0.3.5

What's Changed

• Test all default rulesets by @juli1 in #361
• [STAL-2082] Ignore generated files by @juli1 in #364
• [STAL-2148] Fix flaky CI test by @jasonforal in #368
• [STAL-1960] Add tree-sitter query wrapper by @jasonforal in #366
• Use a member function of PathConfig to check if the path config allows a file. by @jacobotb in #369
• Move argument provider to its own file. by @jacobotb in #370
• [STAL-2019] ci: add action to test for regressions by @amaanq in #365
• [STAL-1960] Add generic Rust <> v8 data structures by @jasonforal in #374
• [STAL-1960] Introduce ddsa JsRuntime by @jasonforal in #381
• [STAL-2139] Ignore rules for the whole file by @juli1 in #376
• Split configuration data object and parsing code by @jacobotb in #371
• [STAL-1960] Introduce patterns for refactored JavaScript modules by @jasonforal in #382
• [STAL-1960] Introduce bridge design; implement ddsa context by @jasonforal in #384
• [STAL-1960] Chore: update naming convention by @jasonforal in #386
• [STAL-1960] Add ddsa FileContextGo by @jasonforal in #385
• [STAL-1960] Add bridge for (TsSymbol <> Name) mappings by @jasonforal in #387
• Add a specific type for values that depend on the subtree by @jacobotb in #372
• fix(analyzer): fix 'lines to ignore' parsing functionality by @robertohuertasm in #388
• Add the ability to call other endpoints with JWT tokens. by @jacobotb in #373
• [STAL-1960] Implement ddsa TreeSitterNode + bridge by @jasonforal in #390
• [STAL-1960] Implement ddsa NamedCapture by @jasonforal in #391
• [STAL-1960] Implement ddsa Violation bridge by @jasonforal in #392
• [STAL-2179] Add better error message for ruleset fetch failure by @amaanq in #395
• [STAL-1960] Implement ddsa QueryMatch + bridge by @jasonforal in #393
• [STAL-1960] Implement ddsa JsRuntime scoped execution by @jasonforal in #398
• [STAL-1960] Return TreeSitterNode instances from QueryMatch get and getMany by @jasonforal in #399
• [STAL-1960] Implement compatibility layer with Stella for QueryMatch. by @jasonforal in #400
• [STAL-1960] Implement ddsa JsRuntime rule execution by @jasonforal in #402
• [STAL-1960] Implement compatibility layer for Stella visit function by @jasonforal in #403
• [STAL-1960] Address various bugs by @jasonforal in #408
• Fix overly-restrictive lifetime of tree_sitter::Node during ops by @jasonforal in #405
• [STAL-1960] Add functionality to configure a v8 isolate's default context by @jasonforal in #404
• [STAL-1960] Add console.log tests, special TreeSitterNode serialization by @jasonforal in #407
• [STAL-1960] Add ability to fetch tree-sitter node children from JavaScript by @jasonforal in #415
• [STAL-2335] ci: fix error when multiple repos have potential regressions detected by @amaanq in #406
• [STAL-2296] fix: improve test-rules script with retries and better error handling by @amaanq in #411
• Filter invalid violations for SARIF report by @juli1 in #401
• [STAL-1960] Fix performance issues introduced by creating new v8 Contexts by @jasonforal in #416
• [STAL-2337] feat: add Starlark support by @amaanq in #413
• [STAL-1906] feat: add Dockerfile + ci workflow to publish to GHCR by @amaanq in #383
• Update op to only return named children by @jasonforal in #417
• Fix ddsa node_type_id to match stella semantics by @jasonforal in #419
• [STAL-1960] Optimize memory usage of JS timeout functionality by @jasonforal in #412
• Fix null check in JavaScript by @jasonforal in #420
• [STAL-1960] Implement TsLanguageContext by @jasonforal in #423
• [STAL-1960] Implement "field name" for tree-sitter node children by @jasonforal in #424
• [STAL-2338] feat: add Bash support by @amaanq in #414
• [STAL-2336] Include paths configuration for diff-aware hash by @juli1 in #418
• Change ddsa rule script template to properly initialize local variables by @jasonforal in #425
• Add various ddsa compatibility workarounds for the stella syntax by @jasonforal in #426
• [STAL-2289] feat: add terraform file context helper in the JS code by @amaanq in #409
• remove secrets features by @juli1 in #427
• [STAL-1960] Enable ddsa as a feature flag by @jasonforal in #428
• Add stopgap cache clearing for ddsa on the analyzer server by @jasonforal in #429
• Release 0.3.5 by @jasonforal in #430

