CHANGELOG.md

2.16.6 (2024-11-11)

Bug Fixes

• snyk: resolutions not respected when running license check (492879d)

2.16.5 (2024-11-08)

Bug Fixes

• deps: force resolution - version bump (9ea4801)

2.16.4 (2024-11-07)

Bug Fixes

• package.json & yarn.lock to reduce vulnerabilities (328289a)

2.16.3 (2024-09-13)

Bug Fixes

• error: dir structure check (801c2ba)
• exemption: loader issue (4690f99)
• Resolve TypeScript error in isPathInside function (62544f2)
• Validate input used to build paths (7a17db4)

2.16.2 (2024-09-13)

Bug Fixes

• errors: directory structure base fix, and some logic issues in error handling (e89d783)

2.16.1 (2024-09-13)

Bug Fixes

• package.json & yarn.lock to reduce vulnerabilities (8e9bc8e)

2.16.0 (2024-09-10)

Bug Fixes

• Add null checks for child.stdout and child.stderr in collectYarnDependencies function (cd3f271)
• add type assertion to resolve TypeScript error (aeb4c52)
• cast util.promisify to unknown before mocking (f8c5069)
• collect Yarn dependencies when yarn.lock exists (48c50d1)
• Collect Yarn dependencies when yarn.lock exists (2e159f0)
• Handle error types in dependency collection functions (1711cb1)
• increase Jest timeout for repoDependencyFacts.test.ts (05185d9)
• Mock child_process.exec to return a mock function (ebba176)
• promisechain: avoid skipped files (0cdf825)
• Refactor runEngineOnFiles to use synchronous approach (77c259e)
• resolve TypeScript error in repoDependencyFacts.test.ts (075e884)
• resolve TypeScript error in repoDependencyFacts.test.ts (6c4870e)
• Resolve TypeScript errors in repoDependencyFacts.test.ts (bd47c66)
• update analyzer.test.ts to use expect.any(Number) for fileCount, totalIssues, and warningCount (66bbd47)
• update minimum dependency version comparison (3373646)
• Update mocking of util.promisify and fs.existsSync in repoDependencyFacts.test.ts (fa81048)
• Update mocking of util.promisify in repoDependencyFacts.test.ts (8e6a18d)
• Update repoDependencyFacts to fix test issues (8d4bfc1)
• Update runEngineOnFiles function to handle asynchronous engine.run() call (01ec5b0)
• Update test expectations for analyzeCodebase (524f0d3)
• Update test expectations for error handling in analyzer (a986892)
• Update test expectations for handling errors during analysis (6a9c1b9)
• update unit tests for loading npm and yarn dependencies (4faf703)
• Use exec instead of spawn for collecting yarn dependencies (b6bd17c)

Features

• Replace execSync with spawned child process for dependency collection (bd4b38e)
• Update analyzer.test.ts with more precise expectations (7376191)
• update repoDependencyFacts tests to match implementation (9514c3a)

2.15.0 (2024-09-08)

Bug Fixes

• execution: fact functions and cleanup (8bd2cfa)
• Implement more robust error handling and logging (f391052)
• Implement safe handling of circular JSON references in repoDependencyFacts.ts (49d95da)
• loading: consistency with archetype (47f52e4)
• Update import statement in repoFilesystemFacts.ts (903326c)

Features

• Add JSON schema validation for .xfi-config.json file (a7d0a75)
• Add rule to check for 'nuit' and 'elevate' package imports in the same file (70d0994)
• Add support for .xfi-config.json file (e9b60d3)
• Add support for .xfi-config.json file with sensitiveFileFalsePositives (5eda4f4)
• Add XFIConfig to ResultMetadata and define FileData and ValidationResult types (ce71d90)
• Centralize loading of .xfi-config.json and add it as a fact (2cca682)
• create 'bats' subdirectory and move BATS-related content (1cc0bff)
• improve and modernize the bats test (586b546)
• Improve repoDependencyAnalysis function (a5638ca)
• Rename XFIConfig to RepoXFIConfig (f91574d)
• repoconfig: support for local control of false positive sensitive values (db0b09a)
• testing: cli blackbox testing (a634258)

2.14.0 (2024-08-29)

