v0.4.0
codeiq v0.4.0
Deterministic code knowledge graph — Go single-binary release.
Verify the download:
# Checksum
sha256sum -c checksums.sha256
# Signature (Sigstore keyless, bundle format)
cosign verify-blob
--bundle checksums.sha256.cosign.bundle
--certificate-identity-regexp 'https://github.com/RandomCodeSpace/codeiq/.github/workflows/release-go.yml@.*'
--certificate-oidc-issuer https://token.actions.githubusercontent.com
checksums.sha256
Changelog
- 24fef39 refactor: hoist Go module from go/ to repo root (#162)
- c20c109 feat(buildinfo): fall back to debug.BuildInfo when ldflags unset (#161)
- e5fd3fe docs: post-cutover + Kuzu 0.11 sweep (#160)
- 799be73 refactor(graph): use Kuzu 0.11 native features (FTS, param LIMIT, []string) (#159)
- 690fba6 chore(deps)(deps): bump github.com/kuzudb/go-kuzu (#155)
- 235986c chore(actions)(deps): bump the actions group across 1 directory with 4 updates (#158)
- fd77ec9 chore(deps)(deps): bump github.com/mattn/go-sqlite3 (#157)
- 7869842 chore(deps)(deps): bump the cobra-viper group in /go with 2 updates (#156)
- 2263146 chore(deps): drop Java + npm Dependabot sections; add gomod (#154)
- cc96e1b fix(parser): unquote TOML keys and section headers (#152)
- a83b768 fix(enrich): explicit QUOTE/ESCAPE so Kuzu COPY honors RFC-4180 (#153)
- 4a6d82a fix(analyzer): path-qualify SERVICE node IDs to break PK collisions (#151)
- 7867a79 fix(enrich): use pipe '|' delimiter for Kuzu COPY staging files (#150)
- 91e34c3 fix(mcp): correct dispatch arg names in tools_consolidated (#149)
- 7313a0a ci+docs(perf-gate): enrich memory regression gate + OOM-fix evidence (Phase D) (#148)
- 51efda7 perf(enrich): --memprofile + --max-buffer-pool + --copy-threads flags (Phase C) (#147)
- 548a5ec perf(parser): rewrite Walk to use TreeCursor (Task B1) (#146)
- 9f54673 perf(enrich): Phase A quick wins for OOM fix (#145)
- 4136977 perf(graph): batch BulkLoad CSV / COPY FROM at 50k rows (#143)
- 9994900 docs: enrich OOM-fix streaming-refactor plan + gitignore fix (#144)
- 094cffd test(mcp): per-mode parity for 6 consolidated tools (#139)
- d2853dd chore(mcp): drop 24 narrow tools from user-facing MCP surface (#142)
- e544af0 fix(detector/jvm): discriminator guard on KtorRouteDetector + scala/kotlin fixtures (#141)
- 531e089 fix(detector): anchor nodes for bicep/dockerfile/shell/proto imports (#140)
- ecb5ede chore: drop Homebrew + delete stale Java-era docs (CLI + MCP only) (#138)
- c6097e7 feat(release): darwin/arm64 release workflow (#137)
- ffb3a16 fix(release): cosign v4 bundle format (#136)
- 13cd11b fix(release): simplify to single-runner linux-only build (#135)
- e590843 docs: switch version target from v1.0.0 → v0.3.0 (#134)
- 7f32aa4 fix(release): wrap goreleaser before-hooks in sh -c (#133)
- e21fe0f feat: Phase 6 cutover — delete Java reference, ship v1.0.0 (#132)
- c630245 feat(release): Phase 5 — Goreleaser + Sigstore + perf gate (#131)
- c363727 feat: port codeiq from Java/Spring Boot to Go single-binary (Phases 1-4) (#130)
- f7e792e perf(treemap): on-demand subtree fetch + visible directory labels (#120)
- d6e34ea perf(serve): bound JVM/Neo4j memory and dedupe topology snapshot (#118)
- a2bb2e0 perf(ui): cap initial file-tree fetch at depth 8 on dashboard (#119)
- 4b7cb45 release: v0.2.0 — frontend rewrite, ActiveMQ detector, mode=none default, drill-down treemap (#112)
- 3bc3ebf perf(detectors): quick-reject pre-screen on auth detectors (-31% detector CPU) (#111)
- 9f0d3d2 feat(serving): config validation, integration coverage, docs refresh (PR 5/5) (#110)
- 5f3021a feat(observability): production-readiness PR 4 — request tracing + JSON logs + structured errors (#109)
