Gloria v4.4.0

Release v4.4.0 Gloria JIT

Control Flow

• while loops – conditional iteration based on variable value. Loop body executes while condition variable is non-zero. Supports variable assignment (=, +=, -=) and builtin calls inside loop body.

Memory Access

• peek(address) – reads 16-bit value from specified memory address. Address can be immediate integer or variable.
• poke(address, value) – writes 16-bit value to specified memory address. Both arguments can be immediates or variables.

I/O Ports (x86-64)

• in8(port) – reads byte from I/O port. Returns zero-extended value.
• out8(port, value) – writes byte to I/O port.

VGA Framebuffer Output

• print(string) when compiled for bare-metal emits directly to VGA framebuffer at 0xB8000.
• Uses green text attribute (0x0A).
• Register R15 is reserved as VGA cursor offset, preserved across function calls.
• Escape sequences \n and \t are parsed and converted to control characters.

Register Constants

Register constants added for codegen clarity: regRAX(0), regRCX(1), regRDX(2), regRBX(3), regRSP(4), regRBP(5), regRSI(6), regRDI(7), regR8(8), regR9(9), regR10(10), regR11(11), regR12(12), regR13(13), regR14(14), regR15(15).

Internal Changes

• emitLowLevelPrint now accepts kernelMode flag – syscall version for userspace, VGA version for bare-metal.
• emitPushReg and emitPopReg support extended registers R8-R15.
• emitBareMetalPrint writes string directly to VGA framebuffer.
• emitMovMemToReg64 and emitMovRegToMem64 added for arbitrary memory access.
• parseStringLiteral handles escape sequences at compile time.

Testing

• patchVGA() replaces 0xB8000 constant with heap-allocated fake VGA buffer for test environment.
• dumpVGA() renders VGA buffer to stdout using syscall.Write (zero allocations).

ForgeZero v4.3.0 — “Gloria” JIT Compiler Engine Integration

ForgeZero v4.3.0 delivers the largest low-level architectural upgrade in the project’s history.

This release introduces Gloria — a native, multi-pass programming language and raw x86_64 JIT execution engine integrated directly into the fz toolchain. Gloria is designed for deterministic performance, direct hardware-level execution, and zero-allocation hot paths.

With this release, ForgeZero can now dynamically compile, link, and execute native machine code in microseconds with virtually no runtime overhead.

---

Highlights

Gloria Native JIT Engine

• Added a fully integrated multi-pass compiler architecture
• Implemented advanced symbol resolution and forward declaration handling
• Added support for complex dependency graphs and recursive call structures

Raw x86_64 Execution

• Introduced direct machine code generation and execution
• Added optimized executable memory page handling via mmap
• Eliminated intermediate VM/runtime abstraction layers

System V AMD64 ABI Support

Native argument mapping now follows the official System V AMD64 ABI:

• rdi
• rsi
• rdx
• rcx
• r8
• r9

This enables direct register-level execution with minimal dispatch overhead.

Zero-Allocation Linker Improvements

• Reworked symbol table traversal pipeline
• Removed heap allocations from undefined symbol detection paths
• Improved deterministic execution behavior under heavy workloads

x86_64 Linker Stability Fixes

• Fixed object ordering inconsistencies during deduplication
• Improved relocation stability and binary reproducibility
• Resolved multiple edge cases in low-level linking logic

---

Example

fn add(a, b) {
    return a + b;
}

fn main() {
    return add(40, 2);
}

Run instantly:

fz -gloria test.glo

Output:

42

Executed directly through the native x86_64 JIT backend.

---

Release Summary

ForgeZero v4.3.0 transforms the project from a traditional systems toolchain into a fully dynamic native execution platform capable of generating and executing raw machine code at runtime with near bare-metal efficiency.

Release v4.2.0

What's New in v4.2.0

This release focuses on three major areas: full CGO removal for cross-platform portability,
deep performance optimizations across the entire build pipeline, and a significant benchmark
lead over Ninja.

---

Benchmark

Tested against Ninja on a 1000 C-module project:

Tool	Mean Time	Range	Runs
fzt	637.3 ms	626.6 ms - 685.5 ms	10
ninja	1.813 s	1.800 s - 1.834 s	10

fzt is 2.84x faster than Ninja.

