v1.6.0 — trust architecture

Family v1.6.0: undo-token support on reversible write tools + the vmware-policy 1.6.0 governance harness (token/runaway budget, audit accountability fields, graduated risk tiers). See RELEASE_NOTES.md.

v1.5.39 — family version alignment

No code changes. Version alignment with the v1.5.39 family release (AIops snapshot-delete async/honest-timeout fix; Storage datastore-browse timeout fix).

v1.5.38 (2026-06-12) — backlog finish: collector de-duplication

Changed

• Lifted the duplicated collect + batch-persist logic into the Collector base class; the host/vm/
  datastore/dfw collectors shed ~113 lines (~39%) with identical behavior. (#2)

v1.5.37 (2026-06-12) — backlog: batched writes, dead-schema cleanup, offline evals

Fixed

• Collectors batch their writes into one transaction + executemany (was one transaction per node —
  thousands of commits on large inventories); the drift dashboard's 5 COUNT queries collapsed to one
  GROUP BY. (#1)

Changed

• Removed dead schema (edges table, nodes.parent_id); violation.status / posture_drift are
  documented as reserved-but-unwired. (#4)

Added

• Offline regression evals (no live-lab env var needed) pinning the v1.5.36 compliance-correctness fixes
  and the approval-gate truth table. (#5)

v1.5.36 (2026-06-12) — compliance-correctness fixes: scoping, severity, approval gate

Fixed

• Absence-check violations are no longer dropped — the snapshot-scoping filter wrongly removed
  "control entirely absent" findings (e.g. PCI default-deny, no-encryption, no-segmentation) because
  they emit a synthetic node id; the most severe estate-wide gaps could report as CLEAN.
• Cross-target / decommissioned-node bleed fixed — rule SQL ran against the cumulative node store,
  so one target's scan reported another target's violations.
• Failed scans no longer masquerade as the latest clean snapshot — a collector failure now marks
  the snapshot failed, and every "latest snapshot" consumer filters to completed scans.
• Severity ordering was alphabetical (critical sorted last); now critical-first everywhere.
• Approval gate no longer trusts the LLM alone — a rule's review_policy (human-review-required /
  min-confidence) is enforced; unresolvable rules default to requiring review for high/critical.
• list_violations(severity=…) validates the value; teaching errors for missing dependency / DB.

Added

• Indexes on change_event(node_id) and remediation(violation_id); read-only DuckDB access for the
  web dashboard (no lock conflict with a running scan).

v1.5.35 — security hardening

Family-wide security release (v1.5.35). See RELEASE_NOTES.md for per-skill detail.

v1.5.32 — Family version alignment + test hygiene

v1.5.32 (2026-06-08) — Family version alignment + test hygiene

No functional changes. Version-alignment release with the v1.5.32 family
(spec-audit fixes in sibling skills).

Tests

• Smoke test no longer pins a stale version literal — asserts semver shape +
  agreement with pyproject.toml.

v1.5.30 — Tool description quality (Glama TDQS)

v1.5.30 (2026-06-07) — Tool description quality (Glama TDQS)

Improved

• Rewrote MCP tool descriptions flagged by Glama's Tool Description Quality Score review:
  per-parameter semantics (format, defaults, valid values), return-field documentation,
  sibling-tool routing guidance, and behavioral transparency (side effects, audit logging,
  async semantics). Corrected descriptions that overstated or misstated actual behavior.
• No functional changes; descriptions only.

v1.5.29 — doctor synopsis + Smithery + Python 3.10 troubleshooting + v1.5.19 notes

v1.5.29 (2026-05-29) — Doctor / Smithery / Python 3.10 Troubleshooting Docs

Documentation

• README.md: refreshed v1.5.18 framing to make it clear the project is at v1.5.28-aligned (now v1.5.29), not v1.5.18 (commit 27035a1).
• references/cli-reference.md: added full doctor command section — synopsis, no-options note, table of 10 environment checks from vmware_harden/doctor.py::run_diagnostics, example output, exit codes.
• references/setup-guide.md: new "Alternative Deployment: Container / Smithery" section mirroring AVI style (Docker build/run with Twin DB volume mount note, Smithery config schema, deployment-choice table); new "Troubleshooting" section above Security with the Python 3.10 / subclass() arg 1 must be a class fix (upgrade to v1.5.28+ or mcp[cli]>=1.14).
• references/capabilities.md: "Performance & Correctness Notes" section covering v1.5.19 snapshot_id indexes (IF NOT EXISTS, idempotent, no migration) and LEFT JOIN + COALESCE orphan-preservation in list_violations / report (踩坑 #28 / #29 cross-refs).

No code changes

Documentation-only release.

v1.5.28 — fix subclass() arg 1 must be a class in old-mcp environments

Fix subclass() arg 1 must be a class in goose/old-mcp environments.

v1.5.25–1.5.27 replaced PEP 604 X | None with Optional[X] but kept from __future__ import annotations at the top of mcp_server/server.py. Under mcp 1.10–1.13 (which Goose and some sandboxes pin), FastMCP's Tool.from_function calls issubclass(param.annotation, Context) without resolving forward refs, so string annotations crash server load.

This release strips the future import from mcp_server/server.py (all 8 affected skills; Harden never had it). Verified tools list OK under mcp 1.10 and mcp 1.14.

CLAUDE.md 踩坑 #33 updated.