- e40350f feat(supply-chain): production-readiness PR 3 — bundle integrity + secret hygiene + scanner pin (#108)
- 82ded68 feat(security): prod-readiness PR 1 of 5 — bearer auth, security headers, error envelope (#106)
- c352720 chore(deps): bump Node from v20.11.0 to v22.12.0 for Vite 8 (unblocks #86) (#105)
- 833b403 chore(deps)(deps-dev): bump com.github.eirslett:frontend-maven-plugin (#84)
- 07106fb chore(deps)(deps): bump tools.jackson.core:jackson-databind (#81)
- 13624c1 chore(deps)(deps): bump tools.jackson.core:jackson-core (#85)
- 60f826b chore(deps)(deps): bump io.modelcontextprotocol.sdk:mcp-core (#80)
- c3ea61e chore(deps)(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui (#82)
- e6aa245 chore(actions)(deps): bump the actions group across 1 directory with 4 updates (#100)
- dac13c6 chore(frontend)(deps-dev): bump the typescript group across 1 directory with 2 updates (#99)
- 4a097da chore(deps)(deps-dev): bump org.apache.maven.plugins:maven-gpg-plugin (#93)
- 0c1a4c8 feat: sub-project 1 Phase 4-6 — resolver pipeline wiring + 4 Java detector migrations (#104)
- 47e6404 feat: AKS read-only deploy hardening (sub-project 2) (#103)
- 5a46598 feat(resolver): symbol-resolver SPI + Java backend (sub-project 1, Phases 1-4) (#101)
- 54be162 chore(deps)(deps): bump the spring group across 1 directory with 2 updates (#75)
- 15c0c3c chore(frontend)(deps): bump the react group across 1 directory with 4 updates (#78)
- 06b16f3 chore(frontend)(deps): bump the ant-design group across 1 directory with 2 updates (#83)
- 53a4f67 chore(deps)(deps): bump org.neo4j:neo4j (#77)
- 58fb9d5 chore(frontend)(deps): bump echarts (#87)
- 92c6e00 chore(bestpractices): embed URLs inline + resolve SUGGESTED ? placeholders (RAN-52) (#98)
- 25a365e docs(changelog): add CHANGELOG.md to close OpenSSF
release_notes(RAN-52) (#97) - 80c2fc8 chore(bestpractices): rewrite to canonical autofill schema (RAN-57) (#96)
- bbacb86 docs(claude-md): document OpenSSF Best Practices + Scorecard baseline (RAN-52 AC #7) (#95)
- 4117d03 chore(security): revert to OSS-CLI stack (RAN-46 path B board ruling) (#91)
- 9bdfcc7 docs(badge): wire OpenSSF Best Practices project_id 12650 (RAN-46 AC #8) (#92)
- 6c3b9e9 chore(ci): add top-level permissions: read-all to workflows (RAN-46 AC) (#90)
- 6c8497f docs(runbooks): add test-strategy.md (RAN-46 AC #5) (#89)
- 19c6619 fix(security): enforce max-bytes cap on /api/file + MCP read_file (RAN-9) (#67)
- f7c4401 fix(security): block path traversal via symlinks in /api/file and read_file (RAN-8) (#65)
- 0e93226 fix(build): restore SpotBugs quality gate on main (RAN-26) (#68)
- ffe537a docs(claude-md): refresh stale gotchas (RAN-13) (#63)
- eb05201 fix(build): unblock mvn test — drop tsconfig baseUrl, add frontend.skip (RAN-27) (#66)
- d3692cd chore(hygiene): batch 5 LOW-severity follow-ups from RAN-6 review (RAN-33) (#70)
- b6648c0 refactor(cli): split EnrichCommand.enrichFromCache into phase helpers (RAN-41) (#73)
- 1ae0278 chore(bootstrap): RAN-46 engineering bootstrap (security, runbooks, OpenSSF wiring) (#74)
- 8f1ce18 fix(spotbugs): eliminate 12 SpotBugs findings (RAN-23) (#71)
- 0b47514 perf(detector): hoist inline Pattern.compile to static finals (RAN-32) (#69)
- cab71a4 refactor: rename code-iq → codeiq across the project (#62)
- 4c46a60 fix(detector): eliminate regex backtracking in Liquibase YAML patterns (#61)
- bfab2e7 fix: Sonar follow-ups — ModuleDeps ordering, Express dead code, RepositoryIdentity env (#60)
- dd8adaa test(coverage): add targeted tests for SonarCloud new-code backfill (#59)
- eaea1ff chore(sonar): clean unused imports, suppressions, and private members (#58)
- 1e44b8e feat(detector): SQL/migration detector + SQL_ENTITY NodeKind (#48) (#57)
