v1.0
1.0.1778378133 | 2026-05-10
This historical release completed the first Policy V2 sprint. The later
Security Engine migration removed the named PolicyConfig runtime and Policy
Hook Spec0 service surface; current enforcement/detection work should use the
typed Security Engine event path.
Highlights
Section titled “Highlights”Policy V2
Section titled “Policy V2”Rules live under policy.<type>.<rule_name> and use typed callbacks, a strict
condition subset, allow/ask/block/rewrite decisions, priorities,
rewrite targets, and audit reasons. User and corporate policy files merge with
corp precedence.
MITM Enforcement
Section titled “MITM Enforcement”The framed MCP, HTTP, DNS, and model MITM paths now enforce configured policy
before unsafe dispatch or guest delivery. Denied and rewritten paths redact
secret-bearing previews before session.db writes.
Superseded Hooks
Section titled “Superseded Hooks”Policy Hook Spec0 has been removed from the current service API and session schema. Future plugin support is tracked through the normalized Security Engine event contract.
Verification
Section titled “Verification”Release prep added deterministic VM E2E coverage for model response block/rewrite and provider-emitted tool-call block/rewrite using a local OpenAI-shaped upstream fixture, plus Criterion microbenchmarks for HTTP, DNS, model, hook policy matching, and hook response decoding.