flakestorm/RELEASE_NOTES.md

# Release Notes

## Version 0.9.1 - 24 Mutation Types Update

### 🎯 Major Update: Comprehensive Mutation Coverage

Flakestorm now supports **24 mutation types** for comprehensive robustness testing, expanding from the original 8 core types to cover advanced prompt-level attacks and system/network-level vulnerabilities.

### ✨ What's New

#### Expanded Mutation Types (24 Total)

**Core Prompt-Level Attacks (8 types):**
- Paraphrase - Semantic rewrites preserving intent
- Noise - Typos and spelling errors
- Tone Shift - Aggressive/impatient phrasing
- Prompt Injection - Basic adversarial attacks
- Encoding Attacks - Base64, Unicode, URL encoding
- Context Manipulation - Adding/removing/reordering context
- Length Extremes - Empty, minimal, or very long inputs
- Custom - User-defined mutation templates

**Advanced Prompt-Level Attacks (7 new types):**
- Multi-Turn Attack - Fake conversation history with contradictory turns
- Advanced Jailbreak - Sophisticated injection techniques (DAN, role-playing, hypothetical scenarios)
- Semantic Similarity Attack - Adversarial examples that look similar but have different meanings
- Format Poisoning - Structured data injection (JSON, XML, markdown, YAML)
- Language Mixing - Multilingual inputs, code-switching, mixed scripts
- Token Manipulation - Tokenizer edge cases, special tokens, boundary attacks
- Temporal Attack - Impossible dates, outdated references, temporal confusion

**System/Network-Level Attacks (9 new types):**
- HTTP Header Injection - Header manipulation and injection attacks
- Payload Size Attack - Extremely large payloads, memory exhaustion
- Content-Type Confusion - MIME type manipulation and format confusion
- Query Parameter Poisoning - Parameter pollution and query-based injection
- Request Method Attack - HTTP method confusion and manipulation
- Protocol-Level Attack - Request smuggling, chunked encoding, protocol confusion
- Resource Exhaustion - CPU/memory exhaustion, infinite loops, DoS patterns
- Concurrent Request Pattern - Race conditions, concurrent state manipulation
- Timeout Manipulation - Slow processing, timeout-inducing patterns

### 🔧 Improvements

- **Comprehensive Testing Coverage**: All 24 mutation types are fully implemented with templates and default weights
- **Updated Documentation**: README and Usage Guide now reflect all 24 mutation types
- **Enhanced Test Suite**: Test coverage expanded to validate all 24 mutation types
- **Production Status**: Updated development status to Production/Stable

### 📚 Documentation Updates

- README.md updated to reflect 24 mutation types with clear categorization
- Usage Guide includes detailed explanations of all mutation types
- Test suite (`tests/test_mutations.py`) now validates all 24 types

### 🐛 Bug Fixes

- Fixed mutation type count inconsistencies in documentation
- Updated test assertions to cover all mutation types

### 📦 Technical Details

- All 24 mutation types have:
  - Complete template definitions in `src/flakestorm/mutations/templates.py`
  - Default weights configured in `src/flakestorm/mutations/types.py`
  - Display names and descriptions
  - Full test coverage

### 🚀 Migration Guide

No breaking changes. Existing configurations continue to work. The default mutation types remain the original 8 core types. To use the new advanced types, add them to your `flakestorm.yaml`:

```yaml
mutations:
  types:
    - paraphrase
    - noise
    - tone_shift
    - prompt_injection
    - encoding_attacks
    - context_manipulation
    - length_extremes
    - custom
    # Add new types as needed:
    - multi_turn_attack
    - advanced_jailbreak
    - semantic_similarity_attack
    # ... and more
```

### 📊 Impact

This update significantly expands Flakestorm's ability to test agent robustness across:
- **Security vulnerabilities** (advanced jailbreaks, protocol attacks)
- **Input parsing edge cases** (format poisoning, token manipulation)
- **System-level attacks** (resource exhaustion, timeout manipulation)
- **Internationalization** (language mixing, character set handling)

### 🙏 Acknowledgments

Thank you to all contributors and users who have helped shape Flakestorm into a comprehensive chaos engineering tool for AI agents.

