Skip to content

v0.1.6 - Action runtime hardening

Latest
Marketplace
Latest
Marketplace

Choose a tag to compare

View all tags
@rtonf rtonf released this 14 Jun 15:14
· 5 commits to main since this release
v0.1.6
c054326

v0.1.6 Action Runtime Hardening

Date: 2026-06-15

Summary

This GitHub Action release publishes the post-application hardening work that landed after v0.1.5.

The npm package remains maintainerops-ai@0.1.4; this release is for the GitHub Action and Marketplace channel.

Changes

  • Run the GitHub Action from the prebuilt dist-action/index.js bundle.
  • Remove response bodies from GitHub API exception messages.
  • Cap pull request changed-file pagination at 3,000 files to avoid unbounded API calls.
  • Add runtime validation for model assessment packets:
    • riskLevel
    • recommendedAction
    • confidence range
    • string array fields
    • evidence entries
  • Add unit tests for GitHub API error redaction, pagination cap behavior, and assessment enum validation.
  • Sanitize public Codex Security reports so local Windows user paths are not exposed.
  • Refresh README and Marketplace examples to point at v0.1.6.

Verification

  • npm run verify
  • GitHub Actions manual run: https://github.com/rtonf/maintainerops-ai/actions/runs/27464546983
  • Local path search against docs/codex-security/: no local user path matches.

Publication Note

After creating the GitHub Release, publish v0.1.6 to GitHub Marketplace from the Release UI so the Marketplace listing moves from v0.1.5 to v0.1.6.

Assets 2
Loading