Skip to content

Releases: step-security/dev-machine-guard

v1.13.0

Choose a tag to compare

@github-actions github-actions released this 09 Jul 18:52
Immutable release. Only release title and notes can be modified.
2d2e69f

Changelog

  • 2d2e69f Merge pull request #163 from ashishkurmi/akurmi/fix/release-resolve-draft-race
  • 0325326 fix(ci): wait for release-list propagation before resolving draft tag
  • 8f0e591 Merge pull request #161 from raysubham/subham/feat/wt/device-policy-ga
  • ac979bb feat(featuregate): enable device-policy enforcement by default
  • b837f57 Merge pull request #160 from swarit-stepsecurity/swarit/fix/wt/windows-yarn-globals
  • 71c052c fix(node): enumerate yarn classic globals on Windows
  • b0c88ce Merge pull request #159 from swarit-stepsecurity/swarit/fix/wt/node-global-discovery
  • 4dd5db8 Merge branch 'main' into swarit/fix/wt/node-global-discovery
  • a911076 fix(node): parse global lockfile when node_modules walk is empty (pnpm store)
  • c69100f fix(node): discover pnpm v10+ globals (global/v//node_modules)
  • 6b7a999 Merge pull request #158 from swarit-stepsecurity/swarit/chore/wt/up-ver-1.12.1
  • 0bb1dc8 chore(release): update to 1.13.0
  • f797e76 Merge pull request #157 from swarit-stepsecurity/swarit/chore/wt/coding-guidelines
  • 5e1b172 docs: rename coding-guidelines.md to AGENTS.md at repo root
  • b4f9888 Merge branch 'main' into swarit/chore/wt/coding-guidelines
  • f585dc0 Merge pull request #138 from raysubham/feat/dmg-policy-profiles
  • 413cc83 Merge branch 'main' into feat/dmg-policy-profiles
  • c9b913c Merge pull request #156 from swarit-stepsecurity/swarit/feat/wt/migrate-npm-scanning
  • 02b0de7 Merge branch 'main' into swarit/feat/wt/migrate-npm-scanning
  • 665eaaa Merge pull request #143 from shubham-stepsecurity/sm/launchd-troubleshooting
  • e6a1427 Merge branch 'main' into swarit/feat/wt/migrate-npm-scanning
  • 83915ba Merge branch 'main' into sm/launchd-troubleshooting
  • 5bb357e Merge pull request #142 from shubham-stepsecurity/sm/classic-visual-studio
  • 8b3b85f Merge branch 'main' into sm/classic-visual-studio
  • 8a34e8c Merge branch 'main' into swarit/feat/wt/migrate-npm-scanning
  • 992f385 feat(detector): discover classic Visual Studio extensions and installs
  • 74fbd1c Merge pull request #155 from swarit-stepsecurity/swarit/feat/wt/migrate-py-scanning
  • 59e25b7 Merge branch 'main' into swarit/feat/wt/migrate-py-scanning
  • 44474f0 Merge pull request #152 from swarit-stepsecurity/swarit/feat/wt/lock-acquire-logging
  • 9b596f9 Merge branch 'main' into swarit/feat/wt/lock-acquire-logging
  • 1d6ac5e fix(node): count disk packages in scan cap; gate delta on PMVersion
  • 4abd891 docs(tcc): configure Full Disk Access for all devices only
  • ff29a5b docs: add coding guidelines derived from existing patterns
  • 3f35a34 Merge branch 'main' into swarit/feat/wt/migrate-npm-scanning
  • e5c6633 feat(node): add disk-based package scanning (lockfile parsing)
  • 4b927a3 Merge pull request #141 from shubham-stepsecurity/sm/fix
  • 7360ce3 Merge branch 'main' into sm/fix
  • 1abf3c0 fix(telemetry): don't assume lock failure means contention
  • d85e9c5 fix(python): address PR review on disk-based scanning
  • 8266443 feat(devicepolicy): make policy identity target-aware (category + target)
  • 70e644a fix(python): use type conversion for PackageDetail->PythonPackage (staticcheck S1016)
  • d113b95 feat(python): add disk-based package scanning (dist-info metadata)
  • efbd43b feat(telemetry): log and report lock-acquisition contention at info level
  • 8d7920c fix(install): don't enforce IDE policy inline under SYSTEM
  • c36dfd4 fix(devicepolicy): fetch policy from run-config, drop removed effective-policy endpoint
