Skip to content

v0.1.0a5 — 2026-04-24

Metadata release. Same engine as 0.1.0a4; adds project URLs (docs, issues, release notes) visible on PyPI + CONTRIBUTING.md + four new roadmap items for security scans and auto-healing/observation.

What's new

  • CONTRIBUTING.md — branching conventions, PR format, test runners, adapter-authoring guidance, security disclosure pointer, dogfood-first discipline.
  • PyPI metadata — Documentation, Release Notes, Issues URLs now render in the project page.
  • Roadmap additions — T1-16 (bandit + CodeQL SAST), T1-17 (SBOM generation), T1-18 (engine self-state healing), T2-11 (auto-observation: engine proposes roadmap items from ledger patterns).

Security scans inventory

Added documentation clarifying what's already in CI (gitleaks, pip-audit, lint-for-leaks, SHA-pinned actions, Dependabot) and what's queued (bandit, CodeQL, SBOM, fuzz).

Install

pip install --pre oxi-core

Next

0.1.0a50.1.0b1 is the next big step (beta gate). Before beta: polish sprint on T1-3 through T1-18 + bandit/CodeQL integration + screenshots for the manual.