Bug Fixes

• exemptions: exclude repos that do not have a remote configured (c49c4c7)

Features

• Add exemptions feature to manage rule exceptions (0a91ad8)

2.13.1 (2024-08-28)

Bug Fixes

• schema: relax for fix (ee5e123)

2.13.0 (2024-08-28)

Bug Fixes

• add readonly constraint to archetypeSchema (c74d116)
• Improve path traversal prevention in repoFilesystemFacts.ts (f65f595)
• schema: fix schema validation and incorrect default rule code in setupEngine (0a3c65c)
• update import statement for RuleConfigSchema (a658127)

Features

• Add new types for IsBlacklistedParams and isWhitelistedParams (2c43c82)
• Update archetype typedef and jsonschema to validate semver strings (2bba2b1)

2.12.1 (2024-08-25)

Bug Fixes

• deps: reduce noise in dependency checks (88f3ecb)

2.12.0 (2024-08-25)

Bug Fixes

• analysis: ensure long single-line files are catered for and npm namespaces (509b4db)
• Handle @namespace packages in dependency analysis (b5314ac)
• Refactor repoFileAnalysis function to improve performance (ae725bb)

Features

• Implement file content splitting for analysis (4d5f049)

2.11.0 (2024-08-24)

Features

• Add documentation for custom operators in x-fidelity (d015fff)
• Add new operators section in README (a306c4d)
• Update README.md with new features and enhancements (751b4ed)

2.10.0 (2024-08-24)

Bug Fixes

• Add error logging in fileContains operator (7a41a2f)
• Correct the logic in the fileContains operator (9f45231)
• filecontains: ensure detailed line numbers are included in results (3d94716)
• Update fileContains operator implementation (6a11a46)
• Update fileContains operator implementation (f9a8f03)
• Update fileContains test cases to provide second argument (9d68f43)
• Update fileContains test expectations (767d72f)

Features

• Add repoFileAnalysis function to analyze files in a repository (a100cf3)
• Allow checkPattern param in repoFileAnalysis to be an array of patterns (896fc2d)

2.9.0 (2024-08-23)

Features

• Add exemptions section to README (8e43dfe)

2.8.0 (2024-08-23)

Bug Fixes

• Add archetype parameter to loadExemptions function (0a9d95b)
• Add shared secret to exemption loader request (37479d4)
• Add test case for using default archetypes when no config sources are provided (bf90659)
• Change log level from debug to info for fetching remote exemptions (056b55b)
• Clone and update exempted rule before adding to engine (c731b31)
• Ensure at least two rules are added to the engine (8c58418)
• Ensure at least two rules are added to the engine for testing purposes (a6da7aa)
• Handle errors when loading rules and add default rules (87216a4)
• Import exemptions object from archetypes module and handle undefined case in loadDefaultExemptions (c523352)
• Normalize GitHub URL by correctly handling forward slashes (6ed2b49)
• Normalize GitHub URLs when checking exemptions (8645ace)
• Refactor exemption handling in ConfigManager (f114d45)
• Remove unnecessary rule addition logic (620d365)
• Update exemptions file path in ConfigManager test (af72043)
• Update expectation for mockAddRule in engineSetup.test.ts (177b39c)
• Update expectations for mockAddRule in engineSetup.test.ts (317acdb)
• Update loadExemptions function calls to match expected parameters (8f6da9a)
• Update repository URLs in exemption configurations (9bbfcb2)
• Update test case for using default archetypes when no config sources are provided (ca42766)
• Update test for default archetype config when unable to load local config (42661f6)
• Use isExempt function from exemptionLoader (c34dd13)

Features

• add example exemptions JSON files for node-fullstack and java-microservice archetypes (4e00c9d)
• add exemptions route to config server (1618737)
• add remote exemption loading to ExecutionConfig (d5e2862)
• add telemetry event for allowed exemptions (94ad81b)
• add unit tests for exemptions-related features (f757a67)
• Add unit tests for normalizeGitHubUrl function (f322fa2)
• Enhance normalizeGitHubUrl to support self-hosted GitHub instances (958837d)
• exemptions: basic exemptions model (949cdd3)
• exemptions: remotely managed exemptions (1bf485c)
• Implement remote, local, and default exemption loading (6f6c74f)

