v1.2.0

What's Changed

• fix(security): block SSRF in customFeeds URLs by @RaminNietzsche in #44
• fix(security): rate limit uses socket IP unless TRUST_PROXY_HOPS by @RaminNietzsche in #45
• fix(server): reliability — NVD pagination, cache, GitHub retry, i18n errors by @RaminNietzsche in #46
• fix(frontend): CORS allowlist, SetupWizard autoRefresh, useVulnScan deps by @RaminNietzsche in #47
• chore(docs,ci): CONTRIBUTING, translation guide, workflow improvements by @RaminNietzsche in #48
• chore: commit agent/ rules and skills catalog by @RaminNietzsche in #49
• chore(ops): Docker smoke test + watch mode documentation by @RaminNietzsche in #50
• feat: export, alerts, detailed health, storage migration, icon sync by @RaminNietzsche in #51
• refactor: split App and SubNav into feature modules (#17) by @RaminNietzsche in #52
• chore: rename default branch to main (#39) by @RaminNietzsche in #53
• fix(ci): CodeQL on main and harden issue summary workflow by @RaminNietzsche in #54
• chore(docker): version-only Hub tags and prune extras by @RaminNietzsche in #61
• build(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in #57
• build(deps): bump docker/metadata-action from 5 to 6 by @dependabot[bot] in #59
• build(deps-dev): bump @types/react from 19.2.16 to 19.2.17 in the development-dependencies group by @dependabot[bot] in #60
• build(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #55
• build(deps): bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in #56
• build(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in #58
• feat(auth): optional API_SECRET for /api routes (Closes #62) by @RaminNietzsche in #79
• feat(cache): Redis-backed shared cache (Closes #66) by @RaminNietzsche in #82
• feat(secrets): Docker/K8s secret file loading and ops docs (Closes #63) by @RaminNietzsche in #80
• chore(ci): categorize workflows and path-based triggers by @RaminNietzsche in #87
• feat(audit): structured JSON logging for scan/watch (Closes #64) by @RaminNietzsche in #81
• feat(db): PostgreSQL scan history and trends API (Closes #67) by @RaminNietzsche in #83
• feat(scan): SSE progress stream for full scans (Closes #68) by @RaminNietzsche in #84
• feat(docker): persistent DATA_DIR volume (Closes #69) by @RaminNietzsche in #85
• feat(airgap): local NVD/OSV/KEV mirrors (Closes #77) by @RaminNietzsche in #86
• feat(security): Helmet HTTP headers for production (Closes #65) by @RaminNietzsche in #93
• feat(tenants): multi-tenancy with isolated stacks (Closes #70) by @RaminNietzsche in #94
• feat(rbac): role-based API access control (Closes #71) by @RaminNietzsche in #95
• feat(k8s): Kubernetes stack discovery (Closes #72) by @RaminNietzsche in #96
• feat(metrics): Prometheus /metrics and Grafana dashboard (Closes #73) by @RaminNietzsche in #97
• feat(epss): EPSS enrichment and combined risk score (Closes #74) by @RaminNietzsche in #98
• feat(compliance): NIST/PCI-DSS mapping by CWE (Closes #75) by @RaminNietzsche in #99
• docs: all features open source — rename enterprise to self-hosted by @RaminNietzsche in #100
• docs: multilingual self-hosted chapter in extended-docs by @RaminNietzsche in #102
• fix(sonar): set Python 3.12 for SonarCloud analysis by @RaminNietzsche in #103
• ci(Mergify): configuration update by @RaminNietzsche in #106
• ci: Codecov coverage from Node test runner by @RaminNietzsche in #105
• fix(ci): restore CodeQL workflow path for code scanning by @RaminNietzsche in #101
• ci(mergify): upgrade configuration to current format by @mergify[bot] in #108
• feat(sonar): SonarCloud CI workflow, config, and setup docs by @RaminNietzsche in #109
• feat(codecov): dedicated CI workflow, codecov.yml, and setup docs by @RaminNietzsche in #110
• ci: Mergify Test Insights via Node JUnit (not pytest) by @RaminNietzsche in #104
• fix(security): CodeQL baselines, rate limits, dependency graph by @RaminNietzsche in #111

New Contributors

• @RaminNietzsche made their first contribution in #44
• @mergify[bot] made their first contribution in #108

Full Changelog: v1.1.0...v1.2.0