Releases: declaw-ai/declaw-python
Releases · declaw-ai/declaw-python
Release list
declaw v1.4.0
2026-07 train: credential vault client + injection domain scoping.
Added
- Credential vault client —
VaultClientandAsyncVaultClientfor managing
secrets by name:create_secret(),list_secrets(),rotate_secret(),
delete_secret(),update_scopes(), andlist_presets(). Secret values are
write-only (never returned after create). Attach secrets to a sandbox with
vault_refs={"ENV_VAR": "secret-name"}; the value is injected at the egress
proxy and never enters the sandbox (#386, #399, #408, #456). - Opt-in domain scoping for full injection defense — pass
domains=[...]to
restrict prompt-injection scanning to specific destination hosts.
declaw v1.3.0
2026-06 train: file-granular volumes, OPA governance.
Added
- Mode-based volumes: write-back and mount modes with a file-granular
backend, plus a detached volume-files API —volume.files.write()/
read()/list()/info()/exists()/remove()/rename()/
mkdir(),volumes.empty()andvolumes.ingest()constructors, and
volume locks (acquire/renew/release/status) (#344). - OPA custom-policy support for AI agents: custom policy config with
policy_refresolution,content_gatefor model/domain gating, and
out-of-box AI governance packs viaGovernancePacks(#279, #345).
Changed
- The per-sandbox audit flag now gates network, command, and filesystem
event categories:enabled=Falsesuppresses all gated categories
while lifecycle and admin events are still recorded (#332).