v0.3.1 — Infra reliability, security gate hardening, and docs refresh

v0.3.1 — Infra reliability, security gate hardening, and docs refresh

Release date: 2026-03-04
Type: PATCH (backward-compatible infra/security/docs improvements)

PT-BR

Escopo

Este release consolida melhorias operacionais e de seguranca sem alterar schema publico de API. O foco foi aumentar confiabilidade de deploy, endurecer gates de seguranca e melhorar onboarding por documentacao.

Mudancas relevantes

• Deploy/CI: novo fluxo opcional de imagens via GHCR, com pipeline dedicado de build e push.
• Seguranca: adicao de npm audit no workflow de seguranca do frontend.
• Onboarding: README atualizado para fluxo Docker + seed de demo mais claro.
• Comunidade: nova secao de contribuidores no README.

Compatibilidade

• Sem breaking changes.
• Sem alteracao de contrato publico de API.
• Compatibilidade mantida para consumidores existentes.

Privacidade e compliance

• Gates obrigatorios de CI/Security/Privacy/Compliance permaneceram verdes para os PRs liberados.
• Nenhuma mudanca adiciona novos campos pessoais em endpoints publicos.

Nota de integridade

Observacao de integridade: os sinais refletem coocorrencias em bases publicas e nao constituem prova legal.

EN

Scope

This release consolidates operational and security improvements without changing the public API schema. The focus was deployment reliability, stronger security gates, and improved onboarding documentation.

Notable changes

• Deploy/CI: new optional GHCR image-based deployment path with dedicated build-and-push pipeline.
• Security: added npm audit to the frontend security workflow.
• Onboarding: README updated for a clearer Docker + demo seed flow.
• Community: added a contributors section to README.

Compatibility

• No breaking changes.
• No public API contract changes.
• Backward compatibility maintained for existing consumers.

Privacy and compliance

• Required CI/Security/Privacy/Compliance gates remained green for approved PRs.
• No changes introduced new personal-data fields in public endpoints.

Integrity note

Integrity note: signals reflect co-occurrence in public records and are not legal proof.

Included PRs

• #47
• #41
• #45
• #46

Not included in this release

• #38 (blocked: credential handling regression)

v0.4.0 — Convergence: rename, auth, community bootstrap

PT-BR

Convergência upstream: auth aprimorado, framework de contribuição comunitária

Escopo desta release

• Auth dual: suporte a Bearer tokens + cookies httpOnly com flag de sessão restaurada.
• Framework de bootstrap para contribuições da comunidade (scripts, CI, templates).
• Compartilhamento de investigações com expiração e revogação.
• Busca melhorada com escape Lucene e contagem server-side.
• Validação de schemas ETL com framework Pandera.
• Hardening de CI e qualidade: mypy strict, ruff lint, auditorias automatizadas.

Mudanças técnicas principais

• Dual auth: Bearer header + access_token httpOnly cookie, fallback transparente
• GET /api/v1/auth/me retorna restored: true quando sessão é restaurada via cookie
• POST /api/v1/investigations/{id}/share aceita expires_at, DELETE .../share revoga
• Rate limiter usa chave por usuário autenticado (não apenas IP)
• CORS configurado com credentials: true para cookie auth
• ETL schemas: etl/src/bracc_etl/schemas/ com validadores para CNPJ, TSE, DOU, PGFN, Transparência
• mypy strict mode: type-ignore inline para libs sem stubs (weasyprint, splink, pyarrow, defusedxml)
• Scripts de download melhorados (CNPJ, DOU, STF, renúncias, TSE bens/filiados)

Compatibilidade

• Sem breaking changes na API pública.
• Clientes usando Bearer token continuam funcionando sem alteração.
• Cookie auth é opt-in (frontend atualizado, API aceita ambos).

Integridade pública

Os sinais e padrões refletem coocorrências em bases públicas e não constituem prova legal.

---

EN

Upstream convergence: auth improvements, community bootstrap

Scope of this release

• Dual auth: Bearer tokens + httpOnly cookies with restored session flag.
• Bootstrap framework for community contributions (scripts, CI, templates).
• Investigation sharing with expiry and revocation.
• Improved search with Lucene escaping and server-side count.
• ETL schema validation framework with Pandera.
• CI and quality hardening: mypy strict, ruff lint, automated audits.

Key technical changes

• Dual auth: Bearer header + access_token httpOnly cookie, transparent fallback
• GET /api/v1/auth/me returns restored: true when session restored via cookie
• POST /api/v1/investigations/{id}/share accepts expires_at, DELETE .../share revokes
• Rate limiter keys by authenticated user (not just IP)
• CORS configured with credentials: true for cookie auth
• ETL schemas: etl/src/bracc_etl/schemas/ with validators for CNPJ, TSE, DOU, PGFN, Transparencia
• mypy strict mode: inline type-ignore for libs without stubs (weasyprint, splink, pyarrow, defusedxml)
• Improved download scripts (CNPJ, DOU, STF, renuncias, TSE bens/filiados)

Compatibility

• No breaking changes to the public API.
• Clients using Bearer tokens continue working without modification.
• Cookie auth is opt-in (frontend updated, API accepts both).

