Skip to content

Releases: PythonWoods/zenzic

v0.20.3

Choose a tag to compare

@github-actions github-actions released this 05 Jul 09:06
3841bcc

[0.20.3] — 2026-07-05

Highlights

This patch release executes a zero-tolerance cleanup of legacy features. Following the adoption of the English-Only governance model (ADR-022), the Z602 (I18N_PARITY) rule and all associated bilingual artifacts have been permanently eradicated from the engine.

Fixed & Removed

  • Governance (Z602 Eradication): Completely removed the Z602 diagnostic code from the registry. The engine no longer validates structural parity between localized documentation trees.
  • Configuration Hygiene: Removed the obsolete [i18n] block and i18n_parity parameter from the ZenzicConfig model.
  • Documentation & CLI: Purged the z602 interactive fixture from zenzic lab and stripped all legacy bilingual mirroring instructions from the developer runbooks and reference guides.

Technical Details

  • DQS Invariant: Repository Documentation Quality Score verified at 98/100 (2 pts calculated debt for build-time RSS artifact suppression).
  • Exit Code Contract: 0 (Pass), 1 (Quality), 2 (Security), 3 (Traversal).

Full Changelog: v0.20.2...v0.20.3

v0.20.2

Choose a tag to compare

@github-actions github-actions released this 04 Jul 18:10
b71cf8d

Full Changelog: v0.20.1...v0.20.2

v0.20.1

Choose a tag to compare

@github-actions github-actions released this 04 Jul 17:40
6507e5e

[0.20.1] — 2026-07-04

Highlights

This patch release resolves a critical bug in the new Polyglot Extractor pipeline, restores the visual integrity of the zenzic.dev landing page, and synchronizes the documentation.

Fixed

  • Core (Polyglot Extractor): Resolved an architectural leak where the data-zenzic-ignore attribute failed to prevent URLs from being passed to the Uniform Resolver Pipeline (URP). Suppressed HTML nodes now correctly bypass all link validation checks, eliminating false Z104 and Z603 errors.
  • UI (Dark Mode): Restored the Landing Page's Dark Mode styling. Reverted an overly aggressive CSS purging configuration that conflicted with the underlying MkDocs Material theme engine.
  • Documentation (Best Practices): Updated the configuration guides to accurately reflect how Zenzic handles build-time artifacts (such as RSS feeds). The documentation now correctly instructs users to apply the data-zenzic-ignore attribute to raw HTML links.

Technical Details

  • DQS Invariant: Repository Documentation Quality Score remains verified at 100/100.

Full Changelog: v0.20.0...v0.20.1

v0.20.0

Choose a tag to compare

@github-actions github-actions released this 04 Jul 16:16
v0.20.0
45b5a7f

[0.20.0] — 2026-07-04

Highlights

Zenzic v0.20.0 "The Extensibility Update" opens the engine's core to the community. With the introduction of the Custom Rules API v2, engineering teams can now write bespoke Python plugins to enforce corporate-specific documentation governance, operating directly on Zenzic's lossless Abstract Syntax Tree.

Core Features

  • Custom Rules API (AST Walker): Developers can now create custom rules by subclassing BaseASTRule. The API provides direct access to traverse and inspect Markdown nodes (Headings, Paragraphs, Links) and HTML tags extracted by the Polyglot engine, with zero configuration required (auto-discovery from .zenzic/rules/*.py).
  • Deterministic Sandbox (Z901 & Z902): To protect the $O(N)$ performance invariant and the "Zero Crash" policy, custom rules are executed within a strict deterministic sandbox.
    • Unhandled Python exceptions emit a Z901 (RULE_ENGINE_ERROR), allowing the main scan to continue uninterrupted.
    • Rules are subject to a Visitation Budget (max_visits = 10000). If a custom rule inspects too many nodes (indicating an infinite loop or inefficient logic), the engine terminates the rule and emits a Z902 (RULE_TIMEOUT) warning.
  • Auto-Fix Expansion: The zenzic fix command has been expanded. Code definitions in the registry now support a fixable boolean flag, surfaced via zenzic explain.
    • Z121 (Missing href): Automatically injects href="#", safely converting a structural error into a trackable hygiene warning (Z122).
    • Z603 (Dead Suppression): Automatically removes obsolete <!-- zenzic:ignore --> comments and data-zenzic-ignore attributes from the source.

Fixed & Improved

  • Polyglot Leak Resolved: Fixed an architectural blind spot where data-zenzic-ignore attributes failed to suppress Z104 errors generated by the Uniform Resolver Pipeline (URP).
  • Documentation Overhaul: Added comprehensive guides for writing AST rules (write-ast-rule.md).

Technical Details

  • DQS Invariant: Repository Documentation Quality Score verified at 99/100 (1 pt calculated debt for build-time artifact suppression).
  • Exit Code Contract: 0 (Pass), 1 (Quality), 2 (Security), 3 (Traversal).

Full Changelog: v0.19.6...v0.20.0

v0.19.6

Choose a tag to compare

@github-actions github-actions released this 04 Jul 08:51
cad9763

🔒 Security Advisory

This patch release resolves three vulnerabilities identified during Red Team adversarial audits. All users are advised to update to ensure DQS integrity and CI stability.

