v0.7.4

0.7.4 (2026-04-10)

🔧 Miscellaneous

• deps: bump cryptography from 46.0.6 to 46.0.7 in /training/rl (#422) (f220042)

---

Artifact Verification

All release artifacts include Sigstore provenance attestations. Verify with the GitHub CLI:

# Download the source archive
gh release download v0.7.4 --repo microsoft/physical-ai-toolchain --pattern 'source-v0.7.4.tar.gz'

# Verify build provenance
gh attestation verify source-v0.7.4.tar.gz --repo microsoft/physical-ai-toolchain

# Verify SBOM attestation
gh attestation verify source-v0.7.4.tar.gz --repo microsoft/physical-ai-toolchain --predicate-type https://spdx.dev/Document

v0.7.3

0.7.3 (2026-04-09)

🔒 Security

• deps: bump the training-dependencies group in /training/rl with 7 updates (#408) (7d980eb)

---

Artifact Verification

All release artifacts include Sigstore provenance attestations. Verify with the GitHub CLI:

# Download the source archive
gh release download v0.7.3 --repo microsoft/physical-ai-toolchain --pattern 'source-v0.7.3.tar.gz'

# Verify build provenance
gh attestation verify source-v0.7.3.tar.gz --repo microsoft/physical-ai-toolchain

# Verify SBOM attestation
gh attestation verify source-v0.7.3.tar.gz --repo microsoft/physical-ai-toolchain --predicate-type https://spdx.dev/Document

v0.7.2

0.7.2 (2026-04-09)

🔒 Security

• deps: bump the dataviewer-dependencies group in /data-management/viewer with 13 updates (#405) (fb7b4a4)

---

Artifact Verification

All release artifacts include Sigstore provenance attestations. Verify with the GitHub CLI:

# Download the source archive
gh release download v0.7.2 --repo microsoft/physical-ai-toolchain --pattern 'source-v0.7.2.tar.gz'

# Verify build provenance
gh attestation verify source-v0.7.2.tar.gz --repo microsoft/physical-ai-toolchain

# Verify SBOM attestation
gh attestation verify source-v0.7.2.tar.gz --repo microsoft/physical-ai-toolchain --predicate-type https://spdx.dev/Document

v0.7.1

0.7.1 (2026-04-09)

🔒 Security

• deps: bump the docusaurus-dependencies group in /docs/docusaurus with 14 updates (#404) (ada7211)

---

Artifact Verification

All release artifacts include Sigstore provenance attestations. Verify with the GitHub CLI:

# Download the source archive
gh release download v0.7.1 --repo microsoft/physical-ai-toolchain --pattern 'source-v0.7.1.tar.gz'

# Verify build provenance
gh attestation verify source-v0.7.1.tar.gz --repo microsoft/physical-ai-toolchain

# Verify SBOM attestation
gh attestation verify source-v0.7.1.tar.gz --repo microsoft/physical-ai-toolchain --predicate-type https://spdx.dev/Document

v0.7.0

0.7.0 (2026-04-09)

✨ Features

• build: add hve-core release pipeline with dependency SBOM and signing artifacts (#420) (2ff839a)
• build: enforce strict warnings across all linters (#392) (b75e217)
• evaluation: add fuzz testing infrastructure and property-based tests (#416) (d97d42c)
• infrastructure: add optional ADLS Gen2 data lake storage account (#398) (3bb9012)
• settings: add HVE Core extension to workspace and devcontainer recommendations (#226) (f0735d8)

🐛 Bug Fixes

• docs: fix broken links, harden Docusaurus config, and integrate CI workflow (#430) (ea99997)
• scripts: join shellcheck version output before -match to populate $Matches (#432) (8768e76)
• scripts: map unmapped ShellCheck severity levels and harden version parsing (#434) (1e95a17)
• scripts: resolve ShellCheck SC2034 and enable source-path resolution (#443) (04438ea)

🔧 Miscellaneous

• deps-dev: bump basic-ftp from 5.2.0 to 5.2.1 (#429) (438660a)
• deps: bump cryptography from 46.0.6 to 46.0.7 (#425) (2366647)

---

Artifact Verification

All release artifacts include Sigstore provenance attestations. Verify with the GitHub CLI:

# Download the source archive
gh release download v0.7.0 --repo microsoft/physical-ai-toolchain --pattern 'source-v0.7.0.tar.gz'

# Verify build provenance
gh attestation verify source-v0.7.0.tar.gz --repo microsoft/physical-ai-toolchain

# Verify SBOM attestation
gh attestation verify source-v0.7.0.tar.gz --repo microsoft/physical-ai-toolchain --predicate-type https://spdx.dev/Document

v0.6.1

0.6.1 (2026-04-08)

📦 Build System

• build: upgrade to Node 24 and bump npm devDependencies (#414) (e46ddcd)

v0.6.0

0.6.0 (2026-04-08)

✨ Features

• build: add terraform-docs generation pipeline (#378) (78e90d0)
• infrastructure: enable optional AML diagnostic logs (#400) (58dd8db)
• scripts: consolidate scripts library paths and enhance dataviewer (#383) (176d9c9)

🐛 Bug Fixes

• build: remediate CVEs, enforce equality pinning, repair Dependabot config (#391) (0c29148)
• infrastructure: add Storage File Data Privileged Contributor role for ML identity (#380) (378f7ed)
• infrastructure: replace hardcoded NAT Gateway availability zones with variable (#356) (a1397bd)
• infrastructure: resolve TFLint violations and enable hard-fail (#376) (dfb55cd)
• scripts: add dot-source guard to Invoke-MsDateFreshnessCheck.ps1 (#397) (f6f22c3)
• training: validate AzureML and OSMO RL submissions end to end (#372) (49904d3)

