Skip to content

Releases: abhiyoheswaran1/veris

v0.5.1

Choose a tag to compare

@github-actions github-actions released this 13 Jul 14:38

Changed

  • --github publish errors now include GitHub's own message (for example "Resource not accessible by integration" when the workflow token lacks pull-requests: write or checks: write), so a failed publish is diagnosable. The token still never appears in any error.
  • homepage now points to the VerisKit product page.

v0.5.0

Choose a tag to compare

@github-actions github-actions released this 13 Jul 14:25

Added

  • Publish to GitHub. veris verify --github posts and updates one sticky PR comment with the verdict and report, and creates a Check Run (verified passes, failed fails, partial is neutral). Token read from GITHUB_TOKEN; publishing never changes the verdict or exit code. veris badge writes a shields.io endpoint JSON. GitHub API over built-in fetch, no new dependency.
  • Browser tests. A real Playwright runner, opt-in with veris verify --browser (or a browser entry in .veris/config.json). Detected Playwright now shows as an available capability.
  • veris log lists past runs from the stored evidence records, and veris log --flaky flags checks that both passed and failed across recent runs. Local per-machine history.

v0.4.1

Choose a tag to compare

@github-actions github-actions released this 11 Jul 11:29

Added

  • Signed evidence. veris evidence keygen creates an Ed25519 keypair (via Node's built-in crypto, no new dependency); veris evidence sign <evidence.json> writes a detached signature; veris evidence verify checks a sibling signature automatically and can assert the signer with --pubkey or --key-id. Bundles carry the signature. Signing is opt-in; unsigned evidence still verifies for integrity. VERISKIT_SIGNING_KEY supplies the key in CI.

Changed

  • veris init now gitignores keys/.

v0.4.0

Choose a tag to compare

@github-actions github-actions released this 10 Jul 18:36

Added

  • Evidence System. Every veris verify and veris affected run writes a canonical, git-anchored .veris/runs/<id>/evidence.json (schema veriskit/evidence@1) with a sha256 integrity digest over the whole record and a sha256 of each per-check log. No new runtime dependencies.
  • veris evidence verify <file> recomputes and checks a record or a bundle, and states plainly what an integrity digest does and does not prove.
  • veris evidence bundle packages the latest run (record, report, and logs, each digested) into one portable proof file under .veris/evidence/.
  • veris evidence show prints the latest record's key facts.

Changed

  • The report and terminal output now show the git commit and whether the tree was clean, plus the evidence digest in the report.
  • evidence.json replaces the older metadata.json. veris init now also gitignores evidence/.

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 10 Jul 11:47

Added

  • veris scan — import-graph map + untested areas, built from the project's own TypeScript (with a dep-free scanner fallback); writes .veris/graph.json.
  • veris plan — prioritized recommendations (high-impact untested files, weak verification, risky changes). Analysis only — no code generation.

Changed

  • veris affected / veris watch are now graph-based: the unit run is narrowed to only the test files that transitively import your changes, with a conservative full-suite fallback (config/global change, unresolved file, or untested change) so an affected test is never skipped. No new runtime dependencies.