Back to blog

Gemma 4 pilot lanes with a clearer assurance contract

Ink/charcoal doodle: text and image lanes pass through a verification gate into a reviewed proof-pack folder.

InvarLock 0.6.0 adds a shipped Gemma 4 E2B text lane, phase-1 multimodal evaluation, and a unified `--assurance attested|trusted-local` workflow.

2 min read
InvarLock Team

Release: InvarLock 0.6.0 - Gemma 4 pilots, multimodal groundwork, and explicit assurance modes

Highlights

  • InvarLock now ships a Gemma 4 E2B text lane plus phase-1 multimodal evaluation support through the built-in hf_multimodal adapter and vision_text dataset provider.
  • The public execution contract is clearer: evaluate, verify, and report verify now align on --assurance attested|trusted-local, while networked downloads move to an explicit --allow-network flag on evaluate.
  • Proof packs and reports surface more reviewer context through evidence levels and reviewer summaries, with a round of fixes for multimodal reporting, dataset cache fallbacks, and trusted-local verification ergonomics.

0.6.0 is the first release where the Gemma 4 pilot lane and multimodal groundwork feel like part of the public surface instead of repo-only scaffolding. The shipped google/gemma-4-E2B-it text lane, the new hf_multimodal adapter, and the vision_text provider put image-text evaluation on a concrete path while keeping the support language explicit about what is still experimental and what remains deferred.

The other big change is vocabulary. 0.5.x tightened the fail-closed defaults, but the public docs and CLI still carried some split language around attested versus local execution. In 0.6.0, that is pulled into the clearer --assurance attested|trusted-local contract, with matching updates across evaluate, verify, report verify, and the docs/examples that teach those flows. For operators, that means the trust boundary is easier to see in both command lines and generated artifacts.

This release also makes the review surface calmer. Proof-pack manifests now carry evidence levels and reviewer summaries, multimodal reused-baseline reports keep their measured classification counts, and dataset loading can fall back to a writable cache when the default path is read-only. If you maintain scripts or docs around older --mode local language, or rely on pre-0.6.0 report-verify ergonomics, this is the release to re-check against the current docs and examples.

For the immutable release record, read the tagged CHANGELOG.md for v0.6.0.

More in Release

Continue through nearby posts in the same reading thread.

Release

GPT-OSS pilots with CUDA-ready attested lanes

InvarLock 0.7.0 adds first-class GPT-OSS support, pilot Ministral 3 8B/14B presets, and a CUDA-capable attested runtime path for GPU hosts.

Release

Attested smoke lanes with package-native proof-pack signing

InvarLock 0.5.1 adds a push-gated tiny attested smoke lane, a scheduled GPT-2 canary lane, and package-native Ed25519 proof-pack signatures.

Release

Standalone contract bundles with tighter release gates

InvarLock 0.7.1 makes wheel-only verify/report workflows first-class, ships a public contract bundle, and tightens supply-chain and release-validation gates.