Merge pull request #2 from ToxMCP/codex/public-safe-0.4.3

[codex] prepare public-safe 0.4.3 release

Author: senseibelbi

.env.example

@@ -16,7 +16,7 @@ HOST=0.0.0.0
 PORT=8000
 LOG_LEVEL=INFO
 SERVICE_NAME="mcp-bridge"
-SERVICE_VERSION="0.4.2"
+SERVICE_VERSION="0.4.3"
 ENVIRONMENT="development"
 # Bind settings for the hardened compose overlay
 PBPK_BIND_HOST="127.0.0.1"
@@ -37,13 +37,17 @@ AUDIT_STORAGE_PATH="var/audit"
 # AUDIT_S3_KMS_KEY_ID="arn:aws:kms:..."
 # AUDIT_VERIFY_LOOKBACK_DAYS=1
 # Authentication (optional in development; required by docker-compose.hardened.yml)
+# AUTH_ALLOW_ANONYMOUS=true  # Development-only shortcut. Keep false for any shared or production deployment.
+# Local packaged compose also sets a development-only AUTH_DEV_SECRET so operator-token tests can run while anonymous users stay viewer-only.
 # AUTH_ISSUER_URL="https://example-issuer/.well-known/openid-configuration"
 # AUTH_AUDIENCE="mcp-bridge"
 # AUTH_JWKS_URL="https://example-issuer/.well-known/jwks.json"
 # AUTH_JWKS_CACHE_SECONDS=900
 # AUTH_DEV_SECRET="dev-shared-secret"  # WARNING: do not set outside local development
+# Legacy aliases remain temporarily supported with warnings and will be removed in v0.5.0:
+# R_PATH/R_HOME/R_LIBS, MCP_MODEL_SEARCH_PATHS, ADAPTER_TIMEOUT_SECONDS, and AUDIT_TRAIL_ENABLED.
 # Allowlist for PBPK model files (colon-separated paths)
-MCP_MODEL_SEARCH_PATHS="tests/fixtures"
+ADAPTER_MODEL_PATHS="tests/fixtures"
 
 # Job execution settings
 JOB_WORKER_THREADS=2

.github/workflows/model-smoke.yml

@@ -62,10 +62,14 @@ jobs:
         run: |
           python3 scripts/release_readiness_check.py --skip-unit-tests | tee var/release_readiness_summary.json
 
+      - name: Run live misuse-prevention gate
+        run: |
+          make misuse-prevention-live-test PY=python3
+
       - name: Run workspace model smoke
         run: |
-          python3 scripts/workspace_model_smoke.py --include-population | tee var/workspace_model_smoke_summary.txt
-          python3 scripts/workspace_model_smoke.py --search cisplatin --include-population --output var/workspace_model_smoke_rxode2_report.json
+          python3 scripts/workspace_model_smoke.py --include-population --auth-dev-secret pbpk-local-dev-secret | tee var/workspace_model_smoke_summary.txt
+          python3 scripts/workspace_model_smoke.py --search reference_compound --include-population --auth-dev-secret pbpk-local-dev-secret --output var/workspace_model_smoke_rxode2_report.json
 
       - name: Capture compose diagnostics
         if: always()

.github/workflows/release-artifacts.yml

@@ -31,8 +31,10 @@ jobs:
       - name: Verify contract artifacts are current
         run: |
           python scripts/check_runtime_contract_env.py
+          make misuse-prevention-test PY=python
           python scripts/generate_contract_artifacts.py --check
           python scripts/check_release_metadata.py
+          python scripts/validate_model_manifests.py --strict --require-explicit-ngra --curated-publication-set
 
       - name: Build and validate release artifacts
         run: |

.gitignore

@@ -25,9 +25,13 @@ dist/
 # Temporary workspace artifacts
 tmp/
 OECD_PBPK_guidelines.pdf
+cisplatin_*.pdf
+cisplatin_oecd_standard_report.pdf
+figures/
 
 # Runtime state and generated outputs
 var/benchmarks/
+var/contract/
 var/converted/
 var/converted_models/
 var/demos/
@@ -38,9 +42,11 @@ var/population-results/
 var/reports/
 var/release_readiness_summary.json
 var/snapshots/
+var/test-audit-signoff/
 var/workspace_model_smoke*.json
 var/workspace_model_smoke*.txt
 var/models/discovery-tests/
+output/
 
 # Local logs
 *.log

CHANGELOG.md

@@ -4,6 +4,25 @@ All notable changes to this project should be documented in this file.
 
