Releases: owasp-aghast/aghast
v0.8.1
What's Changed
Other Changes
- Retain false-positive rationale in validation-mode output by @joshbouncesecurity in #90
Full Changelog: v0.8.0...v0.8.1
Contributors
Assets 4
v0.8.0
📢 AGHAST is now an OWASP project
This is the first release under the new name @owasp-aghast/aghast — AGHAST has been donated to OWASP and is now an OWASP Incubator project. Bounce Security continues as a maintaining supporter.
- Project site: https://aghast.owasp.org
- Announcement: https://www.bouncesecurity.com/blog/2026/06/16/aghast-joins-owasp.html
Migrating from @bouncesecurity/aghast (one-line change):
npm uninstall -g @bouncesecurity/aghast
npm install -g @owasp-aghast/aghastThe old @bouncesecurity/aghast package is deprecated with a pointer to the new one; the CLI, configuration, and check definitions are unchanged, and the old GitHub URLs auto-redirect.
What's Changed
Other Changes
- chore: AGHAST is now an OWASP project — @owasp-aghast/aghast, new repo/site URLs & branding by @joshbouncesecurity in #85
- Fall back to a logged-in local Claude session when no API key is set by @joshbouncesecurity in #87
- Restore corrupted README logo image by @joshbouncesecurity in #88
- Gate auto-merge on the integration and regression suites by @joshbouncesecurity in #89
Full Changelog: v0.7.5...v0.8.0
Contributors
Assets 4
v0.8.0-beta.2
What's Changed
Other Changes
- chore: AGHAST is now an OWASP project — @owasp-aghast/aghast, new repo/site URLs & branding by @joshbouncesecurity in #85
- Fall back to a logged-in local Claude session when no API key is set by @joshbouncesecurity in #87
- Restore corrupted README logo image by @joshbouncesecurity in #88
- Gate auto-merge on the integration and regression suites by @joshbouncesecurity in #89
Full Changelog: v0.7.5...v0.8.0-beta.2
Contributors
Assets 4
v0.8.0-beta.1
What's Changed
Other Changes
- chore: AGHAST is now an OWASP project — @owasp-aghast/aghast, new repo/site URLs & branding by @joshbouncesecurity in #85
Full Changelog: v0.7.5...v0.8.0-beta.1
Contributors
Assets 4
v0.7.5
What's Changed
Other Changes
- Add structured reachability process to false-positive validation by @joshbouncesecurity in #84
Full Changelog: v0.7.4...v0.7.5
Contributors
Assets 4
v0.7.4
What's Changed
Other Changes
- Configure grouped release notes and exclude dependabot by @joshbouncesecurity in #82
- build(deps): bump claude-agent-sdk, opencode-sdk, types/node, typescript-eslint by @joshbouncesecurity in #83
Full Changelog: v0.7.3...v0.7.4
Contributors
Assets 4
v0.7.3
What's Changed
- Change OpenCode default model and update integration tests by @joshbouncesecurity in #79
- Batch dependency updates + switch regression model to nemotron-3-ultra-free by @joshbouncesecurity in #81
- chore(deps): bump the all-actions group across 1 directory with 2 updates by @dependabot[bot] in #80
Full Changelog: v0.7.2...v0.7.3
Contributors
Assets 4
v0.7.2
What's Changed
- OpenCode provider: replace 1s progress poller with SSE event stream by @joshbouncesecurity in #78
Full Changelog: v0.7.1...v0.7.2
Contributors
Assets 4
v0.7.1
What's Changed
- Bump brace-expansion dev dependency from 5.0.5 to 5.0.6 by @joshbouncesecurity in #77
Full Changelog: v0.7.0...v0.7.1
Contributors
Assets 4
v0.7.0
What's Changed
- Automatic diff filtering with graceful OpenAnt degradation by @joshbouncesecurity in #76
Full Changelog: v0.6.1...v0.7.0