Skip to content

v0.9.1

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 May 22:36
v0.9.1
0e98ed4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changed

  • Authorization header redaction now preserves the auth scheme. Previously the entire header value was collapsed
    to a single opaque tag (Authorization: AUTH_xxxxxxxx), stripping the RFC 7235 scheme token (Basic, Bearer,
    Digest, NTLM, Negotiate, OAuth). Downstream consumers had no way to classify the auth mechanism from
    request-side evidence — they had to wait for a 401 + WWW-Authenticate exchange that often never appeared (e.g., when
    a browser sends cached credentials from request 1). The redactor now recognizes the closed set of RFC-registered
    schemes, preserves the scheme token, and tag-redacts only the credential after the first whitespace
    (Authorization: Bearer AUTH_xxxxxxxx). Unknown schemes (or values with no whitespace) fall through to full redaction
    so non-standard leading tokens cannot escape. Concretely this restores the ability of intake pipelines like
    cable_modem_monitor's analyze_har to determine the auth strategy from a single authenticated request. Implemented
    as a third header-classification bucket (headers.scheme_redact in sensitive.json) alongside full_redact and
    cookie_redact; the bucket is extensible via custom patterns the same way the other two are.
  • Doc-system restructure: CLAUDE.md is now a router, not the source of truth. Architecture, code-quality, and
    testing principles previously restated in CLAUDE.md were moved to their authoritative homes: docs/ARCHITECTURE.md
    gains a Code Organization section (SoC, DRY, no-CLI-dep, additive-only), docs/CODE_REVIEW.md is new and houses
    code-quality and test-file standards plus the concrete Quality Gates table, and docs/RELEASE.md gains Version
    Numbering (pre-1.0 bump policy + CHANGELOG-section tiebreaker) and Branching and Merging (one PR per release,
    consolidation rules, cherry-pick vs rebase, merge-vs-squash) sections. CLAUDE.md is restructured around
    Claude-behavior content: a Where Things Live routing table, slimmed Core Principles (specs/process only, now 7
    numbered rules), Diagnosis / Decision / Verification / Pre-Push Verification / Irreversible-Operations discipline
    sections, and a new AI Shortcut Audit section catalogueing encoded failure modes from real sessions (pre-1.0
    versioning reflex, opening parallel PRs for the same release, CHANGELOG-for-tests, spec-skipping,
    restating-instead-of-pointing). Motivation: AI-assisted contributors were following stale CLAUDE.md restatements that
    had drifted from authoritative docs (concrete example: CLAUDE.md stated 75% coverage threshold while pyproject.toml
    has been at fail_under = 90 since v0.8.1). New rationale recorded in
    ADR-11.
  • CLAUDE.md principle renumbering. The router restructure renumbered Core Principles from 19 entries (Architecture
    1-7, Specs/Docs 8-10, Code Quality 11-13, Testing 14-16, Process 17-19) down to 7 (Specs/Docs 1-3, Process 4-7).
    Architecture, code-quality, and testing principles moved to their authoritative docs and are no longer numbered in
    CLAUDE.md. Live code/test/script comments that referenced numbered principles were updated to point at the new
    authoritative doc and section instead. Historical CHANGELOG entries (v0.8.x, v0.9.0) retain their original
    principle/rule numbers — they describe state at release time and modifying them would be revisionist.
  • Markdownlint configuration + pre-commit hook added; full doc tree reflowed to 120-char lines. New
    .markdownlint.jsonc / .markdownlint.json / .markdownlint-cli2.jsonc configs and a markdownlint-cli2 pre-commit
    hook pinned to v0.22.1. The mdformat pre-commit hook now passes --wrap 120 so prose auto-wraps to 120 chars on
    every commit, and markdownlint enforces MD013 (line-length) at the same 120-char limit. Tables, code blocks, and
    headings remain enforced; tables and code blocks are exempt from MD013 because their content (commands, URLs, regex
    examples) loses meaning if line-wrapped. Every other rule customization considered during this audit was tested
    against the actual doc tree and dropped when it didn't fire — no preemptive disables, no cargo-culted disable
    justifications. The reflow touched 15 markdown files (~2700 diff lines, mechanical). The first lint run surfaced and
    fixed three bare-URL violations (docs/TAG-PROTECTION.md line 19, CONTRIBUTING.md lines 219 and 227), two
    trailing-colon headings (docs/TAG-PROTECTION.md lines 42 and 65), and a missing-H1 in
    .github/PULL_REQUEST_TEMPLATE.md — gaps no prior gate had caught. The detect-secrets pragma in
    docs/specs/VALIDATION_SPEC.md got separated from its target line during the reflow; the example was rewritten to use
    "..." placeholder syntax so it no longer triggers the keyword detector.
  • GitHub issue templates restored, mdformat frontmatter plugin added. Both .github/ISSUE_TEMPLATE/bug_report.md
    and feature_request.md had broken YAML frontmatter: the --- delimiters were collapsed to horizontal-rule
    underscores and the name:/about:/labels: metadata was mashed into ## headings, so the files did not function
    as GitHub issue templates (no auto-populated title, labels, or assignees on issue creation). The root cause is that
    mdformat treats --- as horizontal-rule markdown and rewrites it; without the mdformat-frontmatter plugin, every
    commit re-damages the templates. Both templates rewritten with correct frontmatter and the plugin added to the
    mdformat pre-commit hook's additional_dependencies so the templates stay intact.
  • release.yml CHANGELOG-extraction regex fixed. The "Extract release notes" step used
    awk '/^## \[VERSION\]/,/^## \[/' CHANGELOG.md — a single-regex range where the start pattern also matches the end
    pattern, so the range was a single line (the version header itself) and the extracted release notes were empty for
    every release. GitHub Releases for v0.9.0 and prior shipped with installation-boilerplate-only bodies, missing every
    actual ### Changed / ### Fixed entry. Fix uses a flag-toggle awk pattern that begins after the version header.
    Verified against the 0.9.1 CHANGELOG content before commit.
  • scripts/release.py rule-3 reference corrected. Print statement at line 514 said
    CLAUDE.md rule 3: DRY non-negotiable, but DRY was rule 2 in the old CLAUDE.md numbering — the reference was wrong
    since the audit gate was introduced. As part of the broader cross-reference migration in this release (numbered
    principles → authoritative-doc-and-section pointers), the line now points to
    docs/ARCHITECTURE.md § Code Organization.

Installation

pip install har-capture==0.9.1

Full Changelog

See CHANGELOG.md for complete details.

Assets 2
Loading