Skip to content

v0.2.0

Choose a tag to compare

@github-actions github-actions released this 12 Jul 19:08
1a75697

0.2.0 (2026-07-12)

Features

  • dast: interactive DOM/reflected XSS oracle (closes #3) (de6e483)

Bug Fixes

  • dast: return DOM XSS findings on timeout instead of discarding them (3c979ad)
  • dast: tighten NoSQL oracle to kill false positives (#5) (f899664)

Documentation

  • benchmarks: document the must-detect regression guard (d8e1150)
  • benchmarks: Juice Shop url-only recall 33% -> 36% after XSS fix (4b8b16a)
  • benchmarks: make OWASP Juice Shop reproducible + correct the numbers (be9af0f)
  • flag NoSQL injection as a known false-positive-prone class (#5) (c334c3e)

Reverts

  • NoSQL oracle tightening — restore prior detection (#5) (f60d7fb)