  • d52c941 Merge branch 'main' into feat/dmg-policy-profiles
  • 68fdfb3 Merge pull request #151 from raysubham/subham/fix/schtasks-daily-schedule-24h
  • 83a8f73 fix(schtasks): use DAILY schedule for scan frequencies of 24h+
  • 1c83b7d Merge pull request #146 from shubham-stepsecurity/sm/scheduler-info-interval-gate
  • 37a0a42 Merge branch 'main' into sm/scheduler-info-interval-gate
  • 2412a3f Merge pull request #144 from swarit-stepsecurity/swarit/chore/wt/add-logs-python
  • 911866e Merge branch 'main' into swarit/chore/wt/add-logs-python
  • 2a5db1c feat(telemetry): include this run's loader-script logs
  • af7bb2f feat: enable Windows Task Scheduler history; address review feedback
  • 823bedb feat: run-on-login scheduling, reliability fixes, scheduler diagnostics
  • c9b55b7 Merge pull request #148 from swarit-stepsecurity/swarit/feat/last-run-heartbeat
  • 6f07968 Merge branch 'main' into swarit/feat/last-run-heartbeat
  • e888d9b Merge pull request #150 from swarit-stepsecurity/swarit/chore/disable-delta-npm-feat
  • e8b774b chore(telemetry): gate scan-state delta protocol off by default
  • 0a5d73e Merge branch 'main' into swarit/feat/last-run-heartbeat
  • 55cab2d Merge branch 'main' into feat/dmg-policy-profiles
  • 66a6666 Merge pull request #140 from shubham-stepsecurity/sm/bump
  • 034941f Merge branch 'main' into sm/bump
  • 8a4ad99 feat(heartbeat): write last-run.json at top of send-telemetry
  • 0f4cece Merge pull request #147 from ashishkurmi/main
  • aa4cf43 Merge branch 'main' into main
  • dc3bce9 Merge pull request #145 from eromosele-stepsecurity/Update-readme
  • 199f2a3 ci(macos): automate Developer ID signing + notarization in GitHub Actions
  • 447af09 Corrections to the setup for macOS
  • 6dd69ea Update README
  • 96ac3e9 chore: add per-venv scan logging to Python project detector
  • 8238e03 Merge pull request #131 from swarit-stepsecurity/swarit/feat/wt/scan-state-package
  • 078814d chore: go fmt
  • f7d1e09 fix: address copilot review comments
  • 6022c47 feat(devicepolicy): key on-device state by category to avoid a future migration
  • 2ff6d54 feat(devicepolicy): reject state files from a newer schema version
  • e21c0ef docs: enhance launchd troubleshooting guide with detailed scheduling information
  • 7421d92 docs: add macOS launchd troubleshooting guide
  • 5e302b0 refactor: move atomicfile to internal/atomicfile
  • 2bf8b46 test(devicepolicy): assert settings.json write leaves a recoverable .bak backup
  • 5c3e887 chore(devicepolicy): align feature gate name with renamed package
  • 48e8f53 fix(detector): guard NodeScanner.pmAvailability with a mutex
  • 646be01 fix(telemetry): persist scan-state in --telemetry-out path
  • 4d2ac90 feat(detector): npm scan cache + concurrent workers (phase 4)
  • 321dcc8 feat(telemetry): flip payload to delta protocol (phase 3)
  • 99ff7cb feat(config): add use_legacy_package_scan opt-out
  • e9992c7 fix(detector): resolve node PM versions via default install paths
  • ce63e1c ci: build golangci-lint with Go 1.26 to unblock lint
  • 1af7d7c chore: bump Go toolchain to 1.26
  • 4bfdac1 feat(telemetry): track python projects, globals, and removals in scan-state
  • e7b0d09 feat(telemetry): wire scan-state into npm scan path (phase 1)
  • aeb0e80 fix(state): address copilot review comments
  • 454f8e1 refactor(devicepolicy): merge channel halves into api.go, interface into settings_writer.go
  • de9bc09 refactor(devicepolicy): rename package devmdm to devicepolicy
  • da39b15...
Read more

v1.12.0

Choose a tag to compare

@github-actions github-actions released this 10 Jun 20:13
Immutable release. Only release title and notes can be modified.
ad793a7

