Skip to content

🚀 Release Notes - v0.3.10

TaipanStack v0.3.10 is here! This release focus on security hardening, performance optimizations, and strict typing compliance. We've also crossed the 1000+ tests milestone, ensuring maximum reliability for your Python stack.

🔒 Security Hardening

  • ReDoS Protection: Fixed a potential Regular Expression Denial of Service vulnerability by enforcing \Z anchors instead of $ in all string-based validators. This ensures pattern matching stops exactly at the end of the string, preventing backtrack-heavy evaluations. (#255)
  • Hashing Security: Internal utilities now restrict hashing algorithms to high-security variants (sha256, sha512), explicitly disallowing weaker algorithms like md5 or sha1. (#181)
  • Filesystem Guards: Enhanced guard_path_traversal with stricter canonicalization logic and expanded test coverage for nested symlink edge cases. (#179)
  • Credential Protection: Implemented guards in subprocess wrappers and structlog processors to prevent accidental credential leakage in error message logs. (#175)
  • Secure Models: All internal user-related schemas now inherit from SecureBaseModel, providing automatic field redaction for sensitive data during serialization. (#177)

⚡ Performance & Efficiency

  • Regex Precompilation: Sanitization patterns in sanitize_string are now precompiled, resulting in a 20% performance improvement on high-frequency sanitization calls. (#245)
  • SSRF Optimization: Refactored the SSRF guard to leverage the Python ipaddress library for network range evaluations, significantly speeding up host resolution checks. (#178)

🛡️ Resilience & Reliability

  • Clock-Jump Resistance: The RateLimiter now uses time.monotonic() instead of time.time(), making it immune to system clock jumps (e.g., NTP updates or manual adjustments). (#252)
  • Retry Logic Fix: Resolved a critical bug in the exponential backoff calculation that caused chaotic behavior when attempt counts were manually manipulated or negative. (#229)

🔧 Modernization & Refactoring

  • Python 3.10+ Patterns: Embraced structural pattern matching (match/case) in utils/cache.py and default_encoder for cleaner, more efficient branching logic. (#250, #227)
  • Cyclomatic Complexity: Reduced complexity across the security module, breaking down large guards into smaller, testable units. (#253)
  • Strict Typing: Finalized renaming of unused variables with _ prefixes and removed hundreds of legacy # noqa comments, achieving full compliance with strict ruff/mypy rules. (#172, #174)

✅ Quality Assurance

  • 1000+ Tests: We now have 1006 tests with 100% code coverage!
  • Result Monad Migration: Migrated the entire internal codebase and test suite from .ok()/.err() to the modern .ok_value and .err_value properties. (#248)

📦 How to upgrade

pip install --upgrade taipanstack
# or with poetry
poetry add taipanstack@latest

Thank you to all contributors who helped make this release possible!