v1.6.0

1.6.0 (2026-05-29)

Features

• adoption: Phase 50 golden host journeys and Keycloak CI lane (b21bdbb)
• adoption: Phase 50 golden host journeys and Keycloak CI lane (fb105da)

Bug Fixes

• adoption: CI warnings and Keycloak SSO redirect binding (83f9b90)
• adoption: follow Keycloak SSO redirects when fetching login form (19fbb26)
• adoption: green Keycloak external IdP lane and real IdP crypto interop (d48871a)
• adoption: stabilize Keycloak login fetch without form pre-check (45e1d1e)
• adoption: use valid guard in Keycloak redirect URL helper (18f78ae)
• security: align KeyInfo corpus with rogue-outside-Signature policy (7846892)

v1.5.4

1.5.4 (2026-05-28)

Bug Fixes

• ci: auto-dispatch Hex publish after release-please automerge (e50dfd5)
• ci: auto-dispatch Hex publish after release-please automerge (39bbc21)

v1.5.3

1.5.3 (2026-05-28)

Bug Fixes

• ci: grant actions:write for release-please PR dispatch (e32d828)
• ci: grant actions:write for release-please PR dispatch (ecf2736)
• ci: parse spaced security-gates check names on release PRs (099b92b)
• ci: parse spaced security-gates check names on release PRs (adabc13)
• ci: tolerate gh pr checks exit when no checks yet (fbef01c)
• ci: tolerate gh pr checks exit when no checks yet (98606d2)
• docs: note hands-off release path in getting started (0f6d758)
• docs: note hands-off release path in getting started (f19d239)

v1.5.2

1.5.2 (2026-05-28)

Bug Fixes

• test: isolate replay store and warm FakeIdP keypair (3635c5c)
• test: isolate replay store and warm FakeIdP keypair (d2bb6bf)

v1.5.1

1.5.1 (2026-05-28)

Bug Fixes

• ci: gate Hex publish on mix qa and enforce branch protection (7303b36)
• ci: release-please trigger for 1.5.1 (15efe67)

v1.5.0

1.5.0 (2026-05-28)

Features

• 45-01: add mix verify.release_parity for Hex vs tag path-set diff (7ca46c4)
• 45-02: add verify-parity.sh milestone gate wrapper (227a3c2)
• 49-01: add scope boundary section to conformance generator (93418a6)
• 49-01: flip ENC manifest row from deferred to pass (f865174)
• docs: add README Quick Look preset snippet (DX-01) (65bcf93)
• docs: job-shaped overview hub and batteries dedupe (DX-03) (00937be)
• install: auto-inject saml_routes on single Phoenix router (DX-02) (ca632bd)

v1.4.0

1.5.0 (2026-05-27)

