0.3.5

• Manifest Analysis Code QA
• Added new rules strandhogg1.0, strandhogg2.0, AppLink assetlinks.json check, improved minsdk support check
• Bump dependencies

0.3.4

• Huge Performance Improvement from libsast bump

Full Changelog: 0.3.3...0.3.4

0.3.3

• Semgrep and libsast Bump

0.3.2

• iOS Objective C Biometric rule update
• iOS Swift Biometric rule description change.

0.3.1

• Add pre-scan suppression support for android manifest files by:
  • Filename
  • Pathname
• Handle None form user supplied config

0.3.0

• IOS Swift Rules updates
  • Updated or added rules
    • ios_biometric_bool
    • ios_biometric_acl
    • ios_keychain_weak_acl_device_passcode
    • ios_keychain_weak_accessibility_value
    • ios_insecure_random_no_generator
• Regex Hardening: Fixes possible Regex DoS
• Add support for --type android|ios|auto for explicitly forcing a rule set on source directory.

0.2.0

• Added support for parsing xml file
• Added Android Manifest security checks (excluding exported checks for components)
• Added Android Network Security Config checks

0.1.3

• Add a --no-fail option to force zero exit status code.

0.1.2

• Bug Fixes
• SARIF to display CWE on Github Advanced Security dashboard
• Code QA

0.1.1

• Semgrep and libsast update + bug fixes
• Drop python support for 3.6
• Works on M1 Mac ARM