ForceField v0.7.2

What's New in v0.7.x

Constitution Engine

• forcefield init -- scaffold .forcefield/constitution.yaml for governance (default/strict/permissive templates)
• YAML-driven rules for files, commands, tools, and content

Security Scanning

• guard.scan_command() -- scan terminal commands for 22 dangerous patterns
• guard.scan_filename() -- scan filenames for 12 security-sensitive patterns
• guard.protect_path() / guard.is_protected() -- glob-based protected path management

Reporting & Evaluation

• guard.audit_report() -- generate structured JSON or Markdown audit reports
• guard.eval() -- run security eval suites (116 built-in attacks or custom YAML)

Distribution

Available on 13 channels: PyPI, npm, VS Code Marketplace, Open VSX, JetBrains Marketplace, GitHub Action, pre-commit, Homebrew, Docker, and more.

Install

pip install forcefield        # Core: regex + heuristics, zero deps
pip install forcefield[ml]    # + ONNX ML model (95%+ detection, 235KB)
pip install forcefield[all]   # Everything (ML + cloud + integrations)

Other Install Methods

brew tap datasciencetech/forcefield && brew install forcefield
npx forcefield-ai scan 'test prompt'

Links

• CHANGELOG
• PyPI
• VS Code Extension
• JetBrains Plugin
• Documentation

v0.4.0

What's New in v0.4.0

New Security Domains

• Content Safety -- Azure-compatible severity scoring (0/2/4/6 scale) for Hate, Violence, Sexual, SelfHarm categories
• Rate Limiting -- In-memory token-bucket rate limiter with per-user, per-session, and global tiers
• Abuse Detection -- Detect hostile LLM output (persona deviation, jailbreak success, unhinged patterns) via keywords + TF-IDF + optional sentence-transformer embeddings
• Tool Governance -- Policy-driven allow/block/require-approval for tool calls with argument + result inspection (PII, secrets, injection)

Guard API Additions

• guard.content_safety(text)
• guard.rate_check(identity, tier)
• guard.check_abuse(text)
• guard.govern_tool(tool_name, ...)

Distribution

• PyPI: \pip install forcefield\
• conda-forge: \conda install -c conda-forge forcefield\ (recipe submitted)
• Docker Hub: \docker pull forcefield/gateway:0.4.0\
• GitHub Marketplace: ForceField AI Security Scanner

Other

• 26 SEO keywords in PyPI metadata
• 15 classifiers (added License, Framework::FastAPI, Topic::Software Development)
• Changelog URL in pyproject.toml
• Zero runtime dependencies for base install

Full Docs: datasciencetech.ca/en/python-sdk

ForceField v0.3.1

What's New

• License: Switched to Apache 2.0 (was BSL-1.1)
• GitHub Action: Reusable action for CI/CD security scanning (selftest + audit)
• Accurate badges: 100% detection with ML, 81% regex-only
• Project URLs: Updated to datasciencetech.ca/en/python-sdk

Install

\\�ash
pip install forcefield[ml]
\\

GitHub Action

\\yaml

• uses: Data-ScienceTech/forcefield@v0.3.1
  with:
  mode: 'both'
  sensitivity: 'medium'
  \\

Full details: https://datasciencetech.ca/en/python-sdk

Full Changelog: https://github.com/Data-ScienceTech/forcefield/commits/v0.3.1