Supply Chain Security

SBOM generation, software signing, policy-as-code, and dependency vulnerability scanning.

All Breaking Security Features

Important Recent

← Releases

Upgrade now

FreeRADIUS release_3_0_28 Breaking risk 1d

Breaking upgrade

Message-Authenticator + Mellanox dict

Open

Upgrade now

msaad00/agent-bom v0.87.0 Breaking risk 17d

Dependencies

Cryptography core dependency

Open

No immediate action

qwexvf/aegis-cli v0.25.0 Breaking risk 18d

Exclude placeholder secrets

Open

Review required

gebalamariusz/cloud-audit v2.2.1 Breaking risk 22d

Auth

SES escalation logic change

Open

Review required

qwexvf/aegis-cli v0.17.0 Breaking risk 22d

Auth RBAC

aegis.yml config

Open

Config change

pentest-ai v0.10.2 Breaking risk 25d

Auth

Auth profile system

Open

v0.11.0 (25d) SPA probes + CVE engine + Agent loop

No immediate action

qwexvf/aegis-cli v0.8.0 Breaking risk 29d

Signal handling + completion + grouped help + JSON

Open

Review required

goklab/guardvibe v3.1.17 Breaking risk 1mo

Auth

Explicit return token required

Open

v3.1.16 (1mo) Credential‑required connection strings

Config change

msaad00/agent-bom v0.83.4 Breaking risk 1mo

Auth

Auth for remote HTTP

Open

No immediate action

goklab/guardvibe v3.1.5 Breaking risk 1mo

Enum regex lowercasing requirement

Open

v3.1.4 (1mo) ADD matching, USER/HEALTHCHECK skipping, .env file restriction

v3.0.57 (1mo) SDK flag removals

v3.0.54 (1mo) Removed markdown library names

cerbos v0.52.0 Breaking risk 1mo

Breaking changes

Breaking changes to OpenTelemetry support
Removal of default auxData.jwt.disableVerification configuration value

Notable features

Permissions advisor workflow
Path functions added to Cerbos CEL library
TraceBatch format for compact trace representation

Review required

msaad00/agent-bom v0.82.1 Breaking risk 1mo

Auth RBAC Dependencies

Next 16 export fix

Open

Config change

goklab/guardvibe v3.0.31 Breaking 1mo

Breaking upgrade

Pinned MCP config version

Open

v3.0.26 (1mo) VG964 Next.js requirement

Review required

msaad00/agent-bom v0.81.1 Breaking risk 1mo

Auth RBAC

Tenant-scoped gateway routing

Open

No immediate action

ErenAri/Aegis-BPF v0.4.1 Breaking risk 1mo

Docs: perf claim removal + version table update

Open

v0.4.0 (1mo) kLayoutVersion bump + policy v6

Review required

goklab/guardvibe v3.0.20 Breaking risk 1mo

Auth RCE / SSRF

Rate limiter improvement

Open

v3.0.14 (1mo) GuardVibe npx invocation

v3.0.13 (1mo) Score includes all sections

v2.9.2 (1mo) Truncated scan_directory

v2.9.1 (1mo) compliance_mapping rename

Review required

msaad00/agent-bom v0.75.14 Breaking risk 2mo

Auth Dependencies

Railway bearer token required

Open

Config change

gebalamariusz/cloud-audit v1.0.1 Breaking risk 2mo

Breaking upgrade Dependencies

MCP mandatory

Open

No immediate action

msaad00/agent-bom v0.74.0 Breaking risk 2mo

CLI refactor + PCI DSS compliance

Open