Changelog
Track the evolution of Code Pathfinder with detailed release notes and updates.
Release v1.1.0
v1.1.0November 29, 2025
What's Changed
- chore(python-dsl): Release v1.1.0 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/405
- chore: Remove nsjail testing scripts from root directory by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/406
- feat: Add Cloudflare R2 stdlib registry upload + bump to v1.0.0 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/407
- fix: Remove AWS credentials action, install AWS CLI directly for R2 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/408
- fix: Allow msilib and nis modules to fail gracefully by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/409
- chore: Remove outdated docs/ and pathfinder-rules/ directories by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/410
- chore: Move R2_SETUP.md and SANDBOX.md to knowledge base by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/411
- chore: Remove GitHub Container Registry build to save CI time by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/412
- refactor: Migrate test fixtures to sourcecode-parser/test-fixtures by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/413
- refactor: Rename sourcecode-parser to sast-engine (v1.1.0) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/414
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v0.0.34...v1.1.0
Release v0.0.34
v0.0.34November 25, 2025
What's Changed
- chore: fix package-lock.json file by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/321
- cpf/enhancement: Add core data structures for call graph by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/322
- cp/enhancement: Implement module registry - Pass 1 of 3-pass algorithm by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/323
- cpf/enhancement: Implement import extraction with tree-sitter by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/324
- cpf/enhancement: Implement relative import resolution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/325
- cpf/enhancement: Implement call site extraction from AST by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/326
- cpf/enhancement: Implement call graph builder - Pass 3 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/327
- cpf/enhancement: Create CFG data structures for control flow analysis by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/328
- cpf/enhancement: Add pattern registry with hardcoded code injection example by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/329
- cpf/enhancement: Add Callgraph Integration into parsing pipeline by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/330
- cpf/enhancement: Django ORM Pattern Resolution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/333
- feat(callgraph): Python Type Inference for Improved Call Resolution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/334
- feat(callgraph): Phase 2 - Complete Type Inference with Inter-Procedural Propagation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/335
- feat(callgraph): Task 12 - Self Attribute Tracking & Method Chaining by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/336
- feat(stdlib): Add generic Python 3.14 stdlib registry generator by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/337
- feat(callgraph): Add local stdlib registry loader with resolution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/338
- fix(callgraph): Add fallback stdlib check for direct module imports by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/339
- feat(callgraph): Add remote stdlib registry with lazy loading by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/340
- fix(tools): Allow platform-specific module failures in registry generation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/341
- feat(observability): Add stdlib registry metrics and regression tests by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/342
- feat(dataflow): Add core data structures for intra-procedural taint analysis by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/343
- feat(callgraph): Add Python statement extraction for intra-procedural dataflow by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/344
- feat(callgraph): Add def-use chain construction (PR #3) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/345
- feat(taint): Implement intra-procedural taint propagation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/346
- feat(callgraph): Integrate taint analysis into call graph builder by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/347
- Fix intra-procedural vulnerability detection by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/348
- feat(diagnostic): Add function extraction for diagnostic system by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/349
- feat(diagnostic): Add LLM integration for pattern discovery by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/350
- feat(diagnostic): Add tool comparison with normalization by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/351
- fix(ci): Install codepathfinder 1.0.0 for Python DSL tests by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/362
- feat(go): Remove ANTLR/expr-lang query system by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/352
- feat(python): Add core matchers (calls, variable) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/353
- feat(python): Add dataflow analysis with Phase 1 propagation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/354
- feat(python): Add Phase 2 propagation and presets by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/355
- feat(python): Add logic operators (And, Or, Not) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/356
- feat(go): Add call_matcher executor by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/357
- feat(go): Add variable_matcher executor by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/358
- feat(go): Add dataflow integration for taint analysis by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/359
- feat(go): Add DSL rule loader and OWASP Top 10 examples by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/360
- feat(cli): Implement scan, query, and ci commands with Python DSL integration by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/361
- build(deps): bump astro from 5.14.4 to 5.15.6 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/366
- feat(models): Add GPT-5.1 model support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/367
- build(deps): bump the npm_and_yarn group across 2 directories with 1 update by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/368
- chore: Release version 0.0.16 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/369
- fix: TypeScript type annotations in generated model config by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/370
- chore: Release version 0.0.17 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/371
- refactor: create core package with foundation types by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/372
- refactor: create registry, cfg, and resolution packages by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/373
- refactor(callgraph): Create analysis/taint, extraction packages and complete registry by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/374
- refactor(callgraph): Create resolution package and complete extraction package (PR #4) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/375
- refactor(callgraph): Move advanced resolution to resolution package (PR #5) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/376
- refactor: Create patterns package for pattern detection (PR #6) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/377
- refactor: Extract builder logic to builder/ package (#7) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/378
- refactor: Remove all type aliases and wrapper functions from callgraph package by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/379
- feat(docs): Enhance blog post typography and reading experience by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/380
- feat(blog): Add MyClone chat widget to blog posts by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/381
- build(deps): bump glob from 10.4.5 to 10.5.0 in /extension/secureflow in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/382
- build(deps): bump astro from 5.15.6 to 5.15.9 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/383
- PR #1: DSL IR Extension & Keyword Argument Parsing by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/384
- PR #2: Implement Keyword Argument Matching Logic by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/385
- PR #3: Add Python DSL API for Argument Matching by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/386
- PR #4: Add Positional Argument Matching Support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/387
- PR #5: Add Advanced Argument Matching Features by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/388
- PR #6: Add Tuple Indexing for Nested Argument Matching by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/389
- PR #7: Fix Critical Bugs in Argument Matching by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/390
- PR #1: Data Structures & Enrichment Layer by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/391
- PR #2: Structured Logging System by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/392
- PR #3: Text Formatter for Scan Command by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/393
- PR #4: Add JSON and CSV Output Formatters for CI Mode by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/394
- PR #5: Enhanced SARIF Formatter with Code Flows by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/395
- PR #6: Exit Code Standardization & --fail-on Flag by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/396
- PR #7: Command Cleanup & Documentation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/397
- enhancement(docs): Improve landing page experience by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/398
- enhancement(docker): Add Python runtime with nsjail sandboxing by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/399
- enhancement(dsl): Integrate nsjail sandbox for Python DSL execution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/400
- feat(release): add macOS Intel and Linux ARM64 builds by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/401
- feat(release): Add Homebrew tap update trigger by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/402
- fix(release): Trigger Homebrew update on publish + v0.0.34 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/403
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v0.0.33...v0.0.34
Release v0.0.33
v0.0.33October 25, 2025
๐ Recent Highlights โ CodePathfinder
Weโve landed three notable updates to boost developer experience and performance:
-
Performance Monitoring & Memory Improvements: PR #316 Sharper performance monitoring tools plus reduced memory usage.
