Version: v0.0.63

v0.0.53 — Signature-by-default + scheduler legacy drop

Released: 2026-05-06.

`--require-signature` is now the default

honeyframe update enforces tarball + run.bin signature verification out of the box. After v0.0.52 (CircleCI signing pipeline now fires correctly, signed sidecars match the downloaded artifact), it is safe to make verification mandatory.

Operators upgrading from a pre-v0.0.52 unsigned tarball must pass --no-require-signature once to bridge the gap:

honeyframe update --no-require-signature   # only needed when bridging from < v0.0.52
honeyframe update                          # the new default — signed-only

Three regression tests guard the default so it can't silently flip back to opt-in.

Scheduler legacy tables drop

paas/scripts/migrations/drop_scheduler_legacy_tables.sql is now wired into the curated MIGRATIONS list — honeyframe update runs it on every tenant that picks up v0.0.53. Idempotent (DROP TABLE IF EXISTS); no-op on prod DWH (already clean from v0.0.29 fold), load-bearing for any tenant still holding pipeline_schedules / report_schedules.

--require-signature is now the default​

Scheduler legacy tables drop​

`--require-signature` is now the default

Scheduler legacy tables drop