Changelog

  • ad793a7 Merge pull request #137 from ashishkurmi/ak/chore/up-ver-1.12.0
  • 26de0ee chore(release): update to 1.12.0
  • a9b7e52 Merge pull request #136 from swarit-stepsecurity/swarit/fix/enable-rc-config-feature-gates
  • 7037378 Merge branch 'main' into swarit/fix/enable-rc-config-feature-gates
  • 784b15a Merge pull request #87 from swarit-stepsecurity/swarit/fix/brew-upstream-failure
  • c3969fd Merge remote-tracking branch 'upstream/main' into swarit/fix/brew-upstream-failure
  • 5235293 chore(rc-config): enable pnpm/bun/yarn audits by default
  • 4850be6 Merge pull request #133 from raysubham/feat/test-build-intunewin
  • 7856446 Merge branch 'main' into feat/test-build-intunewin
  • b651811 Merge pull request #135 from ashishkurmi/feat/malicious-file-detection
  • a53341b Merge branch 'main' into feat/malicious-file-detection
  • 83b54f4 Merge pull request #128 from Prateek-stepsecurity/pn/pnpm-fix
  • 0e820c2 Merge branch 'main' into pn/pnpm-fix
  • 27ab2d1 perf(detector/rules): bound scan memory to one file at a time
  • bd60bb4 Merge branch 'main' into feat/malicious-file-detection
  • 6a77134 Merge pull request #134 from swarit-stepsecurity/swarit/feat/expand-rc-config-surface
  • 62df38f Merge branch 'main' into swarit/feat/expand-rc-config-surface
  • 3da82ff fix(configaudit): address PR review feedback
  • fa6a922 Merge branch 'main' into feat/malicious-file-detection
  • 3d4bb85 Merge branch 'main' into feat/test-build-intunewin
  • bf92d13 Merge pull request #98 from shubham-stepsecurity/sm/feat/add-support
  • 24cf448 Merge branch 'main' into sm/feat/add-support
  • cb78c7e chore: go fmt
  • aed4273 feat(detector): malicious-file detection rules engine + telemetry wiring
  • 3b5cbf7 chore(configaudit): trim review comments + extra parser tests
  • 7b35c60 feat(yarn): surface inventory of yarn classic and berry config
  • b8d2047 feat(bun): surface inventory of bunfig.toml configuration
  • 144e6b5 feat(pnpm): surface inventory of pnpm configuration
  • b461343 refactor(configaudit): extract shared file-metadata helpers
  • bbbe7cb Merge branch 'main' into feat/test-build-intunewin
  • 6c06d77 Merge pull request #132 from swarit-stepsecurity/swarit/chore/enable-rc-config
  • e1e2b7a Merge branch 'main' into swarit/chore/enable-rc-config
  • 8e138b1 ci(test-build): pack an unsigned .intunewin + add correlation run-name
  • 1f50488 fix: pnpm path fix for linux
  • 9a2b0e6 fix: pnpm path fix for windows
  • 91f943b Merge pull request #130 from shubham-stepsecurity/sm/fix-npm-launchagent-path
  • 83851ef chore(rc-config): enable npm, pip rc config scan
  • 8734ee2 fix(executor): ensure proper shell quoting for commands and arguments in RunAsUser
  • fb62468 fix(scan): resolve package managers under the LaunchAgent's stripped PATH
  • 745ef4d Merge pull request #129 from swarit-stepsecurity/swarit/fix/empty-payload
  • 0bcaa64 chore: address comments
  • 0044393 fix(windows): handle empty payloads when npn is not present
  • 58b0230 fix(launchd): surface bootstrap/bootout failures instead of swallowing them
  • 432bc2f chore(mdm): use launchctl bootstrap/bootout instead of load/unload
  • a8aef8f fix(brew): synthesize raw scan output from rich data

v1.11.7

Choose a tag to compare

@github-actions github-actions released this 01 Jun 08:42
Immutable release. Only release title and notes can be modified.
7b56315

