Just a quick note about the next release (2.2.8) of Tuskfish:

• Given the proliferation of AI-assisted attacks on software and supply chain ecosystems, I wanted to let people know that the Tuskfish code base has been proactively put through several rounds of security scanning and a structured evaluation by a strong AI model (Claude Code Opus 4.6). No serious issues were found, and to the best of my knowledge Tuskfish 2.2.7 is safe for production use.
• A few minor issues were found, which basically concern additional hardening, adding defense in depth and tidying up. These have now been patched and will be released in v2.2.8 sometime in the next week once I've had a chance to test them. You can grab them from main right now, if you like, but I suggest you wait.
• Additional evaluations are planned (not yet done) using a different model (Codex) will be conducted periodically as stronger models become available. So: We're not done with this, evaluations will become part of the process as new and stronger models become available.
• One new feature: Support for SMTP mail has been added, and I have ditched the native mail() function of PHP, which should make it easier to get email notifications up and running.

Coming soon: I will be developing a Docker Compose package that will allow automated deployment of Tuskfish with a one line command. I just did this for a new project and wow it just makes life so much easier.