Full Changelog: 0.3.4...0.3.5

0.3.4

What's Changed

• Test tree-sitter 0.22.6 by @juli1 in #353
• update cc dependency by @juli1 in #356
• show rule that fails to convert by @juli1 in #357
• Test rules in staging and prod by @juli1 in #355
• [STAL-1863] fix: update c-sharp grammar for parsing improvements by @amaanq in #344
• fix: correct workflow step name for staging rules by @amaanq in #358
• [STAL-2057] Hardcode include testing rules in CLI by @modernplumbing in #359
• Release 0.3.4 by @amaanq in #360

Full Changelog: 0.3.3...0.3.4

Release 0.3.3

What's Changed

• [STAL-2002] Add documentation by @juli1 in #342
• [STAL-1686] Add is_testing to rules by @modernplumbing in #339
• Use higher-level constructs for configuration serializer/deserializer. by @jacobotb in #341
• [STAL-2027] Preparing 0.3.3 by @modernplumbing in #345
• [STAL-2007] debug static analyzer by @juli1 in #348
• Fix OWASP benchmark changes by @juli1 in #352
• [STAL-2007] Handle branch from Gitlab pipelines by @juli1 in #350
• [STAL-1686] Follow-up for handling rules marked as is_testing by @modernplumbing in #349
• [STAL-2007] remove repository url from logs by @juli1 in #354

New Contributors

• @modernplumbing made their first contribution in #339

Full Changelog: 0.3.2...0.3.3

Performance improvements

What's Changed

• [STAL-1818] Tidying, prep for YAML rule definition by @jasonforal in #317
• [STAL-1818] Implement creation of HTTP validator from YAML definition by @jasonforal in #318
• [STAL-1818] Implement complete YAML-based rule construction by @jasonforal in #319
• [STAL-1818] Integrate secrets scanning into the main binary by @jasonforal in #320
• [STAL-1850] Introduce proximity keywords by @jasonforal in #321
• [STAL-1851] Add normalized entropy Checker by @jasonforal in #322
• [STAL-1172] Use Result for execute_rule_inner by @jasonforal in #330
• [STAL-1645] fix: use maintained and up-to-date yaml grammar by @amaanq in #334
• [STAL-1921] More instructions when we fail to get the repository for diff-aware by @juli1 in #333
• [STAL-1172] Optimize threading and instantiation of v8 runtimes by @jasonforal in #331
• [STAL-1172] Serialize Rust structs directly to v8 objects by @jasonforal in #332
• [STAL-1967] Add helper script to display the violation diff between two SARIF files by @jasonforal in #335
• [STAL-1986] Fix macOS x86 GitHub Actions build by @jasonforal in #338
• Prepare version 0.3.2 by @juli1 in #340

New Contributors

• @amaanq made their first contribution in #334

Full Changelog: 0.3.1...0.3.2

Release 0.3.1

What's Changed

• [STAL-1678] add documentation on OWASP benchmark by @juli1 in #313
• Add documentation on reporting issue by @juli1 in #315
• [STAL-1704] Simplify rule definition/evaluation by @jasonforal in #312
• [STAL-1701] add more performance statistics by @juli1 in #314
• Prepare version 0.3.1 by @juli1 in #316

Full Changelog: 0.3.0...0.3.1

Release 0.3.0

What's Changed

• fix(ide): use proper glob for ignore rule creation by @robertohuertasm in #294
• Apply global ignore/only in server by @jacobotb in #295
• [STAL-1493] Add ability to use a fake clock for tests by @jasonforal in #296
• Add rule fields 'severity' and 'category' to schema and deserializer by @jacobotb in #300
• Document the ability to set rule arguments. by @jacobotb in #299
• [STAL-1493] Add builders for HTTP validator by @jasonforal in #297
• Improve HTTP validator edge-case handling by @jasonforal in #302
• Override a rule's severity and category when specified in the configuration file by @jacobotb in #301
• feat(ide): return raw string instead of JSON by @robertohuertasm in #303
• fix(ide): support for new properties when ignoring rules by @robertohuertasm in #304
• fix(ra): fix rust-analyzer for vs code users by @robertohuertasm in #305
• [STAL-1493] Enable validation in the secrets engine by @jasonforal in #306
• [STAL-1529] Enable secret validation for integration testing by @jasonforal in #307
• fix(serialization): correctly serialize arguments by @robertohuertasm in #310
• Add version of the tool by @juli1 in #309
• [STAL-1159] Add secret scanning rule file parsing by @jasonforal in #308