Changelog

  • 7b56315 Merge pull request #126 from swarit-stepsecurity/swarit/fix/sccm-first-run
  • c229a9e Merge branch 'main' into swarit/fix/sccm-first-run
  • aadd5d1 Merge pull request #127 from ashishkurmi/main
  • 689d277 chore(release): update to 1.11.7
  • 3abab4d fix(windows): force first run as /ru interactive
  • 2ee3faa Merge pull request #123 from shubham-stepsecurity/sm/fix
  • eb61ae3 Merge branch 'main' into sm/fix
  • db2b2bc fix(telemetry): capture log tail through upload
  • 4adfd33 Merge pull request #125 from swarit-stepsecurity/swarit/fix/normalize-api-endpoint
  • 838527d Merge branch 'main' into swarit/fix/normalize-api-endpoint
  • 796a917 Merge branch 'main' into sm/fix
  • 50b4796 fix(config): normalize api_endpoint to strip trailing slashes
  • 35d0efa fix: ci test
  • a583b8a Merge pull request #124 from ashishkurmi/verify-release-workflow
  • a0af587 Merge branch 'main' into verify-release-workflow
  • d40b3a7 Merge pull request #121 from raysubham/ci/intunewin-release-artifact
  • 48518c1 feat(telemetry): bound scans with deadlines, ship log tail in heartbeat
  • bc866e2 fix: deliver execution-watchdog limit via config.json
  • 3cc7672 ci: pack .intunewin via install.cmd wrapper, not the raw MSI
  • 64e93c4 fix: detect Antigravity
  • 588c8e0 docs: soften Intune guide reference to plain prose
  • 59f76bc ci: add Verify Release workflow to gate release artifacts
  • c0b73b9 fix: harden macOS scans against IDE pop-ups and stuck processes
  • d1c7fd4 ci: build signed .intunewin release artifact + registry version marker
  • a44a190 Merge pull request #120 from raysubham/worktree-rename-api-endpoint
  • e085bbf Merge branch 'main' into worktree-rename-api-endpoint
  • 338fb9c Merge branch 'main' into worktree-rename-api-endpoint
  • 3a604bc docs: update SCCM API endpoint to agent.api.stepsecurity.io

v1.11.6

Choose a tag to compare

@github-actions github-actions released this 27 May 22:29
Immutable release. Only release title and notes can be modified.
fa5d3d2

Changelog

  • fa5d3d2 Merge pull request #118 from shubham-stepsecurity/sm/fix
  • b6f1379 Merge branch 'main' into sm/fix
  • b07fc1d Merge pull request #119 from step-security/akurmi/chore/mdm-skip-library-wholesale
  • b0bb6c4 Merge branch 'main' into sm/fix
  • fc007a6 Merge branch 'main' into akurmi/chore/mdm-skip-library-wholesale
  • 4b0fa4e chore(release): update to 1.11.6
  • bfcc747 fix(pipconfig): guard pip detection from triggering CLT install dialog
  • d0edb58 Merge pull request #117 from step-security/akurmi/chore/mdm-skip-library-wholesale
  • c505c8c chore(mdm): skip ~/Library wholesale to fix Tahoe Media Library prompt

v1.11.5

Choose a tag to compare

@github-actions github-actions released this 27 May 20:09
Immutable release. Only release title and notes can be modified.
4e332cd

Changelog

  • 4e332cd Merge pull request #115 from swarit-stepsecurity/swarit/chore/up-ver-1.11.5
  • 2ec0cd5 Merge branch 'main' into swarit/chore/up-ver-1.11.5
  • 6ed54f0 chore(release): update to 1.11.5
  • 2c625d3 Merge pull request #113 from swarit-stepsecurity/swarit/chore/launcher-exec-mode
  • eee8652 Merge branch 'main' into swarit/chore/launcher-exec-mode
  • e3615d5 Merge pull request #114 from shubham-stepsecurity/sm/test
  • f1c82f3 chore(mdm): expand TCC skip to cover Photos, Media Library, App Management
  • 5f0c4f9 chore(mdm): address review comments on macos-tcc-permissions doc
  • 193bbe4 chore(mdm): always-skip TCC by default + add PPPC config guide
  • 4f2f6c3 fix(launcher): preserve legacy exit-1-silent on default-mode failure
  • faab363 feat(windows): add --exec mode to GUI launcher

v1.11.4

Choose a tag to compare

@github-actions github-actions released this 26 May 16:29
Immutable release. Only release title and notes can be modified.
3f3f74a

