|
| 1 | +# Changelog |
| 2 | + |
| 3 | +All notable changes to ForceField will be documented in this file. |
| 4 | + |
| 5 | +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), |
| 6 | +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). |
| 7 | + |
| 8 | +## [0.7.2] - 2026-03-27 |
| 9 | + |
| 10 | +### Added |
| 11 | + |
| 12 | +- `forcefield init` -- scaffold `.forcefield/constitution.yaml` for vibe coding governance (default/strict/permissive templates) |
| 13 | +- `guard.audit_report()` -- generate structured JSON or Markdown audit reports from scan events |
| 14 | +- `guard.eval()` -- run security eval suites (116 built-in attacks or custom YAML) |
| 15 | +- Constitution engine -- YAML-driven governance rules for files, commands, tools, and content |
| 16 | +- `guard.scan_command()` -- scan terminal commands for 22 dangerous patterns |
| 17 | +- `guard.scan_filename()` -- scan filenames for 12 security-sensitive patterns |
| 18 | +- `guard.protect_path()` / `guard.is_protected()` -- glob-based protected path management |
| 19 | +- CLI commands: `forcefield init`, `forcefield eval`, `forcefield scan-command`, `forcefield scan-filename` |
| 20 | +- GitHub Action for CI/CD integration (GitHub Marketplace listed) |
| 21 | +- pre-commit hook support |
| 22 | +- Homebrew tap (`brew tap datasciencetech/forcefield`) |
| 23 | +- npm wrapper (`npx forcefield-ai`) |
| 24 | +- VS Code extension with Sentinel Mode |
| 25 | +- Open VSX Registry listing |
| 26 | +- JetBrains Marketplace plugin |
| 27 | + |
| 28 | +### Changed |
| 29 | + |
| 30 | +- Multi-turn session tracker now detects crescendo and probe-then-inject sequences |
| 31 | +- Anti-obfuscation normalizer handles zero-width chars, homoglyphs, leetspeak, and mixed scripts |
| 32 | + |
| 33 | +## [0.6.0] - 2026-03-15 |
| 34 | + |
| 35 | +### Added |
| 36 | + |
| 37 | +- ONNX ML model for prompt injection detection (95%+ accuracy, 235KB) |
| 38 | +- TF-IDF + Random Forest ensemble scoring |
| 39 | +- Endpoint security testing (`forcefield test <url>`) |
| 40 | +- Cloud hybrid scoring via ForceField Gateway API |
| 41 | +- Output moderation (hate speech, violence, credential leaks) |
| 42 | +- Chat template validation (`forcefield validate-template`) |
| 43 | +- LangChain callback handler (`langchain-forcefield` package) |
| 44 | +- LlamaIndex callback handler (`llama-index-forcefield` package) |
| 45 | +- OpenAI drop-in wrapper (`ForceFieldOpenAI`) |
| 46 | +- FastAPI middleware (`ForceFieldMiddleware`) |
| 47 | + |
| 48 | +## [0.5.0] - 2026-02-28 |
| 49 | + |
| 50 | +### Added |
| 51 | + |
| 52 | +- PII detection for 18 types (SSN, credit card, email, phone, IBAN, JWT, API keys, etc.) |
| 53 | +- PII redaction with configurable replacements |
| 54 | +- Jinja2 chat template backdoor scanning |
| 55 | +- Token smuggling and payload splitting detection |
| 56 | +- Source file auditing (`forcefield audit <path>`) |
| 57 | +- JSON and Markdown report output formats |
| 58 | + |
| 59 | +## [0.4.0] - 2026-02-15 |
| 60 | + |
| 61 | +### Added |
| 62 | + |
| 63 | +- Prompt injection detection across 12 categories with 60+ regex patterns |
| 64 | +- Jailbreak and role escalation detection (DAN-style attacks) |
| 65 | +- Data exfiltration detection (obfuscated destinations, JSON payloads) |
| 66 | +- System prompt extraction detection |
| 67 | +- Sensitivity levels (low/medium/high/critical) with configurable thresholds |
| 68 | +- CLI selftest with 116 built-in attack prompts |
| 69 | +- HTTP proxy mode (`forcefield serve`) |
| 70 | + |
| 71 | +## [0.3.0] - 2026-02-01 |
| 72 | + |
| 73 | +### Added |
| 74 | + |
| 75 | +- Initial public release |
| 76 | +- Core `Guard` class with `scan()`, `redact()`, `moderate()` methods |
| 77 | +- Regex-based detection engine (81% detection rate) |
| 78 | +- CLI: `forcefield scan`, `forcefield redact`, `forcefield selftest` |
| 79 | +- Python 3.9-3.13 support |
| 80 | +- Zero external dependencies for core package |
0 commit comments