Skip to content

v0.2.2

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 05 May 03:54
· 0 commits to main since this release
v0.2.2
94df472

What's Changed

  • Java by @aksOps in #1
  • fix: remove dead Run Analysis button, URL-encode node IDs, replace Tailwind CDN by @aksOps in #2
  • fix(security): SafeConstructor for SnakeYAML + CORS hardening by @aksOps in #4
  • fix: GraphBootstrapper OOM, AnalysisCache corruption, thread-safety bugs by @aksOps in #5
  • fix: API hardening — validation, endpoint cleanup, config binding by @aksOps in #6
  • Remove Thymeleaf UI — consolidate to React SPA by @aksOps in #7
  • docs: update CLAUDE.md and README.md with verified codebase facts by @aksOps in #8
  • fix: EnrichCommand passes project root to ServiceDetector for filesystem walk by @aksOps in #9
  • feat(frontend): replace Topology/Flow tabs with interactive Code Graph treemap by @aksOps in #10
  • feat: add --no-ui flag to serve command to disable web UI by @aksOps in #11
  • fix: replace N+1 loop in QueryService.findRelatedEndpoints() with batch Cypher query by @aksOps in #12
  • perf: optimize text search with pre-lowered indexed properties by @aksOps in #13
  • feat: add GuardLinker to create PROTECTS edges between GUARD/MIDDLEWARE and ENDPOINT nodes by @aksOps in #14
  • fix: NestJS discriminator guards + EXPOSES edge target by @aksOps in #15
  • fix: extend TopicLinker for all messaging edge kinds (SENDS_TO, RECEIVES_FROM, PUBLISHES, LISTENS) by @aksOps in #16
  • feat(ui): Phase 1 — shadcn/ui foundation and panel-based layout shell by @aksOps in #18
  • feat(ui): Phase 6 — MCP Console & API Docs redesign by @aksOps in #24
  • fix: remove duplicate findEndpointNeighborsBatch — build fix by @aksOps in #25
  • feat(intelligence): Phase 4 evidence packs + runtime API (RAN-161) by @aksOps in #30
  • feat(intelligence): Phase 5 language-specific enrichment (RAN-162) by @aksOps in #29
  • fix: remove duplicate methods, update tests, and patch lodash CVEs by @aksOps in #26
  • feat(intelligence): Phase 1 provenance model, repository identity, file inventory (RAN-146) by @aksOps in #28
  • fix(intelligence): Phase 5 extractor bugs — runtime crash, ThreadLocal, Go dedup, interface detection by @aksOps in #31
  • fix(sonar): resolve S2142, S3923, S2175, S5998, S3077, S6856, S1751, S5850, S5855, S5841 by @aksOps in #32
  • test(coverage): boost line coverage to 80.7% (+762 tests, exclude grammar from JaCoCo) by @aksOps in #33
  • test(coverage): boost to 87% local / ~80% SonarCloud (+367 tests, regex fallback paths) by @aksOps in #34
  • test(coverage): boost SonarCloud to 80%+ — grammar exclusion fix + 1500 new tests by @aksOps in #35
  • refactor: extract AbstractPythonAntlrDetector, fix MD5 hotspot, boost coverage to 90.6% by @aksOps in #36
  • fix: boost coverage to 90.6%, eliminate ~535 lines duplication, fix MD5 security hotspot by @aksOps in #37
  • refactor: reduce code duplication from 11.5% to ~6-7% by @aksOps in #38
  • fix: resolve 8 reliability bugs + ~500 code smells for SonarCloud quality gate by @aksOps in #39
  • fix: resolve all 9 SonarCloud reliability bugs by @aksOps in #40
  • chore: merge CI + SonarCloud workflows, drop cross-platform job by @aksOps in #41
  • phase a/audit baseline by @aksOps in #42
  • phase a/fixups spotbugs by @aksOps in #43
  • phase a/fix np null by @aksOps in #44
  • phase a/fixups pipeline smoke by @aksOps in #45
  • phase a/fix graph health by @aksOps in #46
  • phase a/fix bootstrap listener by @aksOps in #47
  • phase a/fix playwright webserver by @aksOps in #48
  • phase a/vuln scan by @aksOps in #49
  • fix(deps): clear all 12 known CVEs from the 2026-04-17 baseline by @aksOps in #50
  • feat(config): unified config — Phase B by @aksOps in #51
  • chore(config): retire legacy ProjectConfigLoader static API (#52) by @aksOps in #52
  • chore(config): freeze CodeIqConfig mutation surface (#49) by @aksOps in #53
  • fix(intelligence): close ExecutorService via try-with-resources (SonarCloud S2095) by @aksOps in #54
  • refactor(test): slice UnifiedConfigBeansTest to ApplicationContextRunner (#50) by @aksOps in #55
  • refactor(detector): taxonomy reorganization (#47) by @aksOps in #56
  • feat(detector): SQL/migration detector + SQL_ENTITY NodeKind (#48) by @aksOps in #57
  • chore(sonar): clean unused imports, suppressions, and private members by @aksOps in #58
  • test(coverage): backfill toward >=80% SonarCloud new-code coverage by @aksOps in #59
  • fix: Sonar follow-ups — ModuleDeps ordering, Express dead code, RepositoryIdentity env by @aksOps in #60
  • fix(detector): eliminate regex backtracking — resolve SonarCloud reliability gate by @aksOps in #61