- 84e8e65 refactor(detector): reorganize tree into jvm/markup/systems/script/structured/sql taxonomy (#47) (#56)
- fb86925 refactor(test): slice UnifiedConfigBeansTest to ApplicationContextRunner (#50) (#55)
- 8ed60f5 fix(intelligence): close ExecutorService via try-with-resources (SonarCloud S2095) (#54)
- 046ea70 chore(config): freeze CodeIqConfig mutation surface (#49) (#53)
- 65aac67 chore(config): retire legacy ProjectConfigLoader static API (#52) (#52)
- 2292051 feat(config): unified config — Phase B (#51)
- 2f398fb fix(deps): clear all 12 known CVEs from the 2026-04-17 baseline (#50)
- 066d870 docs(baseline): capture real CVE inventory via OSV-Scanner + Dependabot (#49)
- bce0a01 phase a/fix playwright webserver (#48)
- a131a80 phase a/fix bootstrap listener (#47)
- 3beafd9 fix(serve): publish availability events so /actuator/health returns 200 (#46)
- 62806c4 fix(baseline): probe /api/stats for serve-smoke readiness instead of /actuator/health (#45)
- fab34db fix(np-null): eliminate all 26 NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE findings (#44)
- ecc224b phase a/fixups spotbugs (#43)
- caabd1d Merge pull request #42 from RandomCodeSpace/phase-a/audit-baseline
- 4c0239e chore(baseline): add consolidator and publish first BASELINE.md
- 81a0e8f chore(baseline): add OWASP dependency-check baseline capture (NVD sync needs retry)
- 40a5b4e chore(baseline): run pipeline on realworld-express
- 989b989 chore(baseline): add index/enrich/serve-smoke pipeline capture
- abe4a70 chore(baseline): add frontend audit (npm audit + Vite + Playwright)
- c103bb8 chore(baseline): add dependency-tree + license snapshot capture
- e3a934e chore(baseline): add SpotBugs baseline capture
- 2ea1b41 chore(baseline): add flaky-test scan (N repeated runs)
- 86405bf chore(baseline): add Maven verify + JaCoCo capture script
- c9024dc chore(baseline): add seed-repo fetch script with pinned commits
- 5a6ac02 chore(baseline): scaffold baseline dirs and gitignore
- e044268 feat: single-page UI with treemap, stats, MCP console + backend fixes
- 8da0f91 fix: file tree drops files when directory-like filePaths exist (monorepo bug)
- 91803c4 fix: collapse single-child directory chains in treemap for usable drill-down
- 369880b checkpoint: pre-yolo 20260406-120327
- e7a2697 fix: file-tree returns full depth for treemap drill-down
- 7570eb4 fix: treemap drill-down and proportional sizing
- a655a94 fix: file tree LIMIT overflow + edge kind breakdown from Neo4j
- d531e56 fix: unlimited file tree for codemap, edge kind stats, grayscale theme, nav colors
- 1db90da fix: codebase map data source, darker theme, edge breakdown
- 791ed93 fix: consistent card sizes, edge breakdown, blue theme (no purple)
- c4a325d fix: UI polish — object display, zero-value modals, dark theme, map sizing, console default
- b2b1c3a fix: UI polish + EXTERNAL node kind + horizontal nav
- 1e20619 docs: update CLAUDE.md and README.md for UI rewrite
- b525287 feat: complete UI rewrite — React + Ant Design + ECharts
- 1068eee docs: rewrite all 34 MCP tool descriptions for AI agent consumption
- bb8a092 fix: zero edge loss in enrich — stub nodes for external references + use all edges
- 2663ac5 fix: create stub nodes for external edge references — zero edge loss
- 0d5e9d8 fix: increase LanguageEnricher timeout to 5min, skip non-source files
- a367821 feat: add --read-only mode for serving on read-only filesystems (AKS/K8s)
- b417ee3 refactor: unify data directory to .code-iq/ and --no-cache deletes DB
- d3c0452 fix: ensure mutable properties map before setting file_type on nodes
- d3b642b fix: DROP and recreate H2 tables on cache version mismatch
- 1ef97f3 fix: run_cypher guard now correctly allows CALL db.* read-only procedures