2.7.0 (2024-08-22)

Bug Fixes

• Add missing repoUrl property to mockParams object (e94114d)

Features

• exemption process: allow a repo to have a timelimited waiver for a given rule (42d4b7d)

2.6.0 (2024-08-22)

Bug Fixes

• Change log level from debug to info for better visibility (8173462)
• deps: monorepo fixes (07021e8)
• Fix issues with dependency version validation and handling (75282c1)
• Improve implementation and test coverage of openaiAnalysisHighSeverity (acaf784)
• Improve local dependency collection (8d7732f)
• improve semver range checking in repoDependencyAnalysis (ba15f5a)
• Improve semver version comparison logic (8f943e1)
• Update collectLocalDependencies function to return correct dependency structure (fc3fccb)
• Update collectLocalDependencies function to return expected structure (42ee815)
• Update mocking of collectLocalDependencies function in tests (5d8d647)
• Update repoDependencyAnalysis function to only add dependencies that don't meet requirements (1070e5f)
• Update semverValid function to return correct result (158f555)
• Update test case for collectLocalDependencies function (4b35d3f)
• Use toEqual for boolean comparisons in openaiAnalysisHighSeverity tests (16425c6)

Features

• Add collectLocalDependencies function to repoDependencyFacts (8aa6311)
• Add support for version ranges in repoDependencyAnalysis (ce82a21)
• create comprehensive unit test suite for repoDependencyFacts.ts (a92b83b)
• rewrite src/facts/repoDependencyFacts.test.ts with correct mocking and comprehensive test coverage (66e26c2)

2.5.0 (2024-08-21)

Bug Fixes

• Update README.md with new CLI options and environment variables (04d5172)

Features

• Add support for Docker and HTTPS/TLS (7eeb497)

2.4.0 (2024-08-21)

Bug Fixes

• add unit tests for all files except typeDefs (b1d1fd9)
• deps: make artillery a peer dependency (d89361f)
• Handle errors during execution (48a9488)
• Improve error handling and execution flow in index.ts (0b8ca73)
• Increase timeout for test case to prevent "force exited" issue (ab3d0b3)
• logging: silence in logs and increase unit test coverage (5017a12)
• Mock axiosClient instead of axios in rules/index.test.ts (40e7410)
• Pass executionLogPrefix to startServer and analyzeCodebase (99a6692)
• Prevent unnecessary process exit in test environment (aab777f)
• Remove setTimeout and directly call process.exit(1) in error handling function (8a7587e)
• resolve TypeScript errors in telemetry utility (3c68aa1)
• Update import and call of main function in index.test.ts (70e11b1)
• Update import and export in index.test.ts and index.ts (b15203d)
• Update index.test.ts (b3d1799)
• Update process.exit usage in src/index.ts (ac398c3)
• Update startServer function call and process exit handling (7be6c28)
• update test expectations (d24279e)
• Update test expectations to match actual error messages (454aea6)
• update type of code parameter in mockImplementation function (f7aab15)

Features

• centralise the axios client usage in one file and implement exponential backoff (9a6d000)

2.3.0 (2024-08-20)

Bug Fixes

• Add clearCache import and ConfigManager import to configServer.ts (4212096)
• address SSRF risks in githubWebhookRoute (9b6d64a)
• Clear rule list cache correctly (3cb17c7)
• import missing middleware functions (fd00a4f)
• Improve security and mitigate potential SSRF risks in configManager and configServer (f87ccab)
• move the github webhook route and related update code to separate route file (4deb57e)
• Properly handle asynchronous operations in configServer.test.ts (2de6174)
• Refactor ConfigManager class (7f1c2fe)
• Update configServer to use RuleConfig from ConfigManager (100c0b3)
• Update engineSetup.test.ts to use ConfigManager and setLogPrefix (c36c64d)
• Update error message and fix warning detection test (9f37bf5)
• Update mock configuration in engineSetup.test.ts (fd3d7db)
• Update mockParams object to include archetypeConfig property (b0c9628)
• Update rule schema definition (ed5d87a)
• Update ruleSchema to match RuleProperties type (0f09992)
• Update test configuration for analyzer (f0b139d)
• Update test expectation for loadFacts (ee04ee0)
• Update test expectations for loadFacts (4c57421)
• Validate and sanitize archetype input in configManager (3a92119)

