Releases: sparq-org/sparq
Release list
v0.1.0-dev.3
See CHANGELOG.md for the curated changelog.
SHA256SUMS covers every attached archive plus the CycloneDX SBOM + VEX: shasum -a 256 -c SHA256SUMS.
Desktop GUI bundles (UNSIGNED). This release also includes cross-platform sparq GUI desktop installers (sparq-gui_v0.1.0-dev.3_*): macOS .dmg, Windows .msi + NSIS .exe, and Linux .deb + .AppImage. These bundles are NOT code-signed or notarized. On macOS, Gatekeeper will quarantine them; on Windows, SmartScreen will warn — see /download for the install bypass instructions (Gatekeeper/SmartScreen). OS-level code-signing (Apple Developer ID notarization + Windows Authenticode) requires maintainer-held credentials and is tracked separately — until then, treat the GUI bundles as developer/test installs. The SLSA attestation below proves who built each bundle (build provenance); it is not a substitute for OS code-signing. (No win-arm64 GUI installer yet — the Tauri bundler cannot cross-bundle it from the x64 Windows runner; no mobile app bundles yet.)
Supply chain: each release carries a CycloneDX SBOM per binary (*-v0.1.0-dev.3.sbom.cdx.json, including the GUI shell sparq-gui-v0.1.0-dev.3.sbom.cdx.json), a CycloneDX SBOM for the published npm/WASM client (sparq-js-v0.1.0-dev.3.sbom.cdx.json runtime tree + sparq-js-dev-v0.1.0-dev.3.sbom.cdx.json full build tree), and a VEX (sparq-v0.1.0-dev.3.vex.cdx.json) stating the exploitability of every advisory the dependency policy ignores. All artifacts (archives, GUI bundles, SBOMs, VEX) are SLSA build-provenance attested — verify with gh attestation verify <file> --repo jeswr/sparq.
What's Changed
- ci(lint): clippy hard-gate (-D warnings) + zero existing warnings; pin rustfmt.toml by @jeswr in #1
- fix(coverage): green main — dict-spill coverage tests + explicit mmap in coverage gate by @jeswr in #29
- feat(beads): SessionStart hook for bd context recovery + AGENTS.md note by @jeswr in #30
- fix: roborev backlog — gitignore scope, HDT streaming sniff, SHACL README, resolve_iri test by @jeswr in #31
- test(sparq-geo): OGC GeoSPARQL compliance ratchet + DE-9IM differential vs geo crate (sq-9h1r) by @jeswr in #32
- docs: strip hard-coded perf numbers from 6 READMEs (sq-q0im) by @jeswr in #33
- ci: PR-gating infra — ci-summary aggregator + CodeQL SAST + SHA-pin all actions; AGENTS.md directives by @jeswr in #34
- feat(server): SERVICE egress allowlist — default-deny SSRF guard via CLI/env/file (sq-4w18) by @jeswr in #35
- docs: rework root README (286→116L) + logo.svg + canonical crate-README template (sq-kuqa) by @jeswr in #37
- fix(sparq-py + engine): preserve rdf:dirLangString base direction; SPARQL-1.2-conformant its:dir JSON (sq-bj7o) by @jeswr in #36
- feat(sparq-mpc): RS consistency-checked + robust (Berlekamp–Welch) reconstruction — closes tamper-detection gap (sq-m34i / sq-uu0u WI-1) by @jeswr in #38
- feat(dashboard): readable metric labels — 318 labeled via generator + suite grouping + tooltips (sq-ocuf) by @jeswr in #39
- docs(agents): maintenance loop + bidirectional sibling-charter cross-pollination by @jeswr in #40
- ci: documentation-quality gate — markdownlint/typos/internal-links HARD + vale/external/no-perf ADVISORY (sq-5fd1) by @jeswr in #42
- feat(sparq-mpc): consistency-checked degree-2t equality/mult open (sq-7q9i / sq-uu0u WI-2) by @jeswr in #43
- deps: migrate quick-xml 0.37 → 0.40 (sq-8bhq, supersedes Dependabot #19) by @jeswr in #58
- feat(sparq-mpc): surface MaliciousSecurity enum in BackendInfo (sq-sz1h / sq-uu0u WI-3) by @jeswr in #60
- docs: concise per-crate READMEs — core/engine/cli/reason + solid/geo/vectors/server (sq-xogx/h1s7/rt1t/q2em) by @jeswr in #57
- feat(dashboard): featured well-known-suites section + scaling-comparison charts (sq-xvow / sq-viby) by @jeswr in #59
- fix(sparq-engine): SERVICE result parser preserves rdf:dirLangString its:dir (sq-s955) by @jeswr in #61