- a7b8253 fix: allow read-only CALL db.* Cypher queries + fix egg-info exclusion
- a3f141e Stop tracking generated frontend static assets
- 92c1813 Fix evidence lookup and deterministic graph metadata
- d24836c fix: update ServeCommandTest to use Path for repository path assertions and enhance .gitignore for frontend build outputs
- f96d86a feat: file type classification, test file detection, and searchable snippets
- 4304caf feat: file inventory nodes, H2 status tracking, and performance optimizations
- 6886769 fix: skip ANTLR for TS/JS grammars and harden H2 concurrency
- 442591d feat: zero data loss — ANTLR timeout triggers regex fallback instead of skipping files
- 543749c fix: update LanguageEnricherTest for parallel execution
- 15e0aba refactor: use try-with-resources for executor via BoundedExecutor wrapper
- e6ec6c4 style: use actual emoji characters instead of unicode escapes in log messages
- f1b8e0d fix: add 500KB ANTLR size guard + emoji logging + skip diagnostics
- cd07d82 feat: add real-time progress logging and --verbose flag for diagnosing pipeline issues
- d7a6813 fix: parallelize LanguageEnricher with per-file timeout and minified skip
- f855c8a fix: use daemon threads for fixed thread pool to prevent JVM exit hang
- a91c1c9 fix: replace try-with-resources executor with bounded shutdown to prevent end-of-index hang
- 7e5d79f fix: remove shutdownNow() that caused RejectedExecutionException cascade
- 84654f8 fix: handle RejectedExecutionException in all analysis submit paths
- 4a5b31b fix: force shutdownNow() on executor before auto-close to prevent end-of-index hang
- 3f1a4dd fix: detect minified JS files by content, not just filename
- 233bcf3 fix: add 30-second per-file timeout to prevent index from hanging
- 654e920 fix: read version from build-info.properties, rename OSSCodeIQ → Code IQ
- 4276f11 docs: rename OSSCodeIQ → Code IQ, rewrite README as user guide with Mermaid diagrams
- 3711f06 docs: update CLAUDE.md and README.md with current project state
- 82e8d95 fix: address code review findings from refactoring
- 4ab7b83 refactor: extract AbstractTypeScriptDetector + consolidate CLI output helpers
- 275548b Merge pull request #41 from RandomCodeSpace/chore/cleanup-ci-workflows
- 08c9602 chore: merge CI + SonarCloud workflows, drop cross-platform job
- a3088ae Merge pull request #40 from RandomCodeSpace/fix/reliability-bugs
- ec5180d fix: resolve all 9 SonarCloud reliability bugs
- 95292e1 Merge pull request #39 from RandomCodeSpace/fix/sonarcloud-quality-gate
- c48ec85 fix: resolve SonarCloud reliability bugs, unused imports, string constants, dead code
- 51f659f checkpoint: pre-yolo 20260404-155212
- a8f264a Merge pull request #38 from RandomCodeSpace/fix/reduce-duplication
- 963afa0 refactor: extract within-file helpers to eliminate detectWithAst/detectWithRegex duplication
- 57dc990 Merge pull request #37 from RandomCodeSpace/coverage/boost-80pct-r2
- 2067842 refactor: eliminate code duplication across detectors and CLI commands
- 3575672 checkpoint: pre-yolo 20260404-145054
- bf28697 checkpoint: pre-yolo 20260404-144727
- e5d49de Merge pull request #36 from RandomCodeSpace/coverage/boost-80pct-r2
- dd7586b checkpoint: pre-yolo 20260404-143426
- 0b45b19 refactor: extract AbstractPythonAntlrDetector + fix MD5 security hotspot
- daafc78 Merge pull request #35 from RandomCodeSpace/coverage/boost-80pct-r2
- eefd8ae test(coverage): add 1500+ tests targeting SonarCloud gaps — 90.6% local line coverage
- eb62f83 test(coverage): add regex-fallback path tests for Python/Java ANTLR detectors
- b294c16 Merge pull request #34 from RandomCodeSpace/coverage/boost-80pct-r2