Full Changelog: 0.2.9...0.3.0

Release 0.2.9

Full Changelog: 0.2.9...0.2.9

What's Changed

• [STAL-1496] add option to fail if there is any violation by @juli1 in #255
• Add initial secrets-core crate by @jasonforal in #247
• [STAL-1470] add details in FAQ by @juli1 in #256
• Mechanism to provide arguments to rules by @jacobotb in #254
• Validator for the static analyzer configuration parser by @jacobotb in #257
• check ruby rules in gitlab pipeline by @juli1 in #262
• Add secrets-core engine by @jasonforal in #261
• Update links to https by @dastrong in #264
• feat(kernel): add support for ConfigFile serialization by @robertohuertasm in #263
• [STAL-1362] add ruby in default languages by @juli1 in #266
• Update README.md with ignore/only and ruleset/rule config information. by @jacobotb in #267
• [STAL-1123] Add caching to GitHub actions build by @jasonforal in #269
• Display a nicer error message for configuration file errors by @jacobotb in #265
• [STAL-1523] add documentation for diff-aware by @juli1 in #270
• [STAL-1557] add documentation for go by @juli1 in #274
• Fix leftover legacy field ignore-paths in README. by @jacobotb in #275
• [STAL-1322] Support Vectorscan build for Windows by @jasonforal in #276
• [STAL-1164] Prepare SARIF output for multiple rule types by @jasonforal in #278
• Prevent RuleResult from being built with an absolute path by @jasonforal in #280
• [STAL-1575] Fingerprint improvements by @juli1 in #281
• [STAL-1523] add diff-aware doc by @juli1 in #282
• Fix build by @juli1 in #284
• [STAL-1164] Improved concurrency ergonomics for secrets Worker by @jasonforal in #279
• [STAL] Add missing rulesets by @dastrong in #283
• [STAL-1522] add instructions to troubleshoot diff-aware by @juli1 in #290
• [STAL-1164] Initial secrets scan workflow integration test by @jasonforal in #285
• Read the 'arguments' field from the rules by @jacobotb in #291
• Add execution time in sarif reports by @juli1 in #292
• feat(server): add IDE module by @robertohuertasm in #289

Full Changelog: 0.2.8...0.2.9

Version 0.2.8

What's Changed

• JSON Schema for the static analyzer configuration file. by @jacobotb in #241
• Add a schema-version field to the configuration file JSON Schema. by @jacobotb in #246
• Replace glob_match with globset by @jacobotb in #250
• Make the matcher function a member of PathPattern. by @jacobotb in #251
• [STAL-1467] Support for file context by @juli1 in #249
• The server may receive the configuration file and apply includes/excludes by @jacobotb in #248
• [STAL-1486] Properly handle CSV output by @juli1 in #252
• Prepare version 0.2.8 by @juli1 in #253

Full Changelog: 0.2.7...0.2.8

Release 0.2.7

What's Changed

• Parse improperly formatted YAML for the ruleset config. by @jacobotb in #226
• [STAL-1418] Violation fingerprints by @juli1 in #228
• Upgrade tree-sitter to the latest version by @juli1 in #233
• Update ruby syntax by @juli1 in #234
• Fix Stella console by @juli1 in #235
• Allow the GitLab pipeline to override the DataDog/images branch used by @jasonforal in #236
• [STAL-1457] add better handling of git SHA finding by @juli1 in #237

Full Changelog: 0.2.6...0.2.7

0.2.6

What's Changed

• update output by @juli1 in #217
• Update Documentation by @juli1 in #216
• Update configuration file format for path-based inclusion/exclusion by @jacobotb in #211
• Update download links by @juli1 in #220
• Add Vectorscan bindings and library by @jasonforal in #205
• Add the ability to include and exclude paths for individual rules and rulesets by @jacobotb in #218
• [STAL-1351] Diff-Aware Scanning Support by @juli1 in #224
• Handle legacy configuration fields during deserialization by @jacobotb in #219
• Prepare 0.2.6 by @juli1 in #225

Full Changelog: 0.2.5...0.2.6