Changelog

  • 3f3f74a Merge pull request #108 from shubham-stepsecurity/sm/test
  • a5359b0 Merge branch 'main' into sm/test
  • dcd8cc2 Merge pull request #109 from shubham-stepsecurity/sm/update
  • a13a7ad Merge branch 'main' into sm/update
  • bd071a1 fix(install-dir): reject empty --install-dir for install/uninstall
  • 1580fa1 Merge pull request #111 from swarit-stepsecurity/swarit/chore/up-ver-1.11.4
  • a0e3be1 Merge branch 'main' into swarit/chore/up-ver-1.11.4
  • 9d0352d Merge pull request #112 from raysubham/subham/feat/msi-verify-script
  • 7d487a3 scripts: add verify-msi.ps1 for client-side MSI integrity check
  • e2a9209 chore(release): update to 1.11.4
  • a719820 Merge pull request #97 from step-security/chore/GHA-212138-stepsecurity-remediation
  • 40d782c chore(mdm): scope TCC skip to launchd, tighten prefix, dedupe helpers
  • 839eb63 Merge branch 'main' into chore/GHA-212138-stepsecurity-remediation
  • 392a3be fix(install-dir): make config field authoritative
  • 8b0fdfe chore(mdm): log TCC skip hits encountered during walks
  • 9351328 chore(mdm): skip macOS TCC-protected directories
  • 1d3775e Merge pull request #107 from ashishkurmi/main
  • 6a03fb4 ci: Authenticode-sign Windows binaries and MSIs via Azure Trusted Signing
  • 8b92fa1 Merge pull request #106 from swarit-stepsecurity/swarit/chore/gate-features
  • 11d6e9d Merge branch 'main' into swarit/chore/gate-features
  • be0b7d3 chore: add feature gate to disable/enable features
  • a518d6b Merge pull request #105 from ashishkurmi/main
  • 81b876c ci: add workflow to build test binaries and MSIs on demand
  • 85f35b8 Merge pull request #104 from ashishkurmi/swarit/fix/windows
  • 94624db fix(windows): stop console window flashes during scheduled scans
  • 0e007ef Merge pull request #99 from shubham-stepsecurity/sm/fix
  • 11e2f91 Merge branch 'main' into sm/fix
  • 567a4a3 Merge pull request #86 from shubham-stepsecurity/sm/update
  • 7915016 Merge branch 'main' into sm/update
  • 078df68 fix(telemetry): sandbox invocation test + make postPhase non-blocking
  • 5a83651 fix(paths): canonicalise $HOME/~ expansion via filepath.Join
  • dda8d0a fix(paths): add support for expanding $HOME
  • 80526e0 chore(telemetry): track upload phase + per-phase sub-progress
  • c666b5c [StepSecurity] Apply security best practices
  • a24d4cf chore(info): Adding invocation_method and in-flight status_info

v1.11.3

Choose a tag to compare

@github-actions github-actions released this 22 May 06:51
Immutable release. Only release title and notes can be modified.
cb9abe5