- 6564523 Merge branch 'coverage/cov-java2' into coverage/boost-80pct-r2
- 668ef83 test(coverage): expand Java/MCP/K8s tests for SonarCloud coverage boost
- b198271 test(coverage): expand Python detector + FlowViews tests for SonarCloud coverage
- d45153d Merge pull request #33 from RandomCodeSpace/coverage/boost-80pct
- a683877 chore: exclude ANTLR grammar package from JaCoCo coverage (already excluded in sonar.exclusions)
- 7317969 Merge branch 'coverage/cov-cli-support' into coverage/boost-80pct
- 7bb2494 Merge branch 'coverage/cov-py-go' into coverage/boost-80pct
- 1ed48f8 Merge branch 'coverage/cov-java' into coverage/boost-80pct
- 869a9ae test(coverage): expand Java detector + model tests for SonarCloud coverage
- 98c13a7 test(coverage): expand frontend/C#/auth/linker/cache/intelligence tests
- e3a34ec test(coverage): expand TypeScript detector tests to boost coverage toward 70%+
- 9976458 test(coverage): expand Python/Go/Rust/Scala/C++/Kotlin/Proto/Shell detector tests
- 91c032e Merge pull request #32 from RandomCodeSpace/fix/sonar-issues
- 3482b22 fix(sonar): S5998 ReDoS regex bounds + S3077 AtomicReference for thread safety + S6856 bind path variable
- 5fa6b17 fix(sonar): S1751 conditional break + S5850 regex grouping + S5855 redundant alternative + S5841 test emptiness
- 15be2e3 fix(sonar): S2142 re-interrupt thread on InterruptedException + S3923 dead branch + S2175 Boolean key
- 541fc81 Merge pull request #31 from RandomCodeSpace/fix/major-issues-phase5
- 99d5e89 fix: correct endpoint count to 37 in CLAUDE.md + remove dead INTERFACE_METHOD pattern
- 92a34bd docs: fix stale 31 count in McpTools.java key files row
- a58bc64 docs: update CLAUDE.md — accurate counts (39 endpoints, 34 MCP tools) + intelligence layer
- 7ef6e0d fix: remove dead sanitizeRelType method + fix tautological test assertion
- eea7564 fix: replace fragile String.contains interface detection with regex receiver matching
- 71117e4 fix: add edge dedup Set seen to GoLanguageExtractor.extractImportEdges
- 58281d7 fix: replace ThreadLocal with method-local instantiation
- aabcfdb fix: also wrap ServiceDetector reassignment in mutable ArrayList
- 93150bf fix: wrap builder.getEdges()/getNodes() in mutable ArrayList in EnrichCommand
- cf1cc49 chore: add .worktrees/ to .gitignore
- ca0d932 feat(intelligence): Phase 5 language-specific enrichment — merge to main (RAN-162)
- 66bd4fd fix(intelligence): Phase 5 PE re-review round 2 — 4 extractor fixes (RAN-175)
- 6003cb8 merge: sync feature/ran-162-language-extractors with main
- 00b62f5 fix(intelligence): Phase 5 PE re-review fixes — determinism, TS dedup, Python ambiguity (RAN-173)
- f06ff60 feat(intelligence): Phase 4 evidence packs + runtime API (RAN-161) (#30)
- f7390b7 fix(intelligence): GoLanguageExtractor duplicate IMPORTS edges (RAN-170)
- eb049ce fix(intelligence): Phase 5 JavaLanguageExtractor — false-positive CALLS, confidence, per-edge provenance (RAN-164)
- 4f9eddd feat(intelligence): Phase 5 language-specific enrichment — extractors for Java, TS, Python, Go (RAN-162)
- 03eca64 fix(intelligence): explicit UTF-8 in RepositoryIdentity.runGit() — DM_DEFAULT_ENCODING (RAN-160)
- c855019 test(intelligence): Phase 1-3 test execution — edge cases, cross-language, RepositoryIdentity (RAN-159)
- cc08698 feat(intelligence): Phase 2 lexical intelligence — doc comment index + snippet store (RAN-147)
- eef9dbc fix(intelligence): close InputStream explicitly in runGit() — SonarQube S2095
- d901b3b fix(intelligence): fix Process resource leak in RepositoryIdentity.runGit()
- 7b30a33 fix(intelligence): address PE review — cpp capability table + QueryPlanner profile guard (RAN-155)