Features

• 15-01: create connection list, detail components and normalize risk flag names (0bdf7b1)
• 15-02: extract connection form and preset picker components (e133380)
• 15-02: wire URL-driven presets to the form (50640b8)
• 15-03: embed risk panel across relevant views (4916649)
• 15-03: wire lifecycle events to Ecto boundaries and add status badges (0a16b0a)
• 16-01: establish metadata liveview skeleton and route (and missing 15-01 files) (c52a008)
• 16-02: add active highlighting to metadata history stream (8ee6076)
• 16-03: finalize Phase 16 execution and verification (43ce682)
• 16-03: implement async manual metadata refresh (50a0ebd)
• 17-01: handle optimistic locking conflicts on certificate updates (8400944)
• 17-01: implement semantic slot-based timeline UI for certificates (cf7f016)
• 17-02: implement 3-step staged rollover with typed verification (0399604)
• 18-01: implement typed mapping forms in live admin (15bb5f4)
• 18-02: implement audit timeline filtering and expandable details (7ced8fc)
• 19-01: implement allow_idp_initiated flag for connections (26e822c)
• 19-02: implement safe local redirect utility (4fab9cf)
• 19: implement IdP-initiated SSO support and result normalization (101e2a6)
• 20-01: implement BulkActions coordinator (69be2d9)
• 20-02: add multi-select UI to ConnectionList (4c3bf15)
• 20: implement bulk operations for connections and UI multi-selection (6e75525)
• 21-01: add migration extending relyra_metadata_sources with auto-refresh (7dcf2ea)
• 21-01: extend MetadataSource schema with auto-refresh fields and changesets (d8eb04b)
• 21-02: pure cadence + backoff helpers with property-style jitter envelopes (7cfbf02)
• 21-02: pure failure classifier with one clause per Phase-21 error code (f8620bf)
• 21-03: add TrustAnchor + DriftDetector pure helpers (1c02e38)
• 21-03: relocate security corpus + add CorpusGate runtime gate (9400a0d)
• 21-04: add MetadataApply.resume_auto_refresh/3 single-tx Resume seam (b94ce16)
• 21-04: add Signature.verify_metadata_root/4 metadata-root shim (35a3da4)
• 21-04: wrap record_attempt in transact and co-commit health state (2de8899)
• 21-05: add OptionalDeps.Oban gateway and Workers.MetadataRefresh (ff88242)
• 21-05: add Scheduler.run_due/2 and AutoRefresh.refresh/2 wrapper (3b60a04)
• 21-06: add Auto-refresh health card + Resume now to ConnectionMetadataLive (35a4cc7)
• 21-06: surface auto_refresh_health on the connection list (D-29) (67da767)
• 21-07: add Metadata.pin_trust_fingerprint/3 + two operator Mix tasks (aa25260)
• 21-07: add optional Oban dep, ci.oban_smoke alias, README operations (f4bf983)
• 21-07: document auto_refresh telemetry catalog + LogAlerts handler (06ca068)
• 21.1-01: forward audit context from Refresh.refresh/2 into apply_revision and record_attempt (closes CFG-07) (80d9001)
• 22-01: implement certificate expiry traversal engine (13bf7f8)
• 22-01: implement telemetry for expiring certificates (eef99d4)
• 23-01: build diagnostic bundle orchestration service (9b4250c)
• 23-01: implement explicit redaction AllowList for diagnostic exports (74a6efb)
• 23-02: add download diagnostic bundle UI button to admin UI (fe394bf)
• 23-02: create mix task for CLI diagnostic bundle export (1f074ba)
• 23-02: implement HTTP download endpoint for diagnostic bundle (7ce0184)
• 24-01: implement request store type injection (aff2a30)
• 24-01: implement session revocation adapter support (f425c18)
• 24-02: implement LogoutRequest builder (9bfd22c)
• 24-03: implement logout bindings parser for redirect (d4654ee)
• 25-01: add shared conformance fixture loader (1f98ee5)
• 25-01: harden PureBeam seam behavior (e8cfab9)
• 25-02: expand pinned security regression corpus (c80b6ab)
• 25-02: implement SP conformance lane (9c3e79a)
• 25-03: generate conformance report from manifest state (a9a7d58)
• 27-03: add batteries included proof artifact (0b1ffc9)
• 28-01: implement SaxyTree handler with ns stack + 3 normalizations (8738532)
• 28-02: enveloped-sig transform pruning + PrefixList forced render + transform allowlist (ae9f16f)
• 28-02: implement exclusive C14N 1.0 serialization core (b666926)
• 28-03: bind exact tree node + delegate canonicalize/2 to the C14N engine (5565df5)
• 28-03: route parse_safely onto the saxy tree, retire regex extractors (915d460)
• 29-01: add ordered content field to SaxyTree.Node (D-09) (4411f91)
• 29-02: add AlgorithmPolicy.digest_atom_for_signature_method/1 (RSA→atom, ECDSA fail-closed) ([e63216e](https://github.com/szTheory/relyra...

v1.2.0

Warning

Security release. Fixes a critical XMLDSig verification gap where Relyra 1.0.0 and 1.1.0 could accept forged SAML signatures (authentication bypass). 1.2.0 verifies the canonicalized SignedInfo with :public_key.verify, recomputes DigestValue in constant time on the consumed node, and applies the same guarantee to both response and metadata-root verification paths.