Changelog

  • cb9abe5 Merge pull request #95 from ashishkurmi/ak/chore/up-ver-1.11.3
  • 9ebba3a Merge branch 'main' into ak/chore/up-ver-1.11.3
  • 3a190b3 chore(release): bump version constant to 1.11.3
  • ab88e52 Merge pull request #94 from ashishkurmi/ak/chore/up-ver-1.11.3
  • cb62715 Merge branch 'main' into ak/chore/up-ver-1.11.3
  • 72e9083 chore(release): update to v1.11.3
  • 91a1b2b Merge pull request #88 from shubham-stepsecurity/sm/feat/add-support
  • a839a7b feat(mdm): configurable install dir + persistent stderr logs
  • 6dec9e3 Merge pull request #93 from swarit-stepsecurity/swarit/chore/up-ver-1.11.2
  • 4d6bc03 Merge branch 'main' into swarit/chore/up-ver-1.11.2
  • 873641a Merge pull request #92 from swarit-stepsecurity/swarit/feat/msi-integration
  • 4c368c9 chore(release): update to v1.11.2
  • 785d6b8 address remaining Copilot review comments on PR #92
  • 40ca150 docs: tighten MSI deployment + packaging guides
  • 5e82728 ci(msi-smoke): explicit exit 0 after uninstall cleanup checks
  • b334bb6 ci: add MSI build/install/verify/uninstall smoke test on every PR
  • fe8f42c ci: go fmt
  • 860c018 address PR #92 review comments from Copilot
  • 16f869a feat(install): add --ignore-telemetry-error opt-in for MSI/SCCM
  • 900e7af fix(msi): use WixQuietExec from WixToolset.Util.wixext
  • c5143c8 fix(msi): switch to Property-attribute custom actions (MSI Type 50)
  • ea55aae fix(msi): bake [INSTALLFOLDER] into ExeCommand literally
  • 9a3a90b fix(msi): switch custom actions to deferred + SetProperty CustomActionData pattern
  • 1235415 ci: build MSIs on windows-latest (WiX 4 has Linux path-parsing bug)
  • 343faf0 chore: bump version for MSI release pipeline test on fork
  • 3e119c3 feat(windows): integrate msi based releases
  • 09dc2a2 Merge pull request #91 from swarit-stepsecurity/swarit/fix/windows-sys-schedule
  • 10f2422 fix(windows): grant Users modify ACL on ProgramData log dir; correct comment
  • bb6266e Merge branch 'main' into swarit/fix/windows-sys-schedule
  • c8b6d63 fix(windows): run scheduled task as logged-in user via /ru INTERACTIVE
  • 30ed51d Merge pull request #82 from Prateek-stepsecurity/pn/fix/pnpm
  • 35d905d fallback logic
  • ce70bf6 fix(pnpm): resolve v11 global-scan regression
  • 6b34f69 Merge pull request #74 from swarit-stepsecurity/swarit/feat/wt/ai-hooks-integration
  • e2ccb01 Merge branch 'main' into swarit/feat/wt/ai-hooks-integration
  • 19b4cb1 Merge pull request #70 from swarit-stepsecurity/swarit/fix/detect-intercepted-uploads
  • 1ed02f2 feat(aiagents): poll backend for hook enable/disable state
  • ce956bb Merge branch 'main' into swarit/fix/detect-intercepted-uploads
  • 79cb3e4 Merge pull request #69 from swarit-stepsecurity/swarit/feat/wt/rc-info-npm-pip
  • 80be25d Merge branch 'main' into swarit/fix/detect-intercepted-uploads
  • 85ff613 chore(ci): fix lint (gofmt) and gosec findings
  • cf73af5 Merge remote-tracking branch 'upstream/main' into swarit/feat/wt/rc-info-npm-pip
  • e953fc2 Merge pull request #76 from shubham-stepsecurity/sm/update
  • f915375 Merge branch 'main' into sm/update
  • b6cd689 Merge pull request #68 from swarit-stepsecurity/swarit/feat/wt/machine-resource-info
  • 1078555 Merge remote-tracking branch 'upstream/main' into swarit/feat/wt/machine-resource-info
  • 554ce60 chore: address gosec int64->uint64 conversion warning
  • c587219 Merge branch 'main' into sm/update
  • f60b436 Merge pull request #77 from raysubham/fix/windows-hook-bash-path
  • e118b2b Merge branch 'main' into fix/windows-hook-bash-path
  • 9e5ab15 Merge pull request #65 from swarit-stepsecurity/swarit/fix/issue-62-63
  • 27c08f8 fix(aiagents): write Windows hook command with forward-slash path
  • a73c77d chore: gofmt blank-line and comment formatting
  • 670b67c chore: address comments
  • c805d0f feat(device): collect static machine resource info
  • 98b42c4 fix(pnpm): resolve v11 global-scan regression
  • ab70514 chore: gofmt struct alignment in telemetry payload
  • 30b0e7c chore: address comments
  • 4e76bb9 fix(linux/mac): lock contention race and console user edge case
  • b71addd Merge pull request #75 from swarit-stepsecurity/swarit/chore/go-quality-checks-and-badges
  • dc85270 Merge branch 'main' into swarit/chore/go-quality-checks-and-badges
  • 217e00f Merge pull request #73 from raysubham/fix/claude-hooks-windows-idempotency
  • d4f0ab5 ci: add gosec SAST workflow + README badge
  • abb5b7e ci: add vet/fmt/tidy + cross-platform build; refresh README badges
  • 4b6988d chore: apply gofmt across the tree
  • 3378ca3 test(cli): cover --npmrc + --pipconfig mutual exclusion
  • 7974381 chore: address comments
  • 16d58c3 chore: address comments
  • 66851e2 fix: handle Windows Codex hook paths
  • 15b7cdc fix: handle Windows Claude hook paths
  • 33b752f Merge pull request #61 from raysubham/feat/ai-agents-hook-events
  • 0c965b3 Merge branch 'main' into feat/ai-agents-hook-events
  • ef036bb Merge pull request #71 from shubham-stepsecurity/sm/fix
  • 20bb53b fix: improve comments for Apple CLT stub detection and mock behavior
  • f30602f fix: add support for detecting Apple Command Line Tools stubs in executors and detectors
  • 7e2eadf Merge branch 'main' into swarit/feat/wt/rc-info-npm-pip
  • 7e6c38f fix(telemetry): detect intercepted uploads on client side
  • ad93d7e Merge remote-tracking branch 'upstream/main' into feat/ai-agents-hook-events
  • e295fb8 feat: update events schema
  • 8a66361 feat: improve redaction check
  • 5227516 fix(pipconfig): handle pip 24.x effective output with no 'from ' suffix
  • 006bdb6 test(configaudit): add tests/test_rc_audit.sh end-to-end harness
  • 4dd1117 fix(pipconfig): redact effective.config + legacy-path detection by suffix
  • 1aa1466 refactor(configaudit): split rc/pip audits into internal/detector/configaudit
  • 18e6959 feat(pipconfig): surface inventory + finding catalog for pip configuration
  • 41e17d7 feat(npmrc): surface inventory of every .npmrc on the host
  • 35fcd13 feat: implement backup pruning logic
  • 58f2635 chore: update backup file format
  • 104af85 remove tests
  • d25a3a9 update code comments
  • bfc4c3e feat: phase 4
  • b4afbe4 feat: phase 3
  • 38fe9a8 feat: phase 2
  • 902fad9 feat: phase 1

