diff --git a/CLAUDE.md b/CLAUDE.md index cfa0d99..3245c7b 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -8,7 +8,7 @@ with Merkle consistency proofs, and produces court-ready evidence packages with verification. Steganography (Stego) and provenance attestation (Attest) are included as subpackages in this monorepo. -Version 0.2.0 · Python >=3.11 · GPL-3.0 License +Version 0.3.0 · Python >=3.11 · GPL-3.0 License ## Quick commands @@ -31,7 +31,7 @@ mypy src/ # Type check ``` src/fieldwitness/ Core library - __init__.py Package init, __version__ (0.2.0) + __init__.py Package init, __version__ (0.3.0) _availability.py Runtime checks for optional subpackages (has_stego, has_attest) api.py Optional unified FastAPI app (uvicorn fieldwitness.api:app) audit.py Append-only JSON-lines audit log (~/.fwmetadata/audit.jsonl) diff --git a/README.md b/README.md index b4c41d7..2dcf114 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ **Offline-first provenance attestation with gossip federation for journalists, NGOs, and at-risk organizations.** -![Version](https://img.shields.io/badge/version-0.2.0-blue) +![Version](https://img.shields.io/badge/version-0.3.0-blue) ![Python](https://img.shields.io/badge/python-%3E%3D3.11-blue) ![License](https://img.shields.io/badge/license-GPL--3.0-blue) @@ -680,7 +680,7 @@ The web UI exposes a `/health` endpoint that reports installed capabilities: ```json { "status": "ok", - "version": "0.2.0", + "version": "0.3.0", "capabilities": ["stego-lsb", "stego-dct", "attest", "fieldkit", "chain"] } ``` diff --git a/docs/security/threat-model.md b/docs/security/threat-model.md index 7a7442e..b2d3d39 100644 --- a/docs/security/threat-model.md +++ b/docs/security/threat-model.md @@ -4,7 +4,7 @@ identifies gaps. Version numbers track significant revisions. **Document version:** 0.1 (2026-04-01) -**Corresponds to:** FieldWitness v0.2.0 +**Corresponds to:** FieldWitness v0.3.0 This document follows the style of the Signal Protocol specification and the Tor design document: it makes precise claims, distinguishes what is guaranteed from what is not, and @@ -90,7 +90,7 @@ cannot forge a valid signature without the private key. The append-only hash cha retroactive injection detectable: inserting a record at position N requires recomputing all subsequent hashes. Consistency proofs during gossip sync detect log divergence. -**Gap:** Certificate pinning for federation peers is not implemented as of v0.2.0. The +**Gap:** Certificate pinning for federation peers is not implemented as of v0.3.0. The Tier 3 relay uses a self-signed certificate; operators should verify its fingerprint out-of-band. Gossip peers authenticate by Ed25519 fingerprint, not certificate, which provides a secondary check. diff --git a/pyproject.toml b/pyproject.toml index ff0b6cb..8b5a69b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "fieldwitness" -version = "0.2.0" +version = "0.3.0" description = "FieldWitness — offline-first security toolkit for journalists, NGOs, and at-risk organizations" readme = "README.md" license = "GPL-3.0-only" diff --git a/src/fieldwitness/__init__.py b/src/fieldwitness/__init__.py index 11e233f..ca738f1 100644 --- a/src/fieldwitness/__init__.py +++ b/src/fieldwitness/__init__.py @@ -11,4 +11,4 @@ Part of the Soo Suite: - FieldWitness: unified fieldkit with killswitch, dead man's switch, and key management """ -__version__ = "0.2.0" +__version__ = "0.3.0" diff --git a/src/fieldwitness/archive.py b/src/fieldwitness/archive.py index a5d1d6c..b1e0611 100644 --- a/src/fieldwitness/archive.py +++ b/src/fieldwitness/archive.py @@ -165,7 +165,7 @@ To verify this archive without FieldWitness: manifest = { "archive_version": "1", "created_at": ts.isoformat(), - "fieldwitness_version": "0.2.0", + "fieldwitness_version": "0.3.0", "contents": contents, "file_count": len(contents), "content_hashes": {},