Skip to content

TaipanStack v0.3.6

Date: March 5, 2026

Release v0.3.6 is an intensive Security and Quality Assurance (QA) iteration aiming at standardizing and solidifying boundaries around logic wrappers, configurations, and strict-typing.

🛡️ Security Fixes & Improvements

  • Path Traversal Guard: Fixed a critical symlink bypass vulnerability in guard_path_traversal. It now asserts and resolves symlinks explicitly preventing out-of-boundary resolutions.
  • JWT Key Length Enforcement: Acknowledged internal Python runtime warnings for weak cryptographic tokens and resolved InsecureKeyLengthWarning by imposing explicit 32-byte secret lengths standardizations.
  • Dependency Guardrails: Handled generic Bandit false positives over expected execution patterns (B404, B603 over raw subprocess) using granular contextual # nosec decorators avoiding runtime inspection drifts.

🧪 QA & Testing Coverage

Test suites achieved extensive coverage bounds natively scaling over internal and asynchronous system functionalities:

  • Comprehensive coverage mappings for all coroutines running over @retry, circuit_breaker, and @safe logic blocks ensuring expected fault-tolerance states (100% Async Coverage).
  • Explicit BaseException/Exception isolation scopes validated for the underlying async execution contexts bridging strict exceptions chaining.
  • Validation inner-functions (normalize_ext) and system validate_project_dir isolated suites pushed into pure property assertions guaranteeing zero-regression paths.

🛠️ Code Health & Refactoring

  • Typing Integrity: Resolved MyPy issues tracking exact @overload definitions, mapping correct return payloads over __call__ abstractions (overload-cannot-match | overload-overlap protocols).
  • Format Consistency: Assured all .py files follow continuous Ruff formatting standards without dropping imports or skipping trailing validations (E501, F811).

Full Changelog: v0.3.5...v0.3.6