Skip to content

Releases: foundryside-dev/legis

v1.0.0rc4

07 Jun 14:10
@tachyon-beep tachyon-beep
v1.0.0rc4
369302a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.0rc4 Pre-release
Pre-release

First publish of the 1.0.0rc4 line (rc4 was staged but never tagged).

Headline since rc3

  • legis doctor — operator health view + safe repair for the install/config layer.
  • C-9 store consolidation — all legis stores under .weft/legis/; weft.toml [legis] enrich-only; malformed/absent weft.toml boots on defaults.
  • legis install self-install + --mcp registration; SessionStart hook; legis session-context.
  • Dogfood #2 friction-tail: legis --version (LG-1), CELL_NOT_ENABLED recovery hint names the enablement path (Le1), charter documents the verified_author: null gap (C3).

Gates: ruff + mypy clean; 754 passed; coverage 92.29% (floor 88%). See CHANGELOG.md [1.0.0rc4].

Loading

v1.0.0rc3

05 Jun 18:52
@tachyon-beep tachyon-beep
v1.0.0rc3
c1a6d9e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.0rc3 Pre-release
Pre-release

Release candidate 3 — architecture-analysis P1/P2 remediation.

Supersedes rc2 (immutable on PyPI). Ships the full Q-H/Q-M/Q-L remediation from the 2026-06-06 architecture analysis, headlined by the Q-M4 transport correctness fix: Filigree requests now send the exact canonical bytes the Weft HMAC commits to (wire-bytes == signed-bytes), so a Filigree verifier checking the body hash against the request bytes will accept signed POSTs.

Highlights:

  • Q-M4 transport: canonical signed bytes on the wire (mirrors the loomweave channel)
  • Q-H1/H2/H3: writer-scoped single-secret auth, service-layer as the single governance decision path, advisory-only LLM judge on protected policies
  • Q-M3/M5/M7/M8: non-finite-float tamper detection, atomic same-cell wardline batches, fail-closed policy cells, honesty-gate assertion-subject check
  • Packaging: declared pydantic>=2 as a direct dependency

Known limit: the legis↔Filigree signed handshake is verified against legis's own transport and is byte-consistent with the proven loomweave channel, but has no live end-to-end integration test until Filigree ships its Weft verifier.

🤖 Generated with Claude Code

Loading

v1.0.0rc2

05 Jun 15:46
@tachyon-beep tachyon-beep
v1.0.0rc2
2e69141

Choose a tag to compare

View all tags
v1.0.0rc2 Pre-release
Pre-release

First tagged release of Legis as a member of the Weft suite (formerly Loom).

Highlights

  • Full Clarion→Loomweave / Loom→Weft rebrand across the consumer wire seam, config, symbols, and docs.
  • Security: MCP idempotency keys are now bound to a request hash (no cross-request replay).
  • Security: check-override-rate fails closed — requires LEGIS_HMAC_KEY when protected records are present.

Pre-release (pip install legis needs --pre). Published to PyPI via Trusted Publishing.

Loading