v0.50.0

Changelog

Engine and CLI

• c896b85: feat: scan changed s3 objects incrementally (@HikaruEgashira)

Other

• 27768c2: Merge pull request #164 from plenoai/codex/s3-object-incremental (@HikaruEgashira)

---

checksums.txt is signed with Sigstore keyless (cosign). Verify with:

cosign verify-blob checksums.txt \
  --bundle checksums.txt.sigstore.json \
  --certificate-identity-regexp \
    'https://github.com/plenoai/pleno-dlp/.github/workflows/release.yml@refs/tags/.*' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com

Or verify checksums only (no cryptographic signing):

sha256sum -c checksums.txt

Build-provenance attestations (gh attestation verify) require a
public repo or GHAS and are skipped while this repo is private.