a8ab9d8b1c
fix: handle Esc cancellation in Bedrock setup flow
...
Replace p.group() with individual prompts and per-field cancel checks,
matching the pattern used by all other provider setup flows.
2026-03-18 15:58:45 +05:30
ade31455b7
fix: pin pnpm to 10.12.1 in Dockerfile for catalog support
2026-03-18 15:58:45 +05:30
53b4c6b83f
fix: resolve all biome warnings and formatting issues
...
- Remove unnecessary non-null assertions where values are guaranteed
- Replace array index access with .at() for safer element retrieval
- Use local variables to avoid repeated process.env lookups
- Replace any types with unknown in functional utilities
- Use nullish coalescing for TOTP hash byte access
- Auto-format security patches to match biome config
2026-03-18 15:58:45 +05:30
181f24cfcc
refactor: migrate to Turborepo + pnpm + Biome monorepo
...
Restructure into apps/worker, apps/cli, packages/mcp-server with
Turborepo task orchestration, pnpm workspaces, Biome linting/formatting,
and tsdown CLI bundling.
Key changes:
- src/ -> apps/worker/src/, cli/ -> apps/cli/, mcp-server/ -> packages/mcp-server/
- prompts/ and configs/ moved into apps/worker/
- npm replaced with pnpm, package-lock.json replaced with pnpm-lock.yaml
- Dockerfile updated for pnpm-based builds
- CLI logs command rewritten with chokidar for cross-platform reliability
- Router health checking added for auto-detected router mode
- Centralized path resolution via apps/worker/src/paths.ts
2026-03-18 15:58:45 +05:30
9b1abd9ec0
feat: integrate npx CLI, CI/CD, and ephemeral worker architecture
...
Bring in changes from shannon-npx: npx-distributable CLI package (cli/),
semantic-release CI/CD workflows, ephemeral per-scan worker containers,
TOML config support, setup wizard, and workspace management.
Preserves all shannon-only changes: security hardening (localhost-bound
ports, MCP env allowlist, path traversal guard), updated benchmarks
(XBEN 19/31/35/44), README assets, and prompt injection disclaimer.
Applies security hardening to cli/infra/compose.yml as well.
2026-03-18 15:57:57 +05:30
ae4bd45a30
feat: add custom base URL support for Anthropic-compatible endpoints ( #246 )
...
Support ANTHROPIC_BASE_URL + ANTHROPIC_AUTH_TOKEN in .env to route
SDK requests through proxies or gateways. Preflight now validates the
custom endpoint is reachable instead of skipping credential checks.
2026-03-18 00:53:44 +05:30
629c52ed3b
Merge pull request #230 from KeygraphHQ/patching-benchmark
...
chore: upload correct benchmarks for XBEN 19/31/35/44
2026-03-09 19:30:51 -07:00
3dd4056dc3
chore: upload correct benchmarks for XBEN 19/31/35/44
2026-03-09 19:07:21 -07:00
17df89a48f
Merge pull request #224 from ajmallesh/security/tighten-docker-env-isolation
...
Hardening local defaults
2026-03-07 11:56:35 -08:00
58afb767c6
docs: simplify prompt injection disclaimer in README
2026-03-07 11:48:59 -08:00
023cc953db
security: tighten Docker isolation and subprocess env
...
- Pin @playwright/mcp to 0.0.68 instead of @latest to prevent supply chain risk
- Restrict MCP subprocess env to allowlist (PATH, HOME, NODE_PATH, DISPLAY, XDG_*) instead of spreading process.env
- Add path traversal guard to @include() directive in prompt templates
- Bind all Docker ports to 127.0.0.1 to prevent network exposure
- Remove ipc: host — shm_size: 2gb already covers Chromium shared memory needs
- Add prompt injection disclaimer for untrusted repositories to README
2026-03-06 17:20:39 -08:00
01165382ed
Merge pull request #220 from KeygraphHQ/Readme-Update
...
Readme update
2026-03-06 13:42:49 -08:00
4c6750541b
Update README.md
2026-03-06 11:38:53 -08:00
2feff83b6e
Add files via upload
2026-03-06 11:38:18 -08:00
96b2728318
Delete assets/keygraph_button.png
2026-03-06 11:38:06 -08:00
595b2ada78
Update README.md
2026-03-06 11:36:43 -08:00
c68ee44103
Add files via upload
2026-03-06 11:35:16 -08:00
fdd7d0af64
Merge pull request #216 from KeygraphHQ/Updated-README.md
...
