Skip to content

v2.4.0 — M10 post-audit hardening

Choose a tag to compare

@danielPoloWork danielPoloWork released this 29 Jun 05:21
544a1ce

M10 — post-audit hardening. The follow-up to a full post-v2.3.0 repository audit: correctness, security, and documentation hardening. No breaking changes, no new user-facing features.

🔒 Security

  • Installer tar-slip guard (#129). setup.sh / setup.ps1 now refuse any symlink/hardlink entry in a downloaded bundle before extracting — defeating a path-escape via a malicious link target — and the guard runs even under --no-verify.

🐛 Fixed

  • UTF-8 stdio on Windows (#128). Every CLI tool forces UTF-8 on stdout/stderr, so non-ASCII output no longer mojibakes and the central self-lint no longer crashes on a cp1252 console.
  • Defensive hardening of latent edge cases (#131). Fail-safe guards in risk_score, cleanup_installer, and eados_lint (gate-coverage), plus clean errors instead of tracebacks on bad input across the doctor / eados / phase_runner / traceability / rfc_check CLIs.
  • Docs accuracy sweep (#130). SECURITY.md version, a 404 USAGE.md link in the translated READMEs, the contribution OS-spec index row, the RFC roadmap pointer (M1→M9), and the templates/ .github summary.

📝 Changed

  • ADR-0009 addendum (#132). Records that generated-repo profile CI actions stay version-tag-pinned (Dependabot-managed) by design — an apparent inconsistency surfaced on re-audit, not a design gap.

Full detail in CHANGELOG.md. The factory bundle, SHA256SUMS, and the setup.* installers attach automatically when this release is published.