Skip to content

chore: Release Candidate v0.6.1rc2 β€” Obsidian Bastion (Hardened)#61

Merged
PythonWoods-Dev merged 1 commit intomainfrom
fix/shield-hardening-v0.6.1rc2
Apr 16, 2026
Merged

chore: Release Candidate v0.6.1rc2 β€” Obsidian Bastion (Hardened)#61
PythonWoods-Dev merged 1 commit intomainfrom
fix/shield-hardening-v0.6.1rc2

Conversation

@PythonWoods-Dev
Copy link
Copy Markdown
Contributor

@PythonWoods-Dev PythonWoods-Dev commented Apr 16, 2026

🏰 Release Candidate 2 β€” Hardened Seal

Questa PR porta Zenzic alla fase RC2 dopo l'audit di sicurezza "Operation Obsidian Stress".

πŸ›‘οΈ Security Hardening (Red Team Results)

  • Bypass Protection: Chiusi i vettori Unicode Cf (zero-width joiners) e l'offuscamento via HTML entities.
  • Interleaving Defense: Lo Shield ora ignora i commenti MDX/HTML all'interno dei segreti e gestisce i token spezzati su due righe (lookback buffer).
  • Audit Shield: Aggiunto supporto nativo per i Personal Access Token di GitLab.

πŸ§ͺ Quality & Integrity (Blue/Purple Team Results)

  • Full Parity: 1046 test di regressione superati con successo.
  • Discovery: Validazione dei casi limite VSM e i18n fallback.
  • Automation: Fix dello script di versioning per proteggere la cronologia del CHANGELOG.

πŸ“¦ Ecosystem

  • zenzic.dev: Documentazione allineata alla RC2 e caricata sul nuovo dominio.
  • CI/CD: Sincronizzazione totale dei workflow GitHub tra Core e Doc.

@PythonWoods-Dev
fix(shield)!: Obsidian Bastion Hardened (v0.6.1rc2) β€” security seal
3081d35 
This release seals the Bastion against findings from Operation Obsidian Stress.

Security Hardening:
- ZRT-006: Shield normalizer now strips Unicode category Cf (zero-width chars) and decodes HTML entities.
- ZRT-007: Added 1-line lookback buffer and HTML/MDX comment stripping for token-interleaving bypass protection.
- CI/CD: Hardened GitHub Actions to v4/v6 stable and setup-uv@v7.

Technical Fixes:
- Restored historical CHANGELOG headers (v0.6.1rc1) corrupted by automation.
- Hardened bump-my-version regex to target only primary headers (## prefix).
- Resolved JSON exit-code asymmetry in orphan and asset checks.
- Added gitlab-pat to the Shield family suite (9 families total).

Tests: 1046 passed (83 new regression tests included).
@PythonWoods-Dev PythonWoods-Dev merged commit b240852 into main Apr 16, 2026
6 checks passed
@PythonWoods-Dev PythonWoods-Dev deleted the fix/shield-hardening-v0.6.1rc2 branch April 17, 2026 06:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@PythonWoods-Dev