Features

• add clearcache route (89e9633)
• Add file watcher for local config path (43da2f3)
• Add GitHub webhook route (cab04ae)
• Add GitHub webhook route to handle archetype or rule config updates (5af3d63)
• Add high-value unit tests for utility functions (f90d5e2)
• Add input validation for URL parameters and telemetry data (77bdfaa)
• Add support for additional properties in rule schema (98826e5)
• add viewcache route (1fa105c)
• Create comprehensive unit test file for engineSetup.ts (50556ce)
• Implement GitHub webhook to update local config (351fbf0)
• Implement server routes and middleware (3de18a6)
• load all RuleConfig for a given archetype into the ExecutionConfig (a122c52)
• move the configServer features related to caching into a new file (95a9908)
• rules: github hook to refresh config (2485fbe)
• rules: optimise loading of rules, and filesystem watcher for server (6e6c5ac)
• update configserver to use new route files (eda8240)
• Update rule schema to improve flexibility and compatibility (989bdf6)

2.2.0 (2024-08-20)

Bug Fixes

• Centralize SHARED_SECRET check in sendTelemetry function (2a99183)
• Ensure object to be masked is not mutated in expressLogger (af111a8)

Features

• add shared secret header security to restrict access to the telemetry server using an environment variable, and update the client in the same way (7935f69)
• Apply shared secret check only to the /telemetry route (72e7466)
• centralise masking in one reusable function (d2f29d5)
• Mask X-Shared-Secret header in request and response logs (c6056ce)
• partially mask shared secret and avoid logging it in full (953be35)
• telemetry: option for sharedSecret for telemetry client and server (f85b312)

2.1.0 (2024-08-19)

Bug Fixes

• Add missing mock implementation for fs.existsSync in repoDependencyFacts.test.ts (f69c22b)
• Add mocks for semver in repoDependencyFacts.test.ts (a852ff5)
• Add null check for input in validateInput function (c5d8bf3)
• Add type annotation for mockLocalDependencies in repoDependencyFacts.test.ts (79cfff0)
• Correct the structure of LocalDependencies in repoDependencyFacts.test.ts (346924f)
• Ensure dependencies are properly added to the result array in processNpmDependencies (21025db)
• facts: ensure dependencies are compatible with npm and yarn, and extensible (fe0e40f)
• Fix mocked import path for cli options (8806297)
• fix type annotation for collectLocalDependencies mock (d2a7739)
• Fix type error in unit test (58f14aa)
• Fix TypeScript errors in repoDependencyFacts.test.ts (50a2029)
• Fix TypeScript errors in repoDependencyFacts.test.ts (a3da3da)
• Fix TypeScript errors in repoDependencyFacts.test.ts (1869968)
• Handle missing package manager files gracefully (95da9ab)
• Implement dependency analysis tests (9b0426b)
• Improve error handling and return value in collectLocalDependencies function (7c6c06c)
• Improve input validation and add logging for potential attacks (e5e2cd4)
• Mock collectLocalDependencies function in repoDependencyFacts.test.ts (33a1634)
• mock collectLocalDependencies function correctly (fde463a)
• Mock fs and child_process modules in repoDependencyFacts.test.ts (f43c3a5)
• Refactor repoDependencyFacts tests (cb2fd9a)
• Resolve TypeScript error in repoDependencyFacts.test.ts (6bb0f22)
• rewrite src/facts/repoDependencyFacts.test.ts to ensure it adheres to the logic in the implementation and that it mocks required objects correctly and covers all positive and negative use-cases (2d4548c)
• Throw error when no lock file is found and return empty array when no local dependencies are found (a30a660)
• Update src/facts/repoDependencyFacts.test.ts to fix TypeScript error (254f770)
• Update collectLocalDependencies test to return an empty array (04bdda7)
• Update error message expectation in test (6f287bd)
• Update yarn dependency processing logic (5f2a39d)
• Use yarn instead of npm to collect local dependencies (482b479)

