Releases: Veyal/interseptor
Releases · Veyal/interseptor
Release list
v1.0.0
Changelog
- 190ce77 fix(version): point fallback constant at last published tag to unblock v1.0.0 gate
- 869eb97 chore(release): bump version to v1.0.0
- 04c3e5f docs: mark activescan flakiness (and 3 more Linux-CI-only failures) fixed
- b1898df docs: trim README to a summary, move detail into docs/
- edc99a4 fix(control): resolve real data race in TestSwitchProjectAcceptsExplicitPath
- 1d6a4e6 fix: resolve 4 pre-existing CI-only test failures blocking the release gate
- 3fc832e chore: point Repo and the goreleaser release name at the renamed GitHub repo
- 31f1854 docs: changelog entry for the Interceptor -> Interseptor rename
- fd9ce75 rename!: Go source, module path, and build config -- Interceptor -> Interseptor
- b1cb610 rename(docs): Interceptor -> Interseptor across README, docs/, and policy files
- 63910a0 rename(ui): Interceptor -> Interseptor across UI text
- 4701c7d docs: changelog entries for active-checks test coverage and UX fixes
- 6877522 fix(ui): stale TLS-diagnosis banner and ambiguous copy
- a800ce1 fix(ui): friendlier Repeater send errors
- d5fd9de test(control): add HTTP-handler coverage for active checks
- 7581180 docs: changelog entries for the version-string fix and REST body docs
- 813abbc docs(readme): note body-shape docs in Control API and MCP sections
- d65cd1c merge: resolve real running version + document REST body shapes
- b74ad31 docs(control): document request/response body shapes in /api/reference
- 5331f85 merge: fix CHANGELOG mojibake and stale docs/ files
- 0abb376 docs: changelog entries for release-engineering + launcher hardening
- 0ccefdd merge: release engineering + launcher hardening
- f965f02 docs: changelog entry for the self-listener SSRF guard fix
- 087abbd merge: apply the self-listener SSRF guard to Host-retargeted forwards
- 973f2a6 fix(proxy): apply the self-listener SSRF guard to Host-retargeted Intercept forwards
- 81dc076 fix(launcher): gate the dashboard -addr flag by external-bind policy
- 10a1d47 docs(product): correct stale MCP tool count and mark removed discovery tools
- 060a4e3 merge: README + SECURITY.md overhaul for v1.0
- 9b06924 docs(autonomous-pentest): mark Phases 0-4 as shipped, fix stale tool ref
- 1c96a97 fix(launcher): wire PID-reuse-safe liveness check into the kill path
- 0586365 docs(mcp-cookbook): fix Recipe 2 to drop removed discovery tools
- c827470 docs(readme): document Autopilot, mobile, collab/tunnel, launcher; expand security model
- 8f0c4ee docs(changelog): fix UTF-8 double-encoding mojibake in release history
- f2425a6 fix(version): resolve real running version in MCP/API responses
- 9133f5a ci: add windows/arm64 to the build matrix
- 9d36ea8 ci(release): gate goreleaser on a test job before publishing
- 3046970 chore(version): bump fallback constant to last published tag (0.29.0)
- a7429c8 docs: record the v0.29.0 post-release audit cycle in AUDIT-BACKLOG.md
- a2b45ad docs: changelog entries for the low-severity hardening batch
- fe0d849 merge: low-severity hardening (exec timeouts, validation, expiry, test hygiene)
- 83a1441 docs: changelog entries for the data-integrity/security Medium fixes
- 6db70a9 merge: data-integrity and security Medium fixes
- 13ddbb9 fix(findings): surface failed PoC flow attachments instead of swallowing them
- 8c2342a test(tlsca): skip the POSIX dir-perms assertion on Windows
- e2a6c3f fix(control): expire unanswered human-input prompts after 1 hour
- 91b9282 docs: changelog entry for the launcher auth hardening
- d34e0cd fix(authz): require evidence before reporting a session as invalid
- aeed30f merge: launcher auth token, bind confirmation, Windows PID-reuse check
- 2e97d8b fix(control): reject non-positive intruder thread counts instead of silent clamp
- ad35948 docs: changelog entries for the UI bug fixes and README drift cleanup
- c57cdae merge: UI bug fixes and documentation drift cleanup
- 54b956e docs: changelog entry for the Host-header retargeting fix
- 1d31596 fix(proc): add image-name-verified liveness check for Windows PID reuse
- e0ca1dc merge: retarget the connection when Host is edited in Intercept
- 6e1a1c2 fix(launcher): require an auth token for instance start/stop, confirm bind before 200
- a1a09eb fix(proxy): retarget the connection when Host is edited in Intercept
- 9b9bdea fix(ios): recompute real proxy port for no-device manual setup
- 2c90fa8 fix(android,ios): bound device-automation exec/ssh calls with timeouts
- 3f1eee0 docs(readme): fix stale MCP tool count and remove dead discovery feature bullet
- cf57851 fix(control): sync /api/reference route catalog, fix hardcoded MCP stdio port
