feat(rc3): Zenzic v0.4.0-rc3 β i18n anchor fix, multi-language snippets, Shield deep-scan, governance#2
Merged
PythonWoods-Dev merged 1 commit intomainfrom Mar 29, 2026
Conversation
β¦ts, Shield deep-scan, governance
Full sprint from rc2 β rc3. All hooks pass. Preflight: 446 tests, 82.10%
coverage, 200/200 REUSE, 7/7 Zenzic checks, mkdocs --strict β.
βββ Core: bug fixes βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
fix(i18n): AnchorMissing now participates in i18n fallback suppression
- resolve_anchor() added to BaseAdapter protocol and all three adapters
- When anchor not found in locale file, checks default-locale equivalent
via anchors_cache (zero additional disk I/O)
- _should_suppress_via_i18n_fallback(), I18nFallbackConfig, and 118 lines
of dead code permanently removed from validator.py
refactor(adapters): remap_to_default_locale() extracted as shared utility
- New src/zenzic/core/adapters/_utils.py
- resolve_asset(), resolve_anchor(), is_shadow_of_nav_page() in both
MkDocsAdapter and ZensicalAdapter delegate to it
βββ Core: new features ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
feat(snippets): multi-language snippet validation (Python/YAML/JSON/TOML)
- _VALIDATABLE_LANGS = frozenset({"python","py","yaml","yml","json","toml"})
- _extract_code_blocks() renamed from _extract_python_blocks(), now yields
(lang, snippet, fence_line_no) triples
- Python: compile(); YAML: yaml.safe_load(); JSON: json.loads() with
exc.lineno for accurate line reporting; TOML: tomllib.loads()
- No subprocesses for any language β pure stdlib only
feat(shield): deep-scan β no blind spots in fenced code blocks
- New _skip_frontmatter() generator: strips only YAML frontmatter,
yields all lines including fenced content
- harvest() refactored to two-stream architecture:
Pass 1a β Shield on every line (fences NOT skipped)
Pass 1b β ref-defs + alt-text on content lines (fences skipped)
- Deduplication via secret_line_nos set prevents double-emit
- Shield now covers 7 credential families: OpenAI, GitHub, AWS, Stripe,
Slack, Google API keys, PEM private keys
feat(cli): Visual Snippets for custom rule findings
- [[custom_rules]] violations display the offending source line with β
indicator rendered in the finding severity colour
feat(cli): strict and exit_zero as zenzic.toml project-level fields
feat(output): --format json stabilised at 7-key schema
(links, orphans, snippets, placeholders, unused_assets, references, nav_contract)
βββ Tests βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
test(snippets): 8 new tests for YAML/JSON/TOML validation
- yaml valid/invalid, yml alias, json valid/invalid/line-number, toml valid/invalid
test(shield): 5 new tests for Shield-in-fence coverage
- unlabelled fence, bash fence, ref-def isolation, clean block no findings
βββ Documentation βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
docs(structure): usage/index.md split into three focused pages
- usage/index.md β install, initβconfigβcheck, engine modes
- usage/commands.md β CLI commands, flags, exit codes, JSON output, score
- usage/advanced.md β three-pass pipeline, Shield, alt-text, programmatic API
Italian mirrors (it/usage/) updated in full parity
docs(advanced): Hybrid Scanning Logic section added (EN + IT)
- 4-row table: Shield / Snippet syntax / Link-ref per content location
docs(checks): 4-language snippet support table; Shield "no blind spots" note
docs(badges): JSON/TOML example blocks retagged text (contain placeholders)
docs(examples): security_lab/docs/fenced.md β Shield-in-fence fixture
docs(examples): vanilla/ example project added
docs(examples): broken-docs/ and i18n-standard/ READMEs added
βββ Packaging (Professional Packaging & PEP 735) ββββββββββββββββββββββββββββββ
feat(packaging): zenzic[docs] optional extra for MkDocs stack
- [project.optional-dependencies].docs added to pyproject.toml
- Core install (pip install zenzic) is now dependency-free from MkDocs
feat(packaging): PEP 735 atomic dependency groups
- [dependency-groups]: test / lint / docs / release / dev (aggregator)
- noxfile.py: per-group sync constants (_SYNC_TEST, _SYNC_LINT, _SYNC_DOCS,
_SYNC_RELEASE, _SYNC_DEV) β each session installs only what it needs
feat(ci): docs/** and noxfile.py added to CI path triggers
feat(bump): 13-pattern bump-my-version config
- Covers: pyproject.toml, __init__.py, mkdocs.yml, CITATION.cff (version +
date-released), CHANGELOG.md + it (with per-file hyphenated serialize),
RELEASE.md + it (date), community/index.md + it (BibTeX version + date)
βββ Governance & community ββββββββββββββββββββββββββββββββββββββββββββββββββββ
feat(governance): CITATION.cff β CFF 1.2.0, type: software, abstract
feat(governance): CODE_OF_CONDUCT.md β Contributor Covenant 2.1 full text
feat(governance): SECURITY.md β Shield scope table, supported versions,
coordinated disclosure policy, v0.4 no-subprocess design notes
feat(governance): .github/PULL_REQUEST_TEMPLATE.md β three-pillar checklist
(Source-First / No Subprocesses / Pure Functions) + quality gates
feat(governance): .github/ISSUE_TEMPLATE/ β bug_report.yml,
feature_request.yml, docs_issue.yml (YAML form templates)
docs(readme): Contributing section, Citing Zenzic, zenzic[docs] install
docs(community): Citing Zenzic section with BibTeX snippet (EN + IT)
docs(pull-requests): nox -s dev one-shot setup, dependency groups table (EN + IT)
docs(release): Professional Packaging & PEP 735 section (EN + IT)
docs(release): "The Documentation Firewall" strategic framing (EN + IT)
βββ Branding ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
pyproject.toml: description β "Engineering-grade, engine-agnostic linter
and security shield for Markdown documentation"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Full sprint from rc2 β rc3. All hooks pass. Preflight: 446 tests, 82.10%
coverage, 200/200 REUSE, 7/7 Zenzic checks, mkdocs --strict β.