📚 Documentation

• infrastructure: add terraform-docs tooling and improve developer experience (#365) (a0fb03a)
• reference: centralize workflow template docs and convert workflow READMEs to pointer index (#379) (68097e4)

🔧 Miscellaneous

• deps-dev: bump the npm_and_yarn group across 1 directory with 2 updates (#374) (d848c8b)
• deps-dev: bump vite from 6.4.1 to 6.4.2 in /data-management/viewer/frontend in the npm_and_yarn group across 1 directory (#395) (6ec7f19)
• deps: bump the github-actions group across 1 directory with 7 updates (#370) (4d1b951)
• deps: bump the uv group across 2 directories with 1 update (#373) (ba66ed9)

🔒 Security

• deps-dev: bump brace-expansion from 1.1.12 to 1.1.13 in /docs/docusaurus in the npm_and_yarn group across 1 directory (#389) (27129d9)
• deps-dev: bump the npm_and_yarn group across 2 directories with 2 updates (#363) (aeae624)
• deps-dev: bump the python-dependencies group with 5 updates (#403) (bb85560)
• deps: bump cryptography from 46.0.5 to 46.0.6 in /training/rl (#367) (a82dd68)
• deps: bump the inference-dependencies group in /evaluation with 2 updates (#401) (c88d253)
• deps: bump the pip group across 4 directories with 2 updates (#411) (1230fe0)
• deps: bump the training-dependencies group across 1 directory with 67 updates (#375) (8e05172)
• deps: bump the uv group across 2 directories with 1 update (#382) (b6c7aea)
• deps: update marshmallow requirement from <4.3.0,>=3.5 to >=3.5,<4.4.0 in /evaluation in the inference-dependencies group (#393) (599c7eb)

v0.5.0

0.5.0 (2026-03-26)

✨ Features

• add dataviewer web application for dataset analysis and annotation (#375) (c44d7bb)
• add return type annotations to cli_args functions (#476) (35523ee)
• add YAML config schema with pydantic validation for ROS 2 recording (#376) (1fa5243)
• agents: Copilot agents and skills for dataviewer and OSMO training workflows. (#444) (8b72daf)
• build: add automated ms.date freshness checking (#448) (f92ddbc)
• build: add CLA section, Dependabot security prefix, and OWASP ZAP DAST scan (#241) (083a8af)
• build: add coverage.py configuration to pyproject.toml (#428) (eac7426)
• build: add Go CI pipeline with golangci-lint and go test (#351) (b27e4fb)
• build: add OpenSSF Scorecard workflow and badge (#431) (98a62e7)
• build: add release artifact signing and SBOM attestation (#480) (b226e96)
• build: add TFLint reusable GitHub Actions workflow (#229) (34d5575)
• build: split Go CI into separate lint and test pipelines (#354) (2dec155)
• dataviewer: add authentication middleware and CSRF protection for mutation endpoints (#432) (77c8a01)
• docs: create training documentation hub with guides and migration (#380) (0fdccc5)
• docs: port Docusaurus documentation site with full build validation (#182) (29dd640)
• fix and deploy dataviewer (#498) (c922d49)
• inference: add AzureML and local LeRobot inference workflows (#438) (f7d786a)
• inference: add MLflow trajectory plots and multi-source support to OSMO inference workflow (#421) (8637458)
• infra: add blob storage lifecycle policies and folder structure (#179) (101a6e8)
• infrastructure: add optional observability and compute feature flags (#437) (9eba0da)
• infrastructure: add private Linux Isaac Sim VM deployment option (#348) (3748c2d)
• infrastructure: add terraform-docs auto-generation pipeline (#358) (6565caa)
• infrastructure: harden Isaac Sim VM deployment with encryption and spot options (#355) (6ebc1f2)
• repo: migrate to domain-driven architecture (#270) (a339e70)
• scripts: add --config-preview and deployment summary to submission scripts (#499) (4069806)
• scripts: add Copilot attribution footer validation to frontmatter linting (#378) (4d595f2)
• src: add dataviewer web application with storage adapter layer (#404) (8a9fb70)

🐛 Bug Fixes

• build: add GHSA to cspell custom dictionary (#315) (67db81a)
• build: correct codecov report_type input for terraform test uploads (#324) (d90d66d)
• build: expand CODEOWNERS coverage to critical paths (#505) (bafade1)
• build: pin Docker base image and pip dependencies with Dependabot coverage (#497) (d3d7ea4)
• build: pin pydantic version and use uv in config schema validation workflow (#493) (28d823f)
• build: pin uv installer to versioned URL (#495) (8d8541b)
• build: remediate GHSA vulnerabilities flagged by OSSF Scorecard (#271) (49b6e58)
• build: remove README frontmatter, add FrontmatterExcludePaths, enforce Pester 5 (#443) (641d0f3)
• build: resolve CI failures for release 0.5.0 PR (#174) (62c9900)
• build: resolve codecov PR comment suppression (#523) (5603bd7)
• build: use npm ci for deterministic frontend dependency install (#491) (ee8b5d3), closes #490
• ci: add wait_for_ci to Codecov configuration (#183) ([370cf44](370cf442a21f0463d0db484...