Releases: zebbern/pocmap
Release list
PocMap v2.1.0
First PyPI release — pip install pocmap / pipx install pocmap.
This release turns PocMap from a hardened library into an adoptable tool:
- Caching & offline — persistent TTL'd HTTP cache;
--offline/POCMAP_OFFLINE. - Machine output everywhere —
--format {table,json,csv,md,sarif}; SARIF 2.1.0 onlatest/discoverfor code scanning. - CI gate —
bulk -(stdin),--fail-on {critical,high,kev,epss>=N}→ exit 6. - Monitoring —
latest/discover --diff(snapshot delta) +--notify <webhook>. - Diagnostics —
pocmap doctor,pocmap cache info|clear; shell completion. - Pluggable exploit sources —
pocmap.exploit_sourcesentry points (seeexamples/example-exploit-source/). - Fixes — restored MCP GitHub-PoC discovery; stop swallowing our own bugs; no webhook-URL credential leaks.
Full detail in CHANGELOG.md. ruff 0 / mypy --strict 0 / green CI on Python 3.10–3.12.
PocMap v2.0.0
Hardened, production-ready release.
Security: SSRF hardening (DNS-rebinding denylist, request-time DNS resolution, per-hop redirect re-validation, numeric/IPv4-mapped-IP blocking); webhook egress routed through the SSRF-checked client; SSRF/EPSS/report regression tests.
Correctness: EPSS 0-100→0-1 scale fix; single source of truth (root shadow modules removed); recent-CVE multi-severity + min_epss fixes; self-contained (no-CDN) HTML report.
Quality: ruff check src = 0, mypy --strict = 0, offline pytest green; packaging (mcp [server] extra, py.typed, LICENSE, dynamic version) + GitHub Actions CI on Python 3.10–3.12.
See CHANGELOG.md for full detail.