v2.3.0 — Magnetite Alignment

[2.3.0] — 2026-06-27

Highlights

This release aligns zenzic-action with Zenzic Core v0.16.0 "Magnetite", completing the full ecosystem synchronization cycle.

Native support for new Core codes

Code	Name	Impact
Z001	CORE_CONFIG_STRUCTURE	Fatal TOML schema errors now propagate as structured SARIF notifications — Action correctly reports executionSuccessful: false in the Code Scanning Security tab
Z110	STALE_ALLOWLIST_ENTRY	Allowlist hygiene violations surface as standard exit 1 findings

Added

• Three integration blueprints in the README for canonical CI patterns:
  • Baseline Check — standard link/topology validation on push and PR
  • Security Hardening — guard-scan + SARIF upload to GitHub Code Scanning Security tab
  • PR Governance — inline DQS (Document Quality Score) tracking with regression blocking via baseline artifact comparison
• Z001 self-check fixture test in self-check.yml: the CI pipeline now verifies that the Action correctly catches and reports fatal configuration errors against the core z001-config-error fixture.

Changed

• Bumped all actions/checkout references to v7.0.0 (Dependabot #33, consolidated).
• Bumped softprops/action-gh-release to v3.0.1 (Dependabot #32, consolidated).
• All README workflow examples updated to @v2 syntax.

Core Alignment

Property	Value
Pinned Zenzic Core	v0.16.0
Action version	v2.3.0
Exit-code contract	0 / 1 / 2 / 3 — unchanged
@v2 floating tag	✅ Repositioned to this release

Architecture Note

Zenzic Core remains radically unaware of GitHub Actions. The Core produces SARIF/JSON artefacts via a stable exit-code contract; this Action is the official CI Adapter responsible for GitHub-specific mapping (Annotations, Security Tab, PR decoration).

---

Full Changelog · Zenzic Core v0.16.0 · Action docs

v2

Full Changelog: v1...v2

What's Changed

• chore(release): v2.0.0 by @PythonWoods-Dev in #24
• chore(deps): bump default zenzic core pin to 0.13.1 by @PythonWoods-Dev in #27

Full Changelog: v1...v2

What's Changed

• chore(release): v2.0.0 by @PythonWoods-Dev in #24
• chore(deps): bump default zenzic core pin to 0.13.1 by @PythonWoods-Dev in #27
• feat(action): v2.1.0 — pin to Zenzic Core v0.14.0, action.yml defaults updated by @PythonWoods-Dev in #28

Full Changelog: v1...v2

What's Changed

• fix(config): purge legacy i18n configurations and harden release automation by @PythonWoods-Dev in #29

Full Changelog: v2.1.0...v2

What's Changed

• chore(release): v2.2.0: Engine Upgrade to Zenzic v0.15.0 by @PythonWoods-Dev in #30

Full Changelog: v2.1.1...v2

What's Changed

• fix(core): filter out info-level notes from SARIF findings count by @PythonWoods-Dev in #31

Full Changelog: v2.2.0...v2

What's Changed

• chore(deps): pin zenzic core to 0.15.1 by @PythonWoods-Dev in #34

Full Changelog: v2.2.1...v2

What's Changed

• docs(gov): modernize pull request template for english-only python ecosystem by @PythonWoods-Dev in #35
• chore(release): 2.3.0 by @PythonWoods-Dev in #36

Full Changelog: v2.2.2...v2

v2.2.2

What's Changed

• chore(deps): pin zenzic core to 0.15.1 by @PythonWoods-Dev in #34

Full Changelog: v2.2.1...v2.2.2

v2.2.1

What's Changed

• fix(core): filter out info-level notes from SARIF findings count by @PythonWoods-Dev in #31

Full Changelog: v2.2.0...v2.2.1

v2.2.0

🚀 Engine Upgrade: Support for Zenzic v0.15.0

⚙️ Core Engine Bump

• Zenzic v0.15.0 Support: The underlying engine dependency has been upgraded to fully support the latest Zenzic v0.15.0 features.

✨ New Capabilities

• Native Z603 Detection: CI/CD workflows utilizing this action will now natively detect and flag Z603 DEAD_SUPPRESSION violations out of the box. This ensures that unused or orphaned zenzic:ignore directives are caught in PRs and never merged into your main branch.