---

CGO Removal and Cross-platform Support

ForgeZero no longer depends on CGO at the entrypoint or in the plugin loader.
A pure Go parameter passing interface (GoContext) replaces the old C-coupled signatures,
and platform-specific loaders are now properly split by build tag:

• Native Windows DLL loader implemented via syscall, zero CGO dependency
• Unix dynamic loader restricted to CGO build tag
• Fallback no-op loader for non-CGO builds
• C module structs aligned to 64-byte cache lines to eliminate false sharing

---

Performance

Assembler

• Hot path whitespace trimming and comment stripping rewritten with SIMD and branchless lookups
• Parser recycling via sync.Pool to minimize runtime allocation churn
• splitArgs transformed into a parser method with pre-allocated slice recycling
• Compiler flags parsed once using sync.Once lazy initialization
• Branchless unrolled FastCopy implemented with unsafe pointers

Linker

• Co-located on-disk symbol cache introduced to bypass nm utility execution entirely
• Object deduplication simplified with native Go map, legacy mmap routines removed
• Response file generation refactored to use bufio, f.Sync eliminated

Builder

• Slice allocations eliminated and CleanDir deduplicated
• Source discovery optimized using WalkDir with folder skipping
• Zero-allocation log trace copy loops in task dispatch worker

Utils

• Unused pools purged, digest-to-string byte conversions optimized
• macOS mmap interfaces updated with low-level write procedures
• SYS_OPENAT unix hash digest loops streamlined with defer cleanup
• Raw file hashing resource management tuned for macOS
• Fallback file hashing stubs updated for non-UNIX targets

---

Commits

Performance

Hash	Scope	Description
80d5493	asm	rewrite hot path with SIMD and branchless lookups
a72f905	asm	implement parser recycling via sync.Pool
75f2ed6	asm	transform splitArgs into parser method with slice recycling
7e27b76	asm	parse compiler flags once using sync.Once
9d6055f	asm	optimize hft assembly pipeline configuration
a62909e	asm	implement branchless unrolled FastCopy with unsafe pointers
9ff847b	linker	implement co-located on-disk symbol cache
4b39fde	linker	avoid double memory allocation in runLinkerCombinedOutput
4addb5f	builder	eliminate slice allocations and deduplicate CleanDir
1cb0ac2	builder	optimize source discovery using WalkDir and folder skipping
e63edec	builder	implement zero-allocation log trace copy loops
13dfaa3	seal	optimize module integration and allocation hot paths
0351f7b	utils	purge unused pools and optimize digest-to-string conversions
4fec4d8	utils	update macOS mmap interfaces with low-level write procedures
193d15e	utils	streamline SYS_OPENAT unix hash digest loops with defer cleanup
eff45c3	utils	tune raw file hashing resource management for macOS
a41d8de	utils	add filepath.SkipDir support in SYS_GETDENTS64 walker
2cf3569	cplugin	align C module definitions to 64-byte cache lines
b5b7984	cmd	parallelize single-process CLI scheduling

Features

Hash	Scope	Description
8b740fa	cplugin	introduce GoContext for pure Go parameter passing

Refactor

Hash	Scope	Description
26d38ec	linker	simplify object deduplication with native Go map
86e0eb3	linker	refactor response file generation to use bufio
edd1a6c	cplugin	remove legacy loader.go in favor of platform-specific split
f8c0112	main	completely remove CGO dependencies and import 'C' from entrypoint
3d22983	cmd	streamline execution and config initialization

Ports

Hash	Scope	Description
739c2bf	cplugin	implement fallback no-op loader for non-CGO builds
97411d8	cplugin	adapt Windows DLL loader to use GoContext signature
7eee6f2	cplugin	restrict Unix dynamic loader to cgo build tag
df53507	cplugin	implement native Windows DLL loader using syscall

Chore / Tests

Hash	Scope	Description
7c569c0	utils	update fallback file hashing stubs for non-UNIX targets
8840fbf	example	scale C-module benchmark suite to 1000 modules
dff3e60	—	ignore release scripts and local build artifacts
dfd43b0	—	ignore benchmark JSON dumps and stress-test binaries

Release v4.1.0: Citadel

The Zero-Allocation Standard for Low-Level Build Orchestration

Overview

This release establishes absolute memory efficiency and deterministic execution across all critical paths in ForgeZero. The linker hot-path has been refactored to eliminate residual heap allocations, and the build engine now operates with zero GC pressure.

