v0.5.0 Release Notes
ObsidianWall Verdict v0.5.0 — shipped June 18, 2026. Seven commands, four analyzer domains, compliance coverage mapping, and policy simulation.
ObsidianWall Verdict v0.5.0
Shipped June 18, 2026.
737 tests. 93.26% coverage.
Commands
verdict evaluate Terraform and CloudFormation auto-detect
verdict coverage HIPAA, SOC 2, CIS v8, NIST AI RMF mapping
verdict simulate Technical Risk + Governance Risk display
verdict sentinel Post-deployment verification
verdict validate Policy schema validation
verdict test Policy regression testing
verdict audit Governance history and insights
What’s New in v0.5.0
Compliance coverage mapping
verdict coverage maps your policy conditions against HIPAA, SOC 2, CIS v8, and NIST AI RMF, showing exactly which controls are covered and which are missing — before an auditor finds the gap.
Technical Risk and Governance Risk as separate dimensions
Every evaluation now reports two distinct risk scores. A deployment can carry Technical Risk of 0 and Governance Risk of Critical simultaneously — these measure different things and are reported separately rather than blended into one number.
Policy simulation without a real plan
verdict simulate tests governance decisions against synthetic context, letting you validate policy logic before you have a real Terraform plan or CloudFormation template to evaluate against.
CloudFormation auto-detection
Verdict now auto-detects whether an input file is a Terraform plan or a CloudFormation template (JSON or YAML) — no --format flag required. 135 AWS resource mappings included.
GitHub Action, SHA-pinned
The ObsidianWall Verdict GitHub Action is published to the GitHub Marketplace, SHA-pinned for supply-chain integrity.
- name: ObsidianWall Verdict
uses: ObsidianWall/obsidianwall-verdict@v0.5.0
with:
plan: terraform_plan.json
policy: policies/cost/budget.yaml
role: engineer
fail_on_deny: "true"
Five Governance Decisions
| Decision | Meaning |
|---|---|
ALLOW |
All conditions passed. Deployment authorized. |
ALLOW_WITH_NOTIFICATION |
Conditions passed. Stakeholders notified. |
ALLOW_WITH_APPROVAL_REQUIRED |
Conditions passed. Formal approval required. |
DENY_WITH_OVERRIDE |
Conditions failed. Authorized role may override. |
DENY |
Conditions failed. No override path. Hard block. |