Advisory: GHSA-jv46-xfwm-36j7 (Critical, CVSS 9.1, CWE-347/287). Upgrade immediately; there is no safe configuration of 1.0.0/1.1.0.

1.2.0 (2026-05-25)

Features

• 28-01: implement SaxyTree handler with ns stack + 3 normalizations (8738532)
• 28-02: enveloped-sig transform pruning + PrefixList forced render + transform allowlist (ae9f16f)
• 28-02: implement exclusive C14N 1.0 serialization core (b666926)
• 28-03: bind exact tree node + delegate canonicalize/2 to the C14N engine (5565df5)
• 28-03: route parse_safely onto the saxy tree, retire regex extractors (915d460)
• 29-01: add ordered content field to SaxyTree.Node (D-09) (4411f91)
• 29-02: add AlgorithmPolicy.digest_atom_for_signature_method/1 (RSA→atom, ECDSA fail-closed) (e63216e)
• 29-02: surface D-02 fields (SignedInfo node, base64 Digest/SignatureValue) per candidate (5d1cfc9)
• 29-03: wire real XMLDSig crypto into the [candidate] arm (D-01) (2e45689)
• 29-04: build genuine XMLDSig test-signer (D-11) (c45864f)
• 29-05: add metadata-root signed-candidates producer in pure_beam (502417f)
• 29-05: rewire metadata pre-parse onto tree builder + prove SIGV-04 (6d4931e)
• 30-01: delegate FakeIdP.sign to genuine signer + expose trust cert (D-01/D-03) (18f5bd8)
• 30-03: add c14n-differential rejection row to security corpus (c7ec6a2)

Bug Fixes

• 28-03: correct prot-unsigned-001 expectation to missing_protocol_field (63c5ca5)
• 29-01: walk content in document order in C14N.render_element/3 (D-09) (8052658)
• 29: close metadata trust bypass (CR-01) and pin over DER (CR-02) (8910200)
• 29: thread cert_chain in plan 03 + add existing-test triage task to plan 04 (13094ef)
• 29: tolerate line-wrapped base64 in Signature/DigestValue (WR-01) (ef44482)
• 30-01: reconcile FakeIdP response_xml shape for genuine signing (D-02) (f9047fe)
• 30-04: make ci.security honestly gate every security suite (cmd mix test per line) (8a144ed)
• 30: harden ci.security meta-gate (AST parse, tag anchor, corpus_gate coverage) (07f4727)
• deps: bump postgrex/plug/phoenix for CVEs; ignore unreachable decimal advisory (520d713)

v1.1.0

1.1.0 (2026-05-08)

