Skip to content

Releases: AetherraLabs/Aetherra

Aetherra v0.3.0

14 Sep 08:28
@Zyonic88 Zyonic88
v0.3.0
7f23c08
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Aetherra v0.3.0 Latest
Latest

Aetherra v0.3.0 — Stable

Highlights

  • QFAC: fixed timing‑based test; system passes stability checks
  • Type system: full PEP 585 modernization (Dict→dict, Optional→| None)
  • Security: all scanners clean; strict defaults validated
  • Tests: 98 passed, 1 skipped; 13.80% coverage (up from 8.36%)

Breaking Changes

  • None.

Quality & Reliability

  • Enhanced test reliability across agents, memory, plugins
  • Lint clean; CI hardened

Known Limitations

  • Code coverage is below the 70% target. A no‑regression gate is in place; see the Coverage Plan.

Upgrade Notes

  • No migrations required.
  • If you maintain custom plugins, verify against the updated typing (PEP 585).

Security

  • All dependency and static scans green at tag time.

Coverage Plan (Post‑release)

  • See project milestone: "Coverage to 40% (30‑day)" and §5 below.
Assets 2
Loading
0 Join discussion

Aetherra 0.5.0-beta.0

07 Sep 18:23
@Zyonic88 Zyonic88
v0.5.0-beta.0
2a7821d

Choose a tag to compare

View all tags
Aetherra 0.5.0-beta.0 Pre-release
Pre-release

Aetherra 0.5.0 Beta Roadmap & Community Focus

This document mirrors the pinned GitHub Discussion ("0.5.0 Beta Roadmap & Community Focus"). Comment in the Discussion for alignment before starting substantial work.

🎯 Core Goals (Beta)

Pillar Objective Success Signal
Stability & Quality Gates Reduce flaky / non-deterministic behaviors All gates green 3 consecutive runs
Observability / Metrics Close metric blind spots No UNKNOWN in /api/health; doc patch coverage
Security & Trust Harden signature & scan surfaces False-positive rate < 5%; add failing-signature test
Developer Experience Faster first contribution Median setup <15m from clone
Plugins & Ecosystem Primitives for safe extension 1–2 exemplar minimal plugins documented
Memory & Learning Introspectible memory graph health Graph consistency tests stable
Federation (Prep) Clarify trust & handshake model Published threat model draft
Docs & Guides Micro-guides for high-friction tasks 5 new task guides merged

🧭 Suggested Low-Lift Contributions

Area Starter Ideas
stability Add snapshot replay regression test for X edge case
observability Add metric for plugin activation count
security Extend static scan ignore heuristics (document!)
dx Script: validate environment & API keys in one step
plugins Example: memory inspector (read-only)
memory Test verifying branch node count monotonicity
docs "Add a metric in 60s" micro-guide

🔍 Coordination Flow

  1. Identify idea (issue or new)
  2. Comment in Discussion thread with: scope, impact, test plan
  3. Wait for lightweight ack (✅) from maintainer or two contributors
  4. Open Draft PR early (label: wip)
  5. Keep changes minimal & atomic

🧪 Definition of Done (Feature / Fix)

Requirement Notes
Linked issue or roadmap item Provide context & intent
Tests updated/added Unless doc-only
Quality gates pass locally Run python tools/quality_gates.py
Documentation / comments Explain non-obvious logic
No unrelated reformatting Keep diffs focused

🛡 Security Coordination

  • Security issues: NEVER open a public issue—use the security contact link.
  • Pre-disclosure discussion (non-vuln hardening ideas) welcome in Discussions.

🗓 Indicative Timeline

  • Week 0–1: Community alignment & low-hanging test/docs contributions
  • Week 2–3: Plugin/example + metric coverage expansion
  • Week 4: Federation threat model draft + polish / stabilization

📌 Tracking Table (Copy into Discussion Comment)

### Proposal Summary Area: (stability / observability / security / dx / plugins / memory / federation-prep / docs) Title: <short> Problem: <one-line> Proposed Change: <1–3 lines> Impact: <qualitative + any numbers> Test Plan: <how will we know it works?> Owner(s): @you Status: idea | drafting | wip-pr | review | merged

🤝 Recognition

Meaningful roadmap-aligned contributions will be called out in release notes and future Hall of Fame.

Contribute intentionally. Small, well-tested improvements compound fast. 🚀

Loading
0 Join discussion

Aetherra v0.1.0-alpha.2

06 Sep 21:28
@github-actions github-actions
v0.1.0-alpha.2
efd5a7a

Choose a tag to compare

View all tags
Aetherra v0.1.0-alpha.2 Pre-release
Pre-release

Aetherra v0.1.0-alpha.2 Release Notes

Date: 2025-09-06
Tag: v0.1.0-alpha.2
Provenance Tag: v0.1.0-alpha.2-provenance

Highlights

  • Regenerated license report (licenses_report.json) with 0 UNKNOWN entries (all resolved via vetted overrides).
  • SBOM (sbom.json) refreshed (261 components) using lightweight in-repo generator.
  • Integrity manifest (integrity_manifest.json) published embedding hashes for core supply-chain artifacts.
  • Vulnerability scan tooling (tools/vuln_scan.py) upgraded from placeholder hash-only mode to multi-engine wrapper (pip-audit / osv-scanner best-effort) with graceful fallback.
  • Quality gates pipeline remains green after fixes.

Supply Chain & Integrity

requirements.lock SHA256 a8e00b0146a9186734a923004add221a7333dc1d578c5eff6246ad00e8c14980 licenses_report.json SHA256 85ff9ec601ba6d1b19a2cc9bb6734decd051485514be881d4354751871c03074 sbom.json SHA256 3fbaecd85de1efc928f6fa415055a382bd6ba03210a7d955bd5a501f36c1f46a

These values are embedded (integrity manifest hash) within the annotated tag for traceability.

Governance & Compliance

  • License enforcement baseline auto-tightened (trend tolerance: 0 growth; fail-on-increase active).
  • Overrides validated against canonical + dynamic SPDX lists; weekly prune automation in place.
  • No new UNKNOWN licenses introduced; gating scripts confirm compliance.

Security & Observability

  • Sandbox/plugin execution timeout metrics now increment and surface via hub /metrics endpoint.
  • Vulnerability scan wrapper exits cleanly when scanners absent (early alpha mode) while preserving gating structure for future enforcement.

Deferred (Beta Roadmap)

  • Cryptographic signing & attestation (Sigstore / GPG) integration.
  • Full sandbox isolation & policy violation counters (beyond timeouts).
  • SPDX expression parser with deny-list and license policy strict mode.
  • Automated signed provenance attestation emission.

Upgrade Notes

No breaking changes; governance tooling improvements only. Consumers pulling artifacts should verify the above SHA256 hashes against integrity_manifest.json.

Acknowledgements

Thanks to contributors advancing governance, provenance, and observability foundations ahead of schedule.

For full policy references see: docs/ALPHA_RELEASE_GAP_ANALYSIS.md, docs/LICENSE_POLICY.md, docs/RELEASE_PROCESS.md, docs/ATTESTATION.md.

Loading