ChronosynD v0.1.1

What's in this release

Maintenance release.

• Pinned CI action SHAs and scoped GITHUB_TOKEN to contents: read.
• Capped allocations on the recording reader and audit-row payloads.
• Field-level corruption checks in the storage decoder.
• Hardened two Python tests that previously could pass vacuously.
• python.yml now runs the real ruff / mypy / pytest gates.
• Dependency bumps (sha2, ndarray, pytest, action versions)

Building and running

See README.md.

ChronosynD v0.1.0

What's in this release

• Sediment algorithm: Python reference + Rust port, parity-checked bit-for-bit on every push.
• Naive, Consensus, AnomalyWithin baselines for the four-way ablation.
• Three poisoning attacks: pre_seed (uniform), burst (contiguous), targeted (white-box grid search).
• Nine experiments + one real-data validation on captured Linux bash behavior under attack-payload load (126× median score separation, zero false positives during attack capture).
• BPF runtime with raw_syscalls/sys_enter probe, JSONL recording, replay-and-fit CLI.
• Tamper-evident SQLite store with SHA-256 hash chain over an append-only audit log.
• Cross-implementation parity: 300 baseline-estimator comparisons within 1e-9 + 4 feature-extractor cases asserting per-window equality.

Test counts

• Python: 202 tests passing under mypy --strict and ruff.
• Rust: 95 tests across 7 crates, 96 with --features bpf. forbid(unsafe_code).
• Clippy and parity gates clean.

Limitations

This is a research artifact. Service integration, alert delivery, baseline lifecycle management, performance benchmarking under fleet-realistic load, CO-RE for portable BPF, and per-PID baseline keying are deliberately out of scope. See §8 of the paper.

Building and running

See README.md for the development quickstart