mirror of https://github.com/KeygraphHQ/shannon.git synced 2026-04-01 10:20:53 +02:00

Files

ezl-keygraph 147bc3f5f4 fix: harden supply chain security (#255 )

* fix: patch smol-toml and tsdown vulnerabilities

Update smol-toml 1.6.0→1.6.1 (DoS via recursive comment parsing) and
tsdown 0.21.2→0.21.5 (picomatch ReDoS + method injection).

* fix: pin all unpinned dependency versions in Dockerfile

Pins subfinder v2.13.0, WhatWeb v0.6.3 (switched from git clone to
release tarball), schemathesis 4.13.0, addressable 2.8.9,
claude-code 2.1.84, and playwright-cli 0.1.1 for reproducible builds.

* fix: pin GitHub Actions to commit SHAs for supply chain security

* fix: pin GitHub Actions to commit SHAs in beta and rollback workflows

2026-03-27 01:55:09 +05:30

infra

refactor: migrate to Turborepo + pnpm + Biome monorepo

2026-03-18 15:58:45 +05:30

src

fix: drop redundant --ipc host flag from worker container

2026-03-22 22:28:23 +05:30

.npmignore

refactor: migrate to Turborepo + pnpm + Biome monorepo

2026-03-18 15:58:45 +05:30

package.json

fix: harden supply chain security (#255 )

2026-03-27 01:55:09 +05:30

README.md

docs: add CLI package README stub

2026-03-19 01:22:31 +05:30

tsconfig.json

refactor: migrate to Turborepo + pnpm + Biome monorepo

2026-03-18 15:58:45 +05:30

tsdown.config.ts

refactor: migrate to Turborepo + pnpm + Biome monorepo

2026-03-18 15:58:45 +05:30

README.md

Shannon — AI Pentester for Web Applications and APIs

Shannon — AI Pentester by Keygraph

Shannon is an autonomous, white-box AI pentester for web applications and APIs.
It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

Full README and usage guide
https://github.com/KeygraphHQ/shannon#readme