Skip to content

Releases: ParzivalHack/PySpector

v0.2.0-beta

v0.2.0-beta Pre-release
Pre-release

Choose a tag to compare

@ParzivalHack ParzivalHack released this 07 Jun 14:32

What's Changed

  • Added a quiet mode (enabled by default) that prevents DEBUG statements from being printed on console during scans, to improve console output visibility, and introduced a new --debug flag, to turn them back on when needed

  • Added 24 new detectors for common creential formats (AWS, GitHub, GitLab,
    Slack, Stripe, Google, OpenAI, Anthropic/Claude, SendGrid, PostHog, NPM,
    PyPI, Discord, Telegram, DigitalOcean, Doppler, Cloudflare, Heroku,
    HubSpot, Fastly...), and tightened False Positives suppression (reducing FP by another 76%)

  • Added per-rule CWE fields and CWE-aware cross-rules deduplication, to give priority, in case of 2 distinct vulnerability classes being detected on the same line of code, to the CWE with the highest severity

  • Added new AI rules, tailored specifically to detect dangerous LLM product vulnerabilities (like, Hugging Face model loading leading to RCE, just to name one)

  • Added incremental AST cache to reduce the workload of AstEncoder, which also increased PySpector's scanning speed by 41.9%

  • Introduced a new "watch" command, that monitors in real time a local codebase, scanning only python code changes, and reporting any newly introduced vulnerability, giving CD pipelines and developers a new feature to develop securely while reducing the probability of vulnerable code being pushed and/or deployed

  • Improved the --help flag, which now lists all of PySpector's flags and commands, with also improved descriptions

  • Added new unit tests and improved already existing ones

  • Added significant docs updates all across the project

New Contributors

Full Changelog: v0.1.9-beta...v0.2.0-beta

v0.1.9-beta

v0.1.9-beta Pre-release
Pre-release

Choose a tag to compare

@ParzivalHack ParzivalHack released this 15 May 15:04
f25692d

What's Changed

This is the biggest and most important PySpector release so far, as we introduced:

  • A new modern and advanced pre-commit hook
  • A new --stats flag that shows a bunch of useful performance metrics and scan info, in a structured ASCII table
  • Automatic exclusion from scan of unittests, tests, and examples directories
  • As well as a complete refactor and improvement of the whole Rust Core (and more specifically, of the Taint Analysis Engine), which reduced False Positives by 98%, while increasing by 5x scan speed, especially on huge monorepos (500k+ LoC)
  • plus some minor bug fixes

Full Changelog: v0.1.8-beta...v0.1.9-beta

v0.1.8-beta

v0.1.8-beta Pre-release
Pre-release

Choose a tag to compare

@ParzivalHack ParzivalHack released this 14 Apr 23:15

What's Changed

Fixed a vulnerability leading to arbitrary code execution via plugin bypass, adjusted docs, fixed a bug preventing the generation of html reports, and 2 other bugs preventing the --wizard and --supply-chain flag from working properly, expanded error messages during AST file parsing and added a new cli flag to enable python SyntaxWarning, and last we (finally) expanded support for Python up to the latest v3.14

Full Changelog: v0.1.7-beta...v0.1.8-beta

v0.1.7-beta

v0.1.7-beta Pre-release
Pre-release

Choose a tag to compare

@ParzivalHack ParzivalHack released this 17 Mar 13:46

Patches for 2 major vulnerabilities + minor docs updates and bug fixes

Full Changelog: v0.1.6-beta...v0.1.7-beta

v0.1.6-beta: Fixed some major and minor bugs, improved docs, added new --supply-chain flag

Choose a tag to compare

@ParzivalHack ParzivalHack released this 11 Feb 15:31

What's Changed

  • Improved error handling for scan engine failures by @bhanupratapvk06 in #30
  • Added reporting.py unit test v1 by @f4berack in #31
  • Replace oversized int literals with 0 to avoid json.dumps 4300-digit conversion limit by @satoridev01 in #35
  • Fix panic on non-UTF-8 file paths in analysis walker by @satoridev01 in #34
  • Use relative paths instead of absolute paths by @satoridev01 in #33

Full Changelog: v0.1.5-beta...v0.1.6-beta

v0.1.5-beta: Inter-Procedural Taint Analysis & Graph-Based Engine Upgrade

Choose a tag to compare

@ParzivalHack ParzivalHack released this 25 Jan 16:32

What's New in v0.1.5

This release introduces a fundamental architectural shift in PySpector's core analysis engine, moving from local AST matching to project-wide graph-based tracking (finally, i would say lol)

Core Engine Upgrades

  • Inter-Procedural Analysis: Track tainted data as it moves across function boundaries using global fixed-point iteration.
  • Flow-Sensitive CFG: A brand new Control Flow Graph (CFG) engine ensures PySpector understands the execution order, significantly reducing false positives.
  • Function Summaries: Introduced context-sensitive mapping to track how specific parameters flow into return values.

Bug Fixes

  • Resolved a critical error in the Call Graph builder where function definitions were misidentified.
  • Fixed edge-case handling in the Rust core during complex branch merging.

Documentation

  • README updated with deep-dives into the new engine architecture and inter-procedural examples.

Full Changelog: v0.1.4-beta-hotfix...v0.1.5-beta

Hotfix: Fixed bug preventing SARIF reports from being created, fixed versioning throughout the codebase to reflect the current version, added stupid ass jokes cause if i'm already crying for my code, a laugh helps out

Choose a tag to compare

@ParzivalHack ParzivalHack released this 11 Jan 17:35

Hotfix: Fixed bug preventing SARIF reports from being created, fixed versioning throughout the codebase to reflect the current version, added stupid ass jokes cause if i'm already crying for my code, a laugh helps out
Full Changelog: v0.1.4-beta...v0.1.4-beta-hotfix

v0.1.4-beta: Minor improvements, a couple of bug fixes and a major website update with also a new design

Choose a tag to compare

@ParzivalHack ParzivalHack released this 10 Jan 10:49

Minor improvements, a couple of bug fixes and a major website update with also a new design.
Full Changelog: v0.1.3-beta...v0.1.4-beta

v0.1.3-beta: Major Bux Fixes, added plugin system to allow the creation of community plugins that go together with PySpector, added an AI exploit generator plugin for PySpector, updated docs

Choose a tag to compare

@ParzivalHack ParzivalHack released this 29 Oct 12:29

Major Bux Fixes, added plugin system to allow the creation of community plugins that go together with PySpector, added an AI exploit generator plugin for PySpector, updated docs.
Full Changelog: v0.1.3-beta...v0.1.3-beta

v0.1.2-beta: Major Bug fix in AST Analysis, minor documentation and rules enhancements

Choose a tag to compare

@ParzivalHack ParzivalHack released this 30 Sep 12:09

Major Bug fix in AST Analysis, minor documentation and rules enhancements
Full Changelog: v0.1.1-beta...v0.1.2-beta