🧹 Maintenance

• Updated CHANGELOG.md and isolated legacy release history to maintain clean governance.

v2.1.1

What's Changed

• fix(config): purge legacy i18n configurations and harden release automation by @PythonWoods-Dev in #29

Full Changelog: v2...v2.1.1

v2.1.0 — Zenzic Core v0.14.0

zenzic-action v2.1.0

⬆️ Core Upgrade

This release pins the GitHub Action to Zenzic Core v0.14.0.

What's new in Core v0.14.0

• Z506 MALFORMED_FRONTMATTER: New rule detecting broken frontmatter delimiters.
• Z405 infra exemptions: robots.txt, _redirects, CNAME, sitemap.xml auto-exempt.
• Governance fixes: JSON and SARIF formatters now correctly apply per_file_ignores
  and directory_policies. SARIF results in GitHub Advanced Security are now accurate.
• Breaking: [i18n] config section and Z602 suppressions removed from core.
  Update .zenzic.toml before upgrading.

Usage

- uses: PythonWoods/zenzic-action@v2
  with:
    zenzic-version: "0.14.0"

---

Core release notes: zenzic v0.14.0
Full Changelog: CHANGELOG.md

v2.0.0: SARIF Fix Integration (Core v0.13.1)

Zenzic GitHub Action v2

This release synchronizes the GitHub Action with the Zenzic v0.13.0 core release.

Core Engine Update

This release updates the underlying Zenzic engine default pin to v0.13.1.

Bug Fixes

• SARIF Governance Exclusions: By bumping the core engine to 0.13.1, the Action now correctly respects per_file_ignores and directory_policies when upload-sarif: 'true' is used. This ensures that GitHub Advanced Security Code Scanning only receives active findings and ignores properly managed technical debt.

Usage

Users utilizing the v2 major tag will automatically receive this update:

uses: PythonWoods/zenzic-action@v2
with:
  upload-sarif: 'true'
  strict: 'true'

### 🚀 Highlights
- **Engine Bump:** Updates the internal runtime to Zenzic `v0.13.1`.
- **Improved Action Output:** Adapts to the newly refined Zenzic CLI UX, ensuring `FATAL` and `HALT` codes are bubbled up explicitly in the GitHub Actions runner UI.
- **Strict Configuration Passthrough:** Inherits the active defense TOML validation, ensuring users' misconfigured `.zenzic.toml` paths fail clearly and loudly.

**Full Changelog**: https://github.com/PythonWoods/zenzic-action/compare/v2...v2.0.0

**Full Changelog**: https://github.com/PythonWoods/zenzic-action/compare/v2...v2.0.0

v1.4.0

What's Changed

• chore(deps): Pinned Zenzic Core version to 0.11.0
• fix: Removed obsolete README.it.md requirement from the internal pinning scripts

This release updates the default execution target of the GitHub Action to use the newly released Zenzic Core v0.11.0 engine.

Full Changelog: v1.3.5...v1.4.0

v1

What's Changed

• ci(release): automate GitHub Release on tag push by @PythonWoods-Dev in #5
• Release v1.1.0: Native Telemetry Gate & Core v0.9.0 Alignment by @PythonWoods-Dev in #7
• docs(action): EN/IT readme policy sync by @PythonWoods-Dev in #8
• docs: audit contributing guidance by @PythonWoods-Dev in #9
• release: v1.2.0 by @PythonWoods-Dev in #10

Full Changelog: v1.0.1...v1

What's Changed

• docs(changelog): retroactively deprecate v1.3.0 and older due to config bug by @PythonWoods-Dev in #17

Full Changelog: v1.3.1...v1

What's Changed

• chore(release): bump to v1.3.4 and core 0.10.3) by @PythonWoods-Dev in #20

Full Changelog: v1.3.3...v1

What's Changed

• chore(release): bump version to 1.3.5 by @PythonWoods-Dev in #21

Full Changelog: v1.3.4...v1

What's Changed

• chore(release): v1.4.0 by @PythonWoods-Dev in #22

Full Changelog: v1.3.5...v1