Skip to content

releases.mdx

Latest commit

 

History

History
122 lines (88 loc) · 6.17 KB

releases.mdx

File metadata and controls

122 lines (88 loc) · 6.17 KB
title Releases
description QWED Protocol release history — download links, installation, and version overview.

Current release

Unified 3-layer DiagnosticResult model — agent-safe, developer, and proof diagnostics. Tri-state status (VERIFIED / UNVERIFIABLE / BLOCKED) with proof_ref as the authority bit. Additive release — no existing engine return types changed.

Install

pip install qwed==5.2.0
docker pull qwedai/qwed-verification:5.2.0
npm install @qwed-ai/sdk@5.2.0
cargo add qwed@5.2.0
go get github.com/QWED-AI/qwed-verification/sdk-go@v5.2.0

Release history

Unified 3-layer `DiagnosticResult` model with `agent_message` (agent-safe), `developer_fields` (structured evidence), and `proof_ref` (sha256 proof hash — the authority bit). Tri-state status only (VERIFIED / UNVERIFIABLE / BLOCKED). Frozen dataclasses prevent post-construction bypass. Advisory checks structurally separated from verdicts. Migration helper for legacy engine dicts. 83 tests. Additive — no breaking changes.

Full Release Notes → · GitHub Release ↗

Emergency security patch fixing High severity (CVSS 8.8) authenticated RCE via unsafe SymPy `parse_expr()`. Added `safe_parse_expr()` wrapper with denylist, stripped `__builtins__`, allow-listed math namespace. Cache Redis fail-closed. CodSpeed benchmarks.

Full Release Notes → · GitHub Release ↗

Cache keys bound to full trust context (provider/model/policy/session) — prevents cross-context replay. Attestation path hardened with `AttestationStatus` enum and `is_issued` contract. Audit chain isolated per-org with `BEGIN IMMEDIATE` transactions. Reasoning proof prerequisites enforced. Symbolic/batch verifiers return `BLOCKED` on missing proof. Unknown agent actions denied. `additionalProperties: false` strictly enforced. SDK `5.1.1` across Python, TypeScript, Rust.

Full Release Notes → · GitHub Release ↗

AgentStateGuard for deterministic state verification · Legacy `CodeExecutor` hard-blocked · Default-deny for unknown tools · Bounded math tolerance · `verify_logic_rule` / `verify_identity` fail-closed · Ambiguous math expressions blocked · Schema `uniqueItems` fail-closed · SDK `5.1.0` across Python, TypeScript, Go.

Full Release Notes → · GitHub Release ↗

**98 commits** · Fail-closed verification boundary · `INCONCLUSIVE` status for LLM-translated math · `trust_boundary` metadata in responses · Mandatory `ActionContext` for agents · Replay/loop detection · Redis fail-closed rate limiting · Docker required for stats/consensus · `security_checks` field removed · Admin-only `/metrics` · SDK `5.0.0` across Python, TypeScript, Go.

Full Release Notes → · GitHub Release ↗ TypeScript SDK alignment · POST /verify/process endpoint · Agent security checks (exfiltration, mcp_poison) · Security fixes (info disclosure, symbolic precision) · @qwed-ai/sdk@4.0.1.

Full Release Notes → · GitHub Release ↗

**147 commits** · Agentic Security Guards (RAGGuard, ExfiltrationGuard, MCP Poison Guard) · SovereigntyGuard · ToxicFlowGuard · S-CoT Guard · Process Determinism (ProcessVerifier) · Critical security fixes (eval removal, sandbox escape, CVE patches) · Docker hardening · Sentry + CircleCI + SonarCloud + Snyk integration.

Full Release Notes → · GitHub Release ↗

Security patch — CodeQL remediation (50+ alerts), workflow permissions lockdown, PII protection, Snyk partner attribution.

GitHub Release ↗

Optimization Engine, Vacuity Checker, Dockerized GitHub Action, improved logic verifier.

GitHub Release ↗

Links

Python package Container image TypeScript SDK Rust SDK All releases Go SDK