- fix(ci): kill the rc=101 / coverage-undercount flake — hermetic env tests + nextest retries (sq-x4jy) by @jeswr in #62
- chore(ci): SHA-pin Docker base images + least-privilege workflow permissions (sq-1umu) by @jeswr in #67
- feat(sparq-server): required Bearer-token gate on the write surface + optional read gate (sq-zcby) by @jeswr in #71
- feat(sparq-core): persist NAMED graphs across save/open + per-graph WAL (sq-3ui0, gh-45) by @jeswr in #69
- fix(ci): make the perf gate robust to CI-runner timing noise (sq-dzfu) by @jeswr in #72
- feat(sparq-server): enforce query-timeout (incl. UPDATE) + memory cap + decompression-ratio cap (sq-ebii) by @jeswr in #65
- docs: wire #![doc=include_str!(README)] + docs.rs all-features on 8 publish crates (sq-p26u) by @jeswr in #63
- docs(agents): clarify the maintenance loop is a safety net, not the cadence (act event-driven) by @jeswr in #66
- chore(release): record crates.io name availability + strip release.md TODO (sq-bk9) by @jeswr in #70
- docs(agents): codify consistent parallelisation + issue close-out + cross-agent self-id by @jeswr in #73
- MPC: finalise tampered-share detection (guarantee (D)) — PLAN refresh + deferred seams + e2e test (closes sq-uu0u) by @jeswr in #74
- bench: versioned competitor-comparison scaffold (Oxigraph/QLever/eye) by @jeswr in #75
- feat(sparq-zk): scale + harden committed-index revocation privacy (sq-hwe + sq-6qe) by @jeswr in #77
- research: MPC security-models taxonomy + protocol/operator/leakage/benchmark design record by @jeswr in #81
- docs: GitHub Pages cutover runbook + rollback (sq-iigf) by @jeswr in #78
- fix(release): boot the Docker image on
docker run+ run/curl smoke test (sq-n6rv) by @jeswr in #79 - docs(readme): human-focused rewrite — spec hyperlinks, precise feature titles, dark-mode logo, no internals (sq-avp7) by @jeswr in #68
- research: ZK verifier re-audit (post-remediation, AS LANDED) — sq-gbp4 by @jeswr in #82
- perf(ingest): opt-in native-only zlib-ng flate2 backend for gzip inflate (sq-i3xc) by @jeswr in #85
- perf(sparq-core): chunk-parallel + sharded-merge N-Quads in-memory loader (sq-25r3) by @jeswr in #84
- fix(ci): exclude informational checks from ci-summary gate + fix cargo-geiger virtual-manifest error (sq-wjth) by @jeswr in #86
- feat(mpc): three-axis security descriptor + Cleve type-invariant (sq-mq8q) by @jeswr in #87
- MPC: oblivious shuffle + sort substrate over Shamir F_p (sq-18lk) by @jeswr in #88
- feat(vectors): opt-in
embeddingsfeature — reqwest-backed RemoteEmbedder from env (sq-fg9y) by @jeswr in #83 - feat(sparq-mpc): MPC benchmark matrix (security × N × query class) — in-process counting tier [sq-sxm] by @jeswr in #90
- test(zk): standing forge-and-verify regression map for audit CRITICAL #1-#12 (sq-1gir) by @jeswr in #89
- feat(sparq-mpc): security-model SELECTION API + fail-closed backend registry (sq-a6p1) by @jeswr in #92
- feat(sparq-mpc): oblivious result-size + match-bit aggregation output path for set-returning hidden joins (sq-jnkm) by @jeswr in #93
- ci(zk): toolchain-gated lane for the forge/anchor suite + f64/k2 bb anchors (sq-f9tl) by @jeswr in #94
- feat(zk): enforce distinct-graph strict ordering in scan_check — close duplicate-inclusion / COUNT forgery (sq-vxq8) by @jeswr in #95
- feat(sparq-server): durable persistence in the server binary — --persist DIR (sq-7cxr / gh-44) by @jeswr in #80
- fix(sparq-core): RDF 1.2 triple terms in the sharded external builder (sq-t3rt) by @jeswr in #91
- feat(sparq-mpc): MPC network tier — real multi-process loopback transport + tc/netem LAN/WAN profiles (sq-tg6b) by @jeswr in #96
- Pin SPARQL 1.1 aggregate-over-empty semantics (sq-53ti) by @jeswr in #97
- chore(deps): Bump taiki-e/install-action from 2.49.0 to 2.81.10 in the actions-minor-patch group by @dependabot[bot] in #106
- chore(deps): Bump actions/github-script from 7.0.1 to 9.0.0 by @dependabot[bot] in #107
- chore(deps): Bump pollster fro...