Skip to content

v1.3.0 — power_core package, security hardening, CI/CD

Choose a tag to compare

@weby-homelab weby-homelab released this 02 Jul 13:40
5752b90

What's New in v1.3.0

Critical Security Fixes

  • Path Traversal vulnerability fixed in MCP server vault_path parameter
  • YAML injection prevention via Pydantic validation and string escaping
  • Input validation for all MCP tool parameters

Architecture

  • New power_core/ package — shared library with Pydantic v2 schemas, safe YAML parser, atomic writes
  • Eliminated code duplication — MCP server and CLI scripts now use power_core
  • Atomic writes prevent data corruption from interrupted writes

Testing & CI/CD

  • 79 pytest tests with fixtures for comprehensive coverage
  • GitHub Actions CI — automated pytest, ruff lint, mypy type check
  • GitHub Actions Release — auto-release on tag push

New Scripts

  • scripts/sync-brain.sh — Cron auto-sync with GPG signing support
  • scripts/cleanup_branches.py — Automated merged branch cleanup via GitHub API

Infrastructure

  • pyproject.toml — Dependencies, tool configs, package metadata
  • .gitignore — Security rules (secrets, caches, DBs)
  • LICENSE — MIT License
  • CONTRIBUTING.md — Development workflow
  • CHANGELOG.md — Version history

Validation

  • 79/79 tests passed
  • ruff: all checks passed
  • mypy: no issues found
  • GPG-signed commits

What's Changed

  • feat: v1.3.0 — power_core package, security hardening, CI/CD by @weby-homelab in #1

New Contributors

Full Changelog: v1.2.2...v1.3.0