All notable changes to this project will be documented in this file.
This changelog is automatically generated by git-cliff from conventional commits.
- Fix publish workflow: pass
--repotogh release uploadin asset upload job - Fix org reusable build workflow:
cyclonedx-bom4.7.0 does not exist, pin to 4.6.1
- Replace
deepcopy+ recursivewalk()with single-pass iterative walker (boltons remap pattern) — no recursion, no stack overflow, handles cycles and shared substructures via identity tracking - Add
max_depthparameter towalk()(default 128) — warns on excessive nesting but continues sanitizing; never crashes on data shape - Strip C0/C1 control characters — terminal injection defense (BS, ESC, ANSI sequences)
- Strip 19 high-confidence invisible chars (math invisible operators, deprecated format controls, braille blank, ogham space, hangul fillers, mongolian FVS, arabic letter mark)
- Expand homoglyph map — 12 new pairs (Greek lowercase, Cyrillic extended, Latin dotless i)
- Add SLSA Level 3 build provenance and unified badge header
- Add dual SBOMs, build provenance attestation, and release assets
- NFD decompose before homoglyph scan to defeat NFKC composition bypass
- Document escaper trust boundary in
clean()docstring, README, and CLAUDE.md - Sync all docs with iterative walker architecture (no deepcopy references)
- Migrate wiki content to Diataxis docs site
- Update counts across all docs — invisible chars 411 to 492, homoglyphs 54 to 66, tests 382 to 405
- Add Grippy code review workflow (updated to grippy-mcp)
- Restructure workflows to match org ruleset contract
- Expand fuzz matrix to run both
fuzz_cleanandfuzz_walktargets
- Add 23 Hypothesis property-based tests for all public API invariants (clean safety, walk mutation/depth/cycles, escaper safety, script detection, decode robustness)
- Overhaul Atheris fuzzer — resurrect dead
fuzz_walktarget, add NFKC-stability and homoglyph-free invariants, add--target=CLI flag - Add 48 adversarial tests for invisible char gaps, NFKC composition bypass, and new homoglyph pairs
- Add depth limit, cycle safety, shared substructure, and DAG edge case tests
- Add whitepaper v1.0 with pipeline diagram (#3)
- Fix stale stage count in CHANGELOG
- Update CLAUDE.md for 6-stage pipeline and 8 exports
- Document re-NFKC stage in pipeline
- Add CODEOWNERS for scorecard branch-protection check
- Resolve concurrency group collision in CI reusable workflow
- Use branch-specific codecov badge URL
- Re-normalize after homoglyph replacement for idempotency
- Use uv pip install in smoke test (uv venv lacks pip)
- Close bypass vectors from adversarial audit and harden pipeline
- Close 18 bypass vectors found in penetration testing
- Add Codecov coverage reporting with dynamic badge
- Scope down token permissions and add Atheris fuzz harness
- Add PyPI trusted publishing workflow
- Bump the actions group with 2 updates (#1)
- Add framework integration snippets and threat model blurb
- Add Why This Matters and comparison sections to README
- Add coverage badge to README
- Add fuzz workflow badge to README
- Finalize README with benchmarks and API examples
- Add decode_evasion, detect_scripts, is_mixed_script (#2)
- Add jinja2 and path escapers
- Core pipeline — clean() with 4 universal stages
- Add homoglyph mapping data (42 pairs)
- Add invisible character data module and first test skeleton
- Update security contact email to security@projectnavi.ai
- Add CONTRIBUTING, GOVERNANCE, CODE_OF_CONDUCT, and auto-generated CHANGELOG
- Harden CI with Semgrep, CodeQL, pip-audit, SHA-pinned actions, and contributor tooling
- Add README badges, OpenSSF Scorecard workflow, and security policy
- Add pre-commit hooks and GitHub Actions CI
- Scaffold navi-sanitize package
- Add benchmark suite — clean() and walk() perf baselines
- Add Unicode Tag smuggling and bidi override attack tests
- Port adversarial suite from navi-bootstrap (37+ attack vectors)
- Add walk() tests — nested structures, deep copy, edge cases