v0.73.0

Highlights

• Discovers repo-relative Copilot instruction folders configured through VS Code chat.instructionsFilesLocations.
• Includes configured *.instructions.md files in context health and context security scans.
• Extends copilot-missing-applyto checks to custom instruction-location files.

Verification

• PR #171 merged after test and contextforge-audit passed.
• Main CI run 26736920376 passed.
• Main ContextForge Audit run 26736920375 passed.
• Local npm pack --dry-run --json produced contextforge@0.73.0.

v0.72.0

Highlights

• Adds copilot-missing-applyto to context health audits for path-scoped Copilot instruction files without applyTo frontmatter.
• Documents why .github/instructions/**/*.instructions.md files need deterministic scopes when maintainers expect automatic application.
• Refreshes README, Copilot docs, LLM discovery files, and publish-readiness metadata for v0.72.0.

Verification

• PR #169 merged after test and contextforge-audit passed.
• Main CI run 26736615811 passed.
• Main ContextForge Audit run 26736615808 passed.
• Local npm pack --dry-run --json produced contextforge@0.72.0.

v0.71.0 - GitHub Actions Node 24 readiness

Highlights

• Added actions-missing-node24-opt-in to contextforge actions-audit.
• Flags workflows that use JavaScript actions without FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true.
• Keeps ContextForge dogfood workflows passing with their existing Node 24 opt-in.
• Documents the known GitHub runner annotation behavior where Node 20 action metadata may still produce an informational warning even when Node 24 is forced.

Validation

• PR #167 checks passed: CI and ContextForge Audit.
• Main checks passed after merge: CI and ContextForge Audit.
• Local validation: targeted tests, pnpm typecheck, pnpm test, pnpm build, actions audit, doctor, security benchmark, audit, publish-readiness, and npm pack dry-run.

Research anchors

• GitHub changelog on Node 20 deprecation for Actions runners: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
• GitHub runner issue about warning annotations even with Node 24 forced: actions/runner#4295

v0.70.0 - Doctor hardening proof path

Highlights

• Added Claude Code settings, agentic workflow, and GitHub Actions hardening checks to contextforge doctor.
• Expanded proof-pack and scorecard evidence commands so Codex/Claude handoffs can rerun claude-audit, workflow-audit, and actions-audit directly.
• Refreshed the README first proof path around doctor + scorecard before deeper audit and surface artifacts.
• Bumped the public GitHub Action reference and package metadata to v0.70.0.

Validation

• PR #165 checks passed: CI and ContextForge Audit.
• Main checks passed after merge: CI and ContextForge Audit.
• Local validation: pnpm typecheck, pnpm test, pnpm build, doctor, scorecard, proof-pack, Claude audit, workflow audit, actions audit, security benchmark, audit, publish-readiness, and npm pack dry-run.

Research anchors

• GitHub Actions script injection guidance: https://docs.github.com/en/actions/concepts/security/script-injections
• GitHub Security Lab untrusted input guidance: https://securitylab.github.com/resources/github-actions-untrusted-input/
• GitHub Copilot customization docs: https://docs.github.com/en/copilot/concepts/prompting/response-customization
• Claude Code settings docs: https://docs.anthropic.com/en/docs/claude-code/settings

v0.69.0 - GitHub Actions hardening audit

Highlights

• Added contextforge actions-audit to inspect .github/workflows/* for GitHub Actions hardening issues.
• Emits Markdown and SARIF so teams can attach release proof and upload findings to GitHub code scanning.
• Flags missing or broad permissions, mutable action refs, risky pull_request_target usage, pwn-request checkout patterns, and direct interpolation of untrusted GitHub contexts in shell scripts.
• Dogfooded the audit by pinning ContextForge workflows to full action SHAs and least-privilege permissions.

Validation

• PR #163 checks passed: CI and ContextForge Audit.
• Main checks passed after merge: CI and ContextForge Audit.
• Local validation: pnpm build, pnpm typecheck, pnpm test, security benchmark, workflow audit, actions audit, publish readiness, and npm pack dry-run.

Research anchors

• GitHub Actions script injection guidance: https://docs.github.com/en/actions/concepts/security/script-injections
• GitHub Security Lab untrusted input guidance: https://securitylab.github.com/resources/github-actions-untrusted-input/
• zizmor adjacent prior art: https://github.com/woodruffw/zizmor

v0.68.0 - Wider workflow-audit inputs

ContextForge v0.68.0

This release expands contextforge workflow-audit so agentic GitHub workflow checks cover attacker-controlled titles and branch/ref fields, not only Markdown bodies or comments.

