squid-protocol/gitgalaxy](https:

v2.2.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 5d Forensics & Incident Response

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-security security auditing cli cobol code-bioinformatics

+10 more

codebase-analysis deep-tech incident-response legacy-modernization python sbom software-architecture static-analysis supply-chain-security zero-trust

Affected surfaces

auth rbac deps

Summary

AI summary

Commercial licensing guardrails introduce PolyForm Noncommercial License 1.0.0 audit tripwires for unverified CI/CD pipelines.

Changes in this release

Type	Severity	Summary	CVE
Feature	Low	Implemented PolyForm Noncommercial License 1.0.0 guardrails with audit tripwires. Implemented PolyForm Noncommercial License 1.0.0 guardrails with audit tripwires. Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Added protocol to add new languages in minutes with ReDoS immunity. Added protocol to add new languages in minutes with ReDoS immunity. Source: llm_adapter@2026-05-29 Confidence: high	—
Performance	Medium	Increased core test coverage from 68% to 89%. Increased core test coverage from 68% to 89%. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Bypassed CodeQL caret parsing bug by splitting vulnerability‑hunting regex. Bypassed CodeQL caret parsing bug by splitting vulnerability‑hunting regex. Source: llm_adapter@2026-05-29 Confidence: high	—
Refactor
Refactor	Low	Applied repository-wide PEP8 formatting standardization. Applied repository-wide PEP8 formatting standardization. Source: llm_adapter@2026-05-29 Confidence: high	—
Refactor	Low	Upgraded extraction gauntlets with dynamic PYTHONPATH injections for licensing checks. Upgraded extraction gauntlets with dynamic PYTHONPATH injections for licensing checks. Source: llm_adapter@2026-05-29 Confidence: high	—
Refactor	Low	Locked pytest to tests directory and added comprehensive Flake8 configuration. Locked pytest to tests directory and added comprehensive Flake8 configuration. Source: llm_adapter@2026-05-29 Confidence: high	—
Refactor	Low	Applied standard configuration updates to COBOL toolchain suite for alignment with core engine. Applied standard configuration updates to COBOL toolchain suite for alignment with core engine. Source: llm_adapter@2026-05-29 Confidence: high	—

Full changelog

This release marks a massive structural evolution for the blAST Engine. GitGalaxy significantly hardens the core engine with proactive testing, completely overhauls the mathematical and architectural documentation into a flawless, closed-loop topological web, and introduces commercial licensing guardrails.

🚀 Major Features & Core Engine Updates

Proactive Engine Hardening: Drastically increased core test coverage from 68% to 89%. This proactive sweep successfully intercepted and corrected two latent bugs before they could impact production environments.
PEP8 Standardization: Executed a repository-wide formatting sweep to strictly configure the codebase to PEP8 standards, ensuring enterprise-ready structural hygiene and readability.
Commercial Licensing Guardrails: Implemented the PolyForm Noncommercial License 1.0.0 guardrails, introducing audit tripwires and environmental execution friction for unverified CI/CD pipelines.

🕸️ Documentation & Topological Perfection

Standardized Engine Expansion (Add a New Language in Minutes): Because the blAST engine is 100% AST-free, we can add new languages and scan multi-language repos with zero friction. Want to add your company's proprietary, highly classified version of C++ into this zero-trust, air-gapped code scanning system? Fine. Fill out the calibration worksheet, drop it into language_standards.py, and start scanning. It takes the time of a single LLM prompt. We have finalized and published this strict protocol to ensure any language you add is immediately ReDoS immune.
The 'Proof of Work' Architecture: Deployed a massive, thesis-grade index mapping the empirical validation and mathematical physics behind heuristic code parsing. You've got questions, I've got receipts.
Topological Dead-End Eradication: Added a meticulously wired web of backlinks to the wiki and readmes to allow for better education and user flow. I have the receipts, and now you can actually navigate them easily.

🏦 Legacy Modernization (Mainframe Toolchain)

COBOL Refactoring: Applied standard configuration and extraction updates to the massive COBOL toolchain suite, ensuring the Microservice Slicer, Schema Forge, and DAG Architect maintain perfect alignment with the core engine.

🛡️ Security, Testing & Chore

Extraction Gauntlets: Upgraded all extraction gauntlets and integrated dynamic PYTHONPATH injections to ensure licensing checks are safely bypassed during CI/CD test runs.
CodeQL Integrity: Bypassed a known CodeQL caret parsing bug by structurally splitting vulnerability-hunting regex.
Environment Hygiene: Locked pytest strictly to the tests directory and added comprehensive Flake8 configuration to lock in the new formatting rules.

Security Fixes

Bypassed CodeQL caret parsing bug by structurally splitting vulnerability-hunting regex

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track squid-protocol/gitgalaxy](https:

Get notified when new releases ship.

About squid-protocol/gitgalaxy](https:

All releases →