  • refactor: rename code-iq → codeiq across the project by @aksOps in #62
  • perf(detector): hoist inline Pattern.compile to static finals (RAN-32) by @aksOps in #69
  • fix(spotbugs): eliminate 12 SpotBugs findings (RAN-23) by @aksOps in #71
  • chore(bootstrap): RAN-46 engineering bootstrap (security, runbooks, OpenSSF wiring) by @aksOps in #74
  • refactor(cli): split EnrichCommand.enrichFromCache to drop cognitive complexity (RAN-41) by @aksOps in #73
  • RAN-33: Hygiene cluster from RAN-6 review (5 LOW items batched) by @aksOps in #70
  • fix(build): unblock mvn test — tsconfig baseUrl + frontend.skip (RAN-27) by @aksOps in #66
  • docs(claude-md): refresh stale gotchas (RAN-13) by @aksOps in #63
  • fix(build): restore SpotBugs quality gate on main (RAN-26) by @aksOps in #68
  • fix(security): block path traversal via symlinks in /api/file and read_file (RAN-8) by @aksOps in #65
  • fix(security): cap /api/file + MCP read_file at 5 MiB (RAN-9) by @aksOps in #67
  • docs(runbooks): add test-strategy.md (RAN-46 AC #5) by @aksOps in #89
  • chore(ci): add top-level permissions: read-all to workflows (RAN-46 AC) by @aksOps in #90
  • docs(badge): wire OpenSSF Best Practices project_id 12650 (RAN-46 AC #8) by @aksOps in #92
  • chore(security): revert to OSS-CLI stack (RAN-46 path B board ruling) by @aksOps in #91
  • docs(claude-md): document OpenSSF Best Practices + Scorecard baseline (RAN-52 AC #7) by @aksOps in #95
  • chore(bestpractices): rewrite to canonical autofill schema (RAN-57) by @aksOps in #96
  • docs(changelog): add CHANGELOG.md to close OpenSSF release_notes (RAN-52) by @aksOps in #97
  • chore(bestpractices): embed URLs inline + resolve SUGGESTED ? placeholders (RAN-52) by @aksOps in #98
  • chore(frontend)(deps): bump echarts from 5.6.0 to 6.0.0 in /src/main/frontend in the echarts group across 1 directory by @dependabot[bot] in #87
  • chore(deps)(deps): bump org.neo4j:neo4j from 2026.02.3 to 2026.04.0 in the neo4j group across 1 directory by @dependabot[bot] in #77
  • chore(frontend)(deps): bump the ant-design group across 1 directory with 2 updates by @dependabot[bot] in #83
  • chore(frontend)(deps): bump the react group across 1 directory with 4 updates by @dependabot[bot] in #78
  • chore(deps)(deps): bump the spring group across 1 directory with 2 updates by @dependabot[bot] in #75
  • feat(resolver): symbol-resolver SPI + Java backend (sub-project 1, Phases 1-4) by @aksOps in #101
  • feat: AKS read-only deploy hardening (sub-project 2) by @aksOps in #103
  • feat: sub-project 1 Phase 4-6 — resolver pipeline wiring + 4 Java detector migrations by @aksOps in #104
  • chore(deps)(deps-dev): bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 in the maven-plugins group across 1 directory by @dependabot[bot] in #93
  • chore(frontend)(deps-dev): bump the typescript group across 1 directory with 2 updates by @dependabot[bot] in #99
  • chore(actions)(deps): bump the actions group across 1 directory with 4 updates by @dependabot[bot] in #100
  • chore(deps)(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.6 to 3.0.3 by @dependabot[bot] in #82
  • chore(deps)(deps): bump io.modelcontextprotocol.sdk:mcp-core from 1.1.1 to 1.1.2 by @dependabot[bot] in #80
  • chore(deps)(deps): bump tools.jackson.core:jackson-core from 3.1.1 to 3.1.2 by @dependabot[bot] in #85
  • chore(deps)(deps): bump tools.jackson.core:jackson-databind from 3.1.1 to 3.1.2 by @dependabot[bot] in #81
  • chore(deps)(deps-dev): bump com.github.eirslett:frontend-maven-plugin from 1.15.1 to 2.0.0 by @dependabot[bot] in #84
  • chore(deps): bump Node from v20.11.0 to v22.12.0 (unblocks Vite 8 / #86) by @aksOps in #105
  • feat(security): prod-readiness PR 1 of 5 — bearer auth, security headers, error envelope by @aksOps in #106
  • feat: prod-readiness PR 3 of 5 — supply chain & bundle integrity by @aksOps in #108
  • feat: prod-readiness PR 4 of 5 — observability (request tracing + JSON logs + structured errors) by @aksOps in #109
  • feat(serving): config validation, integration coverage, docs refresh (PR 5/5) by @aksOps in #110
  • perf(detectors): quick-reject pre-screen on auth detectors (-31% detector CPU) by @aksOps in #111
  • release: v0.2.0 — frontend rewrite, ActiveMQ detector, mode=none default, drill-down treemap by @aksOps in #112
  • perf(ui): cap initial file-tree fetch at depth 8 on dashboard by @aksOps in #119
  • perf(serve): bound JVM/Neo4j memory and dedupe topology snapshot by @aksOps in #118
  • perf(treemap): on-demand subtree fetch + visible directory labels by @aksOps in #120

New Contributors

Full Changelog: v0.1.0...v0.2.2

Contributors

aksOps and dependabot
Assets 3
Loading