 ## Unreleased
 
+## v0.4.3 - 2026-03-30
+
+### Added
+
+- a regulatory gold-set benchmark dossier plus advisory `regulatoryBenchmarkReadiness` reporting so manifest validation can surface benchmark-derived documentation gaps without pretending that research models are regulatory-grade
+- a model-onboarding checklist that defines the trust pipeline for new PBPK chemicals and keeps internal use cases such as reference_compound out of the benchmark corpus
+- a reproducible repo-concat generator for external review snapshots of the current PBPK MCP folder
+
+### Changed
+
+- trust-bearing summaries now carry clearer anti-misread, caution, benchmark-gap, and export-boundary surfaces across manifest validation, release audits, and OECD-oriented reporting
+- release-prep documentation now reflects the current hardening work rather than the earlier packaged-runtime hotfix story
+- the internal live-audit wording now treats the public release comparison as a moving baseline instead of hardcoding a stale public version label
+
+### Fixed
+
+- eliminated release-story drift between the codebase and the public-facing release metadata by aligning version markers, compose/env `SERVICE_VERSION`, README release notes, and the matching release note file
+- verified that the live contract-manifest hash, packaged artifacts, and release-readiness gate all agree after a fresh redeploy
+
 ## v0.4.2 - 2026-03-22
 
 ### Fixed
@@ -154,9 +173,9 @@ All notable changes to this project should be documented in this file.
 - optional `pbpk_run_verification_checks(...)` hooks for model-specific executable qualification checks such as mass balance and solver-stability heuristics
 - stored `executableVerification` snapshots in `export_oecd_report` so OECD dossiers can carry the latest executed verification results without implicitly rerunning them
 - parameter-catalog and parameter-table snapshots are now passed into `pbpk_run_verification_checks(...)` so model-specific runtime checks can validate exposed units and structural coverage
-- executable structural physiology checks for systemic flow distribution and renal volume partition consistency in the cisplatin example model
-- bounded local sensitivity evidence for the cisplatin example, exported through `uncertaintyEvidence` with current-parameter context rather than a placeholder sensitivity gap
-- bounded variability-propagation evidence for the cisplatin example, exported through `uncertaintyEvidence` as a compact internal-exposure distribution summary
+- executable structural physiology checks for systemic flow distribution and renal volume partition consistency in the reference_compound example model
+- bounded local sensitivity evidence for the reference_compound example, exported through `uncertaintyEvidence` with current-parameter context rather than a placeholder sensitivity gap
+- bounded variability-propagation evidence for the reference_compound example, exported through `uncertaintyEvidence` as a compact internal-exposure distribution summary
 - explicit performance-evidence classification and qualification-boundary summaries in `export_oecd_report`, so runtime smoke/internal evidence is separated from predictive and external qualification evidence
 - generic companion performance-evidence bundles for `.pkml` and MCP-ready `.R` models via files such as `model.performance.json`
 - reusable starter template for companion performance-evidence bundles at `examples/performance_evidence_bundle.template.json`
@@ -172,12 +191,12 @@ All notable changes to this project should be documented in this file.
 - release-readiness checks now exercise the executable verification surface in addition to validation, execution, and OECD report export
 - executable verification now goes beyond smoke-only checks by asserting deterministic result integrity and repeat-run reproducibility
 - OECD checklist/report generation now separates software-platform qualification evidence from implementation verification evidence
-- the cisplatin example now contributes executable mass-balance and solver-stability checks through the runtime verification hook
+- the reference_compound example now contributes executable mass-balance and solver-stability checks through the runtime verification hook
 - OECD report export now carries stored executable verification snapshots separately from static `verificationEvidence`
-- the cisplatin example now contributes executable parameter-unit consistency checks through the runtime verification hook
-- the cisplatin example now contributes executable systemic-flow and renal-volume consistency checks through the runtime verification hook
+- the reference_compound example now contributes executable parameter-unit consistency checks through the runtime verification hook
+- the reference_compound example now contributes executable systemic-flow and renal-volume consistency checks through the runtime verification hook
 - bridge evidence hooks now receive the loaded runtime parameter context and parameter-table snapshot so uncertainty/performance evidence can reflect the actual loaded model state
-- cisplatin runtime smoke evidence is now explicitly labeled as internal operational evidence rather than implied predictive support
+- reference_compound runtime smoke evidence is now explicitly labeled as internal operational evidence rather than implied predictive support
 - static manifest inspection now treats a companion performance-evidence bundle as a valid alternative to a dedicated `pbpk_performance_evidence(...)` hook for `R` models
 - companion performance-evidence bundles can now expose bundle-level metadata, and that metadata is surfaced through static manifest inspection and OECD report export
 - malformed performance-evidence rows are now surfaced as warnings during static manifest inspection and OECD report export instead of being silently normalized
@@ -300,7 +319,7 @@ All notable changes to this project should be documented in this file.
 ### Fixed
 
 - `.pkml` runtime execution for transfer files with empty `OutputSelections` via bounded observer fallback
-- live discovery/index mismatch where custom models like cisplatin were loadable but not discoverable
+- live discovery/index mismatch where custom models like reference_compound were loadable but not discoverable
 - validation edge cases around scalar `contextOfUse` values
 - async deterministic result retrieval with persisted fallback in `get_results`
 

CODE_OF_CONDUCT.md

@@ -1,29 +1,23 @@
 # Code of Conduct
 
-## Our Standards
+This repository expects respectful, technically serious collaboration.
 