- d3e462c fix(intelligence): fix HashMap determinism in FileInventory + gitignore entries (RAN-154)
- 624fdd3 fix(intelligence): address CTO review — TreeMap determinism + Neo4j provenance round-trip (RAN-146)
- 59f2e4e fix(intelligence): address PE architecture review — RepositoryIdentity constructor + AnalysisCache hash reuse
- b33baa9 feat(intelligence): Phase 1 provenance model, repository identity, file inventory (RAN-146)
- a912c6a feat(intelligence): implement capability matrix and deterministic query planner (RAN-148)
- c9b8d66 fix(security): add npm override for lodash >= 4.17.24 to fix HIGH CVEs
- b4d03ea checkpoint: pre-yolo 20260403-163239
- 1ad6f3c fix: remove duplicate methods and fix test stubs — build fixes
- d4a49c7 fix(test): update QueryServiceTest stubs for nonEndpointIds batch change
- 56fb08c fix: remove duplicate methods introduced by phase5 merge (build fixes)
- 18c0906 fix: remove duplicate findEndpointNeighborsBatch in GraphStore (build fix)
- 1172238 Merge feat/detection-quality-fixes into main
- 0aaefdd Merge pull request #18 from RandomCodeSpace/feat/ui-redesign-phase1
- f87b212 fix(detection): backport CTO-reviewed detector fixes into phase5 branch
- 4ca2662 Merge pull request #16 from RandomCodeSpace/feat/fulltext-search-index
- b848ffe Merge pull request #15 from RandomCodeSpace/feat/fix-nestjs-detector-guards
- 8b81027 Merge pull request #14 from RandomCodeSpace/feat/guard-linker-protects-edges
- 3755aab Merge pull request #13 from RandomCodeSpace/perf/search-pre-lowered-properties
- f8148bb fix: replace N+1 loop in QueryService.findRelatedEndpoints() with batch Cypher query
- 59481af fix(query): add path field to buildTreeOutput for FileTreeNode compatibility
- 2b9a510 fix(kafka): update CLASS_RE to match Kotlin object declarations and more modifiers
- 94fd9e6 fix(detector): fix ReactComponentDetector sibling RENDERS edges dropped
- bfcb543 fix(ui): fix global search — spinner/dropdown separation, keyboard nav, ProjectFileTree crash
- 95a8342 fix: NestJS discriminator guards, EXPOSES target, GuardLinker, and index await
- 4ec484d fix(ui): fix global search — role=searchbox, keyboard nav, asset bundle fix
- ff30577 fix(ui): add data-testid contract and afterrender hook to CodeGraphView
- c8a55bd checkpoint: pre-yolo 20260403-091754
- 315311d checkpoint: pre-yolo 20260403-083943
- e514ea9 test(ui): harden gotoRoute — patch stale JAR index.html + extend timeout
- fb9ede9 fix(frontend): fix FileTree type mismatch and add ErrorBoundary
- a580ae4 fix(ui): fix FileTree type mismatch and add ErrorBoundary
- 38fa346 fix(api): harden GET /api/file-tree — depth cap, heap limit, caching
- 9155a45 fix: address CTO review — XSS, G6 leak, ARIA, hooks, and stale state
- 15ce115 checkpoint: pre-yolo 20260402-204358
- 9f90681 checkpoint: pre-yolo 20260402-014120
- 7b8bf32 fix(ui): lazy-load G6 graph and remove dead D3 dependency
- 658bd5a fix(ui): remove read-only contract violations and stale build artifacts
- 12a223d fix(ui): address PE code review findings — read-only contract, race conditions, leaks
- c0dbb5b build(ui): rebuild frontend for Phase 6 MCP Console & API Docs redesign
- df4d7ed feat(ui): redesign API Docs with Tabs — Swagger UI + MCP Tools Reference
- 18cead1 feat(ui): redesign MCP Console with accordion, command palette, inline params, history
- 87da9b9 feat(ui): extract MCP tool catalogue to shared mcp-tools.ts (36 tools)
- d9a955d feat(ui): add shadcn/ui accordion, input, dialog, tabs, scroll-area primitives
- 8415eb9 feat(ui): add @radix-ui/react-accordion and @radix-ui/react-tabs for Phase 6
- af54701 Revert "fix(detection): address CTO code review — 5 issues from PR #20"
- 695344c fix(detection): address CTO code review — 5 issues from PR #20
