Releases: vinceAmstoutz/symfony-security-auditor
Releases · vinceAmstoutz/symfony-security-auditor
1.12.0 - Spotlight
What's Changed
- docs: trim README redundancy by @vinceAmstoutz in #69
- feat(command): stream live with progress output by @vinceAmstoutz in #70
- chore(deps): update symfony/ai-bundle requirement from ^0.9 to ^0.10 in the symfony group by @dependabot in #71
- fix(command): clarify dry-run warning for local models by @vinceAmstoutz in #72
- feat(report): link to project homepage in report by @vinceAmstoutz in #73
- docs: relocate manual setup and slim headings by @vinceAmstoutz in #74
Full Changelog: 1.11.0...1.12.0
Contributors
dependabot and vinceAmstoutz
Assets 2
1.11.0 - Tracer
What's Changed
- feat: configurable gate severity & type-level finding by @vinceAmstoutz in #65
- docs: refresh stale model identifiers by @vinceAmstoutz in #67
- feat(report): enrich SARIF & support MD format by @vinceAmstoutz in #66
- feat(prompt): sharper attacker methodology by @vinceAmstoutz in #68
Full Changelog: 1.10.1...1.11.0
Contributors
vinceAmstoutz
Assets 2
1.10.1 - Encore
What's Changed
- chore: release 1.10.1 - Encore by @vinceAmstoutz in #64
Full Changelog: 1.10.0...1.10.1
Contributors
vinceAmstoutz
Assets 2
1.10.0 - Lookout
What's Changed
- chore(deps): refresh stale model hints in composer suggest block by @vinceAmstoutz in #57
- feat(agent): extend reviewer-verdict cache to batched reviews by @vinceAmstoutz in #58
- ci: raise Infection per-mutant timeout to stop flaky mutation failures by @vinceAmstoutz in #60
- feat: HTML report, baseline, gh Action & config schema by @vinceAmstoutz in #59
- chore: release 1.10.0 Lookout by @vinceAmstoutz in #61
Full Changelog: 1.9.0...1.10.0
Contributors
vinceAmstoutz
Assets 2
1.9.0 - Slipstream
What's Changed
- fix(prompt): align attacker/reviewer structured-output contract by @vinceAmstoutz in #41
- feat(prompt): keep uncertain findings instead of dropping them by @vinceAmstoutz in #42
- fix(llm): estimate Fable and Mythos tokens with their denser tokenizer by @vinceAmstoutz in #43
- docs(faq): add per-agent reasoning-effort / thinking guidance by @vinceAmstoutz in #45
- feat(agent): feed reviewer-rejected findings back to the attacker by @vinceAmstoutz in #44
- feat(prompt): mark firewall-covered routes in the attacker route map by @vinceAmstoutz in #47
- feat(agent): add provider-validated reviewer verdicts via record_review tool by @vinceAmstoutz in #48
- feat(prompt): add opt-in stable system prompt for provider cache reuse by @vinceAmstoutz in #46
- feat(cache): cache reviewer verdicts across runs by @vinceAmstoutz in #49
- feat(report): list vulnerabilities most-severe-first in every output format by @vinceAmstoutz in #54
- docs: rename Ollama platform option host_url to endpoint by @vinceAmstoutz in #53
- feat(llm): price prompt-cache tokens into audit cost by @vinceAmstoutz in #50
- feat(command): surface live audit-stage progress and a long-run notice by @vinceAmstoutz in #55
- feat: config-less cheaper and faster defaults by @vinceAmstoutz in #56
Full Changelog: 1.8.0...1.9.0
Contributors
vinceAmstoutz
Assets 2
1.8.0 - Fable
c727a4d
This commit was signed with the committer’s verified signature.
vinceAmstoutz
Vincent Amstoutz
What's Changed
- feat(infrastructure): refresh provider prices by @vinceAmstoutz in #38
- docs: update faq to opus-4-8 from 4-7 by @vinceAmstoutz in f86135c
Full Changelog: 1.7.2...1.8.0
Contributors
vinceAmstoutz
Assets 2
1.7.2 - Lighthouse
What's Changed
- fix(command): warn on unsupported model during dry-run cost estimate by @vinceAmstoutz in #37
- docs: incorrect display of the symfony minimum version by @vinceAmstoutz in e40ebfb
- docs: improve readme on the sf flex part by @vinceAmstoutz in 136127f
Full Changelog: 1.7.1...1.7.2
Contributors
vinceAmstoutz
Assets 2
1.7.1 - Parachute
What's Changed
- fix(bundle): tolerate missing AI platform so bare-skeleton installs compile by @vinceAmstoutz in
#35 - docs: remove token and cost estimations on classic run by @vinceAmstoutz
- ci: bump actions to Node 24 runtimes by @vinceAmstoutz in #36
Full Changelog: 1.7.0...1.7.1
Contributors
vinceAmstoutz
Assets 2
1.7.0 - Polyglot
What's Changed
- feat(bundle): deprecate cache.prompt_caching option by @vinceAmstoutz in #34
- feat(report): covers more model providers for cost estimations by @vinceAmstoutz in #34
Full Changelog: 1.6.4...1.7.0
Contributors
vinceAmstoutz
Assets 2
1.6.4 - Hush
f47ed83
This commit was signed with the committer’s verified signature.
vinceAmstoutz
Vincent Amstoutz
What's Changed
- fix(llm): demote
Tool-using loop ended with empty content responsetodebugafter at least one tool iteration — normal completion in structured-collection mode, no longer spams the audit output by @vinceAmstoutz in #33 - fix(report): drop the misleading cost line from the real-run console report — derived from static pricing and shouldn't be anchored on. Tokens line stays; dry-run output unchanged; JSON / SARIF cost fields preserved for dashboards by @vinceAmstoutz in #33
Full Changelog: 1.6.3...1.6.4
Contributors
vinceAmstoutz