Skip to content

v1.7.0

Latest

Choose a tag to compare

@Mughal-Baig Mughal-Baig released this 30 May 06:08

AWGuard v1.7.0

This release turns AWGuard from a scanner into a broader adoption-ready safety kit for agentic repositories.

Highlights:

  • New commands: doctor, explain, badges, demo, templates, policy-pack, policy-wizard, and baseline-review.
  • New detection coverage: AWG016, AWG017, AWG018, and AWG019 for checkout credentials, unsafe writeback, MCP input injection, and MCP package reputation policy.
  • Better automation: opt-in --fix, richer --fix-dry-run, GitHub job summaries, improved SARIF metadata, and JSON/SARIF remediation codes.
  • Wider integrations: GitHub Actions, code scanning, GitLab CI, pre-commit, VS Code task/extension POC, dashboard POC, Docker workflow, and trusted npm publishing workflow.
  • Stronger evidence: schemas for config, reports, inventories, comparisons, baselines, and badges; report gallery; real-world risk corpus; and golden end-to-end tests.

Validation:

  • npm test passed with 84 tests.
  • git diff --check passed.
  • AWGuard self-scan passed with no findings.
  • npm pack --dry-run produced awguard@1.7.0.
  • GitHub Actions Test and Code Scanning passed for ca1210f.