The filesystem abstraction layer has been hardened, platform-specific syscall drivers have been implemented, and cross-platform compilation targets have been validated. ForgeZero now operates at hardware-limited throughput with strictly deterministic latency.

Performance & Benchmarks

• Zero-Allocation Orchestration:
  Complete removal of heap allocations in the linker hot-path. copyFileHot micro-benchmark confirms 0 allocs/op and 0 B/op.

• Throughput:
  Sustained copy throughput at hardware limits (~1.18 GB/s on Intel i5-10310U) with zero GC interference.

• Pipeline Comparison (ForgeZero vs traditional build pipelines):

  Modules ForgeZero (fz) Traditional (make -j4) Speedup
  20 19.3 ± 1.2 ms 45.4 ± 2.3 ms 2.35×
  50 31.1 ± 1.3 ms 85.0 ± 2.1 ms 2.73×
  100 57.0 ± 5.3 ms 185.5 ± 7.7 ms 3.25×
  150 73.1 ± 4.3 ms 229.3 ± 3.6 ms 3.14×

• Direct Linker Bypass:
  Introduced -ld flag to bypass compiler validation layers and invoke the linker directly, reducing orchestration overhead.

HADES Engine & Codegen

• ELF emitter refactor:
  Corrected .symtab generation order. Local symbols now precede global symbols, ensuring strict linker compliance and valid relocation tables.

• Absolute relocations:
  Fixed call and jmp offset calculation. Transition targets are now resolved deterministically (verified via factorial execution test, exit code 120).

• Instruction parsing:
  Enhanced lexer/parser boundary checks. CPU instructions are now strictly differentiated from user-defined labels, preventing object file corruption.

• Stack-buffered syscalls:
  Implemented openHot and unlinkHot using fixed-size stack buffers for UTF-8 path conversion, eliminating os.File and path/filepath heap overhead in hot loops.

AEGIS: Security & Autonomy

• TOCTOU and path traversal mitigation:
  Hardened fz pm and VFS resolution logic. Introduced secureVendorPath and explicit symlink validation to prevent directory escape and race conditions.

• Atomic SBOM generation:
  Internal AEGIS helpers now produce atomic Software Bill of Materials artifacts during the sealing phase.

• Zero-dependency build:
  Full offline compilation support with no external network calls or dynamic configuration fetching required for standard build operations.

• Parser integrity:
  Added structural validation guards to prevent malformed AST generation and silent fallback degradation.

Multi-Platform Support

• Platform-specific drivers implemented via build tags (//go:build linux, windows, darwin):

  Linux:
  Direct SYS_OPENAT and SYS_UNLINKAT syscalls.

  Windows:
  Native CreateFile, ReadFile, and WriteFile via golang.org/x/sys/windows, bypassing os package abstractions.

  Darwin/macOS:
  Stubbed syscall layer to preserve build integrity on non-Linux targets.

• Cross-architecture validation:
  Verified builds for amd64 and arm64 across all supported operating systems.

CI & Quality Assurance

• Allocation regression suite:
  Continuous benchmarking for Linux and Windows targets to enforce zero-allocation guarantees in critical paths.

• Static analysis:
  100% compliance with golangci-lint under strict configuration. No lint warnings or static defects.

• Deterministic output:
  Reproducible builds verified across multiple architecture targets.

If you find an allocation in our hot paths, it is a bug.

ForgeZero 4.0.1 — Bare Metal + HADES

ForgeZero 4.0 is the largest architectural update since the 3.x series.

This release expands ForgeZero beyond a traditional build tool, introducing bare-metal build support, a zero-allocation execution path, autonomous embedded toolchains, and a new native execution layer powered by HADES.

Version 4.0.1 includes immediate stabilization fixes and fully verified cross-platform release binaries.

---

Highlights

Bare-Metal Build Support

ForgeZero now supports direct Flat Binary generation for bootloaders and low-level systems development.

fz -asm boot.asm -format bin -out boot.bin

Features:

• Flat Binary output via -format bin
• automatic ELF linker bypass
• automatic NASM/FASM flat-binary configuration
• exact binary layout preservation
• QEMU-ready output

This enables direct bootloader and kernel image generation without manual linker setup.

