chore: Bump version to 0.7.0

Version updates: - README.md badge: 0.6.0 → 0.7.0 - cli/pyproject.toml: 0.6.0 → 0.7.0 - backend/pyproject.toml: 0.6.0 → 0.7.0 - sdk/pyproject.toml: 0.6.0 → 0.7.0 - ai/pyproject.toml: 0.6.0 → 0.7.0 Add CHANGELOG.md with comprehensive release notes for 0.7.0: - Secret detection workflows (gitleaks, trufflehog, llm_secret_detection) - AI module and agent integration - Temporal migration completion - CI/CD integration - Documentation updates - Bug fixes and improvements Update llm_analysis default model to gpt-5-mini
2026-02-12 17:12:46 +00:00 · 2025-10-16 12:23:56 +02:00
parent 8063f03d87
commit 746699e7c0
7 changed files with 91 additions and 6 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,85 @@
+# Changelog
+
+All notable changes to FuzzForge will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.7.0] - 2025-01-16
+
+### 🎯 Major Features
+
+#### Secret Detection Workflows
+- **Added three secret detection workflows**:
+  - `gitleaks_detection` - Pattern-based secret scanning
+  - `trufflehog_detection` - Entropy-based secret detection with verification
+  - `llm_secret_detection` - AI-powered semantic secret detection using LLMs
+- **Comprehensive benchmarking infrastructure**:
+  - 32-secret ground truth dataset for precision/recall testing
+  - Difficulty levels: 12 Easy, 10 Medium, 10 Hard secrets
+  - SARIF-formatted output for all workflows
+  - Achieved 100% recall with LLM-based detection on benchmark dataset
+
+#### AI Module & Agent Integration
+- Added A2A (Agent-to-Agent) wrapper for multi-agent orchestration
+- Task agent implementation with Google ADK
+- LLM analysis workflow for code security analysis
+- Reactivated AI agent command (`ff ai agent`)
+
+#### Temporal Migration Complete
+- Fully migrated from Prefect to Temporal for workflow orchestration
+- MinIO storage for unified file handling (replaces volume mounts)
+- Vertical workers with pre-built security toolchains
+- Improved worker lifecycle management
+
+#### CI/CD Integration
+- Ephemeral deployment model for testing
+- Automated workflow validation in CI pipeline
+
+### ✨ Enhancements
+
+#### Documentation
+- Updated README for Temporal + MinIO architecture
+- Removed obsolete `volume_mode` references across all documentation
+- Added `.env` configuration guide for AI agent API keys
+- Fixed worker startup instructions with correct service names
+- Updated docker compose commands to modern syntax
+
+#### Worker Management
+- Added `worker_service` field to API responses for correct service naming
+- Improved error messages with actionable manual start commands
+- Fixed default parameters for gitleaks (now uses `no_git=True` by default)
+
+### 🐛 Bug Fixes
+
+- Fixed gitleaks workflow failing on uploaded directories without Git history
+- Fixed worker startup command suggestions (now uses `docker compose up -d` with service names)
+- Fixed missing `cognify_text` method in CogneeProjectIntegration
+
+### 🔧 Technical Changes
+
+- Updated all package versions to 0.7.0
+- Improved SARIF output formatting for secret detection workflows
+- Enhanced benchmark validation with ground truth JSON
+- Better integration between CLI and backend for worker management
+
+### 📝 Test Projects
+
+- Added `secret_detection_benchmark` with 32 documented secrets
+- Ground truth JSON for automated precision/recall calculations
+- Updated `vulnerable_app` for comprehensive security testing
+
+---
+
+## [0.6.0] - 2024-12-XX
+
+### Features
+- Initial Temporal migration
+- Fuzzing workflows (Atheris, Cargo, OSS-Fuzz)
+- Security assessment workflow
+- Basic CLI commands
+
+---
+
+[0.7.0]: https://github.com/FuzzingLabs/fuzzforge_ai/compare/v0.6.0...v0.7.0
+[0.6.0]: https://github.com/FuzzingLabs/fuzzforge_ai/releases/tag/v0.6.0
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@
  <a href="LICENSE"><img src="https://img.shields.io/badge/license-BSL%20%2B%20Apache-orange" alt="License: BSL + Apache"></a>
  <a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.11%2B-blue" alt="Python 3.11+"/></a>
  <a href="https://fuzzforge.ai"><img src="https://img.shields.io/badge/Website-fuzzforge.ai-blue" alt="Website"/></a>
-  <img src="https://img.shields.io/badge/version-0.6.0-green" alt="Version">
+  <img src="https://img.shields.io/badge/version-0.7.0-green" alt="Version">
  <a href="https://github.com/FuzzingLabs/fuzzforge_ai/stargazers"><img src="https://img.shields.io/github/stars/FuzzingLabs/fuzzforge_ai?style=social" alt="GitHub Stars"></a>
  
 </p>
--- a/ai/pyproject.toml
+++ b/ai/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "fuzzforge-ai"
-version = "0.6.0"
+version = "0.7.0"
 description = "FuzzForge AI orchestration module"
 readme = "README.md"
 requires-python = ">=3.11"
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "backend"
-version = "0.6.0"
+version = "0.7.0"
 description = "FuzzForge OSS backend"
 authors = []
 readme = "README.md"
--- a/backend/toolbox/workflows/llm_analysis/metadata.yaml
+++ b/backend/toolbox/workflows/llm_analysis/metadata.yaml
@@ -15,7 +15,7 @@ workspace_isolation: "shared"

 default_parameters:
  agent_url: "http://fuzzforge-task-agent:8000/a2a/litellm_agent"
-  llm_model: "gpt-4o-mini"
+  llm_model: "gpt-5-mini"
  llm_provider: "openai"
  max_files: 5

--- a/cli/pyproject.toml
+++ b/cli/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "fuzzforge-cli"
-version = "0.6.0"
+version = "0.7.0"
 description = "FuzzForge CLI - Command-line interface for FuzzForge security testing platform"
 readme = "README.md"
 authors = [
--- a/sdk/pyproject.toml
+++ b/sdk/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "fuzzforge-sdk"
-version = "0.6.0"
+version = "0.7.0"
 description = "Python SDK for FuzzForge security testing workflow orchestration platform"
 readme = "README.md"
 authors = [