- 9750d27 feat(ui): Phase 5 — Dashboard & stats redesign with shadcn/ui
- 908a598 feat(ui): Phase 4 — Contextual right-panel node details view
- ee7277c feat(ui): Phase 3 — Replace D3 treemap with @antv/g6 v5 graph visualization
- 8c021b1 perf: fix Neo4j query hotspots — fulltext index, N+1 batch, single-tx stats, caching
- 7cec5fd fix(detection): fix TopicLinker SENDS_TO gap, ConfigDefDetector, KafkaDetector Kotlin, and ReactComponentDetector RENDERS scoping
- f3de21b feat(ui): Phase 2 — Project Explorer file tree in left sidebar
- 0292d8d feat: add GET /api/file-tree endpoint for hierarchical codebase structure
- c2982a7 test(ui): add Playwright E2E test suite for Phase 7 UI redesign
- 6f8a521 feat(ui): Phase 1 — shadcn/ui foundation and panel-based layout shell
- 4c3310a perf: replace B-tree CONTAINS scan with fulltext index for search()
- e8a8040 fix: extend TopicLinker to handle SENDS_TO/RECEIVES_FROM/PUBLISHES/LISTENS edges
- bfe2c42 fix: add NestJS discriminator guards and fix EXPOSES edge target
- c5f9852 fix: exclude message-driven and security components from dead code detection
- ac97db0 feat: add GuardLinker to create PROTECTS edges between GUARD/MIDDLEWARE and ENDPOINT nodes
- ed2c587 perf: replace toLower() full scans with pre-lowered indexed properties for search
- 6e6072b fix: replace N+1 loop in findRelatedEndpoints() with single batch Cypher query
- 11edfd8 feat: add --no-ui flag to serve command to disable web UI
- 85333f1 feat(frontend): replace Topology/Flow tabs with interactive Code Graph treemap
- 8f80799 fix: EnrichCommand passes project root to ServiceDetector for filesystem walk
- e901829 fix: pass project root to ServiceDetector so filesystem walk runs during enrich
- 801ba72 Merge pull request #8 from RandomCodeSpace/docs/update-claude-readme-accuracy
- d963ab0 docs: update CLAUDE.md and README.md with verified codebase facts
- 5ee939d chore: update index.html asset hashes after Thymeleaf removal rebuild
- 224ce21 Merge pull request #7 from RandomCodeSpace/remove/thymeleaf-ui-consolidation
- c8d3a7f fix: restore flow/interactive.html — used by FlowRenderer, not Thymeleaf
- f8b917d refactor: remove Thymeleaf UI, consolidate to React SPA
- 1d4fff9 fix: CTO code review — close 6 remaining gaps from improvement audit
- 69e0250 chore: add frontend asset bundles and integration smoke test
- 2d8f816 test: add coverage for GraphStore Cypher aggregation methods
- 23cbd3a Merge branch 'fix/api-hardening-validation-cleanup'
- 90401ee Merge branch 'perf/cypher-stats-cache-invalidation'
- 820dfab Merge branch 'fix/graphbootstrapper-cache-threadsafety'
- f046489 Merge branch 'fix/snakeyaml-safeconstructor-cors'
- b26b963 test: add validation and boundary tests for GraphController coverage
- 3333498 fix: API hardening — input validation, duplicate endpoint cleanup, config binding
- 336a40a fix: address PR review blockers — remove cache endpoint, fix casts, revert ThreadLocal
- 317cf99 fix: GraphBootstrapper OOM, AnalysisCache corruption, and thread-safety bugs
- 88bf14c Merge pull request #2 from RandomCodeSpace/fix/frontend-dead-button-url-encoding-tailwind-cdn
- b78db62 fix(security): replace unsafe new Yaml() with SafeConstructor and harden CORS
- 14bdeb3 fix: encode kindEntry in hx-get path for consistency
- 9a310da fix: address code review — query params for node IDs, correct brand colors
- f17eeba perf: replace in-memory stats with Cypher aggregations, add cache invalidation
- d28f062 fix: remove dead Run Analysis button, URL-encode node IDs, replace Tailwind CDN
- abf7f92 checkpoint: pre-yolo 20260331-172845
- 16fb4b1 feat: redesign bundle command — self-contained serve-ready ZIP