Public integrity

Signals and patterns reflect co-occurrences in public datasets and do not constitute legal proof.

v0.3.0 — Port of 8 factual public-safe patterns + release system

PT-BR

Port dos 8 padrões públicos factuais + sistema de releases

Escopo desta release

• Port do pacote público seguro de 8 padrões community com evidência direta.
• Atualização da camada pública para respostas padronizadas e não acusatórias.
• Implantação do sistema de release por marco com SemVer e notas PT+EN.

Padrões incluídos (8)

1. sanctioned_still_receiving (P02): coocorrência entre sanção ativa e contrato na janela temporal.
2. amendment_beneficiary_contracts (P09): empresa beneficiária de emenda/convênio com contratos registrados.
3. split_contracts_below_threshold (P19): recorrência de contratos abaixo do teto configurado.
4. contract_concentration (P24): concentração de gasto por fornecedor acima do limiar no órgão.
5. embargoed_receiving (P36): embargo ambiental coexistindo com contrato/empréstimo público.
6. debtor_contracts (P37): dívida ativa alta com recorrência de recebimento por contratos públicos.
7. srp_multi_org_hitchhiking (P56): ata SRP/ARP vinculada a contratos de múltiplos órgãos.
8. inexigibility_recurrence (P57): recorrência de inexigibilidade por fornecedor+órgão+objeto.

Mudanças técnicas principais

• GET /api/v1/patterns/ (community) atualizado de 4 para 8 padrões.
• GET /api/v1/public/patterns/company/{cnpj_or_id} mantido (sem breaking de rota), com novo conteúdo factual community.
• Payload público padronizado com risk_signal, evidence_refs, evidence_count.
• Novas queries dedicadas public_pattern_*.cypher (8 arquivos).
• ETL ComprasNet: criação de relação determinística (:Contract)-[:REFERENTE_A]->(:Bid).
• Hardening público: bloqueio de CLAUDE.md e AGENTS*.md em boundary/checks.

Integridade pública

Os sinais e padrões refletem coocorrências em bases públicas e não constituem prova legal.

EN

Port of 8 factual public-safe patterns + release system

Scope of this release

• Port of the public-safe package of 8 community patterns with direct evidence.
• Public layer update with standardized non-accusatory response fields.
• Milestone-based SemVer release system with PT+EN notes.

Included patterns (8)

1. sanctioned_still_receiving (P02): active sanction and contract date overlap.
2. amendment_beneficiary_contracts (P09): amendment/grant beneficiary company with recorded contracts.
3. split_contracts_below_threshold (P19): recurring contracts below configured threshold.
4. contract_concentration (P24): supplier spend concentration above threshold in an agency.
5. embargoed_receiving (P36): environmental embargo coexisting with public contract/loan flow.
6. debtor_contracts (P37): high active debt with recurring public contract receipts.
7. srp_multi_org_hitchhiking (P56): same SRP/ARP bid record linked to multiple agencies.
8. inexigibility_recurrence (P57): recurring inexigibility for supplier+agency+object.

Key technical changes

• GET /api/v1/patterns/ (community) expanded from 4 to 8 patterns.
• GET /api/v1/public/patterns/company/{cnpj_or_id} kept stable (no endpoint break), now backed by the 8 factual community patterns.
• Public payload standardized with risk_signal, evidence_refs, evidence_count.
• Added 8 dedicated public_pattern_*.cypher queries.
• ComprasNet ETL now creates deterministic (:Contract)-[:REFERENTE_A]->(:Bid) linkage.
• Public boundary hardening blocks CLAUDE.md and AGENTS*.md from tracked/public scope.

Public integrity

Signals and patterns reflect co-occurrence in public records and are not legal proof.

Compatibility

• Breaking changes: none.
• Migration required: no.

Compare

v0.2.0...v0.3.0

Metadata

• Version: v0.3.0
• Target SHA: e9d32bd
• Previous tag: v0.2.0
• Date (UTC): 2026-03-01

v0.2.0

• Full code scope for the WTG public edition\n- Pattern engine endpoints disabled with explicit 503 pending validation\n- Public language and scope gates aligned for this release\n- Snapshot/privacy/compliance/security checks passing

WTG v0.1.0 public alpha

Initial public-safe open-core snapshot for World Transparency Graph (WTG).\n\nIncludes public-mode API guards, privacy gate tooling, synthetic demo dataset, and baseline CI/security workflows.