---

Zero-Allocation Hot Path

Critical internal execution paths were redesigned around a zero-allocation model.

Benchmark:

BenchmarkHashFile100MB-8    12    83550422 ns/op    1005 B/op    0 allocs/op

Performance:

• ~83.5 ms per 100 MB
• ~1.2 GB/s throughput
• stable 0 allocs/op

Improvements include:

• stack-based buffer allocation
• removal of fmt and log from hot paths
• direct syscall-based reporting
• reduced GC pressure
• improved runtime predictability

---

Embedded Autonomous Toolchain

ForgeZero no longer depends on external assembler installations.

Included:

• NASM embedded via //go:embed
• FASM embedded via //go:embed
• in-memory execution via memfd_create on Linux
• protected temporary extraction on Windows
• hermetic toolchain resolution without PATH trust

---

HADES Execution Core

ForgeZero 4 introduces HADES, a native execution subsystem for direct machine code execution.

Capabilities:

• zero-copy native code execution via ExecRaw()
• isolated executable memory
• stack-safe execution trampolines
• instruction cache coherency safeguards via msync

---

Gloria JIT (Experimental)

Experimental JIT pipeline for native code generation.

Features:

• C + Assembly → native machine code
• direct execution through HADES
• foundation for future runtime code generation workflows

---

Build System Improvements

• Shadow Cache with hard-link deduplicated artifacts
• mmap-backed response files
• programmable pre/post build hooks
• deterministic binary stripping
• fail-closed error handling
• zero linter issues

---

4.0.1 Stabilization Fixes

This patch finalizes the 4.0 release and restores full cross-platform build compatibility.

Fixes include:

• corrected platform-specific sealing implementation
• resolved Linux syscall portability issues
• fixed OS-specific compilation boundaries
• restored full multi-platform release generation

---

Verified Release Targets

Successfully built and verified for:

• linux/amd64
• linux/arm64
• windows/amd64
• darwin/amd64
• darwin/arm64

Release binaries generated successfully for all targets.

---

Validation

Passed:

• go test ./...
• go test -race ./...
• integration tests
• release benchmark verification

ForgeZero 4 marks the transition from a build tool toward a bare-metal capable, zero-dependency native systems platform.

ForgeZero v3.1.0 "AEGIS" — Sovereign Engineering Update

ForgeZero v3.1.0 “AEGIS”

Sovereign Engineering Update

The Hardening Release.

ForgeZero v3.1.0 establishes a hardened execution and verification foundation across the full sovereign toolchain.

Major milestone: ForgeZero now supports native Windows operation without WSL, with a dedicated filesystem backend and platform-specific security guarantees.

Highlights

Native Windows Support (No WSL Required)

• Full native Windows support without WSL dependency
• Native Windows Virtual FileSystem backend
• Drive-letter normalization and path canonicalization
• UNC path validation and rejection of unsafe network paths
• Retry-safe close-then-rename semantics
• .exe / .bat executable resolution parity

Virtual FileSystem (VFS)

• Native Unix and Windows backends
• Verified file access with TOCTOU protection (Lstat + SameFile)
• Secure symlink handling
• Root-boundary enforcement
• Injectable filesystem for deterministic testing

Execution Security

• Unified RunCommand / RunCommandOutput hardened pipeline
• Secure executable discovery via LookExecutable()
• CLI path validation and traversal rejection
• Atomic writes for builds, manifests, and updates
• Constant-time checksum verification
• Fail-closed integrity model

Verification & Supply Chain

• Secure manifest reads and atomic manifest generation
• Hardened verify engine with constant-time hash comparison
• Expanded SBOM and vendor integrity enforcement
• Explicit degraded-hash warnings for external symlinked dependencies

New: fz doctor

System diagnostics and environment verification.