Highlights

• Treats issue titles, pull request titles, PR head refs/labels, github.head_ref, github.ref_name, review-comment bodies, and discussion titles as untrusted agent inputs.
• Adds regression coverage for title/ref text flowing into a Claude-powered workflow with write permissions.
• Refreshes README, workflow-audit docs, LLM discovery files, generated artifacts, changelog, and research notes.
• Links the research note to GitHub Actions script-injection guidance, GitHub Security Lab untrusted-input guidance, and recent agentic workflow injection research.

Verification

• PR #161 passed CI and ContextForge Audit on GitHub.
• Main commit 6315b88 passed CI and ContextForge Audit.
• Local validation included red/green regression testing, typecheck, full tests, build, security benchmark, audit, workflow-audit artifact generation, publish-readiness, and npm pack dry-run.

v0.67.0 - Agentic workflow audit

ContextForge v0.67.0

This release adds contextforge workflow-audit, a deterministic GitHub Actions audit for agentic workflow injection risk.

Highlights

• Detects untrusted issue, PR, review, comment, discussion, or workflow input text flowing into agentic commands/actions.
• Flags agentic workflows that run with pull_request_target or write-capable permissions.
• Flags repository secrets combined with untrusted event text in agentic jobs.
• Emits contextforge-workflow-audit.md and contextforge-workflow.sarif.
• Wires the reusable Action, generated workflow, dogfood workflow, artifact upload, and Code Scanning upload.
• Adds docs/workflow-audit.md, AI-readable llms.txt updates, and a risky demo fixture.

Verification

• PR #159 passed CI and ContextForge Audit on GitHub.
• Main commit 4a91097 passed CI and ContextForge Audit.
• Local validation included typecheck, full tests, build, security benchmark, audit, workflow-audit artifact generation, publish-readiness, and npm pack dry-run.

v0.66.0

Highlights

• Added contextforge launch-snapshot --output docs/launch-snapshot.md.
• README now links a first-visitor why-now page for the agent-context market gap, adjacent categories, first proof artifacts, and share copy.
• Artifact map, launch kit, adoption brief, use cases, release checklist, and research notes now include the launch snapshot path.

Research signal

GitHub and web research this turn pointed to fast-moving AGENTS.md/context-engineering repos, MCP security pressure, agentic workflow injection research, and token/trace waste as the strongest public positioning thread.

Verification

• PR #157 checks passed.
• Main CI passed: https://github.com/grnbtqdbyx-create/contextforge/actions/runs/26734157874
• Main ContextForge Audit passed: https://github.com/grnbtqdbyx-create/contextforge/actions/runs/26734157895

v0.65.0

Highlights\n\n- npm publish workflow now packs contextforge-*.tgz before publish.\n- GitHub artifact attestation is generated for the release tarball.\n- npm-pack.json and the tarball are uploaded with publish readiness evidence.\n- The approved publish job publishes the same packed tarball.\n- publish-readiness now reports release artifact attestation as a separate check.\n\n## Verification\n\n- PR #155 checks passed.\n- Main CI passed: https://github.com/grnbtqdbyx-create/contextforge/actions/runs/26733838067\n- Main ContextForge Audit passed: https://github.com/grnbtqdbyx-create/contextforge/actions/runs/26733838069\n

v0.64.0

ContextForge v0.64.0

This release moves the surface-diff signal directly into ContextForge PR comments.

Highlights

• contextforge audit --comment ... --base main now embeds a compact Changed Agent Surfaces section in the generated PR comment.
• The PR comment summarizes changed agent-readable surfaces, affected ecosystems, and top files before reviewers open any artifact.
• Reusable action and dogfood workflow now pass the same base ref to the audit comment and contextforge-agent-surface-diff.md artifact.
• README, docs, generated examples, artifact map, launch/comparison docs, and LLM discovery files now describe the PR-comment surface-diff flow.
• Bumps package/action ref to v0.64.0.

Verified

• TDD red checks were observed for PR comment surface summaries and audit base-ref wiring before implementation.
• Local git diff --check, typecheck, full test suite, build, audit, security benchmark, publish-readiness, and npm pack dry-run passed.
• PR #153 checks passed before merge.
• Main branch CI and ContextForge Audit passed after merge.