Skip to content

Release Notes — v0.4.4

Release Date: 2026-04-24

TaipanStack v0.4.4 focuses on critical security hardening, resilience monad integration, and reaching a new milestone of 1,237 passing tests with true 100% code coverage.

🛡️ Security

  • Critical Fix: Hardened guard_file_extension against null bytes (\x00) and trailing whitespace/dots bypasses.
  • Critical Fix: Resolved unhandled RuntimeError on symlink loops in guard_path_traversal.
  • Hardening: Enforced math.isfinite validation in RetryConfig to prevent NaN/Inf induced infinite loops.
  • Hardening: Mitigated potential thread exhaustion in timeout decorators.
  • Fuzzing: Extensive security guards stress testing via Hypothesis, including ReDoS detection and mitigation in sanitize_filename.
  • Audit: Remediated critical pip vulnerability (CVE-2026-3219) and transitive legacy dependency vulnerability (PYSEC-2022-42969) in py.
  • Dependencies: Upgraded pytest to 9.0.3 to remediate CVE-2025-71176.

🌊 Resilience

  • Chaos Mitigation: Integrated Result monad into CircuitBreaker state change notifications.
  • Stability: Resolved unhandled errors in CircuitBreaker during untracked state transitions.
  • Monad Propagation: Resolved micro-chaos issues in Retry monad propagation.

⚡ Performance & CI/CD

  • CI Optimization: Streamlined GitHub Actions by removing redundant container distribution tests and cleaning up bypass scripts.
  • Infrastructure: Optimized isolation and hardened pipeline execution model.
  • Docs: Resolved MkDocs configuration and Mermaid syntax rendering issues.

🔧 Changed & Refactoring

  • Strict Typing: Eliminated remaining Any usage in taipanstack.security.models.
  • Complexity: Significantly reduced cyclomatic complexity across security guards and internal utilities.
  • Modernization: Synchronized and standardized bootstrapper naming references across tests and documentation.

✅ QA & Testing

  • 100% Coverage: Achieved true 100% test coverage by resolving coverage bypasses and fixed bridge component test coverage for database and HTTP fallback states.
  • Test Suite: Reached 1,237 passing tests with 100% code coverage.