You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bearer-token hardening: tokens are SHA-256 hashed at ingest and compared in constant time across the full token list, eliminating timing-based actor disclosure. Authoritative actor_id is resolved server-side. (#28)
AWS Secrets Manager backend for bearer tokens — new aws feature on omnigraph-server adds SecretsManagerTokenSource (#30), built on a new TokenSource trait (#29) so additional backends can plug in cleanly.
OpenAPI & SDK groundwork
openapi.json is now a committed, drift-tested artifact — CI auto-syncs the spec on same-repo PRs and fails on drift for fork PRs.
omnigraph schema get available via CLI and HTTP.
Schema endpoint polish: rename to get, field alignment, additional tests. (#27)
Operations & data integrity
Internal __run__ branches no longer leak: filtered from schema_apply (#38), and deleted on every terminal state (#43).
Lance memory-pool size raised to 1 GB by default for more headroom on large operations. (#37)
Build & release infrastructure
Homebrew tap updates automated on release tags. (#20)
Manual-dispatch package workflow for CodeBuild image builds. (#33, #34, #35)
Dockerfile base switched to ECR Public to avoid Docker Hub rate limits. (#39)
Test layout
Compiler and engine integration tests split into focused sibling modules for faster targeted runs. (#40, #41, #42)
