Skip to content

Releases: InferShield/infershield

v1.1 — Windows Support & Production Validation

11 Mar 14:30
@Hozyne-OpenBak Hozyne-OpenBak
v1.1
59b6c83
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1 — Windows Support & Production Validation Latest
Latest

InferShield v1.1

Windows Support: Full Windows 10/11 compatibility validated on physical hardware.

What's New

  • Windows Credential Manager integration (OAuth device flow token storage)
  • Chrome extension passthrough validated on Windows
  • Cross-platform parity confirmed (macOS, Linux, Windows)
  • 77/77 tests passing on Windows 11 Enterprise

Evidence

  • Physical validation: Issue #77, PR #88
  • Release gate approved by CEO after DevOps physical VM testing

Installation

See https://docs.infershield.io for updated installation instructions including Windows-specific setup.

Full Changelog: v1.0...v1.1

Assets 2
Loading

v0.9.0

23 Feb 03:11
@github-actions github-actions
v0.9.0
a0685e9

Choose a tag to compare

View all tags
v0.9.0

InferShield v0.9.0 (Hardening Release)

Summary

InferShield v0.9.0 hardens the detection layer against encoding evasion, interleaving attacks, and false positives. This release adds an integration layer that wires together encoding normalization, behavioral divergence detection, session hardening, and context-aware policy evaluation.

All validation complete: 33 unit tests and 13 integration tests passing. Performance targets exceeded by 1000-4000x baseline.

What's New

  • Detection pipeline orchestrates encoding normalization, context analysis, policy evaluation, and behavioral scoring
  • Encoding evasion mitigation handles Base64, URL encoding, and double encoding
  • Behavioral divergence detection identifies interleaving attacks across session history
  • Context analyzer reduces false positives by excluding JWT tokens and API keys
  • Session manager simplified with deterministic cleanup and history tracking
  • Comprehensive integration test suite validates end-to-end detection flows
  • Performance benchmark suite tracks encoding, behavioral, and session operation latency

Security Impact

  • Encoding evasion attacks mitigated at normalization layer before policy evaluation
  • Behavioral divergence detection prevents mixed benign/malicious interleaving
  • Context-aware detection maintains high true positive rate while reducing false positives
  • Session integrity improved with TTL enforcement and automatic cleanup

Validation

Test Results:

  • 33 unit tests passing (100%)
  • 13 integration tests passing (100%)
  • Performance benchmarks: encoding 0.0016ms avg, behavioral 0.0005ms avg, sessions 0.0004ms avg
  • Load testing: 1000 sequential requests in 1.73ms total
  • Memory: 1.27 MB growth per 1000 sessions (no leaks detected)
  • Regression tests confirm v0.8.0 functionality intact

Performance Grade: All targets exceeded by 1000-4000x

Known Limitations

  • Single-instance deployment (no distributed session state)
  • In-memory sessions only (no Redis or external store)
  • No multi-session correlation across instances
  • Rule-based detection (no ML models)
  • Basic context analysis (JWT/API key prefix matching only)

These limitations are intentional. This release focuses on hardening existing capabilities, not architectural expansion.

How to Try It

  1. Clone the repository and check out v0.9.0:

    git clone https://github.com/InferShield/infershield.git
cd infershield
git checkout v0.9.0

  2. Install dependencies:

    cd backend
npm install

  3. Run tests:

    npm test

  4. Run performance benchmarks:

    node benchmarks/performance.js

  5. Use the detection API:

    const { createApp } = require('./src/app');
const SessionManager = require('./src/session/sessionManager');

const sessionManager = new SessionManager();
const app = createApp({ sessionManager });

const result = await app.evaluate({
  sessionId: 'user-123',
  actionType: 'SEND',
  payload: 'Your input here',
  metadata: {}
});

console.log('Allowed:', result.allowed);
console.log('Severity:', result.severity);
console.log('Risk Score:', result.riskScore);

Upgrading from v0.8.0

No breaking changes. All v0.8.0 detection policies still function. New integration layer is additive.

If you were using session tracking directly, note that sessionManager API is simplified:

  • Removed sessionInfo tracking
  • Added cleanupExpiredSessions() return value (count of cleaned sessions)
  • Session data now includes history array for behavioral analysis

Full Changelog

See CHANGELOG.md for complete details.

Release Date: February 29, 2026
Commit: a0685e9
Tag: v0.9.0

Loading

v0.8.0

23 Feb 00:47
@github-actions github-actions
v0.8.0
0a74be0

Choose a tag to compare

View all tags
v0.8.0 
Release v0.8.0: Cross-step escalation detection

Added:
- Session tracking middleware
- CrossStepEscalationPolicy (multi-step detection)
- Content analyzer (action classification)
- Integration tests validating 3-step exfiltration blocking

Refactored:
- Extensible policy engine architecture

Limitations:
- In-memory session storage
- Rule-based detection
- Proof-of-concept implementation
Loading