Changelog
Track the evolution of Code Pathfinder with detailed release notes and updates.
v1.3.7
v1.3.7February 28, 2026
What's Changed
- fix(docs): Add supported programming languages section to README by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/545
- chore(go): Apply go fix ./... automated cleanup by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/550
- chore(deps-dev): bump svelte from 4.2.20 to 5.53.0 in /extension/secureflow in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/547
- feat(go): Add Go stdlib registry data structures and types (PR-01) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/546
- feat(go): Add Go stdlib extraction tool for registry generation (PR-02) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/548
- feat(go): Add Go stdlib remote registry loader with lazy caching (PR-03) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/549
- feat(go): Add Go stdlib R2 publishing pipeline (PR-04) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/551
- feat(go): Add Go version detection and stdlib loader init (PR-05) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/552
- feat(go): Wire stdlib loader into builder pipeline (PR-06) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/553
- feat(go): Resolve stdlib return types in variable extraction (PR-07) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/554
- feat(go): Close stdlib type inference gap in GetReturnType (PR-07b) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/555
- feat(go): Add stdlib metadata to MCP call graph tool responses (PR-08) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/556
- feat(go): Replace hardcoded stdlib set with GoImportResolver struct (PR-09) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/557
- fix(ci): fix Go stdlib R2 upload workflow (GOROOT capture + build tag conflict) by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/559
- chore(deps-dev): bump minimatch from 3.1.2 to 3.1.4 in /extension/secureflow in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/558
- feat(mcp): add MCP Registry listing support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/560
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.3.6...v1.3.7
v1.3.6
v1.3.6February 17, 2026
v1.3.6 - 2026-02-16
🎉 Major Features
Full Go Language Support
<img src="https://cdn.jsdelivr.net/gh/devicons/devicon@latest/icons/go/go-original-wordmark.svg" height=50 width=50 />Complete implementation of Go static analysis capabilities
- Core Parsing (#520-525): File detection, AST parsing, function/method declarations, type definitions, variables, constants, calls, closures, and control flow statements
- Advanced Analysis (#526-530): Module registry, import resolution, call graph construction, scan/CI pipeline integration, security rules, and MCP server support
- Type Tracking (#536-540): Phase 2 type tracking with return type extraction, variable assignment tracking, and method call resolution via variable types
- Performance (#541-542): Parallel call graph building with progress tracking and background indexing to prevent MCP client timeouts
Docker Analysis Support
<img src="https://cdn.jsdelivr.net/gh/devicons/devicon@latest/icons/docker/docker-original-wordmark.svg" height=50 width=50 />New MCP tools for Docker security analysis:
- Basic Docker MCP support (#531)
- Semantic Docker query tools (#534)
- Docker dependency graph mapping (#535)
GitHub Actions Security Scanner
<img src="https://cdn.jsdelivr.net/gh/devicons/devicon@latest/icons/githubactions/githubactions-original.svg" height=50 width=50 />- Automated security scanning workflow with PR summary reports
- Inline code comments for security findings
- Integration with SARIF output for GitHub Advanced Security
🚀 Improvements
Python SAST Enhancements
<img src="https://cdn.jsdelivr.net/gh/devicons/devicon@latest/icons/python/python-original-wordmark.svg" height=50 width=50 />- Populate ReturnType and MethodArgumentsType for Python functions (#513)
- Add inferred type information to module variables in find_symbol (#514)
- Expose parameter types as standalone symbols (#518)
- Populate inferred return types and detect void functions (#519)
Performance Optimizations
- Parallel call graph building with progress tracking (#541)
- Background indexing to prevent MCP client timeout (#542)
🐛 Bug Fixes
- Python SAST: Fix module variable reassignment contamination and var: placeholder leaking (#515)
- SARIF: Fix SARIF upload failing with empty artifact locations (#517)
- Rules: Make ZIP creation deterministic to prevent checksum mismatches (#532)
- CI: Add Cloudflare cache purging to rules deployment workflow (#533)
📦 Dependencies
- Upgrade Go to 1.26.0 and update dependencies (#516)
📝 Full Changelog
Contributors: @shivasurya
v1.3.5
v1.3.5February 8, 2026
What's Changed
- feat(mcp): Add --disable-metrics flag to MCP serve command and remove nsjail by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/506
- chore(deps-dev): bump webpack from 5.100.2 to 5.105.0 in /extension/secureflow in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/shivasurya/code-pathfinder/pull/507
- fix(ci): Replace deprecated GitHub Actions in release workflow by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/508
- feat(ci): Add diff-aware scanning and GitHub PR commenting by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/509
- feat(ci): Switch GitHub Action to ci command with PR commenting support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/510
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.3.4...v1.3.5
Release v1.3.4
v1.3.4February 3, 2026
What's Changed
- fix(dsl): Make single-file rule loading consistent with directory behavior by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/501
- fix(docker): Report all container rule violations, not just first match by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/502
- chore(deps): Upgrade Go to 1.25.6 and update dependencies by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/503
- fix(python/sast): Fix FQN construction for inline instantiation patterns by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/504
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.3.3...v1.3.4
Release v1.3.3
v1.3.3January 31, 2026
What's Changed
- fix(python/sast): Support default parameter type inference by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/498
- feat(python/sast): Support inline instantiation in attribute extraction by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/499
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.3.2...v1.3.3