omnipkg v1.5.4 - Enhanced Stability

This release focuses on improving stability, particularly for developers on Windows and those using Conda environments.

What's New ✨

• 🛡️ Enhanced Conda Stability: All output related to the Conda auto-healing mechanism is now wrapped in safe_print(). This resolves UnicodeEncodeError crashes that could occur on Windows systems, ensuring the corruption repair process runs smoothly across all platforms.

• 🔧 Smarter Developer Self-Healing: The _self_heal_omnipkg_installation logic has been rebuilt. It now uses a more robust method to check the omnipkg version in the target Python context, creating a clean environment for the check that is not influenced by the parent shell's PYTHONPATH. This prevents false positives and ensures that developer environments are always correctly synchronized.

A Note on pip Vulnerability GHSA-4xh5-x5gv-qwph

As part of our security workflow, we have identified a known vulnerability (GHSA-4xh5-x5gv-qwph) present in all current versions of pip.

• The Issue: The vulnerability involves a race condition that can be exploited when installing packages from a malicious, attacker-controlled source distribution (sdist).
• Our Mitigation: The omnipkg build and CI process only installs packages from trusted sources (PyPI and the local project directory), which significantly mitigates the risk of exploitation.
• Our Action: A patched version of pip (expected in v25.3) has not yet been released. Therefore, we are temporarily ignoring this specific vulnerability within our security audit to prevent unnecessary build failures. We will remove this exception as soon as a patched version of pip is released and stable.