JSON Analyzer v0.1.6 - The Seals Face Dawn

JSON Analyzer v0.1.6 - The Seals Face Dawn

The Quest

The unsigned road has ended. This release turns the restored signing wards back toward the release gate: macOS must prove the fresh Developer ID certificate and notarization secrets, while Linux must prove the zstd-aware Debian signature verifier against a real tagged artifact.

What Awoke

• macOS release jobs are back on the signed and notarized path with the refreshed Developer ID Application archive.
• Debian package signing is enabled again after replacing the release-side dpkg-sig verifier with a zstd-aware signature check.
• Release validation now checks the Debian package signature, signer fingerprint, role, and archive member hashes without rejecting control.tar.zst or data.tar.zst.
• The v0.1.6 tag exists to prove both restored signing paths in hosted GitHub Actions.

Runes of Assurance

• The new Debian verifier accepted the previously failed signed v0.1.4 package and rejected a tampered copy.
• Hosted CI on main passed after Debian signing was re-enabled, with Sign Debian packages executed successfully.
• Local workflow parsing, git diff --check, Python bytecode compilation, and pnpm check passed before this release cut.

Known Boundaries

• This release is the hosted proof run for macOS notarization with the refreshed Apple secrets.
• The APT repository currently publishes Linux amd64 packages only.
• Curl jobs remain in-memory only; durable job history is still deferred.
• PDF export UI, auto-update metadata, and Windows signing remain outside this release.