github luckyPipewrench/pipelock v2.2.0
on GitHub

latest release: v2
5 days ago

Changelog

  • b799b2a Add posture capsule emit scaffold (#391)
  • 388421d Add task boundaries for taint-scoped trust overrides (#384)
  • cdd0a0f Harden exposure-based policy escalation across MCP transports (#383)
  • 5b2b482 ci: bump govulncheck Go to 1.26.2 (GO-2026-4865 fix) (#376)
  • d1187a7 ci: bump the ci-actions group with 3 updates (#395)
  • 5d4ceae deps: bump the go-deps group with 6 updates (#394)
  • b3ea7c3 examples: add tool-response-injection reproduction harness (#387)
  • 905ab19 feat: RFC 9421 envelope signing + canonical policy hash + redirect refresh (#403)
  • a8470d0 feat: add pipelock session CLI for airlock inspection and recovery (#399)
  • f0b3130 feat: add posture verify CLI with score model and CI gate (#397)
  • f9d12ae feat: cross-implementation receipt conformance suite (#379)
  • 8182493 feat: emit signed action receipts from pipelock mcp proxy (#385)
  • a24be72 feat: extend receipt emission to fetch error paths, WebSocket, and A2A (#402)
  • f1318e9 feat: mediation envelope — sideband metadata on proxied requests (#374)
  • ac13a66 feat: per-pattern warn mode for DLP rollout safety (#392)
  • 5c4dd61 feat: pipelock init sidecar + agent identity default + exemption audit emission (#400)
  • a6bb095 feat: standard tier source selection, rules status, core SSRF literal, RequiredFeatures (#373)
  • 67cd7d7 feat: stego stripping, media policy, SVG active content hardening (#382)
  • 058806b feat: wire DLP warn audit emission into runtime lifecycle (#396)
  • f5e654b fix: SVG active content bypass — unquoted event handlers and animation injection (#393)
  • 28b3fa1 fix: edge-trigger airlock from adaptive escalation (#388)
  • 508ddf7 fix: emit block receipts on post-fetch deny paths, extract bundleExecCtx (#377)
  • c75a837 fix: harden log context field routing (#389)
  • 3d2a365 fix: pre-tag hardening — media policy parity, receipt chain restart, posture integrity, CLI polish (#404)
  • 9392aed fix: strict posture policy requires MCP server discovery (#398)
  • 21d57a2 fix: v2.2.0 pre-tag hardening bundle (#408)
  • 8936062 refactor: typed LogContext constructors and URL field semantic split (#378)
Check out latest releases or
releases around luckyPipewrench/pipelock v2.2.0

Don't miss a new pipelock release

NewReleases is sending notifications on new releases.

Get notifications