Immutable
release. Only release title and notes can be modified.
Patch release rolling up all post-v0.1.0 security, correctness, and CI
work. Full notes in CHANGELOG.md.
Highlights
- External pentest remediation (5 findings, 2 HIGH) — Strix.ai
- Audit #8 — 21 findings remediated, zero open vulnerabilities
- Thrift Correctness Phase — parquet-format 2.9.0 alignment, 47 new tests
- 73 → 92 enterprise compliance gaps — FIPS 140-3, EU AI Act, MiFID II, GDPR, DORA
- Performance — lock-free EventBus publish (~53 ns), FeatureReader RG cache (~0.14 μs cached get)
- Local KMS — additive `IKmsClient` interface for on-premise deployments
- CI — 17 jobs across Ubuntu / macOS / Windows MSVC / sanitizers / fuzz / mutation / codeql / sbom
Migration
- C++: no public API breaks
- Rust: `ParquetReader::schema()` now returns `SchemaRef<'a>` (lifetime-bound) — fixes a use-after-free (CWE-416). Existing `let s = reader.schema();` continues to compile; storing the schema beyond the reader'''s lifetime now fails at compile time as intended.
Tests
- 779 → 830 unit tests in the canonical `server-pq` build
- 844/844 passing in the `RelWithDebInfo + commercial` preset (PQ tests skipped without liboqs)
SBOM
CycloneDX and SPDX SBOMs attached as release assets (auto-generated by the SBOM workflow on tag push).
Verification
```bash
git clone https://github.com/SIGNETSTACK/SIGNET_FORGE.git
cd SIGNET_FORGE
git checkout v0.1.1
cmake --preset server-pq
cmake --build build-server-pq --target signet_tests
cd build-server-pq && ctest --output-on-failure
```