βββ Core: bug fixes
fix(i18n): AnchorMissing now participates in i18n fallback suppression
via anchors_cache (zero additional disk I/O)
of dead code permanently removed from validator.py
refactor(adapters): remap_to_default_locale() extracted as shared utility
MkDocsAdapter and ZensicalAdapter delegate to it
βββ Core: new features
feat(snippets): multi-language snippet validation (Python/YAML/JSON/TOML)
(lang, snippet, fence_line_no) triples
exc.lineno for accurate line reporting; TOML: tomllib.loads()
feat(shield): deep-scan β no blind spots in fenced code blocks
yields all lines including fenced content
Pass 1a β Shield on every line (fences NOT skipped)
Pass 1b β ref-defs + alt-text on content lines (fences skipped)
Slack, Google API keys, PEM private keys
feat(cli): Visual Snippets for custom rule findings
indicator rendered in the finding severity colour
feat(cli): strict and exit_zero as zenzic.toml project-level fields
feat(output): --format json stabilised at 7-key schema
(links, orphans, snippets, placeholders, unused_assets, references, nav_contract)
βββ Tests
test(snippets): 8 new tests for YAML/JSON/TOML validation
test(shield): 5 new tests for Shield-in-fence coverage
βββ Documentation
docs(structure): usage/index.md split into three focused pages
Italian mirrors (it/usage/) updated in full parity
docs(advanced): Hybrid Scanning Logic section added (EN + IT)
docs(checks): 4-language snippet support table; Shield "no blind spots" note
docs(badges): JSON/TOML example blocks retagged text (contain placeholders)
docs(examples): security_lab/docs/fenced.md β Shield-in-fence fixture
docs(examples): vanilla/ example project added
docs(examples): broken-docs/ and i18n-standard/ READMEs added
βββ Packaging (Professional Packaging & PEP 735)
feat(packaging): zenzic[docs] optional extra for MkDocs stack
feat(packaging): PEP 735 atomic dependency groups
_SYNC_RELEASE, _SYNC_DEV) β each session installs only what it needs
feat(ci): docs/** and noxfile.py added to CI path triggers
feat(bump): 13-pattern bump-my-version config
date-released), CHANGELOG.md + it (with per-file hyphenated serialize),
RELEASE.md + it (date), community/index.md + it (BibTeX version + date)
βββ Governance & community
feat(governance): CITATION.cff β CFF 1.2.0, type: software, abstract
feat(governance): CODE_OF_CONDUCT.md β Contributor Covenant 2.1 full text
feat(governance): SECURITY.md β Shield scope table, supported versions,
coordinated disclosure policy, v0.4 no-subprocess design notes
feat(governance): .github/PULL_REQUEST_TEMPLATE.md β three-pillar checklist
(Source-First / No Subprocesses / Pure Functions) + quality gates
feat(governance): .github/ISSUE_TEMPLATE/ β bug_report.yml,
feature_request.yml, docs_issue.yml (YAML form templates)
docs(readme): Contributing section, Citing Zenzic, zenzic[docs] install
docs(community): Citing Zenzic section with BibTeX snippet (EN + IT)
docs(pull-requests): nox -s dev one-shot setup, dependency groups table (EN + IT)
docs(release): Professional Packaging & PEP 735 section (EN + IT)
docs(release): "The Documentation Firewall" strategic framing (EN + IT)
βββ Branding
pyproject.toml: description β "Engineering-grade, engine-agnostic linter and security shield for Markdown documentation"