-
Golang Version Upgrade: PR #311 Migration to the latest Go for improved reliability and compatibility.
-
Python 3 Language Support: PR #314 You can now scan and analyze Python 3 code, broadening language coverage for source code analysis.
๐ Introducing SecureFlow โ Next-Gen AI Security Scanning
Take your code security audit to the next level with our new solutions:
-
SecureFlow Extension: Code securely inside VSCode with AI-driven insights. Read more
-
SecureFlow CLI: Hunt vulnerabilities in your projects with CLI-powered AI analysis. Details in blog
Weโre taking baby steps toward making AI-native security scanning the foundation for future software. Stay tunedโmore is coming!
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v0.0.32...v0.0.33
Release v0.0.32
v0.0.32March 18, 2025
What's Changed
- feature: ๐บ Support for
AssertStmtNode statement by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/179 - feature: Support for
ReturnStmtstatement by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/180 - fix docker command by @opstoken in https://github.com/shivasurya/code-pathfinder/pull/182
- feature: ๐บ Support for
BlockStmtstatement by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/181 - doc: refresh documentation for latest statement support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/183
- chore: update seo title by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/184
- doc: Update the documentation to include
BreakStmt,LabeledStmt,YieldStmtand etc by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/185 - chore: fix title tag issue by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/186
- Bump nanoid from 3.3.7 to 3.3.8 in /docs in the npm_and_yarn group across 1 directory by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/188
- Bump astro from 4.16.3 to 4.16.18 in /docs in the npm_and_yarn group across 1 directory by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/189
- chore(upgrade): Bump golang dependencies and version by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/192
- Bump vite from 5.4.11 to 5.4.14 in /docs in the npm_and_yarn group across 1 directory by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/193
- feature: :beer: Class with inheritance support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/187
- blog: add closure table blog post ๐ฐ by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/196
- chore: Update Website Navigation and Messaging by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/197
- build(deps): bump the npm_and_yarn group across 1 directory with 3 updates by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/198
- feat: New Pathfinder Rules page (atlas) for docs by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/200
- chore: updated package-lock.json by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/201
- chore: added rollup optional dep by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/202
- chore: fix link in footer by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/203
- build(deps): bump prismjs from 1.29.0 to 1.30.0 in /docs in the npm_and_yarn group across 1 directory by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/204
- feature: Code-Pathfinder online hosted sandbox playground by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/205
- build(deps): bump @babel/runtime from 7.26.9 to 7.26.10 in /docs in the npm_and_yarn group across 1 directory by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/206
- build(deps): bump the go_modules group across 2 directories with 1 update by @dependabot in https://github.com/shivasurya/code-pathfinder/pull/208
- release: bump version to 0.0.32 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/209
New Contributors
- @opstoken made their first contribution in https://github.com/shivasurya/code-pathfinder/pull/182 ๐
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v0.0.31...v0.0.32
Release v0.0.31
v0.0.31November 5, 2024
What's new?
This release has query support for BreakStmt, ContinueStmt, YieldStmt, IfStmt, DoStmt, WhileStmt, ForStmt statements in source code (java) โ ๐
Read latest blog post about detecting Webview vulnerabilities using Code-Pathfinder
- feature:
IfStmt, DoStmt, WhileStmt, ForStmtand Generic Statement support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/173 - feature: ๐บ Support for
BreakStmtby @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/174 - feature: ๐บ Support for
Continuestatement by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/175 - feature: ๐บ Support for
YieldStmtstatement by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/176
What's Changed
- doc: added ci/cd integ pages and docker updates by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/167
- added blog post for targeting android framework by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/169
- fix query name issue in blog post :bug: by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/170
- chore: improve doc site by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/171
- chore: added pr template by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/172
- release: bump version to v0.0.31 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/177
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v0.0.30...v0.0.31
Showing 1-5 of 28 releases
...
1 / 6