rigscore v2.1.0-rc1 (release candidate)
- #rigscore
- #security
- #ai
- #devtools
- #open-source
- #release-candidate
Changes: v2.0.0 → v2.1.0-rc1
First release candidate for 2.1.0, tagged one day after v2.0.0. The theme is verifiability: making rigscore’s claims, coverage boundaries, and release artifacts checkable by someone who doesn’t trust the README.
Release integrity
| Change | What it does |
|---|---|
| Signed releases with provenance + SBOM (#101) | A tag-triggered workflow packs the tarball, emits a CycloneDX SBOM, attests both via actions/attest-build-provenance@v2, and attaches them to a GitHub Release. scripts/verify-release.sh downloads the assets and runs gh attestation verify. npm publish stays off — npx github: remains the sole distribution channel. |
Docs — scope honesty
| Change | What it does |
|---|---|
| README scope reframe (#102) | A “Scope” callout under the tagline makes the boundary explicit: rigscore reads files on disk and scores what they say. It does not observe the running agent, intercept tool calls, or hash live MCP tool descriptions. It complements runtime tools like Snyk Agent Scan and Semgrep; it does not replace them. |
| Threat model + known-limits catalog (#103) | New THREAT-MODEL.md: what rigscore inspects per check module, trust boundaries, and seven “does not catch” gaps, each grounded in the check module that would own it. docs/known-limits.md is the shorter user-facing version with “if you need X, use Y” pointers. |
Regression net & finding stability
| Change | What it does |
|---|---|
| Vanilla-project fixtures (#100) | On-disk Next.js, FastAPI, and Rust fixtures with no AI tooling, plus tests asserting the governance-surface checks return NOT_APPLICABLE (not CRITICAL), the “No AI tooling detected” banner prints, and no CRITICAL finding fires on a clean vanilla scan. |
| Adversarial gaming matrix (#100) | Six governance-gaming cases (header-only keyword stuffing, body-level reversal, negated dismantler, quoted reversal, Cyrillic lookalike header, layered) added to the keyword-gaming suite. The negated-dismantler shape ("# Forbidden Actions — Nothing is forbidden") previously slipped through; the reversal detector in claude-md now catches it at the body level. |
| Explicit findingId coverage 16 → 195 (#100, #104) | test/finding-id-coverage.test.js now enforces that every non-pass finding a built-in check emits carries an explicit findingId (the stable <check>/<slug> ids consumers pin for SARIF ruleIds, --ignore, and baseline diffs). #100 migrated most check modules; #104 finished the remaining eleven — findingId only, no title/severity/detail changes. |
This is a release candidate
Treat v2.1.0-rc1 as a preview, not a distribution point:
- It is not on npm. Nothing is — rigscore is distributed via
npx github:only, and that resolves the default branch, not this tag. - On GitHub it is marked pre-release, and the attached tarball still identifies as
rigscore-2.0.0.tgz—package.jsonat the rc tag says2.0.0. - Do not pin CI to it. Findings and scoring can still shift before final; pin your GitHub Action and
--fail-undergates to v2.0.0 until v2.1.0 final ships.
Install
1npx github:Back-Road-Creative/rigscore
No accounts, no telemetry, no network calls. MIT licensed.