Checks:

• Toolchain availability (zig, fasm, wasm-ld)
• Filesystem permissions
• Root accessibility
• Platform and runtime diagnostics
• VFS backend reporting

Modes:

• fz doctor
• fz doctor --json
• fz doctor --root <path>

CLI Improvements

• Sovereign multi-line version manifest (fz -v)
• Redesigned Aegis help system (fz -h)
• Expanded security and integrity documentation

Validation

• go test ./... — PASS
• go test -race ./... — PASS
• GOOS=windows go build ./... — PASS

Coverage Highlights

• pkgman — 91.5%
• fs — 91.7%
• doctor — 90.8%
• config — 91.7%
• watcher — 91.1%
• verify — 84.0%
• utils — 83.1%

Specifications

• Hardness: Pentagon-grade reliability
• Sovereignty: 100% independent toolchain
• Safety: Memory-safe and execution-safe

Alex Voste
ForgeZero Core Team

(c) 2026. AEGIS is live.

ForgeZero v3.0.0 Gloria: The Sovereign Engineering Update

ENGINEERING SPECIFICATIONS:

• TOOLCHAIN: Integrated native Zig backend for memory-safe C/C++ cross-compilation.
• SECURITY: Full SAST Audit engine (Secret scanning, License compliance, Pattern analysis).
• SUPPLY CHAIN: CycloneDX SBOM generation with BLAKE3 cryptographic integrity.
• RELIABILITY: Thread-safe core (Race-detected) and strict error handling.
• REPRODUCIBILITY: Hardware-independent deterministic builds (Zero-entropy binaries).
• UTILITIES: Added 'fz verify' (Integrity check) and 'fz bench' (NS-precision profiling).
• COMPATIBILITY: Expanded support for FASM (ELF64) and WASM (wasm32-wasi).

MISSION:
To provide absolute sovereignty over the build process, eliminating external toolchain dependencies and ensuring binary integrity at every stage of the lifecycle.

Copyright (c) 2026 Alex Voste. All rights reserved.
MIT License | ForgeZero Core Team

fz 2.1.0 – improved catalog reliability, fallback URLs, env override

🔧 Fixes & improvements:

• Add multi‑URL catalog fetching with fallback (official GitHub → custom mirror)
• Add FZ_CATALOG_URL environment variable to override catalog location
• Fix TLS/unexpected EOF errors when accessing raw.githubusercontent.com
• Add timeout (10s) and proper error handling for catalog requests
• Show warnings on failed attempts but continue to next URL

📦 Install: go install github.com/forgezero-cli/ForgeZero/cmd/fz@latest

fz 2.0.0 NEXUS – Performance, Package Management, and Cross‑Compilation

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✨ Major New Features
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

• BLAKE3 file hashing – 7x faster cache (10 MB: 58ms → 8.7ms)
• Package manager (fz pm) – add, remove, list, update, catalog, search, install
• Central package catalog – community-driven JSON registry
• Shared library support – -shared, -cc-flag, -ld-flag
• Cross‑compilation – -target for ARM, RISC‑V, x86_64, i386
• Static libraries – -type static / -lib (build .a archives)
• LSP support – -compile-commands generates compile_commands.json
• Interactive shell – fz -shell with full build commands
• Linker scripts and text address – -T, -Ttext

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔧 Improvements & Fixes
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

• Parallel builds (-j N) for multi‑core acceleration
• Unique object file names (no more collisions)
• All golangci-lint warnings fixed (errcheck, govet, ineffassign)
• High test coverage: utils 84%, linker 60%, assembler 60%, builder 56%
• Context and timeouts for all network/git operations
• Improved pm remove – cleans empty parent directories and .fz.yaml
• Hash verification for catalog packages (BLAKE3)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📦 Install
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

go install github.com/forgezero-cli/ForgeZero/cmd/fz@latest

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🌐 Resources
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Repository: https://github.com/forgezero-cli/ForgeZero
Package catalog: https://github.com/forgezero-cli/catalog
Documentation: https://github.com/forgezero-cli/ForgeZero#readme

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Thank you for using fz! 🚀

fz v1.9.2 – version bump and final lint fixes

🔧 Changes since v1.9.0:

• Fixed all errcheck, govet, ineffassign warnings
• Added error handling for storeCache, json.Encode, w.Add, os.Rename, os.Chmod
• Fixed test errors (os.Chdir, os.MkdirAll, os.Create, buf.ReadFrom)
• Updated dependencies
• Bumped version to 1.9.2 (v1.9.1 was missing version update)

🧪 All tests pass, golangci-lint clean.

📦 Install: go install github.com/forgezero-cli/ForgeZero/cmd/fz@latest