Updated readme.md
2026-03-05 16:48:32 -08:00
03377de469
Update README.md
2026-03-05 16:47:03 -08:00
477ccd71aa
Update README.md
2026-03-05 16:45:08 -08:00
43aa6386a2
Add files via upload
2026-03-05 16:44:01 -08:00
6ad2c9d5c1
Merge pull request #206 from KeygraphHQ/keygraphVarun-patch-1
...
update image
2026-03-04 18:40:22 -08:00
53bb10c450
Update README.md
2026-03-04 18:39:05 -08:00
ce98c749f5
update image
2026-03-04 18:38:11 -08:00
ba8f737d02
Delete assets/github-banner.png
2026-03-04 18:37:54 -08:00
a01b130281
update image
2026-03-04 18:36:34 -08:00
ff7874815a
Merge pull request #205 from KeygraphHQ/keygraphVarun-patch-4
...
Update README.md
2026-03-04 18:30:39 -08:00
c5f13235da
Update SHANNON-PRO.md
2026-03-04 18:28:41 -08:00
528dced335
updated image
2026-03-04 18:20:35 -08:00
cdf0f13cc6
Add files via upload
2026-03-04 18:19:27 -08:00
e69ce6f51e
Update README.md
2026-03-04 18:17:46 -08:00
ab2c400daf
Merge pull request #202 from KeygraphHQ/keygraphVarun-patch-1
...
Update README.md
2026-03-04 13:59:42 -08:00
9b0e64944b
Update README.md
...
cleanup
2026-03-04 13:57:28 -08:00
f3f4e44ccd
Merge pull request #198 from KeygraphHQ/keygraphVarun-patch-1
...
Update SHANNON-PRO.md
2026-03-04 13:46:34 -08:00
6b68bb40f8
Merge pull request #200 from KeygraphHQ/keygraphVarun-patch-2
...
Update README.md
2026-03-04 13:46:10 -08:00
d3de8e13fb
Update SHANNON-PRO.md
2026-03-04 13:44:08 -08:00
57d1141f4a
Update README.md
2026-03-04 13:38:43 -08:00
1aafc0c3d0
Update README.md
...
update readme
2026-03-04 13:08:18 -08:00
a8afe98518
Update SHANNON-PRO.md
...
fix
2026-03-04 11:35:49 -08:00
395b2bd187
Update SHANNON-PRO.md
...
Shannon Pro
2026-03-04 11:32:00 -08:00
e29d5b88a0
Merge pull request #177 from KeygraphHQ/feat/model-tiers
...
feat: add three-tier model system with Bedrock and Vertex AI support
2026-03-03 22:40:29 +05:30
6a76df2f4c
feat: add Google Vertex AI support with service account auth
2026-03-03 02:42:46 +05:30
3ec491b30b
chore: update pipeline testing vulnerability prompts
2026-03-03 02:05:09 +05:30
b62abfea4c
feat: add three-tier model system with Bedrock support
...
Introduce small/medium/large model tiers so agents use the appropriate
model for their task complexity. Pre-recon uses Opus (large) for deep
source code analysis, most agents use Sonnet (medium), and report uses
Haiku (small) for summarization.
- Add src/ai/models.ts with ModelTier type and resolveModel()
- Add modelTier field to AgentDefinition
- Refactor claude-executor env var passthrough into loop
- Add Bedrock credential validation in preflight and CLI
- Pass through Bedrock and model env vars in docker-compose
2026-03-03 01:08:26 +05:30
98e3446448
Merge pull request #161 from KeygraphHQ/feat/pipeline-config
...
feat: add configurable pipeline retry and concurrency settings
2026-02-24 10:52:52 -08:00
a03bc7506c
chore: improve PR command summary format with rich bullet style
2026-02-24 09:31:37 -08:00
d67c07dc55
feat: add configurable pipeline retry and concurrency settings ( #157 )
...
- Add `pipeline` config section with `retry_preset` and `max_concurrent_pipelines` options
- Add `subscription` retry preset with extended 6h max interval for Anthropic rate limit windows
- Replace Promise.allSettled with concurrency-limited runner for vuln/exploit pipelines
- Wire pipeline config through client, shared types, and workflow activity proxy selection
2026-02-24 09:31:33 -08:00
91f03242a5
Merge pull request #160 from KeygraphHQ/chore/update-readme-banner
...
chore: update README banner image
2026-02-24 09:15:17 -08:00
17d12be2ab
chore: update README banner image
2026-02-24 09:11:50 -08:00
6b403d59a7
Merge pull request #152 from KeygraphHQ/fix/router-env-passthrough
...
fix: pass router env vars to SDK subprocess
2026-02-21 02:24:29 +05:30
ezl-keygraph