v2.3.0
PythonWoods-Dev
PythonWoodsDev
This tag was signed with the committer’s verified signature.
PythonWoods-Dev
PythonWoodsDev
[2.3.0] — 2026-06-27
Highlights
This release aligns zenzic-action with Zenzic Core v0.16.0 "Magnetite", completing the full ecosystem synchronization cycle.
Native support for new Core codes
| Code | Name | Impact |
|---|---|---|
| Z001 | CORE_CONFIG_STRUCTURE |
Fatal TOML schema errors now propagate as structured SARIF notifications — Action correctly reports executionSuccessful: false in the Code Scanning Security tab |
| Z110 | STALE_ALLOWLIST_ENTRY |
Allowlist hygiene violations surface as standard exit 1 findings |
Added
- Three integration blueprints in the README for canonical CI patterns:
- Baseline Check — standard link/topology validation on push and PR
- Security Hardening —
guard-scan+ SARIF upload to GitHub Code Scanning Security tab - PR Governance — inline DQS (Document Quality Score) tracking with regression blocking via baseline artifact comparison
- Z001 self-check fixture test in
self-check.yml: the CI pipeline now verifies that the Action correctly catches and reports fatal configuration errors against the corez001-config-errorfixture.
Changed
- Bumped all
actions/checkoutreferences to v7.0.0 (Dependabot #33, consolidated). - Bumped
softprops/action-gh-releaseto v3.0.1 (Dependabot #32, consolidated). - All README workflow examples updated to
@v2syntax.
Core Alignment
| Property | Value |
|---|---|
| Pinned Zenzic Core | v0.16.0 |
| Action version | v2.3.0 |
| Exit-code contract | 0 / 1 / 2 / 3 — unchanged |
@v2 floating tag |
✅ Repositioned to this release |
Architecture Note
Zenzic Core remains radically unaware of GitHub Actions. The Core produces SARIF/JSON artefacts via a stable exit-code contract; this Action is the official CI Adapter responsible for GitHub-specific mapping (Annotations, Security Tab, PR decoration).