v2.4.0 — M10 post-audit hardening #139
danielPoloWork
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
M10 — post-audit hardening. The follow-up to a full post-v2.3.0 repository audit: correctness, security, and documentation hardening. No breaking changes, no new user-facing features.
🔒 Security
setup.sh/setup.ps1now refuse any symlink/hardlink entry in a downloaded bundle before extracting — defeating a path-escape via a malicious link target — and the guard runs even under--no-verify.🐛 Fixed
cp1252console.risk_score,cleanup_installer, andeados_lint(gate-coverage), plus clean errors instead of tracebacks on bad input across thedoctor/eados/phase_runner/traceability/rfc_checkCLIs.USAGE.mdlink in the translated READMEs, thecontributionOS-spec index row, the RFC roadmap pointer (M1→M9), and thetemplates/.githubsummary.📝 Changed
Full detail in CHANGELOG.md. The factory bundle,
SHA256SUMS, and thesetup.*installers attach automatically when this release is published.This discussion was created from the release v2.4.0 — M10 post-audit hardening.
Beta Was this translation helpful? Give feedback.
All reactions