Skip to content

v1.0.0

Latest

Choose a tag to compare

@github-actions github-actions released this 09 Jul 02:58

Changelog

  • 190ce77 fix(version): point fallback constant at last published tag to unblock v1.0.0 gate
  • 869eb97 chore(release): bump version to v1.0.0
  • 04c3e5f docs: mark activescan flakiness (and 3 more Linux-CI-only failures) fixed
  • b1898df docs: trim README to a summary, move detail into docs/
  • edc99a4 fix(control): resolve real data race in TestSwitchProjectAcceptsExplicitPath
  • 1d6a4e6 fix: resolve 4 pre-existing CI-only test failures blocking the release gate
  • 3fc832e chore: point Repo and the goreleaser release name at the renamed GitHub repo
  • 31f1854 docs: changelog entry for the Interceptor -> Interseptor rename
  • fd9ce75 rename!: Go source, module path, and build config -- Interceptor -> Interseptor
  • b1cb610 rename(docs): Interceptor -> Interseptor across README, docs/, and policy files
  • 63910a0 rename(ui): Interceptor -> Interseptor across UI text
  • 4701c7d docs: changelog entries for active-checks test coverage and UX fixes
  • 6877522 fix(ui): stale TLS-diagnosis banner and ambiguous copy
  • a800ce1 fix(ui): friendlier Repeater send errors
  • d5fd9de test(control): add HTTP-handler coverage for active checks
  • 7581180 docs: changelog entries for the version-string fix and REST body docs
  • 813abbc docs(readme): note body-shape docs in Control API and MCP sections
  • d65cd1c merge: resolve real running version + document REST body shapes
  • b74ad31 docs(control): document request/response body shapes in /api/reference
  • 5331f85 merge: fix CHANGELOG mojibake and stale docs/ files
  • 0abb376 docs: changelog entries for release-engineering + launcher hardening
  • 0ccefdd merge: release engineering + launcher hardening
  • f965f02 docs: changelog entry for the self-listener SSRF guard fix
  • 087abbd merge: apply the self-listener SSRF guard to Host-retargeted forwards
  • 973f2a6 fix(proxy): apply the self-listener SSRF guard to Host-retargeted Intercept forwards
  • 81dc076 fix(launcher): gate the dashboard -addr flag by external-bind policy
  • 10a1d47 docs(product): correct stale MCP tool count and mark removed discovery tools
  • 060a4e3 merge: README + SECURITY.md overhaul for v1.0
  • 9b06924 docs(autonomous-pentest): mark Phases 0-4 as shipped, fix stale tool ref
  • 1c96a97 fix(launcher): wire PID-reuse-safe liveness check into the kill path
  • 0586365 docs(mcp-cookbook): fix Recipe 2 to drop removed discovery tools
  • c827470 docs(readme): document Autopilot, mobile, collab/tunnel, launcher; expand security model
  • 8f0c4ee docs(changelog): fix UTF-8 double-encoding mojibake in release history
  • f2425a6 fix(version): resolve real running version in MCP/API responses
  • 9133f5a ci: add windows/arm64 to the build matrix
  • 9d36ea8 ci(release): gate goreleaser on a test job before publishing
  • 3046970 chore(version): bump fallback constant to last published tag (0.29.0)
  • a7429c8 docs: record the v0.29.0 post-release audit cycle in AUDIT-BACKLOG.md
  • a2b45ad docs: changelog entries for the low-severity hardening batch
  • fe0d849 merge: low-severity hardening (exec timeouts, validation, expiry, test hygiene)
  • 83a1441 docs: changelog entries for the data-integrity/security Medium fixes
  • 6db70a9 merge: data-integrity and security Medium fixes
  • 13ddbb9 fix(findings): surface failed PoC flow attachments instead of swallowing them
  • 8c2342a test(tlsca): skip the POSIX dir-perms assertion on Windows
  • e2a6c3f fix(control): expire unanswered human-input prompts after 1 hour
  • 91b9282 docs: changelog entry for the launcher auth hardening
  • d34e0cd fix(authz): require evidence before reporting a session as invalid
  • aeed30f merge: launcher auth token, bind confirmation, Windows PID-reuse check
  • 2e97d8b fix(control): reject non-positive intruder thread counts instead of silent clamp
  • ad35948 docs: changelog entries for the UI bug fixes and README drift cleanup
  • c57cdae merge: UI bug fixes and documentation drift cleanup
  • 54b956e docs: changelog entry for the Host-header retargeting fix
  • 1d31596 fix(proc): add image-name-verified liveness check for Windows PID reuse
  • e0ca1dc merge: retarget the connection when Host is edited in Intercept
  • 6e1a1c2 fix(launcher): require an auth token for instance start/stop, confirm bind before 200
  • a1a09eb fix(proxy): retarget the connection when Host is edited in Intercept
  • 9b9bdea fix(ios): recompute real proxy port for no-device manual setup
  • 2c90fa8 fix(android,ios): bound device-automation exec/ssh calls with timeouts
  • 3f1eee0 docs(readme): fix stale MCP tool count and remove dead discovery feature bullet
  • cf57851 fix(control): sync /api/reference route catalog, fix hardcoded MCP stdio port
  • 2116f55 fix(report): neutralize injected structure in Markdown findings report
  • e6a1bbd fix(notes): apply api()'s CSRF header and 401 handling to the SSE fetch
  • dbf7154 fix(proxy): drop nonexistent freedBytes from purge toast
  • 9c4d977 fix(scanner): render real findings when testing a passive check
  • a3f0d6c fix(authz): read the real flow-auth response fields for From-flow fill
  • 2515a23 fix(mcp): make append_notes atomic to stop lost-update races
  • c7a7bd7 docs: changelog entry for the Starlark compile-time DoS fix
  • a7f99b2 merge: bound Starlark execution steps at compile time
  • cd761cc fix(checkscript): bound Starlark execution steps at compile time, not just run time