Releases
v0.1.0
Compare
Sorry, something went wrong.
No results found
Changelog
77a83df release: attest build-provenance for windows .zip archives too
6db9eec test(e2e): black-box suite + CI e2e/crossbuild jobs; release: add Windows; docs: ToC
22ed7d3 feat: arca mcp — MCP server exposing audited, policy-respecting tools (stdio)
875a235 test/ci: make approverWho coverage deterministic; gate at 88% (CI-reproducible ~90%)
da7d0d2 feat: approval gates (--require-approval) + comprehensive README
28f8a73 feat: fail-closed auditing by default (ARCA_STRICT_AUDIT)
784533e test: 92% coverage + fuzz; Scorecard fixes (token-perms, pinned tools, gate)
37263bc feat: arca:// references + inject + --no-print policy; richly comment all code/tests
2e5324c Security CI hardening: Scorecard, CodeQL, SHA-pinned actions, harden-runner
1172329 feat(audit): auto-detect AI agent name/version/session
0f94552 CI: run govulncheck directly (stale action's bundled checkout broke); bump goreleaser-action v6->v7
6daeba9 CI: fix SBOM job; bump GitHub Actions and Go deps to latest
b7ead44 Harden supply chain: reproducible builds, govulncheck, SBOM, signed releases
bb9a9d4 Add rotate + stale, actor-attributed audit, tests, CI, and logo
cb1f798 Initial commit: arca — age-encrypted secrets with metadata + audit log
You can’t perform that action at this time.