Skip to content

consent-engine v0.6.1

Choose a tag to compare

View all tags
@github-actions github-actions released this 28 May 17:21
· 19 commits to main since this release
v0.6.1
2a02c46

fix: v0.6.1 peer-review hardening (P2/P3) + SSRF tests

P2/P3 (this commit):

  • CI hard-gates mypy (was || true), adds uv build + CLI smoke + Docker build
  • Report footer "Consent Compliance Agent" -> "consent-engine"
  • ensure_chromium_installed checks per-OS Playwright cache path (was
    macOS-only, so Linux/server reinstalled every run); honors
    PLAYWRIGHT_BROWSERS_PATH
  • Regenerated docs/sample-audit on v0.6.1 (was stale v0.5.1) — now shows
    detected_cmp:null + inconclusive methodology for no-CMP example.com
  • New tests/test_security.py: 12 SSRF-guard unit tests (metadata host,
    loopback, private IPs, scheme, override). tools/conftest sets
    CONSENT_ENGINE_ALLOW_INTERNAL=1 so the loopback test server is reachable.

Closes the codex 5.5 review. 82 tests pass + 1 skipped, ruff + mypy
strict-clean, uv build + CLI smoke green.

Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com

Assets 4
Loading