Skip to content

agent-rules-kit v0.2.1

Latest
Latest

Choose a tag to compare

View all tags
@CoderDeltaLAN CoderDeltaLAN released this 17 Jun 11:07
v0.2.1
3c1525a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

[0.2.1] - 2026-06-17

Added

  • Added a PyPI Trusted Publishing workflow for the final v0.2.1 release path, triggered only by GitHub Release publication and configured for the pypi environment without static PyPI credentials.
  • Added discovery support for Claude Code project instructions stored at .claude/CLAUDE.md.
  • Added CI smoke checks for the installed agent-rules-kit console script and a minimal JSON check command.

Fixed

  • Scoped governance finding suppression to same-line negation or approval cues so adjacent safe guidance no longer hides unrelated risky instructions.
  • Reject symlinked supported instruction files and harden init --write temporary and backup paths against symlink escapes.
  • Report non-UTF-8 supported instruction files as AIRK-SYS001 findings instead of silently skipping governance analysis.
  • Updated generated AGENTS.md baseline content so init --write no longer creates instructions that fail the current governance scope or authority check.
  • Fixed secret redaction pattern order so Anthropic-style sk-ant- keys match the specific Anthropic pattern before the generic sk- pattern.
  • Tightened governance regex coverage for review/CI bypass, unsafe command guidance, and runtime network or LLM dependency findings.
  • Expanded secret-like token redaction coverage.
  • Added context-aware governance finding suppression so nearby negative guidance can avoid false positives.
  • Added final runtime API phrase parity coverage for GOV005-style local-first boundary checks.

Changed

  • Split the PyPI publishing workflow into separate build and publish jobs so distributions are built, checked, smoke-tested, uploaded as a short-lived workflow artifact, and published with OIDC id-token: write scoped only to the publish job.
  • Clarified packaging smoke documentation to distinguish console-script execution from python -m agent_rules_kit.cli module execution.
  • Clarified README installation, normal CLI usage, development virtual environment requirements, local checks, and next-release audit readiness.
  • Added Ruff linting to local checks and CI by installing project development dependencies before running ./scripts/check.sh.
  • Synced product strategy and threat model wording with the published v0.2.0 release line and unreleased post-v0.2.0 main state.
  • Synced support, security, README, and release-truth documentation after the published v0.2.0 GitHub Release.
  • Added CLI output examples and governance rules reference documentation after the v0.2.0 tag.

Release notes

  • These changes are present on main after v0.2.0 and are not part of the published v0.2.0 release artifacts.
  • The next release should be cut as a new patch release instead of moving the existing v0.2.0 tag.

Release target: 3c1525a
CI run: 27683266106
Publishing: GitHub Release published event triggers PyPI Trusted Publishing workflow.

Assets 5
Loading