This release fixes issues for SREs watching stability and regressions.
✓ No known CVEs patched in this version
Topics
+4 more
Summary
AI summaryUpdates engine, cli, and chore across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Bugfix | Medium |
Fixes false-positive HMAC-SHA256 detection in JS engine. Fixes false-positive HMAC-SHA256 detection in JS engine. Source: llm_adapter@2026-05-26 Confidence: high |
— |
| Bugfix | Medium |
Fixes CLI single‑path no‑op and stale ENGINE_VERSION handling. Fixes CLI single‑path no‑op and stale ENGINE_VERSION handling. Source: llm_adapter@2026-05-26 Confidence: high |
— |
Full changelog
What's Changed
- fix(engine): wrong-hmac-algorithm no longer false-flags correct HMAC-SHA256 in JS by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/28
- ci(release): gate releases on actual npm installability (issue #12) by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/29
- fix(cli,engine): fix single-path no-op + stale ENGINE_VERSION by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/30
- chore: add OSS hygiene (SECURITY.md, CONTRIBUTING, templates, dependabot) by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/31
- docs: add CI integration guide by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/37
Full Changelog: https://github.com/Hookwarden/hookwarden/compare/v0.5.3...v0.5.5
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Hookwarden
All releases →Related context
Beta — feedback welcome: [email protected]