v1.11.1

Choose a tag to compare

@github-actions github-actions released this 11 May 05:13
Immutable release. Only release title and notes can be modified.
56cd419

Changelog

  • 56cd419 Merge pull request #60 from swarit-stepsecurity/swarit/chore/up-ver-1.11.1
  • c139c9a chore(release): update to v1.11.1
  • 341b3ba Merge pull request #59 from swarit-stepsecurity/swarit/fix/agent-path
  • 6184dd3 Merge branch 'main' into swarit/fix/agent-path
  • f5d1983 Merge pull request #54 from swarit-stepsecurity/swarit/chore/update-docs-coverage
  • da4ae52 fix(windows): relative path detection
  • 0971d28 fix(detection): ide symlinked path detection
  • c642ec9 Merge branch 'main' into swarit/chore/update-docs-coverage
  • 33749f8 Merge pull request #56 from swarit-stepsecurity/swarit/chore/add-extensions-path
  • b5dcc16 chore(ide): add extensions path
  • 3604d3d merge: resolve SCAN_COVERAGE.md conflicts with upstream/main
  • 1bf1e5c docs: complete cross-platform coverage and add missing scan categories
  • 3c3d258 docs: update documentation to reflect cross-platform support and current codebase

v1.11.0

Choose a tag to compare

@github-actions github-actions released this 29 Apr 22:18
Immutable release. Only release title and notes can be modified.
d0db5b4

