Skip to content

Release Notes

v1.0.3 (2026-04-05)

Added

  • Guard processing time instrumentation on all request-scoped SecurityEvent objects via get_pipeline_response_time(). Covers events from SecurityEventBus, SecurityCheckPipeline, RateLimitManager, BaseSecurityDecorator, and send_agent_event(). Timing starts at pipeline entry and lazily initializes for events fired before or after the pipeline (bypass, behavioral). No adapter-level changes required

v1.0.2 (2026-04-05)

Fixed

  • Removed _check_ip_spoofing() which incorrectly flagged every request with X-Forwarded-For headers as a spoofing attempt when trusted_proxies was not configured (the default)
  • Added IP caching in extract_client_ip to avoid redundant lookups across the request lifecycle

Added

  • Guard processing time instrumentation on all request-scoped SecurityEvent objects via get_pipeline_response_time(). Covers events from SecurityEventBus, SecurityCheckPipeline, RateLimitManager, BaseSecurityDecorator, and send_agent_event(). Timing starts at pipeline entry and lazily initializes for events fired before or after the pipeline (bypass, behavioral). No adapter-level changes required

v1.0.1 (2026-03-28)

Fixed

  • Removed false-positive suspicious patterns that blocked legitimate web traffic:
  • Static file extensions (.html, .js, .css, .png, .jpg, .svg, .webp, .bmp, .pl, .properties)
  • Common API prefixes (/api/, /rest/, /v1/, /v2/, /status/, /config/)
  • Authentication paths (/login, /signin, /account/login)
  • Admin paths (/admin)
  • Static asset directories (/images/, /css/, /img/, /scripts/)
  • Retained detection for actual recon indicators: legacy server extensions (.asp, .aspx, .jsp, .cfm, .cgi, etc.), and suspicious management endpoints (/management, /config_dump, /credentials)

v1.0.0 (2026-03-25)

Added

  • Complete synchronous API (guard_core.sync) generated via scripts/unasync.py, including sync versions of all 17 security checks, handlers, decorators, protocols, detection engine, and utilities
  • scripts/unasync.py transformation tool converting async code to sync (async def to def, await removed, aiohttp to requests, redis.asyncio to redis, asyncio.Lock to threading.Lock)
  • Sync protocols: SyncGuardRequest, SyncGuardMiddlewareProtocol, and sync versions of all handler protocols
  • PEP 561 type stub markers (guard_core/py.typed, guard_core/sync/py.typed)
  • Project governance files: CODE_OF_CONDUCT.md, CONTRIBUTING.md, SECURITY.md
  • README.md with project documentation, badges, and ecosystem overview
  • .safety-project.ini for dependency vulnerability scanning
  • MANIFEST.in and .gitattributes for packaging
  • .python-version specifying supported Python versions (3.10-3.14)
  • Comprehensive edge-case test suites for cloud provider, HTTPS enforcement, IP security, rate limiting, and time window checks
  • docs/llms.txt for LLM-assisted development context
  • Complete sync test suite (tests/test_sync/) mirroring the async test structure

Changed

  • Restructured and consolidated the entire test suite into organized directories (test_agent/, test_core/, test_decorators/, test_features/, test_handlers/, etc.)
  • Enhanced CloudManager with IP range change logging and improved provider refresh logic
  • Updated SusPatternsManager with additional detection logic
  • Enhanced BehavioralProcessor, ErrorResponseFactory, and RouteConfigResolver internals
  • Minor updates to IPInfoManager handler
  • Updated BaseSecurityDecorator route config handling
  • Added mypy override for guard_core.sync.* (type suppression for generated sync code)
  • Documentation fully standardized and verified for accuracy against source code
  • Disabled safety pre-commit hook temporarily

Fixed

  • Suspicious pattern handling in detect_penetration_attempt

v0.1.0 (2026-03-23)

New Features (v0.1.0)

  • Initial release: Guard Core extracted as a framework-agnostic security library for Python web applications.
  • Protocol-based architecture: Uses GuardRequest and GuardResponse protocols for framework independence.
  • Full feature parity: All security features available through framework-agnostic APIs.
  • IP Management: Whitelisting, blacklisting, geolocation, cloud provider blocking.
  • Rate Limiting: Sliding window algorithm with in-memory and Redis backends.
  • Penetration Detection: Enhanced detection engine with pattern matching, semantic analysis, and performance monitoring.
  • Security Decorators: Route-level security controls for access control, authentication, rate limiting, behavioral analysis, content filtering, and advanced features.
  • Security Headers: Comprehensive HTTP security header management following OWASP best practices.
  • Redis Integration: Distributed state management for multi-instance deployments.
  • Behavioral Analysis: Usage monitoring, return pattern detection, and frequency analysis.