first PyPI release (pip install maishac)
pip install maishac # or: pipx install maishac
Maisha is now on PyPI: https://pypi.org/project/maishac/
Patch over v0.3.0: fixes the release workflow (the permissions: block for Trusted Publishing had dropped contents: read, breaking checkout). This is the first release actually published to PyPI. Feature set is identical to v0.3.0 — see its notes.
Verified: builds clean, and pip install maishac in a fresh environment gives a working maishac CLI (54 tests green).
v0.3.0 — MISRA Compliance:2020 evidence set, proactive authoring, robust SARIF
The open-source compliance-workflow layer for MISRA C / CERT C / BARR-C — free, vendor-neutral, agentic-IDE-native. See How Maisha compares.
Highlights since v0.2.0
MISRA Compliance:2020 evidence set — the three documents an assessor asks for:
- Guideline Compliance Summary (
report --format misra-compliance) - Guideline Enforcement Plan (
--format gep) — per-guideline method + live tool inventory (versions/options) - Guideline Re-categorization Plan (
maishac recategorize,--format grp) — MISRA legality enforced (no Mandatory re-cat; Required can't drop to Advisory/Disapplied)
Proactive authoring (write it compliant the first time)
compliance_guidance/maishac guide+compliance_check_snippet/maishac check- A 37-concern compliant-pattern library covering all 81 KB rules;
AUTHORING_PLAYBOOK.md
Robust SARIF import across real qualified-engine dialects
- Recovers the MISRA/CERT guideline when
ruleIdis a checker id (e.g. Helix QACABV.GENERAL) viarelationships→taxonomies;ruleIndex/result.rule;kind/baselineStatefiltering;defaultConfigurationlevels; URI normalization - Bring-your-own-triage:
result.suppressionscarried across on import
Open-source ready
CONTRIBUTING.md,CODE_OF_CONDUCT.md, issue/PR templates- PyPI packaging + Trusted-Publishing release workflow;
pipx install maishac - Honest
COMPARISON.mdvs the proprietary tools
54 tests green; wheel builds clean and installs standalone.
v0.2.0 — richer SARIF field mapping
SARIF import/export is no longer lossy:
- Code flows — import parses a qualified engine's
codeFlowsinto an ordered data-flow path (newcode_flowcolumn) and surfaces it in the agent fix briefing, so a fixer sees how a defect flows, not just where. - Rule relationships — export emits cross-standard equivalences as SARIF
reportingDescriptor.relationships(e.g. a MISRA rule linked to its CERT equivalent), with every target resolving to a descriptor. - Round-trip —
startColumn+codeFlowssurvive import → export alongside the existingmaishac/v1partialFingerprintsidentity.
Benchmarked end-to-end (run_sarif_import_test.py, 8/8 checks; see BENCHMARK-SUITE-REPORT.md §4). 33 unit tests green.