What's new in v0.8.1
v0.8.1 is a maintenance release. It hardens the SQL normalizer against a future refactor regression and documents the release profile's stance on integer overflow checks. There is no change to the daemon, the CLI surface, the report JSON schema, or any wire format. Every user-facing output is byte-for-byte identical to v0.8.0, the minimum supported Rust version stays 1.96.0, and the release-gate lab validation passed on the unchanged toolchain.
SQL tokenizer slice guard
The homemade SQL normalizer takes &str slices of the query as it tokenizes. Those slices are safe today because the tokenizer only ever anchors a bound on an ASCII delimiter (', ", $...$, digits), and every ASCII byte is a UTF-8 char boundary. That safety was an emergent invariant of the scanning discipline, not a guarded one. The slices now route through a single helper that asserts, in debug builds, that both byte bounds fall on char boundaries. The check compiles out in release, and it turns a future slice taken at a non-ASCII-anchored position into a loud test failure instead of a panic that no unwrap or panic! grep would ever surface. The five existing UTF-8 tokenizer tests now exercise the assertion with real multi-byte input.
Documentation
The release-profile design note (docs/design/07-CLI-CONFIG-RELEASE.md and its French mirror) now documents why the release profile deliberately leaves overflow-checks off. Under panic = "abort", enabling it would turn any integer overflow on attacker-influenced arithmetic into a process abort, and the carbon accumulators being f64 means the flag would not even catch the silent-wrap case it is usually invoked against. Overflow handling stays explicit and local at the few integer sites where a wrong value would matter.
Internal
The disclose preview state initialization was simplified around PathBuf. No behavior change.
Helm chart
charts/perf-sentinel 0.2.45 to 0.2.46, appVersion 0.8.0 to 0.8.1. Template surface unchanged, additive metadata only.
Why this is a patch
The release is internal and additive only. The new debug-only assertion compiles out of the release binary, the disclose change is a refactor, and the rest is documentation. The CLI surface, the report JSON schema, the disclosure JSON v1.0 format and its canonical content_hash, the daemon HTTP routes and OTLP wire protocol, the co2.model enum, and the Prometheus metric names and label sets are byte-for-byte identical to v0.8.0. The minimum supported Rust version is unchanged at 1.96.0.
Verifying this release
# Binary integrity via SLSA Build L3 attestation
gh attestation verify perf-sentinel-linux-amd64 \
--owner robintra --repo perf-sentinel
# A periodic disclosure produced by this binary
perf-sentinel verify-hash --report perf-sentinel-report.json \
--expected-identity "https://github.com/robintra/perf-sentinel/.github/workflows/release.yml@refs/tags/v0.8.1" \
--expected-issuer "https://token.actions.githubusercontent.com"
gh CLI 2.49 or newer required for gh attestation verify (unchanged from v0.7.2).
Full Changelog: v0.8.0...v0.8.1