Skip to content

ThreatForge v0.6.1

Choose a tag to compare

View all tags
@brunoaugusto1978 brunoaugusto1978 released this 13 Jun 14:17
· 12 commits to main since this release
v0.6.1
23e1ac0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

ThreatForge v0.6.1

Open source readiness, English i18n and baseline security hardening release.

Highlights

  • Translated README to English.
  • Standardized backend, selftest, reports, alerts and UI messages in English.
  • Added and validated CI workflow.
  • Added open source governance files: SECURITY.md, CONTRIBUTING.md and CODE_OF_CONDUCT.md.
  • Removed legacy master branch confusion and standardized main as the default branch.
  • Added Docker HEALTHCHECK.
  • Updated Docker base image to python:3.12-slim-bookworm.
  • Upgraded base packages and pip during image build.
  • Replaced manual frontend HTML escaping with DOM-based escaping.
  • Ignored local security scan outputs through .gitignore.

Security validation

Baseline checks included:

  • selftest isolation validation;
  • Semgrep review;
  • Bandit review;
  • Trivy filesystem scan;
  • Trivy image scan;
  • Critical/High fixable image vulnerabilities checked with Trivy using --ignore-unfixed.

Notes

Some low-risk Bandit findings remain in the local selftest script due to assert usage and synthetic test credentials. These are not production secrets and should be addressed in a future test-hardening task.

Assets 2
Loading