You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CI/CD Pipeline Mode: Integrated --ci and --fail-on flags to exit with non-zero exit codes when findings matching or exceeding the target severity threshold are discovered.
Scope Enforcement Engine: Added the --scope-file flag to load and enforce domain allow/exclude wildcards prior to scanning.
CVSS 3.1 Scoring: Implemented a standalone, standard-compliant CVSS 3.1 base score and severity rating calculator.
Playwright Diagnostics: Automated Playwright browser installation in scripts/setup.sh and added cache/binary validation to -doctor diagnostics.
Secure Server-side Sessions: Migrated dashboard authentication from client-side localStorage to secure server-side HttpOnly cookies.
Database Query Tracing: Implemented distributed trace spans, query duration tracking, and Prometheus metrics for storage and message queue.
Changed
SSRF Enforcement: Wired security.IsPrivateAddr into both the low-level and high-level StealthClient network pipelines for strict SSRF mitigation.
CTEM State transitions: Deleted the redundant internal/domain/workflows package, consolidating compliance state machine transitions directly inside the CTEM storage engine (ctem.go).