v1.1.3

Cumulative update with a bunch of improvements

• Reduced false positive rate with 'key-value' pairs
• More variable suppression rules for Golang

Full Changelog: v1.1.2...v1.1.3

v1.1.2

Fix extreme false positive rate in specific swift constructions

Full Changelog: v1.1.1...v1.12

v1.1.1

Bugfix

v1.1.0

What's Changed

New CLI flags

• --reflect-findings-in-return-code: the tool will finish with a return code of 66 if any findings detected (#2)
• --process-count: number of processes in a pool for file analysis (one process per file).
  Default: number of processor cores of your machine or a cpu limit of your container (via cgroup).
  Fallback value: 4.

Lexing and variable detection

• New 'Variable Suppression Rules' functionality: useful when you need to ignore variables found inside specific code zones.
  Usecase: react-specific html tags with 'key' attributes.
• Improved language and format guessing, including extension-less files. Still not ideal but way better than before, eq. now we are able to distinguish plain js file from js file with jsx.
• Support for lexers not included in pygments (like jsx-lexer)

Bugfixes

• Custom file exclusion rules now work properly (thanks @petskratt for reporting the bug)

Full Changelog: v1.0.6...v1.1.0

v1.0.6

• Bugfix in variable detection pipeline

v1.0.5

• Improvements for "dangerous variable detection"
• "Suspicious password declaration" for unlexable files now works better
• Workarounds for bugs in Bash lexer in Pygments, fix for curl -u case when a password is a variable

v1.0.4

Small fixes

v1.0.3

Initial release