v0.3.14 — Brain Layer + SCA major release (safety-critical upgrade)
Brain Layer + SCA major release — packages 5 cycles of work (Cycles 99-105, DG-110 → DG-113.1 A) responding to the SENTINEL-EVALUATION-REPORT empirical evaluation against a real codebase.
⚠️ Safety-critical upgradeThe previous release v0.3.13 (and the v0.3.3 currently on the VS Code Marketplace) contains a temporal-cutoff bug that causes the Brain Layer to dismiss real 2026 CVEs as "fabricated" with high confidence — burying a serious vulnerability with a confident false-positive. Step 2 of this release fixes that bug with a 3-layer defense in depth.
Upgrade strongly recommended for any user on v0.3.3 or v0.3.13.
Added
-
Step 1 (DG-110 A) — Determinism:
temperature: 0hardcoded inAnthropicLlmClient.completeWithUsage. The Anthropic client was running at the default1.0; the OpenAI-compatible client already pinned0for security-tool determinism. Aligns both adapters. -
Step 2 (DG-111 A) — Temporal-cutoff bug fix (BLOCKER from report §4 #1). 3-layer defense in depth against the LLM dismissing real, scanner-confirmed CVEs as "fabricated"/"non-existent"/"future":
- Capa 1 (prompt):
SYSTEM_PROMPTrewrite — SCA (Software Composition Analysis) explicitly modeled (was only SAST/secrets); NEWGROUND TRUTHsection fixing scanner metadata (CVE IDs, versions, advisory dates) as authoritative; explicit instruction "Your training cutoff is NOT the authoritative source"; criteria forfalse_positiveexpanded with negative rule against dismissal. - Capa 2 (date injection):
Current date (real-world authoritative): <YYYY-MM-DD>prepended to every user prompt. - Capa 3 (deterministic guard):
guardAgainstFabricatedDismissalsoverridesfalse_positivetoinconclusive(confidence 0.5) when rationale contains dismissal patterns (fabricated,fictional,spurious,non-existent,not a real,future-dated,future cve/release/version/advisory).
- Capa 1 (prompt):
-
DG-111.1 A — Chain-of-Thought schema field order: JSON shape in
SYSTEM_PROMPTnow listsrationaleBEFOREclassificationandconfidence. Forces the LLM to reason before committing to a verdict. Fixes verdict↔rationale contradictions in multi-branch fix cases. -
DG-111.2 A — Guard precision (scope to SCA): temporal-cutoff guard now only applies to
category: 'SCA'. Avoids misfire on Secrets/SAST/IaC/VibeCoded/BusinessLogic findings whose legitimate FP rationales may contain words like "not a real production secret" (test fixtures). -
Step 3 (DG-112 A) — SAST taint dataflow trace (from report §4 #3). OpenGrep's
dataflow_trace(emitted bymode: taintrules) is now captured by the normalizer, canonized to new optionalFinding.dataflowTrace, and included in the Triage Agent's user prompt asDataflow trace (source → intermediate → sink). Defensive caps: max 25 intermediate steps (middle elided), max 200 chars per step content (truncated with…). Resolves "sink not visible" hedging. -
Step 4 (DG-113 A) — SCA correlation/dedup (from report §4 #4). SCA findings grouped by package family (exact package-name match) in the tomo output. Each group includes unified remediation target as MAX semver per major track (e.g.
{"7": "7.5.8", "8": "8.2.0"}with display"7.5.8 / 8.2.0"), with heterogeneity flag. Captures cross-lockfile + intra-package duplications. Sidebar renders expandable "SCA grouped remediations" section. Empirical result: protobufjs 18 findings → 1 grouped remediation action. -
DG-113.1 A — Discard downgrade tracks:
computeRemediationTargetnow filters major tracks below the MIN installed major in the group. Empirical trigger:fast-xml-parser5.5.6 was being recommended4.5.5 / 5.7.0—4.5.5is a major-version downgrade. Post-fix:5.7.0only.
Changed
FindingSchemaextended with optionaldataflowTrace?(Step 3) andsca?(Step 4) sub-objects — additive + backward-compatible.TomoBodySchemaextended with optionalgroups?: FindingGroup[]. Canonical integrity hash includesgroups.- New dependency:
semverin@synaptic-sentinel/core.
Known Issues
🚨 prismjs CVE-2024-53382 — false sense of remediation (deferred from report §4 #15)
The Brain Layer correctly identifies
prismjs1.27.0 as a true positive and recommends "upgrade to 1.30.0". However in many repos the top-levelprismjsis already 1.30.0 — the vulnerable 1.27.0 is nested underrefractorpinned to~1.27.0.A naive top-level bump does NOT fix the vulnerability.
Resolving this requires
npm:resolutions/yarn:resolutionsoverrides or dep-graph-aware remediation, deferred to a future release.For any prismjs advisory, verify manually with
npm ls prismjsafter applying the recommended bump — and apply anoverridesdirective if a transitive copy remains.
- Parent/child SCA correlation (e.g.
@protobufjs/utf8listed separately fromprotobufjs). The exact-match family key in Step 4 is a deliberate trade-off to avoid over-merging unrelated packages (@types/node+@types/lodashetc. would be wrongly clustered by a naive scope-strip). Resolving parent/child requires a dep-graph, deferred. - Inconclusive-but-well-reasoned SAST taint verdicts: even with the dataflow trace, the LLM sees the sink expression but not its implementation (which lives in another file). For sinks like
agentLoop.execute(), aninconclusiveverdict with a well-reasoned rationale about the visible sink is the expected ceiling without AST cross-file resolution.inconclusive-well-reasoned is success by design for this class of finding.
Notes
- The previous release v0.3.13 saw 2 hotfix iterations (DG-111.1, DG-111.2) discovered empirically during real-world re-scans. Both are folded into this v0.3.14 release. Step 4 added a third hotfix (DG-113.1, downgrade-track filter).
pnpm verifyVERDE: 60 test files / 679 tests + manifest gate + activation gate (9 commands + 15 subscriptions).
How to install
code --install-extension synaptic-sentinel-0.3.14.vsixOr use Install from VSIX... in the VS Code Extensions view.
Marketplace status: vsce publish to the VS Code Marketplace is not part of this release. The Marketplace listing is on v0.3.3; the 11 GitHub-only releases (v0.3.4 → v0.3.14) accumulate user-side publishing operations.
SHA-256: 5fd749e443f0559aebc9368f2b0fd15675c53a176b299a4e1409df533f568041