---

**Full Changelog**: See [GitHub Releases](https://github.com/flakestorm/flakestorm/releases) for detailed commit history.
Update to 24 mutation types: Add release notes, update development status to Production/Stable, and expand test coverage for all mutation types 2026-01-15 15:04:10 +08:00			`# Release Notes`

			`## Version 0.9.1 - 24 Mutation Types Update`

			`### 🎯 Major Update: Comprehensive Mutation Coverage`

			`Flakestorm now supports 24 mutation types for comprehensive robustness testing, expanding from the original 8 core types to cover advanced prompt-level attacks and system/network-level vulnerabilities.`

			`### ✨ What's New`

			`#### Expanded Mutation Types (24 Total)`

			`Core Prompt-Level Attacks (8 types):`
			`- Paraphrase - Semantic rewrites preserving intent`
			`- Noise - Typos and spelling errors`
			`- Tone Shift - Aggressive/impatient phrasing`
			`- Prompt Injection - Basic adversarial attacks`
			`- Encoding Attacks - Base64, Unicode, URL encoding`
			`- Context Manipulation - Adding/removing/reordering context`
			`- Length Extremes - Empty, minimal, or very long inputs`
			`- Custom - User-defined mutation templates`

			`Advanced Prompt-Level Attacks (7 new types):`
			`- Multi-Turn Attack - Fake conversation history with contradictory turns`
			`- Advanced Jailbreak - Sophisticated injection techniques (DAN, role-playing, hypothetical scenarios)`
			`- Semantic Similarity Attack - Adversarial examples that look similar but have different meanings`
			`- Format Poisoning - Structured data injection (JSON, XML, markdown, YAML)`
			`- Language Mixing - Multilingual inputs, code-switching, mixed scripts`
			`- Token Manipulation - Tokenizer edge cases, special tokens, boundary attacks`
			`- Temporal Attack - Impossible dates, outdated references, temporal confusion`

			`System/Network-Level Attacks (9 new types):`
			`- HTTP Header Injection - Header manipulation and injection attacks`
			`- Payload Size Attack - Extremely large payloads, memory exhaustion`
			`- Content-Type Confusion - MIME type manipulation and format confusion`
			`- Query Parameter Poisoning - Parameter pollution and query-based injection`
			`- Request Method Attack - HTTP method confusion and manipulation`
			`- Protocol-Level Attack - Request smuggling, chunked encoding, protocol confusion`
			`- Resource Exhaustion - CPU/memory exhaustion, infinite loops, DoS patterns`
			`- Concurrent Request Pattern - Race conditions, concurrent state manipulation`
			`- Timeout Manipulation - Slow processing, timeout-inducing patterns`

			`### 🔧 Improvements`

			`- Comprehensive Testing Coverage: All 24 mutation types are fully implemented with templates and default weights`
			`- Updated Documentation: README and Usage Guide now reflect all 24 mutation types`
			`- Enhanced Test Suite: Test coverage expanded to validate all 24 mutation types`
			`- Production Status: Updated development status to Production/Stable`

			`### 📚 Documentation Updates`

			`- README.md updated to reflect 24 mutation types with clear categorization`
			`- Usage Guide includes detailed explanations of all mutation types`
			- Test suite (`tests/test_mutations.py`) now validates all 24 types

			`### 🐛 Bug Fixes`

			`- Fixed mutation type count inconsistencies in documentation`
			`- Updated test assertions to cover all mutation types`

			`### 📦 Technical Details`

			`- All 24 mutation types have:`
			- Complete template definitions in `src/flakestorm/mutations/templates.py`
			- Default weights configured in `src/flakestorm/mutations/types.py`
			`- Display names and descriptions`
			`- Full test coverage`

			`### 🚀 Migration Guide`

			No breaking changes. Existing configurations continue to work. The default mutation types remain the original 8 core types. To use the new advanced types, add them to your `flakestorm.yaml`:

			```yaml
			`mutations:`
			`types:`
			`- paraphrase`
			`- noise`
			`- tone_shift`
			`- prompt_injection`
			`- encoding_attacks`
			`- context_manipulation`
			`- length_extremes`
			`- custom`
			`# Add new types as needed:`
			`- multi_turn_attack`
			`- advanced_jailbreak`
			`- semantic_similarity_attack`
			`# ... and more`
			```

			`### 📊 Impact`

			`This update significantly expands Flakestorm's ability to test agent robustness across:`
			`- Security vulnerabilities (advanced jailbreaks, protocol attacks)`
			`- Input parsing edge cases (format poisoning, token manipulation)`
			`- System-level attacks (resource exhaustion, timeout manipulation)`
			`- Internationalization (language mixing, character set handling)`

			`### 🙏 Acknowledgments`

			`Thank you to all contributors and users who have helped shape Flakestorm into a comprehensive chaos engineering tool for AI agents.`

			`---`

			`Full Changelog: See [GitHub Releases](https://github.com/flakestorm/flakestorm/releases) for detailed commit history.`