v1.21.1 - MCP full-scan result interpretation fix

Fixed

• Preserve semantic MCP guard JSON results on non-zero full-scan exits for both sync and deferred paths.
• Reserve wrapper_instability for true wrapper faults with unusable stdout instead of semantic guard failures.

Changed

• Align DX-94 MCP guard contract documentation with the shipped status and error taxonomy.
• Archive stale top-level project artifacts under docs/archive/top-level-legacy/.

v1.21.0 - mutation support and property-target skip fix

Highlights

• Add mutation feature set in this minor release.
• Fix property-test target resolution so class-owned targets are resolved with owner context.
• Honor @skip_property_test on actual class-owned callables (including dunder methods) without requiring module-level dunder alias workarounds.
• Add focused regression tests for class-owned dunder/non-dunder targets, collision cases, and descriptor-order variants.

Version

• invar-tools: 1.21.0

v1.20.3

Highlights

DX-96: Escape Hatch Strict Gating

Three-tier escape hatch budget system that prevents marker abuse. Escape hatches (@invar:allow) are now classified into Suppressible, Expensive, and Non-suppressible tiers with per-file, per-project, and aggregate budget limits.

• Non-suppressible rules: dead_export, stub_body, missing_contract, missing_doctest — inline @invar:allow always produces ERROR; legitimate exemptions must be declared in pyproject.toml by a human
• Budget enforcement: Weighted cost model (Suppressible ×1, Expensive ×3) with configurable project-wide limit (default 15 points)
• Combination penalty: 2 escape hatches on same function count double; 3+ is unconditional ERROR
• Config exemptions: [tool.invar.exempt.<rule>] patterns in pyproject.toml for human-authorized exceptions

DX-97: dead_export Extended to Classes

The dead_export rule now detects unreferenced public classes in Shell modules, closing a detection gap that allowed unused implementations to go unnoticed.

• Public classes with 0 cross-file references in src/ → dead_export WARNING
• Public classes referenced only from test files → test_only_export INFO
• Protocol and ABC classes are exempt (interface definitions meant to be subclassed)
• Tested across 5 production projects with 100+ Shell public classes — zero false positives

DX-91: USBV Cleanup

Removed residual USBV (Unified Spec-Based Verification) references from active surfaces, design docs, and root configuration.

Escape Hatch Migration

Migrated Invar's own codebase to comply with DX-96 strict gating:

• 43 shell_result markers → fixed or moved to pyproject.toml exempt patterns
• 22 dead_export markers → audited and resolved
• 9 entry_point_too_thick markers → entry points refactored
• All non-suppressible inline markers eliminated

Upgrade

uv tool install --force invar-tools@latest

Breaking Changes

• @invar:allow dead_export:, @invar:allow stub_body:, @invar:allow missing_contract:, and @invar:allow missing_doctest: inline markers now produce ERROR. Move legitimate exemptions to pyproject.toml [tool.invar.exempt.<rule>].

New Configuration

[tool.invar.guard]
escape_suppressible_per_file = 3
escape_expensive_per_file = 2
escape_suppressible_per_project = 10
escape_expensive_per_project = 5
escape_budget_limit = 15

[tool.invar.exempt.dead_export]
patterns = ["cli/commands/*.py"]

v1.20.2 - prefer uv run invar

Highlights

• Pre-commit hook template now uses uv run invar guard instead of bare invar guard
• MCP setup documentation now recommends project-local uv run invar mcp as primary option
• All draft proposals and design docs updated to prefer uv run for invar commands

Included

• Pre-commit hook template: uv run invar guard / uv run invar guard --changed
• MCP setup guide: reorganized to recommend project-local first, uvx as fallback
• Design docs: installation examples updated to uv add --dev + uv run
• Draft proposals: CLI examples aligned with current recommended usage

Upgrade

uv tool install --force invar-tools@latest

For existing projects, run uv run invar init to regenerate the pre-commit hook with the new template.

v1.20.1 - project-local setup defaults

Highlights

• Recommend project-local installation with uv add --dev invar-tools invar-runtime for normal setup.
• Default docs and examples to uv run invar ... for guard, init, and MCP.
• Remove user-facing proposal jargon from README so current usage is clearer.

Included

• README and integration guides now prefer project-local dev dependencies over uvx.
• MCP examples now default to the local project environment.
• Release-facing setup guidance now matches the current Python-only workflow.

v1.20.0 - Python-only surface cleanup

Highlights

• Simplify the distributed Invar surface around the active Python workflow.
• Remove retired TypeScript tooling, hooks, skills, and template residue from shipped assets.
• Harden legacy project migration and dev-sync coverage for DX-91 upgrade paths.

Included

• Release-facing docs and synced protocol files now tell one coherent Python-only story.
• Init/dev-sync migration coverage now handles stale agent assets and cleanup cases more reliably.
• Proposal/reference release docs were reconciled so active mechanism guidance stays consistent.

v1.19.7 - Deferred MCP guard reliability and provenance fixes

Fixed

• MCP full-guard deferred runs now expose liveness and complete reliably on large external repositories
• Installed-artifact invar guard smoke runs no longer fall back into local worktree builds during uv/uvx respawn

Included

• asyncio subprocess execution for deferred MCP guard runs
• running-state heartbeat via updated_at
• external full-scan validation against tasca
• wheel/sdist provenance regressions and release smoke coverage

v1.19.6 - MCP guard changed/all mapping fix

Fixed

• Fix MCP invar_guard flag mapping so changed=false explicitly uses full-project --all mode.
• Preserve existing behavior for default and changed=true (--changed).
• Add regression tests for MCP guard mode mapping (default, changed=true, changed=false).

v1.19.5 - DX-93 MCP entry-point policy rollout

Changed

• Distribute DX-93 MCP entry-point policy in guard.
• Distinguish MCP tools from traditional entry points for thickness policy evaluation.
• Apply MCP-specific threshold behavior (35) while preserving traditional 15-line enforcement.
• Improve MCP-specific diagnostics to reduce single-use helper extraction pressure.

Added

• Focused regression coverage for MCP/traditional entry-point policy branches.
• Updated rule and protocol docs for 15/35 threshold behavior and fallback semantics.

v1.19.4 - DX-93 MCP threshold rollout

Highlights

• Publish DX-93 MCP entry-point threshold behavior for field verification.
• Includes engine classification and diagnostic improvements plus regression coverage updates.
• No policy redesign; non-MCP behavior remains unchanged.