Features

• create comprehensive unit test file for repoDependencyFacts (1253f74)
• Decompose collectLocalDependencies (b865d09)
• Implement recursive processing of dependencies in repoDependencyFacts.ts (557916a)
• Refactor dependency collection and processing (fc7e037)
• Rewrite the entire src/facts/repoDependencyFacts.test.ts based on the new implementations (83466b4)
• update findPropertiesInTree to operate on the new output structure of the LocalDependencies (608f301)
• update code to conform to updated LocalDependencies interface (864bc68)
• update repoDependencyFacts unit tests to match implementations (7f56ead)

2.0.0 (2024-08-17)

Bug Fixes

• Add additional logging to configManager.ts (bab63c1)
• Add missing properties to ResultMetadata in engineSetup.ts (1c2d276)
• Add missing properties to ResultMetadata interface (eb2b71f)
• Add missing properties to telemetry metadata (30fefbc)
• Correct the typo in the GPT-4 model name (438c772)
• Fix TypeScript errors in src/index.ts (30fc784)
• Fix TypeScript errors in test files (25af375)
• handle network error in loadRules test (05a26e6)
• Import fs module in telemetryCollector.test.ts (64245d9)
• Improve error handling in ConfigManager (d1bb512)
• refactor src/core/engine.test.ts into separate test files (4055f8f)
• Refactor analyzeCodebase function to return ResultMetadata (81d1936)
• Remove expectation of mockLogPrefix in loadRules calls (7b8669e)
• Remove unused import and update metadata object (ff4bfc0)
• Update event handling in engineSetup.ts (73e5358)
• Update import path for ConfigManager (e87f101)
• Update import path for ConfigManager (6a6b05a)
• Update ResultMetadata interface (b95fab7)
• Update telemetryCollector.test.ts to use mocked fs functions (29d435d)
• Update test case for loadRules function (5b6278d)
• Update test case to expect resolved value instead of rejection (580108a)
• Update test expectation for analyzeCodebase results (bdafd3f)
• Update test expectations for addOperator and addFact (c86a33a)
• Update test expectations to match actual results structure (3398a84)
• Update tests to expect new ResultMetadata structure (fc16223)

Features

• Add BasicTelemetryMetadata interface (be87308)
• Add details on creating custom OpenAI rules (80abb24)
• add interface for the result of collectTelemetryData (ea6089a)
• Add new CLI options and examples (fab7b81)
• Add ResultMetadata interface (08c3fe2)
• Add telemetry reporting and improve error handling (ac16e44)
• Expand OpenAI Integration section in README.md (c4e34e7)
• Implement ConfigManager class to manage application configuration (6836652)
• Refactor codebase analysis and reporting (7f7d30e)
• Refactor ResultMetadata interface (7d9ddf2)
• system: fixes, refactor, optimisations (4da8c9f)
• Update README with callout for OpenAI rule naming convention (103a470)

BREAKING CHANGES

• system: some of the contract for cli has changed, and output interfaces updated

1.17.0 (2024-08-16)

Bug Fixes

• Add missing type definitions in src/rules/index.ts (f9fc2f7)
• Handle error when loading local archetype config (a1bf9de)
• Return default config when unable to load local archetype config (0934a71)
• Update loadRules function call in src/core/engine/engineSetup.ts (3ffa9b0)
• Update ConfigManager.getConfig calls to use object parameter (d9011ab)
• Update functions to use parameter objects defined in typedefs and ensure unit tests are updated accordingly (0f5330a)
• Update loadRules function call in test (3837151)
• Update test case for loadRules function (5d6c08a)
• Update unit tests and files to use new GetConfigParams interface (455691d)

Features

• Add type definition for OperatorDefn (f9b09d5)
• update engine-related functions to use parameter objects (9c76bc8)
• Update functions to take parameter objects with types defined in typedefs (dabcc2b)

1.16.1 (2024-08-16)

Bug Fixes

• dependencies: ensure correct dir prefix (5d3fcb3)

1.16.0 (2024-08-16)