- 2116f55 fix(report): neutralize injected structure in Markdown findings report
- e6a1bbd fix(notes): apply api()'s CSRF header and 401 handling to the SSE fetch
- dbf7154 fix(proxy): drop nonexistent freedBytes from purge toast
- 9c4d977 fix(scanner): render real findings when testing a passive check
- a3f0d6c fix(authz): read the real flow-auth response fields for From-flow fill
- 2515a23 fix(mcp): make append_notes atomic to stop lost-update races
- c7a7bd7 docs: changelog entry for the Starlark compile-time DoS fix
- a7f99b2 merge: bound Starlark execution steps at compile time
- cd761cc fix(checkscript): bound Starlark execution steps at compile time, not just run time
v0.29.0
Changelog
- 96135d7 chore: release v0.29.0
- b678501 feat(launcher): run multiple projects at once via a dashboard process
- fafea4c feat(mcp): add delete_finding tool, notebook-style findings guidance
- 7ece5e4 fix(authz): accept flexible header shapes in set_authz, surface real decode errors
- 5ce5871 fix(map): keep the domain selector complete across reloads
- 5d28f58 feat(discovery)!: remove built-in content-discovery feature
- 37e28b4 feat(ai): saved provider profiles with one-click switching
- e6baf2f feat(collab): remote access, live session sharing & additive project merge
- 947e4de fix(autopwn): plan from a deterministic recon digest, not model tool-calls
v0.28.0
Changelog
- 0694cf2 chore: release v0.28.0
- 987b1c8 test(autopwn): Phase 4 — real over-the-wire E2E integration test
- d925f42 feat(autopwn): Phase 3 — Autopilot UI panel
- 97e3835 feat(autopwn): Phase 2 wiring — REST + SSE + MCP control surface
- ab5f63c feat(autopwn): Phase 2 engine — autonomous run lifecycle + adapters
- c076ef8 feat(autopwn): Phase 1 — provider-agnostic agent loop & the 4-gate verifier
- 6e3edcd feat(autopwn): Phase 0 — backend seams, schema & verification primitives
- 03d3049 docs: autonomous AI pentester ("Autopilot") architecture + phased plan
- 3360d66 fix(ui): hidden-tab fallback for virtualized live-insert rendering
- 65390e2 perf(ui): Phase 4 — keyed reconciliation, stale-reconnect resync, incremental filters, SSE registry
- 4aac4ac refactor(ui): Phase 3 — navigation rail regroup + Phase 4a lazy-loaded tabs
- 780cefc docs(control): Phase 3 backend cleanup — fix README MCP tool count, investigate authz route grouping
- bad3839 refactor(ui): Phase 2 batch A5 — regroup Settings nav, fix duplicate TLS section
- 155784f refactor(ui): Phase 2 batch A4 — rebuild Proxy panel toolbar layout
- c1bd95c refactor(ui): Phase 2 batch A3 — rebuild Intercept/Intruder/Repeater + unify tab-manager
- 32dadec refactor(ui): Phase 2 batch A2 — rebuild Map/Findings/Scanner panels
- 07c81d4 refactor(ui): Phase 2 batch A1 — rebuild Notes/Activity/Discover panels
- be44be5 refactor(ui): land Phase 1 foundation of the UI redesign roadmap
- 877dc84 feat(ui): add Ask AI to findings, upgrade aesthetics and render AI reasoning tags
v0.27.1
v0.27.0
v0.26.0
Changelog
- 52fb2f6 chore: release v0.26.0
- 82b0d3c feat(project): lossless full-project archive export/import
- eef6880 feat(scanner,activescan): 18 new built-in checks + header/cookie/path injection points
- 0034f3c feat(project): custom save location; revamp custom checks editor UI
- da1f030 fix(ui): stop project switch from reloading into stale pre-switch data
v0.25.0
Changelog
- afcea46 chore: release v0.25.0
- df3da95 perf(backend): O(1) discovery recording, lock-free SSE fan-out, WS + intercept memory safety
- 927f2f7 fix(ui,proxy): resolve undefined CSS tokens, style Critical badge, flag partial captures, drop dead code
- cbb35a4 fix(proxy): drop per-response MITM debug log line
- bd11053 chore(security): remove committed engagement data and redact test fixtures
v0.24.0
Changelog
- d343b50 chore: release v0.24.0
- a9691a7 feat(ui): wide-desktop settings, GLM model picker, Ctrl+K commands, and UX fixes
- c6b3acd feat(ai): add GLM Coding Plan provider
- 15e8fba feat(update): cache update checks and add unauthenticated rate-limit fallback
- 65b7fdd fix(proxy): downgrade HTTP/2 responses to HTTP/1.1 on MITM connections
- e9fc797 chore: release v0.23.0 changelog
v0.23.0
Changelog
- f0dc84e feat(proxy): add invisible/transparent proxy mode (Burp-style)
v0.22.0
Highlights
- Jailbroken iOS over SSH — automate proxy and CA install on device via Settings, control API, and MCP (
internal/ios/ssh). - Device proxy endpoints — LAN endpoint picker and multi-listener proxy addresses for multi-homed hosts.
- UI polish — TLS diagnosis and listener settings streamlined; Map subdomain select scrolling and Intruder payload panel layout fixes.
Full notes: CHANGELOG.md.