v0.1.10

What's Changed

• feat: multi-output fan-out engine with per-output routing (#6) by @millerjp in #48
• security: supply chain hardening — Dependabot, config bounds, govulncheck by @millerjp in #49
• ci(deps): bump codecov/codecov-action from 4481f553995cc5011b158ce191746ac1a1d0f815 to 1af58845a975a7985b0beb0cbe6fbbb71a41dbad by @dependabot[bot] in #50
• feat: syslog output with TCP/UDP/TLS/mTLS and rsyslog integration tests (#4) by @millerjp in #52
• feat: webhook output with async batching, retry, SSRF prevention (#5) by @millerjp in #56
• fix: BuildOutputs closes outputs on partial failure (#58) by @millerjp in #59
• refactor: split webhook.go into 3 files by concern (#57) by @millerjp in #60
• fix: RecordEvent fires on delivery, not enqueue, for async outputs (#53) by @millerjp in #61
• feat: HTTP middleware with router-agnostic audit hints (#7) by @millerjp in #62
• refactor: replace time.Sleep with require.Eventually in TLS wrong CA test (#66) by @millerjp in #67
• chore: explicit lint config and file splitting (#64, #65) by @millerjp in #68
• security: replace lumberjack with internal file rotation (#70) by @millerjp in #71
• feat: shared TLSPolicy for syslog and webhook outputs (#69) by @millerjp in #73
• docs: add TLSPolicy to doc.go key types list (#69) by @millerjp in #74
• refactor: split output-specific metrics from core Metrics interface (#54) by @millerjp in #75
• refactor: restructure into multi-module project (#72) by @millerjp in #76
• ci(deps): bump codecov/codecov-action from 5.5.3 to 6.0.0 by @dependabot[bot] in #77
• feat: add yamlconfig sub-module with ParseTaxonomyYAML (#8) by @millerjp in #79
• chore: unify Makefile and CI into a single local-first quality gate (#84) by @millerjp in #85
• refactor: rename yamlconfig sub-module to taxonomy by @millerjp in #86
• chore: cache Go tools in CI to speed up install-tools by @millerjp in #91
• refactor: move taxonomy YAML parsing into core audit package by @millerjp in #92
• fix: address review findings after taxonomy move to core by @millerjp in #97
• ci(deps): bump actions/cache from 4.2.3 to 5.0.4 by @dependabot[bot] in #94
• chore: enable gosec linter and set issue caps to zero by @millerjp in #98
• fix: Phase 1 bug fixes, flaky test, and API rename by @millerjp in #118
• test: add performance benchmarks and CI tracking (#117) by @millerjp in #119
• perf: EventDef pointers and pre-computed fields (#109, #107) by @millerjp in #120
• perf: lock-free filter and route access (#100, #110) by @millerjp in #121
• perf: stack-allocated formatter cache in processEntry (#108) by @millerjp in #122
• perf: formatter buffer pooling, writeJSONString, and CEF single-pass escaping (#101) by @millerjp in #123
• perf: sync.Pool for auditEntry + fix flaky buffer-full test (#112) by @millerjp in #124
• test: add fan-out benchmarks for multi-output performance tracking by @millerjp in #125
• perf: cache parsed host in webhook Output.Name() (#113) by @millerjp in #126
• perf: add bufio.Writer to file output for write batching (#111) by @millerjp in #127
• perf: pre-compute route lookup sets for O(1) matching (#116) by @millerjp in #128
• Phase 3: file.Config godoc + DestinationKeyer interface (#115, #47) by @millerjp in #129
• chore: add test certificate generation script and fixtures (#25) by @millerjp in #130
• fix: add X.509 extensions to test certificates (#25) by @millerjp in #131
• test: Docker Compose infrastructure for integration tests (#9) by @millerjp in #132
• test: integration tests for all outputs against real infrastructure (#10) by @millerjp in #134
• fix: apply RFC 5425 octet-counting framer to TCP only (#133) by @millerjp in #137