Bug Fixes

• Add missing mocks for fs module in config.test.ts (3274a48)
• Add missing readFile mock to fs.promises in config.test.ts (db4bfc0)
• Change log level from debug to info when initializing config manager (c9c45f1)
• Handle errors when loading local archetype config (a4a97a4)
• Handle missing configuration in ConfigManager (667cfff)
• Improve error handling in ConfigManager (3743bcf)
• Mock archetypes in config.test.ts (5738736)
• Resolve issues with ConfigManager tests (8fc2a8e)
• Resolve TypeScript errors in analyzer.ts (5e231f5)
• update config tests to match new implementation (4350668)
• Update config.test.ts to use fs module correctly (66823cc)
• Update ConfigManager mock in engine.test.ts (78e76c7)
• Update ConfigManager tests (2e7b73f)
• Update ConfigManager to use async getConfig method (f95725f)
• Update ConfigManager usage in analyzer.ts (3a9aaf0)
• Update engineSetup.ts to use correct config server property (b54f5fb)
• Update import path for ConfigManager (bed4610)
• Update test case to expect correct error message (a02d2df)
• Update test case to expect resolved value instead of rejection (ab3d704)
• Update test to match actual implementation (3236978)

Features

• config: refactor and start to centralise (d71e65b)
• Move ConfigManager to utils/config (23a449c)
• Refactor ConfigManager to use static methods and caching (811975a)
• Rewrite config.test.ts to ensure mocks work and all features are exercised (0fdbe11)

1.15.0 (2024-08-14)

Features

• Add performance test script (0097cfe)
• Add telemetry requests to the performance test and generate a report with graphs (282af87)
• Update artillery test YAML with more realistic payload sizes (1dcb5e4)
• Update performance tests to use Artillery (31ee453)

Performance Improvements

• Add performance tests for the server (33e3546)
• rate-limit: increase rate-limit and test intensity (206bd5b)

1.14.0 (2024-08-13)

Bug Fixes

• Add missing 'repoPath' property to metadata object in engineSetup.ts (2ff3378)
• Remove duplicate repoPath property in metadata object (a31341b)
• Update loadRules function call in engine.test.ts (aea43bb)
• Update loadRules function call in setupEngine (b116048)
• Update telemetry data collection (051a166)

Features

• Add localConfigPath parameter to setupEngine function (cbfff7a)
• reorganize codebase for maintainability and consistency (13a454d)

1.13.0 (2024-08-13)

Bug Fixes

• Add helmet dependency to improve security (897fbe5)
• Add import for validateArchetypeWithLogging in src/core/engine.ts (7e686ed)
• Add JSON schema validation for archetypes and rules (56e5857)
• Add required property to minimumDependencyVersions object in archetypeSchema (e253a04)
• Implement Helmet middleware for improved security headers (79228a1)
• Remove duplicate 'required' property in archetypeSchema (004b914)
• Remove unnecessary else blocks (67e5789)
• Resolve TypeScript errors in configServer.test.ts (cc84ffe)
• update 'additionalProperties' in archetypeSchema (8616c4b)
• update archetypeSchema additionalProperties type (01a5f10)
• update archetypeSchema to use oneOf for standardStructure (e2b10b6)
• Update JSON schema to allow any type for minimumDependencyVersions property (6a07399)
• Update mocking of validateArchetype and validateRule in configServer.test.ts (818fb31)
• Update standardStructure schema in archetypeSchema (0bf8551)
• Validate input before processing requests (83f6850)

Features

• Add additionalProperties constraint to archetypeSchema (7ba52d6)
• Add rate limiting to Express server (b577ce0)
• add required property to archetypeSchema (8624daf)
• Add support for additional properties in archetype schema (6cc5433)
• extend usage of joi to cover all user inputs, including query parameters and request bodies across all routes in configServer.ts (5f8d3c6)
• Increase rate limiter window and max requests (e0a913d)
• optimize the jsonschema definition for archetype (48b7188)
• replace Joi with AJV for JSON schema validation (e7582da)
• security: jsonschema, joi input checks, http header safety, rate-limiting (5ac07b3)
• Update JSON schema for archetypeConfig (3ae2176)

1.12.0 (2024-08-13)

Bug Fixes

• docker: tls (ddc482c)

Features

• Generate self-signed certificate and use it in Dockerfile (9827ce4)
• Use environment variables for certificate path and archetype (abc254e)
• Use environment variables in Dockerfile CMD and docker-compose.yml (2278a68)

