Changelog
Track the evolution of Code Pathfinder with detailed release notes and updates.
Release v1.3.1
What's Changed
- docs: improve README clarity and consistency by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/487
- fix(python/sast): Build parent-qualified FQNs for nested functions to prevent ID collisions by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/488
- fix(python/sast): Enable cross-file import resolution for class instantiations by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/489
- fix(python/sast): Normalize project-internal imports to include project root by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/490
- fix(python/sast): Fix variable scope tracking in class methods by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/491
- chore: release v1.3.1 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/492
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.3.0...v1.3.1
Release v1.3.0
What's Changed
- enhancement(sast/python): Add bidirectional type inference and comprehensive symbol indexing by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/480
- feat(analytics): Enable GeoIP and improve PostHog event tracking by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/481
- enhancement(python/sast): Fix method call graph indexing for Python class methods by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/482
- chore: remove unwanted files and improve .gitignore by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/483
- fix(python/sast): Fix instance method return type propagation for OOP patterns by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/484
- release: bump v1.3.0 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/485
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.2.2...v1.3.0
Release v1.2.2
What's Changed
- feat: Add banner system and TTY detection for CLI output (PR-01) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/473
- feat: Add progress bars for scan/CI operations (PR-02) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/474
- feat: Clean up verbose logging for better CLI output (PR-03) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/475
- feat: Add progress bar for file parsing workers (PR-04) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/476
- fix(ci): restrict PyPI publish to release events and manual triggers by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/477
- chore: bump version to 1.2.2 by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/478
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.2.1...v1.2.2
Release v1.2.1
What's New
Run all security rules for a technology stack with a single category/all flag.
Why We Built This
Running comprehensive scans required specifying each bundle individually:
pathfinder scan --ruleset docker/security \
--ruleset docker/best-practice \
--ruleset docker/performance \
--project .
Now simplified to:
pathfinder scan --ruleset docker/all --project .
Benefits
- Faster workflows: One command instead of multiple flags
- Complete coverage: Automatically includes all available rules
- Future-proof: New rules are included automatically as they're released
- Flexible: Mix comprehensive scans with specific rule bundles
Quick Start
# Scan all Docker rules
pathfinder scan --ruleset docker/all --project .
# Scan all Python rules
pathfinder scan --ruleset python/all --project .
# Scan all Docker Compose rules
pathfinder scan --ruleset docker-compose/all --project .
# Mix comprehensive + specific scans
pathfinder scan --ruleset docker/all --ruleset python/django --project .
Available Categories
- docker/all - All Dockerfile rules
- docker-compose/all - All Docker Compose rules
- python/all - All Python rules
New categories automatically support /all syntax as they're added.
What's Changed
- fix(action): rewrite GitHub Action as composite with pip installation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/465
- enhancement(ruleset): add support for category-level ruleset expansion with docker/all syntax by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/471
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.2.0...v1.2.1
Release v1.2.0
š Code Pathfinder v1.2.0 - Pre-Built Security Rules Are Here
We're thrilled to announce Code Pathfinder v1.2.0, bringing ready-to-use security rulesets that you can deploy in seconds!
āØ What's New
šÆ Pre-Built Python Security Rules
Stop writing security rules from scratch. Access battle-tested rulesets from our registry:
pathfinder scan --project /path/to/src --ruleset docker/security --output sarif
Find SQL injections, unsafe deserialization, command injection vulnerabilities, and more - all configured and ready to run.
š¦ Registry-Hosted Rulesets
Browse and use community-maintained rules at codepathfinder.dev/registry/:
docker/security- Docker security vulnerabilitiesdocker/best-practice- Dockerfile optimizationpython/deserialization- Unsafe pickle.loads RCE detectionpython/django- Django SQL injection patternspython/flask- Flask security misconfigurations- More languages coming soon
š§ Enhanced Python Compatibility
Expanded Python 3.9+ support with intelligent stdlib module discovery fallbacks, ensuring reliable analysis across different Python versions and environments.
šÆ What This Means for You
šš» No more copy-pasting security rules or reinventing the wheel. Point to a ruleset, run your scan, and catch vulnerabilities before they hit production. Perfect for teams who want šš» powerful SAST without the configuration overhead.
What's Changed
- fix(python/sast): add Python 3.9 fallback for stdlib module discovery by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/464
- feat(ruleset): add Python security rules with remote ruleset CLI support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/466
- fix(gha): resolve R2 upload SSL handshake failure by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/467
- chore: remove obsolete deprecation-notice.js by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/468
- feat(rules): add Python security rules for R2 distribution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/469
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.1.6...v1.2.0