Changelog

  • d0db5b4 Merge pull request #53 from ashishkurmi/sm/bump-1.11.0
  • 150095d chore(release): bump version to 1.11.0 and update changelog
  • 504b3f8 Merge pull request #51 from shubham-stepsecurity/sm/update
  • aefac7d Merge branch 'main' into sm/update
  • f8a08fc feat(aicli): add detection for Cursor Agent CLI and update documentation
  • 325669c Merge pull request #50 from swarit-stepsecurity/swarit/fix/release-workflow
  • 14ad84c fix(release): fix linux release workflow issues
  • cfe51c8 Merge pull request #45 from swarit-stepsecurity/swarit/chore/linux-bin-release
  • d9cf596 Merge branch 'main' into swarit/chore/linux-bin-release
  • cbf40f9 Merge pull request #43 from swarit-stepsecurity/swarit/feat/sys-pkg-metadata
  • 56b84b5 chore: address copilot reviews
  • 02186f4 chore(linux): add packaged releases
  • f6e6b55 chore(brew): add cask and formulae metadata collection
  • fa0fc4f chore(macos): add brew pkg metadata
  • d47f9ae chore: add security context for pkgs
  • f8329bc chore(linux): add sys pkgs metadata
  • 06ee45b Merge pull request #48 from shubham-stepsecurity/sm/feat/migrate
  • 7e916d5 Merge branch 'main' into sm/feat/migrate
  • b9b178e Merge pull request #44 from shubham-stepsecurity/sm/fix
  • 62ecf52 fix(aicli): improve detection logic for GitHub Copilot CLI by rejecting non-zero exit codes
  • 3803cc4 fix(aicli): handle detection for GitHub Copilot CLI version
  • c740fec fix(python): update virtual environment paths and enhance project detection for venvs without pip
  • e4ddcfa fix(python): improve Python project detection logic
  • a4b4251 Merge pull request #39 from shubham-stepsecurity/sm/feat/add-support
  • 70aecdd refactor(tests): improve assert_contains function to avoid SIGPIPE errors & update logging
  • d4f9cc4 chore(telemetry): replace custom UUID generation with google/uuid dependency
  • 4eafe9d feat(mdm): add telemetry run status reporting
  • 0fba903 Merge pull request #38 from shubham-stepsecurity/sm/update
  • aaae474 fix: update logger level to info in S3 upload test
  • 35be6e2 refactor: remove gzip compression from stdout/stderr and update telemetry upload to use gzip compression
  • 642891b feat: add gzip compression for stdout/stderr output and corresponding tests
  • 22f15ad Merge pull request #47 from swarit-stepsecurity/swarit/chore/remove-shell-script
  • 4fd3f86 Merge branch 'main' into swarit/chore/remove-shell-script
  • 88b65f8 Merge pull request #37 from shubham-stepsecurity/sm/feat/config
  • 63c3e2b Merge branch 'main' into sm/feat/config
  • ce3a1ef chore: remove shell script references
  • cee172a chore(dmg): remove shell script
  • 21cb7cf Merge pull request #42 from swarit-stepsecurity/swarit/feat/linux-pkgs-support
  • 6aa92ff chore(linux): wire up sys package support
  • e5c3c65 feat: implement log level configuration and enhance logging throughout the application
  • 201fb79 Merge pull request #36 from swarit-stepsecurity/swarit/feat/linux-support
  • 8055c59 fix: address Copilot PR review feedback
  • b2593a0 ci: retrigger checks
  • 7a96bcf chore: go lint
  • 22bec63 feat(linux): add support for snap and flatpak pkgs
  • ce74969 feat(linux): add rpm package support
  • 53c706a feat(linux): add jetbrains support
  • 4b9882f fix: use bios serial number
  • 0f76d54 chore: performance improvements
  • ffb44e1 feat(linux): add sysd scheduling
  • dfdc2aa feat: add linux support

v1.10.2

Choose a tag to compare

@github-actions github-actions released this 22 Apr 08:40
Immutable release. Only release title and notes can be modified.
94231e6

Changelog

  • 94231e6 Merge pull request #35 from shubham-stepsecurity/sm/update
  • 3896161 feat: default quiet=false, raise S3 upload timeout to 10m, gofmt cleanup
  • 3d8003c Merge pull request #33 from swarit-stepsecurity/swarit/chore/up-ver-1.10.2
  • bf92e4e chore: update changelog
  • b35b044 chore(release): bump version to 1.10.2
  • 8a029a0 Merge pull request #32 from swarit-stepsecurity/swarit/feat/windows-eclipse-plugins
  • 79b1250 fix: address Copilot review comments on PR #32
  • 5891fc7 fix(lint): remove unused eclipseExePatterns and resolveEclipseFeatureDirs
  • ed292a6 feat(windows): eclipse plugin detection
  • 6f3a22b fix: scope bundled plugin filter to Windows only
  • 3cb22fd feat: filter bundled plugins by default, add --include-bundled-plugins flag
  • 46ef8f5 feat(eclipse): use p2 director API for authoritative marketplace plugin detection
  • eb751bb fix(eclipse): expand bundled prefix list to accurately identify marketplace plugins
  • 9165fda feat(windows): robust multi-stage Eclipse plugin detection
  • 16c90a1 fix(windows): Eclipse plugin detection uses detected IDE install paths
  • 3429665 fix(windows): add Windows Eclipse plugin detection paths