Skip to content

v0.8.3

Choose a tag to compare

View all tags
@tyrianinstitute tyrianinstitute released this 01 Apr 23:47
· 13 commits to main since this release
v0.8.3
3863565

fixed a bunch of stuff that should have never shipped:

  • html report template wasn't included in the pip package. every user who ran report --format html got TemplateNotFound. embarrassing.
  • fpdf2 wasn't in the default deps. fuzz command crashed on clean install.
  • 5 NameError crashes in rarely-used code paths (generate-suffix, budget tracking, keyword judge warning). all fixed.
  • bedrock adapter was doing json serialization with str().replace() instead of json.dumps(). broke on any prompt with an apostrophe.
  • fuzz callback URLs were sending character offsets instead of attempt numbers. variable shadowing bug.
  • chain runner reported VULNERABLE when a step returned an HTTP error. step errors are not vulnerabilities.
  • bypass rate calculation included errored attempts in the denominator, underreporting the actual rate.
  • cascade detector flagged public emails as critical data leaks. downgraded to tentative, added domain exclusion.
  • html and pdf reporters had XSS. fixed with html.escape.
  • tls verification was silently disabled whenever a proxy was configured. now requires explicit insecure flag.
  • 3 adapters (bedrock, llamacpp, mcp) were unreachable from the CLI. added with lazy imports.
  • fingerprint engine schema path broke after pip install. fixed.
  • discover command crashed with unexpected argument when given a URL.
  • version string unified to 0.8.3.

added 18 regression tests covering every fix.

Assets 2
Loading