Skip to content

Releases: devlukeg/pkgwhy

pkgwhy 1.9.0

Choose a tag to compare

@devlukeg devlukeg released this 04 Jul 12:24
dc1b665

Adds Team/CI commercial foundations: CI/PR summaries, policy templates and policy testing, local exceptions and approvals, review bundles, static dashboards, agent install planning, repo checks, beta/feedback routing, version and doctor commands.

pkgwhy 1.8.0

Choose a tag to compare

@devlukeg devlukeg released this 04 Jul 08:58
e451029

Adds safe package metadata extraction, pkgwhy metadata, local policy files, review history, reports, CI command, beta/feedback commands, and commercial Team/Cloud foundation.

pkgwhy 1.6.0

Choose a tag to compare

@devlukeg devlukeg released this 01 Jul 12:50
aa6ee9e

Improves agent usability with a stronger decision JSON contract, exit-code meanings, batch precheck summaries, JSON error outputs, registry trust-state JSON, tool validation, tool capability detection, and agent check dispatching.

pkgwhy 1.0.0

Choose a tag to compare

@devlukeg devlukeg released this 30 Jun 05:30

pkgwhy 1.0.0 release. Python package intelligence and supply-chain security decision-support CLI for developers and AI agents. Includes offline package inspection, vulnerability/provenance signals, static rule evidence, agent-readable JSON, local private-tool registry/runner support, and conservative policy decisions. Dynamic analysis remains experimental and out of scope for 1.0 production guarantees.

pkgwhy 1.0.0rc1

Choose a tag to compare

@devlukeg devlukeg released this 27 Jun 12:05

Release candidate for pkgwhy 1.0.0. Includes package intelligence, vulnerability/provenance foundations, static rule evidence, local registry/runner MVP, dynamic analysis skeleton, and agent policy hardening. Dynamic analysis remains experimental/out-of-scope for 1.0 production guarantees.

pkgwhy 0.6.0a0 pre-alpha developer preview

Choose a tag to compare

@devlukeg devlukeg released this 25 Jun 10:44

Pre-alpha developer preview. Includes offline package inspection, agent-readable judgement, local registry, local publish/tool inspect/tool judge, local runner MVP, vulnerability/provenance foundation, static rule evidence, dynamic sandbox design skeleton, and agent policy hardening. Not production security advice and not full OS sandboxing.

pkgwhy 0.2.0a0 pre-alpha developer preview

Choose a tag to compare

@devlukeg devlukeg released this 24 Jun 06:35

Pre-alpha developer preview. Includes offline package inspection, agent-readable judgement, local registry, local publish/tool inspect/tool judge, and local runner MVP. Not production security advice and not full OS sandboxing.