• test: fill integration test gaps from schema-registry gap analysis (#30) by @millerjp in #135
• fix: use content-aware polling in TestSyslogOutput (#138) by @millerjp in #139
• test: BDD feature files — 135 Godog scenarios across 14 features (#11) by @millerjp in #140
• ci: add BDD tests as separate CI job by @millerjp in #141
• feat: audit-gen CLI — generate Go code from YAML taxonomy by @millerjp in #142
• ci: restructure CI for fail-fast ordering and reduce waste by @millerjp in #144
• security: supply chain hardening — tool pinning, SECURITY.md, dependency review by @millerjp in #157
• ci(deps): bump actions/setup-go from 6.3.0 to 6.4.0 by @dependabot[bot] in #154
• fix: migrate syslog to axonops/srslog fork by @millerjp in #159
• feat: add optional description field to taxonomy event definitions by @millerjp in #164
• feat: YAML-based output configuration with registry pattern by @millerjp in #176
• ci(deps): bump actions/setup-go from 6.3.0 to 6.4.0 by @dependabot[bot] in #167
• docs: add progressive example applications (#163) by @millerjp in #178
• docs: progressive example applications and severity/routing features by @millerjp in #196
• docs: add missing CRUD API curl examples (#163) by @millerjp in #198
• feat: field-level sensitivity labels and per-output exclusion filters (#195) by @millerjp in #203
• chore: number example directories for filesystem ordering by @millerjp in #204
• feat: typed event builders with compile-time field safety (#205) by @millerjp in #207
• chore(deps): bump the minor-and-patch group in /examples/09-crud-api with 2 updates by @dependabot[bot] in #206
• fix: resolve flaky TestSyslogOutput_RapidFireTCP (#189) by @millerjp in #208
• perf: pre-compute filtered EventDefs at construction time (#199, #200, #201) by @millerjp in #209
• perf: move sensitivity exclusion into formatter — zero extra allocs (#200) by @millerjp in #215
• feat: audittest package for consumer testing (#184) by @millerjp in #217
• docs: add README, community files, and godoc improvements by @millerjp in #218
• docs: add error reference and troubleshooting guides by @millerjp in #221
• docs: explain compile-time vs runtime split in README by @millerjp in #222
• docs: add ACKNOWLEDGEMENTS.md and NOTICE file by @millerjp in #223
• feat: parse core logger config from YAML by @millerjp in #224
• feat: add global tls_policy to output configuration YAML by @millerjp in #225
• ci: add SBOM generation for releases by @millerjp in #226
• feat: include event_category in serialised output by @millerjp in #228
• feat: per-output HMAC integrity verification by @millerjp in #231
• fix: use standard CEF cat extension key for event_category by @millerjp in #238
• feat: add reserved standard fields and expand CEF mapping by @millerjp in #239
• feat: add framework fields app_name, host, timezone, pid by @millerjp in #240
• feat: add hostname config to syslog output by @millerjp in #241
• feat: parse framework fields from outputs YAML by @millerjp in #242
• feat: add WithStandardFieldDefaults for deployment-wide defaults by @millerjp in #243
• feat: generate standard field setters and harden validation by @millerjp in #244
• docs: add standard fields example and update all docs for #237 by @millerjp in #245
• perf: reduce JSON append allocations from ...

v0.1.9

Changelog

Bug Fixes

• 0653d2a: fix: use GOPROXY=direct in capstone Dockerfile (#443) (#452) (@millerjp)
• d4c0598: fix: use source artifacts for SBOM generation to prevent upload race (#453) (@millerjp)

v0.1.4

Changelog

Bug Fixes

• fccf405: fix: add GONOSUMCHECK/GONOSUMDB to all release go commands (@millerjp)

v0.1.2

Changelog

Bug Fixes

• 4d04c88: fix: increase proxy indexing timeout to 20 min, bump job timeouts (@millerjp)