Fixed

  • Security (DQS Evasion): Resolved the "Ghost Policy" bypass where developers could evade the Suppression Cap and DQS penalties by injecting leading spaces (e.g., " Z101") into .zenzic.toml policies. The scoring engine now strictly sanitizes inputs.
  • Security (DoS via TOML Bomb): Hardened the configuration parser against mixed-type arrays. Malformed arrays no longer cause unhandled Python tracebacks (crashing the CI runner) but are safely caught and reported as Z001 (Fatal Config Error).
  • Security (Z603 Evasion): Fixed a logical flaw where duplicate inline suppressions on the same line were all marked as "consumed" by a single finding. Duplicates now correctly trigger Z603 (Dead Suppression) to prevent hidden debt.

Full Changelog: v0.19.5...v0.19.6

v0.19.5

Choose a tag to compare

@github-actions github-actions released this 04 Jul 08:18
570ade9

What's Changed

Full Changelog: v0.19.4...v0.19.5

v0.19.4

Choose a tag to compare

@github-actions github-actions released this 04 Jul 07:31
b0d7e0c

Fixed

  • Core (Mutator): Hardened the Atomic Write Barrier to correctly follow symlinks during auto-fix operations, preventing the accidental overwriting of the symlink file itself.
  • Core (Mutator): Implemented a robust try...finally cleanup routine to guarantee the removal of transient .zenzic-tmp-* files even if the process receives a KeyboardInterrupt (SIGINT) during an atomic write.
  • Diagnostics (Z108): Enhanced the Z108 (Empty Link Text) regex and AST mutator to correctly detect and patch "formatted empty links" (e.g., [**](url) or [` `](url)), eliminating an AST drift edge-case.

Full Changelog: v0.19.3...v0.19.4

v0.19.3 — Security Patch: Z205 Evasion Fix

Choose a tag to compare

@github-actions github-actions released this 03 Jul 07:44
334164c

[0.19.3] — 2026-07-02

🔒 Security Advisory

This patch release addresses a security vulnerability in the Polyglot Extractor introduced in v0.19.0. All users utilizing Zenzic as a CI security gate are strongly advised to update immediately.

Fixed

  • Security (Z205 Bypass): Resolved a parser differential vulnerability where attackers could evade the Z205 (Forbidden Scheme) security gate. The extractor now correctly adheres to the HTML5 "first-wins" attribute parsing rule, preventing "Double Href" injection attacks.
  • Security (Encoding Evasion): The engine now correctly unescapes HTML entities and strips obfuscating control characters before evaluating URI schemes, preventing bypasses using encoded javascript: or data: payloads.

Technical Details

  • Performance: The security hardening maintains the strict $O(N)$ (RE2/DFA-pure) execution time invariant.
  • DQS Invariant: Repository Documentation Quality Score remains verified at 100/100.

v0.19.2 — Frontend Performance & LCP Optimization

Choose a tag to compare

@github-actions github-actions released this 02 Jul 11:02
e88cdbd

[0.19.2] — 2026-07-02

Highlights

This patch release finalizes the structural optimizations to the Zenzic documentation portal (zenzic.dev), focusing on the Critical Rendering Path and payload minimization to achieve peak Lighthouse performance scores.

Fixed & Improved

  • Performance (LCP): Optimized the Critical Rendering Path by injecting <link rel="preconnect"> resource hints for the GitHub API. This significantly reduces latency for client-side rendering of repository statistics (Stars/Forks).
  • Performance (CSS): Implemented strict Tailwind CSS purging via tailwind.config.js. Unused utility classes have been stripped from the build, minimizing the frontend payload and reducing render-blocking time.

Technical Details

  • Legal Compliance: All new frontend build configurations (Tailwind) are fully REUSE 3.3 compliant with explicit SPDX annotations.
  • DQS Invariant: Repository Documentation Quality Score remains verified at 100/100.

v0.19.1 — Frontend Optimization & Agent Accessibility

Choose a tag to compare

@github-actions github-actions released this 02 Jul 10:16
fc10edb

[0.19.1] — 2026-07-02

Highlights

This patch release focuses on structural optimizations to the Zenzic documentation portal (zenzic.dev). We have upgraded the frontend to match the "Hostile Precision" of our backend engine, achieving perfect Lighthouse scores and ensuring full compliance with modern accessibility standards (including AI Agent navigation).

Fixed & Improved

  • Agent Accessibility (WebMCP): Added an accessible name (aria-label="Search dialog") to the MkDocs search component. This resolves a critical Lighthouse penalty and allows screen readers and AI agents to correctly parse the accessibility tree (AOM).
  • WCAG 2.1 AA Compliance: Resolved contrast failures across homepage templates. Shifted light mode secondary text to zinc-600 and dark mode secondary text to zinc-400 to guarantee high legibility.
  • Performance (LCP): Eliminated render-blocking network requests. Google Fonts (Inter, IBM Plex Mono, Barlow Condensed, JetBrains Mono) are now self-hosted for offline compliance and improved Largest Contentful Paint (LCP).
  • Performance (CLS): Added explicit width and height constraints to raw HTML image tags (e.g., the main logo) to eliminate Cumulative Layout Shift.
  • SEO Hygiene: Enforced strict, sub-160-character meta description fields across all top-level documentation pages.

Technical Details

  • Legal Compliance: The NOTICE file has been updated with full attributions and licenses (SIL OFL 1.1 / Apache 2.0) for the newly self-hosted fonts.
  • DQS Invariant: Repository Documentation Quality Score remains verified at 100/100.