itihas 1.5.0

Itihas — structured world history: civilizations, eras, events, historical figures, and calendar metadata
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

# Security Policy

## Scope

Itihas is a pure historical data library providing civilization, era, event, campaign, site, trade route, calendar, and figure metadata for Rust. The core library performs no I/O and contains no `unsafe` code.

## Attack Surface

| Area | Risk | Mitigation |
|------|------|------------|
| String processing | Unicode edge cases | Standard Rust string handling; no raw pointer ops |
| Serde deserialization | Crafted JSON | Enum validation via serde derive |
| Year lookups | Integer overflow on extreme years | Bounded by i32 range; no arithmetic overflow |
| Dependencies | Supply chain compromise | cargo-deny, cargo-audit in CI; minimal core deps |

## Supported Versions

| Version | Supported |
|---------|-----------|
| 1.x | Yes |
| 0.1.x | No |

## Reporting

- Contact: **security@agnos.dev**
- Do not open public issues for security vulnerabilities
- 48-hour acknowledgement SLA
- 90-day coordinated disclosure

## Design Principles

- Zero `unsafe` code
- No `unwrap()` or `panic!()` in library code — all errors via `Result`
- All public types are `Send + Sync` (compile-time verified)
- No network I/O in core library
- Minimal dependency surface (core depends only on serde, thiserror, tracing)