v0.7.0
·
369 commits
to main
since this release
Changes
- fix(release): drop broken slsa-provenance job (#135)
- fix(release): drop broken slsa-provenance job
- chore(release): bump version to 0.7.0 (#134)
- chore(release): bump version to 0.7.0
- docs: catch up README + Documentation with 0.7.0 features (#133)
- fix(docs): address Copilot review on PR #133
- docs: catch up README + Documentation with 0.7.0 features
- feat(budget): per-user AI spending ceilings (#132)
- fix(review): address Copilot review on PR #132
- feat(budget): add per-user AI spending ceilings
- feat(dashboard): monthly-cost + requests-by-provider widgets (#131)
- ci: skip mutation testing on pull_request
- chore: trigger Copilot re-review on #131
- feat(dashboard): ship monthly-cost + requests-by-provider widgets
- feat(be): native BE group permissions for AI capabilities (#130)
- feat(be): register BE group permissions for AI capabilities
- feat(di): auto-register LLM providers via #[AsLlmProvider] attribute (#129)
- ci: fix Fuzz testsuite name + silence SAST noise on tests
- fix(review): address Copilot review on PR #129
- feat(di): auto-register LLM providers via #[AsLlmProvider] attribute
- feat(resilience): provider fallback chain for retryable failures (#128)
- fix(review): address Copilot and Gemini review comments
- fix(tests): replace FQN with use-import (Rector)
- feat(resilience): add provider fallback chain for retryable failures
- fix(deps): update dependency netresearch/nr-vault to ^0.4.0 || ^0.5.0 (#127)
- fix(deps): update dependency netresearch/nr-vault to ^0.4.0 || ^0.5.0
- chore(deps): update dependency @axe-core/playwright to v4.11.2 (#126)
- chore(deps): update dependency @axe-core/playwright to v4.11.2
- chore(deps): update node.js to 24.15 (#125)
- chore(deps): update node.js to 24.15
- chore(deps): update dependency @types/node to v24.12.2 (#124)
- chore(deps): update dependency @types/node to v24.12.2
- chore(deps): update dependency @types/node to v24.12.1 (#123)
- chore(deps): update dependency @types/node to v24.12.1
- chore(deps): update dependency @playwright/test to v1.59.1 (#122)
- chore(deps): update dependency @playwright/test to v1.59.1
- fix: resolve PHPStan type errors in test mocks
- fix: remove empty secrets blocks and fix YAML syntax
- chore: remove explicit gitleaks call, now handled by org-wide default
- chore(deps): update dependency @playwright/test to v1.59.0 (#121)
- chore(deps): update dependency @playwright/test to v1.59.0
- fix: add permissions to gitleaks job, remove stale secret from security job
- feat: add direct gitleaks call from netresearch/.github
- fix: use @main for .github reusable workflows, not SHA pin
- chore: migrate generic workflows from typo3-ci-workflows to .github
- fix: correct method name typo in ProviderTest (#120)
- fix: correct method name typo in ProviderTest
- chore: comprehensive quality assessment and fixes (#119)
- style: fix cast spacing in OllamaProvider embeddings
- fix: deprecate findByCategory, fix exception service identifier
- fix: use list for embedding vectors with array_values()
- fix: remove explicit phpat include, add identifier-based ignore
- fix: skip CaptainHook in Docker composer commands
- test: add LlmConfiguration tests and update assertions for refactored code
- docs: fix heading hierarchy, line wrapping, and add architecture diagram
- chore: update deprecated PHP-CS-Fixer rule set aliases
- fix: lint command scans source dirs only, not vendor
- fix: add missing TCA searchFields, default_sortby, and XLIFF key
- fix: add missing interface-to-implementation aliases in DI config
- fix: add missing guards in specialized services
- fix: correct @var type annotations in provider embedding methods
- fix: resolve domain layer type safety and repository query bugs
- perf: eliminate double cache lookup and optimize hot paths
- security: sanitize error messages and use specific exception types
- fix: empty PHPStan baseline and add explicit phpat include
Installation
composer require netresearch/nr-llmSecurity
All release artifacts are signed with Sigstore keyless signing.
Verify signatures
cosign verify-blob \
--bundle nr-llm-0.7.0.zip.bundle \
--certificate-identity-regexp "https://github.com/netresearch/.*" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
nr-llm-0.7.0.zipVerify checksums
sha256sum -c checksums.txtSoftware Bill of Materials (SBOM)
SBOMs are provided in both SPDX and CycloneDX formats for supply chain transparency.
Contributors
var and main