1.11.0 (2024-08-13)

Bug Fixes

• Add logging for cache operations in configServer (caa6b28)
• Improve caching and error handling in config server (5adb358)
• server: cachettl option fix (ee85fe3)

Features

• Implement Joi for input validation (f950b28)
• use Joi to validate input with alphanumeric, hyphen, and underscore characters, length between 1 and 50 (8306f2f)

1.10.1 (2024-08-12)

Bug Fixes

• docker: dockerfile based on latest npm release (5a503a1)
• server: add working dockerfile and compose file examples (2e19d48)

1.10.0 (2024-08-12)

Bug Fixes

• Import RuleProperties from json-rules-engine (9f312b6)
• logprefix and sec: tracing, tls, masking, logic fixes (7efc593)
• Update default server port to 8888 (1ae67df)
• Update default TTL configuration in configServer (babee16)
• Update type of data property in ruleListCache object (63def63)
• Use generateLogPrefix to get the log prefix (59fb55b)

Features

• Add CLI option for cache TTL (fde1885)
• add config server URL from header (40e8390)
• Add logPrefix parameter to ConfigManager initialization (fb675c3)
• Add request log prefix to API endpoints (ffbf74e)
• add test for error when unable to load local archetype config (61d4e43)
• Cache the archetype lists and rule lists (89f260a)
• Enhance sensitive data detection in logging rule (ff9281d)
• ensure consistent log prefix for telemetry calls (a4f182b)
• Implement caching for archetype and rule JSON files in the config server (e3e077b)
• update config tests to expect error when unable to load from configServer (4d96bdf)
• Use TLS for the config server (ef5a7a2)

1.9.0 (2024-08-06)

Bug Fixes

• config: local paths and config option resolutions (52a8144)

Features

• add support for relative and absolute paths in directory and local-config options (c67f0fe)

1.8.0 (2024-08-01)

Features

• Add system architecture diagram to README.md (ce80b79)

1.7.0 (2024-07-30)

Features

• extensibility: archtypes as replacable json files and docs (ce7b06d)

1.6.1 (2024-07-27)

Bug Fixes

• lint: setup (f559331)

1.6.0 (2024-07-27)

Bug Fixes

• telemetry: option silent (e72b366)

Features

• config: local filesystem config, openai option, telemetry option (16f481c)

1.5.1 (2024-07-25)

Bug Fixes

• scope: logging correlation (ea1c497)

1.5.0 (2024-07-24)

Bug Fixes

• logger: console transport (69c62b1)
• log: remove console and add process exit codes (3ec801f)

Features

• telemetry: basic start (47faf3b)
• telemetry: basics including tracing (f07f6b4)
• telemetry: request ids (e19489e)

1.4.1 (2024-07-14)

Bug Fixes

• rules: change default sensitive strings rule (3e14e24)

1.4.0 (2024-07-14)

Features

• rule: report specific dependency issues (2ccaf6c)

1.3.0 (2024-07-11)

Bug Fixes

• ai: fix (8f94cee)
• ai: fix (f5ba9f5)
• Initialized OpenAI client before using it to prevent "Cannot read properties of undefined (reading 'chat')" error (a112b43)
• refactor: logic issues and async issue (2ad8cdd)
• sec: prevent error reflection (93eca93)
• sec: santize input (6f78c39)
• server: fix ai error (20341fa)

Features

• server: remote config server (f027ed2)

1.2.0 (2024-07-10)

Bug Fixes

• filedata: update collection and filtering (d463a2b)
• tests: add tests and fix logic issues uncovered (e33975a)

Features

• archetypes: initial archetype test (7970a3e)

1.1.0 (2024-07-05)

Features

• openai: experiment and tidy (fd38f73)
• openai: testing (1518710)

1.0.0 (2024-06-15)

Bug Fixes

• access: cd (0016364)
• ascii: readme fix (86a4448)
• ci: branch name (858a3cd)
• ci: node version (8da6d00)
• config: release (ccf103c)
• deps: missing (367c43e)
• pipeline: test (ee4a098)
• release bin: local install and cd (750ab7a)
• test: merge (603ebc5)
• trigger: cd (c039356)

Features

• pipelines: setup gh actions (ceca83a)