Skip to content

Release Notes — v0.4.7

Release Date: 2026-05-04

TaipanStack v0.4.7 focuses on security hardening (TOCTOU, SSRF, Argon2), resilience enhancements against resource exhaustion, and a major audit of the test suite to reach 1,314 passing tests with 100% genuine code coverage.

🛡️ Security

  • Fix (High) — TOCTOU Vulnerability: Resolved a Time-of-Check to Time-of-Use (TOCTOU) vulnerability in filesystem operations by enforcing atomic checks and stricter file handle management (PR #663).
  • Fix (High) — SSRF Unicode Hardening: Hardened guard_ssrf against UnicodeError bypasses via fuzzing-detected edge cases and strict normalization (PR #667).
  • Fix (High) — Argon2 Verification: Hardened verify_password against malformed Argon2 hashes to prevent unhandled exceptions during verification (PR #661).

🌊 Resilience

  • Resource Exhaustion Handling: Implemented proactive system resource exhaustion detection in Bulkhead to prevent thundering herd scenarios and queue overflows (PR #662).
  • Chaos Hardening: Injected system resource exhaustion scenarios in the adaptive orchestrator and hardened semaphore acquisition to ensure graceful degradation (PR #668).

⚡ Performance & Refactoring

  • Complexity Reduction: Significantly reduced cyclomatic complexity across core resilience modules, circuit breaker logic, and compatibility layers (PR #680, #676, #666, #670).
  • Modern Typing: Enhanced ASGI static typing in web_bridge using TypeAlias for better IDE support and type safety (PR #682).
  • Internal Cleanup: Standardized internal Pydantic model typing and resolved unused argument warnings in serialization logic (PR #669).

🔄 CI/CD & Infrastructure

  • Pipeline Optimization: Optimized and strictly validated all CI/CD pipelines to enforce zero-bypass security policies and faster execution (PR #675, #664).

✅ QA & Testing

  • Test Suite Audit: Performed a comprehensive audit, refactor, and standardization of the test suite for better environment isolation and strict compliance (PR #683, #671, #665).
  • 100% Genuine Coverage: Achieved the ultimate quality milestone: true 100% code coverage by resolving all remaining coverage bypasses (PR #674).
  • Test Suite Growth: The test suite has reached 1,314 passing tests, incorporating extensive property-based fuzzing and chaos engineering scenarios.
  • Synchronization: Unified test counts and version metadata across all documentation portals (PR #681, #672).