Skip to content

Releases: Project-Navi/grippy-code-review

v0.1.0

09 Mar 10:27
@Fieldnote-Echo Fieldnote-Echo
v0.1.0
b06302f
This commit was signed with the committer’s verified signature.
Fieldnote-Echo Nelson Spence
SSH Key Fingerprint: 8bmMN7Rh7AqyIxzq4+q0QxFgTr5oGSiFnkQKgE7x5/E
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.0 Latest
Latest

[0.1.0] - 2026-03-09

Bug Fixes

  • Create sbom directory before SBOM generation in release workflow
  • Use SCORECARD_TOKEN for quality gate bump checkout
  • Add missing contents:read permission to scorecard analysis job
  • Split scorecard workflow to satisfy OpenSSF publish restrictions
  • Add coverage tests for GraphQL edge cases and update secrets baseline
  • Gate structured_outputs to OpenAI transport only
  • Update hostile environment tests to use sanitize_tool_hook pipeline
  • Use SCORECARD_TOKEN for checkout and enable publish_results
  • Use dedicated SCORECARD_TOKEN for branch protection read access
  • Harden workflows — persist-credentials, concurrency, version tags, badge grouping
  • Address remaining Copilot review findings
  • Sanitize LLM-originated fields before graph persistence + retrieval
  • Suppress bandit B110/B608 false positives in graph integration code
  • CI remediations — format, detect-secrets baseline, coverage to 97%
  • Surprise audit remediations — pin semgrep, audit persistence extras, add timeout+concurrency, guard .dev.vars
  • Add trailing newline to scorecard badge SVG
  • Update secrets baseline for SHA-pinned pre-commit hooks
  • Audit remediation — docs drift, security hardening, cleanup
  • Use BADGE_PUSH_TOKEN for badge push to main (#14)
  • Scorecard remediation — pin deps and add fuzz tests (#13)
  • Security hardening + strip finding lifecycle from persistence (#3)

CI/CD

  • Bump github/codeql-action in the github-actions group
  • Add Codecov coverage upload to test workflow
  • Allow badge push on workflow_dispatch (#12)
  • Bump actions/download-artifact in the github-actions group (#8)
  • Add workflow_dispatch to tests (force Actions re-register)
  • Bump the github-actions group with 6 updates

Documentation

  • Replace PyPI badge with coming-soon placeholder (#41)
  • Migrate wiki content to Diataxis docs site (#39)
  • Scaffold Zensical docs site with Navi branding (#37)
  • Update CLAUDE.md and README.md for MCP server, benchmarks, and graph modules
  • Update CLAUDE.md for centralized tool_hooks sanitization architecture
  • Add Knowledge Graph bullet to Why Grippy section
  • Add security section to README covering sanitization pipeline
  • Ground-up README rewrite + wiki (#5)

Features

  • .grippyignore + # nogrip suppression
  • Marketplace launch — OWASP rules + graph-enhanced engine (#36)
  • Multi-provider support + e2e test suite (#34)
  • Add MCP server for local git diff auditing (#33)
  • Retrieval quality benchmark suite (#32)
  • Migrate CodebaseIndex to Agno LanceDb with hybrid search (#30)
  • Wire sanitize_tool_hook into agent via Agno tool_hooks
  • Add sanitize_tool_hook for Agno tool_hooks middleware
  • Enable Agno structured_outputs for native schema enforcement
  • Fetch comment markers via GraphQL instead of paginated REST
  • Rewrite fetch_grippy_comments to use GraphQL reviewThreads query
  • Batch thread resolution into single GraphQL mutation
  • Batch thread resolution into single GraphQL mutation
  • Tune Grippy review accuracy — stale threads, confidence calibration, re-review annotations
  • Add SLSA Level 3 build provenance + unified badge header
  • Submit APPROVE/REQUEST_CHANGES review verdict on PASS/FAIL
  • Wire graph store into review pipeline — dep graph + cross-PR history
  • Add Python import extraction for dependency graph edges
  • Add SQLiteGraphStore — schema, writes, reads, neighbors, BFS traversal
  • Add graph types module — navi-graph-shaped enums, dataclasses, helpers
  • Adversarial test suite + defense-in-depth security hardening
  • Dual SBOM, model downgrade to gpt-4.1, badge newline fix, cross-vendor docs
  • Wire navi-sanitize into comment sanitization pipeline
  • Add deterministic security rule engine with profiles, CI gating, and docs alignment
  • Add quality gates, security scanning, and CI hardening (#6)
  • Grippy code review agent — initial release

Miscellaneous

  • Correct version to 0.1.0, wire git-cliff into build
  • Anti-drift audit — fix stale docs, deps, and quality gate (#35)
  • Move lancedb from optional [persistence] extra to core deps
  • Lint and type-check fixes for Agno optimization
  • Fix mypy type error and strengthen pagination test cursor assertion
  • Fix ruff format on test_grippy_github_review
  • Update quality gate and coverage badge [skip ci]
  • Add CODEOWNERS for review enforcement
  • Update quality gate and coverage badge [skip ci]
  • Update quality gate and coverage badge [skip ci]
  • Update quality gate and coverage badge [skip ci]
  • Update scorecard badge [skip ci]
  • Update scorecard badge [skip ci]
  • Update scorecard badge [skip ci]
  • Update scorecard badge [skip ci]
  • Add funding, badge SVGs, and update secrets baseline (#11)
  • Harden CI/CD and pre-commit with security best practices (#4)
  • Add security posture — CodeQL, scorecard, dependabot, pre-commit

Refactoring

  • Remove inline sanitization from tool functions (moved to hook)
  • Add ThreadRef NamedTuple for lightweight thread references
  • Replace GrippyStore with SQLiteGraphStore, delete old persistence layer

Testing

  • Add integration test — round-trip, blast radius, observations, subgraph
  • Comprehensive contract tests for SQLiteGraphStore — walk direction, subgraph, observations
  • Add coverage for .dev.vars CI guard — fixes quality gate
  • Close critical test coverage gaps + add PyPI release workflow
Assets 6
Loading