Reports, not certificates — and proof packs that verify harder

Release: InvarLock 0.3.8 — The “evaluate” era + Transformers v5 compatibility

Highlights

• “Certificate” is now “report” everywhere (and evaluate replaces certify).
• Proof packs can now verify in strict mode (fail-closed when signatures/contents don’t match expectations).
• Compatibility updates for Transformers v5 + less noisy CI/release output.

This release is mostly about making the story of an InvarLock run easier to understand—both for you and for anyone reviewing what you produced. The big breaking change is the wording cleanup: “certificate” becomes report, and the CLI language converges on evaluate. It’s the kind of change that’s slightly annoying for a day, then quietly improves everything afterward.

Proof packs also get more confidence-building: strict verification can now fail closed when signatures are missing/invalid and when pack contents aren’t what they should be. If you’ve ever worried about “did I actually verify the exact thing I think I verified?”, this is aimed straight at that.

On the ecosystem side, this release also shores up Transformers v5 loading contracts and modernizes dtype/quantization config handling so upgrades are less fragile.

For more details, see CHANGELOG.md.