Changelog

Track the evolution of Code Pathfinder with detailed release notes and updates.

Release v1.2.0

v1.2.0January 17, 2026

🚀 Code Pathfinder v1.2.0 - Pre-Built Security Rules Are Here

We're thrilled to announce Code Pathfinder v1.2.0, bringing ready-to-use security rulesets that you can deploy in seconds!

✨ What's New

🎯 Pre-Built Python Security Rules

Stop writing security rules from scratch. Access battle-tested rulesets from our registry:

 pathfinder scan --project /path/to/src --ruleset docker/security --output sarif

Find SQL injections, unsafe deserialization, command injection vulnerabilities, and more - all configured and ready to run.

📦 Registry-Hosted Rulesets

Browse and use community-maintained rules at codepathfinder.dev/registry/:

docker/security - Docker security vulnerabilities
docker/best-practice - Dockerfile optimization
python/deserialization - Unsafe pickle.loads RCE detection
python/django - Django SQL injection patterns
python/flask - Flask security misconfigurations
More languages coming soon

🔧 Enhanced Python Compatibility

Expanded Python 3.9+ support with intelligent stdlib module discovery fallbacks, ensuring reliable analysis across different Python versions and environments.

🎯 What This Means for You

👉🏻 No more copy-pasting security rules or reinventing the wheel. Point to a ruleset, run your scan, and catch vulnerabilities before they hit production. Perfect for teams who want 👉🏻 powerful SAST without the configuration overhead.

What's Changed

fix(python/sast): add Python 3.9 fallback for stdlib module discovery by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/464
feat(ruleset): add Python security rules with remote ruleset CLI support by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/466
fix(gha): resolve R2 upload SSL handshake failure by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/467
chore: remove obsolete deprecation-notice.js by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/468
feat(rules): add Python security rules for R2 distribution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/469

Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.1.6...v1.2.0

Release v1.1.6

v1.1.6January 10, 2026

View on GitHub

Code Pathfinder v1.1.6

This release adds MCP (Model Context Protocol) server support and expands Python standard library coverage.

What's New

MCP Server Support

Code Pathfinder now functions as a Model Context Protocol server for AI-powered code analysis:

Protocol Foundation: Full MCP protocol handler implementation with standard tools support
HTTP Transport: Network access via HTTP transport layer for remote connections
Cursor-Based Pagination: Efficient handling of large result sets with cursor-based pagination
Error Handling: JSON-RPC 2.0 compliant error handling
Indexing & Analytics: Real-time indexing status tracking and optional analytics integration
Comprehensive Testing: Extensive test coverage for all MCP server components

Visit MCP setup guide page:

Code Pathfinder MCP Server Setup Guide
MCP Installation
MCP Toolbox reference

Python Analysis Improvements
- Expanded stdlib Coverage: Increased support for Python standard library versions, improving analysis accuracy across different Python environments
Infrastructure
- CI/CD Cleanup: Removed npm publish GitHub Action workflow
Pull Requests
- #453 - Remove npm publish GitHub Action workflow
- #454 - Add MCP server foundation with protocol handler and tools
- #455 - Add comprehensive test coverage for MCP server
- #456 - Add robust error handling per JSON-RPC 2.0 spec
- #457 - Add cursor-based pagination for large result sets
- #458 - Add HTTP transport for network access
- #459 - Add indexing status, analytics, and comprehensive tests
- #460, #461 - Increase coverage for Python stdlib versions
- #462 - Release v1.1.6
Full Changelog: https://github.com/shivasurya/code-pathfinder/compare/v1.1.5...v1.1.6

Release v1.1.5

v1.1.5January 6, 2026

View on GitHub

What's Changed

docs: update README with new banner and comprehensive content by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/440
feat(secureflow): Add OpenRouter Support and Svelte UI with Production Optimizations by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/441
feat(python-dsl): Add CLI wrapper module for binary management by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/442
feat(python-dsl): Add platform wheel build workflow for PyPI by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/443
feat(npm): Deprecate npm package in favor of pip installation by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/444
fix(python-dsl): Include rules package in distribution by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/445
fix(ci): Remove redundant test-wheels job from PyPI workflow by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/446
fix(ci): Use proper boolean check for publish_to_pypi input by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/447
fix(ci): Properly check boolean input as string in publish condition by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/448
fix(ci): Remove publish_to_pypi condition - always publish by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/449
fix(ci): Simplify PyPI workflow - remove wait-for-binaries by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/450
fix(callgraph,dsl): Add thread-safety, improve logging, and fix progress messages by @shivasurya in https://github.com/shivasurya/code-pathfinder/pull/451