circle-ir-ai 2.11.1 → 2.11.3

package/CHANGELOG.md

@@ -5,6 +5,69 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.11.3] - 2026-06-18
+
+### Changed — circle-ir 3.69.0 → 3.71.0
+
+Drop-in engine bump across 2 sprints (3.70.0 / 3.71.0):
+
+- **3.70.0** — Sprint 20 new pass `cache-no-vary` (rule
+  `cache-no-vary`, `CWE-524`, severity `medium`) detecting
+  shared-cache leaks where an authenticated response is marked
+  `Cache-Control: public` without a `Vary` header. Strict
+  auth-qualifier mode (requires 3 signals: cache-public + auth + no
+  Vary) to keep the FP rate low on generic CDN-cacheable assets.
+  Covers JS/TS (Express, Fastify, Koa), Python (Flask, FastAPI,
+  Django), Go (`net/http`, gin), Java (Spring, Servlet). Allowlist
+  guardrails skip `private`/`no-store`/`no-cache`, `max-age=0`, test
+  files, and `Vary: *`. 12 new fixtures, engine suite 2467 pass.
+- **3.71.0** — Sprint 21 OOP safe-mirror sanitizer FP closures
+  (cognium-dev#105): FP-31 `findOopFieldReadSources` now recognizes
+  allowlist-guarded getter pattern (`if x not in
+  UPPER_SNAKE_CONST: raise`) so allowlist-cleared field reads stop
+  emitting as taint sources. FP-32 new `isMongoValueBoundFilter`
+  helper post-filters `nosql_injection` for MongoDB value-bound
+  filter dicts (`{field: {"$lte": value}}` etc.) — operator-injection
+  only fires when the operator key itself is user-controlled.
+  Regression locks added for FP-33 (hardened `lxml` parser), FP-34
+  (EJS auto-escape) and FN-INV (direct `self.url` field read).
+  Engine suite 2475 pass.
+
+No API breaks — both new findings surface through the existing
+`analyze()` / mastra workflow output as `findings[].type ===
+'cache-no-vary'`. The OOP sanitizer additions are pure suppression
+on existing rule emissions.
+
+## [2.11.2] - 2026-06-18
+
+### Changed — circle-ir 3.66.0 → 3.69.0
+
+Drop-in engine bump across 3 sprints (3.67.0 / 3.68.0 / 3.69.0):
+
+- **3.67.0** — Java safe-corpus regressions closed (the long-tail
+  beyond what 3.64.0 / 3.65.0 caught for cognium-dev#49 / #101):
+  `SafeService.java` `path_traversal` + `xxe` and
+  `FalsePositiveCorpus.java` `command_injection` (switch→constant)
+  now suppressed on the real `coggiyadmin/java-vuln-demo` shape
+  (not just the synthetic regression fixtures). The remaining
+  `FalsePositiveCorpus.java` `sql_injection@81` (bounded `Set`
+  allowlist) is still tracked as open in cognium-dev#101.
+- **3.68.0** — Sprint 18 Python consolidation: f-string taint fix,
+  two new sinks (`urllib.request.urlretrieve` for ssrf + path
+  traversal), 12-fixture Python FP/FN regression locks tracking
+  cognium-dev#100 / #96 / #65.
+- **3.69.0** — Sprint 19 new pass `module-side-effect` (rule
+  `module-side-effect`, `CWE-829`, severity `high`) detecting
+  supply-chain droppers via module-load / install-time / build-time
+  side effects across JS/TS (incl. `package.json` install scripts),
+  Python, Go (`init()`), and Rust (`build.rs`). 8 new regression
+  fixtures (5 positive + 3 negative-control). Engine suite now
+  2455 pass / 1 skip / zero regressions across 139 files.
+
+No API breaks on the bump itself — the new pass surfaces as a new
+`findings[].type === 'module-side-effect'` value through the existing
+`analyze()` / mastra workflow output.
+
 ## [2.11.1] - 2026-06-18
 
 ### Changed — circle-ir 3.59.0 → 3.66.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "circle-ir-ai",
-  "version": "2.11.1",
+  "version": "2.11.3",
   "description": "LLM-enhanced SAST analysis built on circle-ir",
   "main": "dist/index.js",
   "module": "dist/index.js",
@@ -94,7 +94,7 @@
   "dependencies": {
     "@ax-llm/ax": "^20.0.0",
     "@mastra/core": "^1.18.0",
-    "circle-ir": "3.66.0",
+    "circle-ir": "3.71.0",
     "minimatch": "^10.2.5",
     "p-queue": "^9.1.0"
   },