Features

• 01-02: add pure-beam XML adapter baseline (68f1041)
• 01-02: add stable Relyra.Error contract (5077f9d)
• 01-02: freeze hardened XML seam behaviour (ed7257e)
• 01-03: add compile-time parser path guard (74bac6e)
• 02-01: add protocol and relay state contract tests (9225186)
• 02-01: enforce opaque relay state contract (d21697f)
• 02-01: implement login request and binding primitives (b0d49b6)
• 02-02: bind signature verification to exact signed node (2aeba97)
• 02-02: enforce strict signature algorithm policy (88d43db)
• 02-03: add ordered consume response pipeline (d7db968)
• 02-03: add response and assertion validators (47981a2)
• 03-01: add fail-closed default adapter scaffolding (f4acf93)
• 03-01: freeze phase 3 behaviour contracts (9841e09)
• 03-02: add atomic ETS request and replay adapters (223cb72)
• 03-02: add optional Ecto-backed request and replay stores (4a801f9)
• 03-03: persist request intent and gate consume success (a6cf9aa)
• 05-01: add telemetry catalog and event spans (07b503f)
• 06-01: add provider presets, TestSupport, installer, and docs (670ee92)
• 06-01: close release-discipline gap and add provider audience hint (bdb7c9a)
• 11-02: add mapping persistence migration coverage (06856c6)
• 11-03: harden audited trust mutations (c546b6b)
• 11-04: persist and hydrate mapping config (dd9da43)
• 12-12-01: canonicalize metadata certificate candidates (6d5d652)
• 14-01: author 11-VERIFICATION.md with serial CFG-05 packet (4339dca)
• 15-01: create connection list, detail components and normalize risk flag names (0bdf7b1)
• 15-02: extract connection form and preset picker components (e133380)
• 15-02: wire URL-driven presets to the form (50640b8)
• 15-03: embed risk panel across relevant views (4916649)
• 15-03: wire lifecycle events to Ecto boundaries and add status badges (0a16b0a)
• 16-01: establish metadata liveview skeleton and route (and missing 15-01 files) (c52a008)
• 16-02: add active highlighting to metadata history stream (8ee6076)
• 16-03: finalize Phase 16 execution and verification (43ce682)
• 16-03: implement async manual metadata refresh (50a0ebd)
• 17-01: handle optimistic locking conflicts on certificate updates (8400944)
• 17-01: implement semantic slot-based timeline UI for certificates (cf7f016)
• 17-02: implement 3-step staged rollover with typed verification (0399604)
• 18-01: implement typed mapping forms in live admin (15bb5f4)
• 18-02: implement audit timeline filtering and expandable details (7ced8fc)
• 19-01: implement allow_idp_initiated flag for connections (26e822c)
• 19-02: implement safe local redirect utility (4fab9cf)
• 19: implement IdP-initiated SSO support and result normalization (101e2a6)
• 20-01: implement BulkActions coordinator (69be2d9)
• 20-02: add multi-select UI to ConnectionList (4c3bf15)
• 20: implement bulk operations for connections and UI multi-selection (6e75525)
• 21-01: add migration extending relyra_metadata_sources with auto-refresh (7dcf2ea)
• 21-01: extend MetadataSource schema with auto-refresh fields and changesets (d8eb04b)
• 21-02: pure cadence + backoff helpers with property-style jitter envelopes (7cfbf02)
• 21-02: pure failure classifier with one clause per Phase-21 error code (f8620bf)
• 21-03: add TrustAnchor + DriftDetector pure helpers (1c02e38)
• 21-03: relocate security corpus + add CorpusGate runtime gate (9400a0d)
• 21-04: add MetadataApply.resume_auto_refresh/3 single-tx Resume seam (b94ce16)
• 21-04: add Signature.verify_metadata_root/4 metadata-root shim (35a3da4)
• 21-04: wrap record_attempt in transact and co-commit health state (2de8899)
• 21-05: add OptionalDeps.Oban gateway and Workers.MetadataRefresh (ff88242)
• 21-05: add Scheduler.run_due/2 and AutoRefresh.refresh/2 wrapper (3b60a04)
• 21-06: add Auto-refresh health card + Resume now to ConnectionMetadataLive (35a4cc7)
• 21-06: surface auto_refresh_health on the connection list (D-29) (67da767)
• 21-07: add Metadata.pin_trust_fingerprint/3 + two operator Mix tasks (aa25260)
• 21-07: add optional Oban dep, ci.oban_smoke alias, README operations (f4bf983)
• 21-07: document auto_refresh telemetry catalog + LogAlerts handler (06ca068)
• 21.1-01: forward audit context from Refresh.refresh/2 into apply_revision and record_attempt (closes CFG-07) (80d9001)
• 22-01: implement certificate expiry traversal engine ([13bf7f8](13bf7f89d819be8c03f...