v0.5.0 - defense-readiness release

@
The defense-readiness release. Closes every item in the v0.3.0 punch-list followup self-assessment (Sprints 1 through 6). No algorithm or public-API change since v0.4.0 — every contribution is either additive (new tests, new artifacts, new governance) or backwards-compatible (opt-in CI gates, doc reorganization, new optional baselines).

What this release closes

A self-assessment of v0.4.0 against thesis-defense criteria identified eight defense-risk items. v0.5.0 closes all of them.

Sprint 1 — CI, reproducibility, theorem proofs

• make reproduce (1c75990) — git clone && make reproduce produces the same three canonical reference outputs the paper cites, under results/paper_figures/. Recipe documented in REPRODUCING.md.
• Theorem proofs surface (d13f27e) — docs/theorems.md with proof statements, sketches, and code/test cross-references for Theorems 1–4. Linked from every theorem-enforcement site in source.
• CI on push (5159590) — GitHub Actions across Linux × Python {3.10, 3.11, 3.12, 3.13} plus Windows / macOS smoke, with ruff / mypy --strict / bandit / build gates.

Sprint 2 — Coverage closure

Module	Before	After
fitness/equity.py	22%	98%
algorithms/sklearn_compat.py	0%	99%
integrations/flower.py	55%	93%
Package total	79.20%	84.28%

CI coverage gate raised from 79% to 83%.

Sprint 3 — Heuristic-vs-proven boundary

• FairSwarm.__init__ now emits a UserWarning when adaptive_fairness=True (the default) directing users at the proven configuration and the empirical-convergence baseline.
• tests/test_adaptive_convergence_empirical.py records a 20-seed convergence sweep as the regression baseline. If the adaptive variant ever stops converging on those seeds, the test fails loudly.

Sprint 4 — Threat model

• THREAT_MODEL.md — formal threat model: deployment setting, trust assumptions, server observation set, security goals with proof pointers, explicit out-of-scope list (malicious server, sybils, model inversion, gradient reconstruction, side channels), HIPAA / GDPR / PhysioNet DUA / All of Us alignment.

Sprint 5 — Broader benchmarks

• power_of_choice_baseline (Cho et al. 2020) and fedcs_baseline (Nishio & Yonetani 2019) added to the shipped python -m fairswarm.benchmarks comparison. FairSwarm beats every baseline by 50–130× on demographic divergence at the reference seed:

random            0.0433 ± 0.0120
oort_simplified   0.0633 ± 0.0497
power_of_choice   0.0524 ± 0.0489
fedcs             0.0796 ± 0.0366
standard_pso      0.0517 ± 0.0215
fairswarm         0.0006 ± 0.0003

Sprint 6 — Governance

• CHANGELOG.md, CITATION.cff, CONTRIBUTING.md.
• README BibTeX block fixed: now @article matching the IEEE TCE submission, consistent with the prose above it.

Cumulative diff v0.4.0 → v0.5.0

• Tests: 706 → 836 passing (+130 new)
• Coverage: 79.20% → 84.28% (+5.08 pp)
• Modules with named coverage gaps: 3 → 0
• Defense-risk items from the self-assessment: 8 → 0
• PhysioNet / DUA violations in wheel or sdist: 0 (verified by file-content scan)

Install

pip install fairswarm==0.5.0
pip install fairswarm[flower]==0.5.0  # for the Flower demo

Reproducibility

git clone https://github.com/dataeducator/fairswarm-library.git
cd fairswarm-library
pip install -e ".[dev]"
make reproduce
git diff results/paper_figures/  # should be empty

Reference

T. Norwood, D. Das, P. Chatterjee, E. Bentley, and U. Ghosh, "FairSwarm: Trustworthy Coalition Selection for Fair and Secure Federated Intelligence," IEEE Trans. Consum. Electron., 2026 (Submitted).
@