This release includes 2 breaking changes for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Topics
+14 more
Summary
AI summaryThe compliance_audit workflow was renamed to compliance_mapping and reports now map findings instead of generating full compliance reports.
Full changelog
v2.9.1 — Compliance Wording Clarification
Compliance ifadelerini netleştirdik. GuardVibe güvenlik tarama bulgularını compliance kontrol numaralarına eşler (mapping) — compliance audit yapmaz.
Değişiklikler
- "Generates compliance reports" → "Maps findings to compliance controls"
- Tüm rapor çıktılarına "not a substitute for professional audits" disclaimer eklendi
compliance_auditworkflow →compliance_mappingolarak yeniden adlandırıldı- Rapor başlıkları "Compliance Report" → "Compliance Control Mapping"
334 rules, 31 tools, 23 CVEs, 6 control frameworks
Breaking Changes
- `compliance_audit` workflow renamed to `compliance_mapping`
- Report output changed from generating compliance reports to mapping findings to compliance controls
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About goklab/guardvibe
Security MCP for vibe coding with 330 rules and 29 tools. Purpose-built for AI-generated code — scans Next.js, Supabase, Clerk, Stripe, Prisma, Hono, GraphQL, and 25+ modules. Cross-file taint analysis, host security audit, auto-fix, SARIF export, pre-commit hook, and CVE version detection. Zero config, runs locally.
Related context
Beta — feedback welcome: [email protected]