Skip to content

v0.3.14 — Brain Layer + SCA major release (safety-critical upgrade)

Choose a tag to compare

@golab-arch golab-arch released this 30 May 16:00

Brain Layer + SCA major release — packages 5 cycles of work (Cycles 99-105, DG-110 → DG-113.1 A) responding to the SENTINEL-EVALUATION-REPORT empirical evaluation against a real codebase.

⚠️ Safety-critical upgrade

The previous release v0.3.13 (and the v0.3.3 currently on the VS Code Marketplace) contains a temporal-cutoff bug that causes the Brain Layer to dismiss real 2026 CVEs as "fabricated" with high confidence — burying a serious vulnerability with a confident false-positive. Step 2 of this release fixes that bug with a 3-layer defense in depth.

Upgrade strongly recommended for any user on v0.3.3 or v0.3.13.

Added

  • Step 1 (DG-110 A) — Determinism: temperature: 0 hardcoded in AnthropicLlmClient.completeWithUsage. The Anthropic client was running at the default 1.0; the OpenAI-compatible client already pinned 0 for security-tool determinism. Aligns both adapters.

  • Step 2 (DG-111 A) — Temporal-cutoff bug fix (BLOCKER from report §4 #1). 3-layer defense in depth against the LLM dismissing real, scanner-confirmed CVEs as "fabricated"/"non-existent"/"future":

    • Capa 1 (prompt): SYSTEM_PROMPT rewrite — SCA (Software Composition Analysis) explicitly modeled (was only SAST/secrets); NEW GROUND TRUTH section fixing scanner metadata (CVE IDs, versions, advisory dates) as authoritative; explicit instruction "Your training cutoff is NOT the authoritative source"; criteria for false_positive expanded with negative rule against dismissal.
    • Capa 2 (date injection): Current date (real-world authoritative): <YYYY-MM-DD> prepended to every user prompt.
    • Capa 3 (deterministic guard): guardAgainstFabricatedDismissals overrides false_positive to inconclusive (confidence 0.5) when rationale contains dismissal patterns (fabricated, fictional, spurious, non-existent, not a real, future-dated, future cve/release/version/advisory).
  • DG-111.1 A — Chain-of-Thought schema field order: JSON shape in SYSTEM_PROMPT now lists rationale BEFORE classification and confidence. Forces the LLM to reason before committing to a verdict. Fixes verdict↔rationale contradictions in multi-branch fix cases.

  • DG-111.2 A — Guard precision (scope to SCA): temporal-cutoff guard now only applies to category: 'SCA'. Avoids misfire on Secrets/SAST/IaC/VibeCoded/BusinessLogic findings whose legitimate FP rationales may contain words like "not a real production secret" (test fixtures).

  • Step 3 (DG-112 A) — SAST taint dataflow trace (from report §4 #3). OpenGrep's dataflow_trace (emitted by mode: taint rules) is now captured by the normalizer, canonized to new optional Finding.dataflowTrace, and included in the Triage Agent's user prompt as Dataflow trace (source → intermediate → sink). Defensive caps: max 25 intermediate steps (middle elided), max 200 chars per step content (truncated with ). Resolves "sink not visible" hedging.

  • Step 4 (DG-113 A) — SCA correlation/dedup (from report §4 #4). SCA findings grouped by package family (exact package-name match) in the tomo output. Each group includes unified remediation target as MAX semver per major track (e.g. {"7": "7.5.8", "8": "8.2.0"} with display "7.5.8 / 8.2.0"), with heterogeneity flag. Captures cross-lockfile + intra-package duplications. Sidebar renders expandable "SCA grouped remediations" section. Empirical result: protobufjs 18 findings → 1 grouped remediation action.

  • DG-113.1 A — Discard downgrade tracks: computeRemediationTarget now filters major tracks below the MIN installed major in the group. Empirical trigger: fast-xml-parser 5.5.6 was being recommended 4.5.5 / 5.7.04.5.5 is a major-version downgrade. Post-fix: 5.7.0 only.

Changed

  • FindingSchema extended with optional dataflowTrace? (Step 3) and sca? (Step 4) sub-objects — additive + backward-compatible.
  • TomoBodySchema extended with optional groups?: FindingGroup[]. Canonical integrity hash includes groups.
  • New dependency: semver in @synaptic-sentinel/core.

Known Issues

🚨 prismjs CVE-2024-53382 — false sense of remediation (deferred from report §4 #15)

The Brain Layer correctly identifies prismjs 1.27.0 as a true positive and recommends "upgrade to 1.30.0". However in many repos the top-level prismjs is already 1.30.0 — the vulnerable 1.27.0 is nested under refractor pinned to ~1.27.0.

A naive top-level bump does NOT fix the vulnerability.

Resolving this requires npm:resolutions / yarn:resolutions overrides or dep-graph-aware remediation, deferred to a future release.

For any prismjs advisory, verify manually with npm ls prismjs after applying the recommended bump — and apply an overrides directive if a transitive copy remains.

  • Parent/child SCA correlation (e.g. @protobufjs/utf8 listed separately from protobufjs). The exact-match family key in Step 4 is a deliberate trade-off to avoid over-merging unrelated packages (@types/node + @types/lodash etc. would be wrongly clustered by a naive scope-strip). Resolving parent/child requires a dep-graph, deferred.
  • Inconclusive-but-well-reasoned SAST taint verdicts: even with the dataflow trace, the LLM sees the sink expression but not its implementation (which lives in another file). For sinks like agentLoop.execute(), an inconclusive verdict with a well-reasoned rationale about the visible sink is the expected ceiling without AST cross-file resolution. inconclusive-well-reasoned is success by design for this class of finding.

Notes

  • The previous release v0.3.13 saw 2 hotfix iterations (DG-111.1, DG-111.2) discovered empirically during real-world re-scans. Both are folded into this v0.3.14 release. Step 4 added a third hotfix (DG-113.1, downgrade-track filter).
  • pnpm verify VERDE: 60 test files / 679 tests + manifest gate + activation gate (9 commands + 15 subscriptions).

How to install

code --install-extension synaptic-sentinel-0.3.14.vsix

Or use Install from VSIX... in the VS Code Extensions view.


Marketplace status: vsce publish to the VS Code Marketplace is not part of this release. The Marketplace listing is on v0.3.3; the 11 GitHub-only releases (v0.3.4 → v0.3.14) accumulate user-side publishing operations.

SHA-256: 5fd749e443f0559aebc9368f2b0fd15675c53a176b299a4e1409df533f568041