-We are committed to providing a welcoming and respectful environment for everyone.
+## Expected Behavior
 
-Examples of behavior that contributes to a positive environment include:
+- engage with ideas directly and in good faith
+- keep criticism specific, factual, and constructive
+- respect uncertainty, boundaries, and evidence limits
+- help keep the project usable by scientists, engineers, and reviewers with different backgrounds
 
-- Being respectful in communication.
-- Giving and receiving constructive feedback.
-- Focusing on what is best for the project and community.
+## Unacceptable Behavior
 
-Examples of unacceptable behavior include:
-
-- Harassment, discrimination, or abusive language.
-- Personal attacks, trolling, or insulting comments.
-- Publishing private information without permission.
-
-## Scope
-
-This Code of Conduct applies in project spaces, including issues, pull requests, discussions, and related communication channels.
+- harassment, abuse, or intimidation
+- discriminatory language or personal attacks
+- deliberately misleading technical claims
+- sharing secrets, private data, or exploit details irresponsibly
 
 ## Enforcement
 
-Project maintainers are responsible for clarifying and enforcing this Code of Conduct and may take action for behavior deemed inappropriate.
-
-## Reporting
+Maintainers may edit, moderate, or remove content that conflicts with this standard and may limit participation when needed to protect contributors or the project.
 
-To report unacceptable behavior, open a private security advisory or contact the maintainers through the repository owner channels.
+For sensitive cases, prefer a private contact path rather than escalating publicly.

CONTRIBUTING.md

@@ -2,46 +2,51 @@
 
 Thanks for contributing to PBPK MCP.
 
-## Development Setup
+## Scope
 
-1. Clone the repository.
-2. Create a virtual environment.
-3. Install dependencies:
+This repository is a public PBPK MCP server with a published contract surface, live runtime checks, and release evidence gates. Contributions should preserve:
 
-```bash
-python -m pip install --upgrade pip
-python -m pip install -e '.[dev]'
-```
+- contract clarity
+- conservative scientific boundaries
+- explicit auth and runtime safety
+- reproducible release behavior
 
-## Local Quality Gates
+## Pull Requests
 
-Run these before opening a pull request:
+Before opening a pull request:
 
-```bash
-make lint
-make type
-make test
-```
+- run the relevant local tests for the area you changed
+- update docs when behavior, contracts, or workflow expectations change
+- avoid widening scientific or regulatory claims without explicit evidence and matching tests
+- keep temporary files, credentials, machine-local paths, and generated runtime artifacts out of the patch
 
-Optional heavier checks:
+For release-facing or trust-surface changes, review:
 
-```bash
-make test-e2e
-make compliance
-make benchmark
-```
+- `docs/github_publication_checklist.md`
+- `docs/hardening_migration_notes.md`
+- `docs/pbk_reviewer_signoff_checklist.md`
+- `docs/post_release_audit_plan.md`
 
-## Pull Request Guidelines
+## Model And Contract Changes
 
-- Keep changes focused and small where possible.
-- Add or update tests for behavior changes.
-- Update docs when APIs, config, or workflows change.
-- Include a concise summary and validation notes in the PR description.
+If you change:
 
-## Commit Style
+- MCP tools or routes
+- public schemas or examples
+- trust-bearing summaries
+- release or readiness checks
 
-Conventional commit prefixes are recommended (`feat:`, `fix:`, `docs:`, `chore:`, `test:`).
+also update the matching tests and generated contract artifacts.
 
-## License
+## Security And Scientific Claims
 
-By submitting a contribution, you agree that your contributions are licensed under the Apache License 2.0 in this repository.
+Do not:
+
+- commit secrets, bearer tokens, or local credentials
+- present runtime readiness as scientific adequacy
+- present illustrative examples as regulatory-ready evidence
+- remove caveats, block reasons, or scope boundaries from trust-bearing outputs without replacing them with something stronger
+
+## Communication
+
+Use issues and pull requests for normal changes. For sensitive security problems, follow `SECURITY.md` instead of opening a public issue with exploit details.