- 78f63eb perf: wait for Neo4j index before edge loading in enrich
- e05107c fix: batched DETACH DELETE to avoid Neo4j memory pool limit on large graphs
- bb05efd fix: reduce enrich batch size to 500 to avoid Neo4j memory pool limit
- 163d800 fix: enrich bulk-load missing properties + progress logging
- 7ed49ba fix: ServiceDetector filesystem walk was traversing entire directory tree
- 4c02514 feat: add source bundle via maven-assembly-plugin
- 0c97e12 docs: update CLAUDE.md with all session learnings
- f143ef5 refactor: serve is read-only — remove auto-enrich, use CLI pipeline
- 4ec4134 refactor: make MCP and API strictly read-only — no data manipulation
- 549f135 feat: ServiceDetector supports all major build systems across all languages
- b020f3a fix: ServiceDetector now scans filesystem for build files, not just node paths
- f179c3a checkpoint: pre-yolo 20260331-064707
- 368a785 fix: MCP client compatibility — ignore unknown fields in protocol messages
- d75688c feat: auto-enrich Neo4j on serve startup
- ba8d04d perf: optimize Neo4j bulkSave with UNWIND batches + index, default batch size 500
- aa5e257 chore: remove Docker, Helm, superpowers docs — bundled separately
- c1b9437 fix: correct SonarCloud project key from code-iq-java to code-iq
- 0c599d2 checkpoint: pre-yolo 20260331-040410
- 77b89cc feat: add automated E2E quality test suite with ground truth validation
- 2d185fc feat: comprehensive intelligence improvements — framework detection, layer classification, topology, dead code
- c91d57d fix: Fastify false positive + add E2E ground truth files
- bcc3df2 feat: fix MCP/API intelligence, add Neo4j persistence, enhance UI dashboard
- 89cb586 checkpoint: pre-yolo 20260330-220209
- 3f0ee38 checkpoint: pre-yolo 20260330-220034
- 9095e3b checkpoint: pre-yolo 20260330-213003
- fa7911d checkpoint: pre-yolo 20260330-210720
- 425b2ab checkpoint: pre-yolo 20260330-210705
- e3e831a feat: detectors emit infrastructure edges using InfrastructureRegistry
- 3627019 feat: add smart partitioned indexing with config-first pipeline
- 14776ea feat: add /api/topology endpoint for AppDynamics-style service map
- 96a0d28 feat: add InfrastructureRegistry and ConfigScanner for config-first indexing
- f8b21b3 perf: use UNWIND bulk writes in EnrichCommand for 10-100x faster Neo4j loading
- 12fc1a4 feat: add ArchitectureKeywordFilter for smart file pre-scanning
- 7520709 docs: Pipeline V2 design spec — config-first smart indexing + infrastructure topology
- 63b0adb perf: cap config/doc file size at 64KB, apply size check after language detection
- 98e6b48 perf: remove low-value extensions, skip lock files, reduce max file size
- cd87bfe fix: update tests for extension cleanup and batch size change
- 8cf2c7a feat: add --graph option to enrich command for multi-repo support
- 160b114 chore: increase default index batch size from 500 to 1000
- bac851f fix: flow CI/CD and Deploy views crash — filter edges with nonexistent nodes
- c4b479f fix: dashboard shows 0 files/languages — return ComputedStatsResponse format
- ba7db94 fix: flow page broken — add flat nodes list to FlowDiagram and hydrate edges for findAll
- 0a67ef5 chore: increase default GraphBuilder batch size from 500 to 1000
- 2b1f1ef fix: bypass SDN for all read queries to prevent recursive relationship hydration OOM
- 75baa52 fix: update GraphStore tests for embedded Neo4j API migration
- eb17b4f fix: use embedded Neo4j API for multi-column aggregation queries
- 6a49e64 fix: update tests for OOM fix — use aggregation queries instead of findAll()
- 07ae4cc fix: remove in-memory graph cache from GraphController, require Neo4j for serving
- 5d334dc fix: remove in-memory graph cache from McpTools, delegate to QueryService
- bdf2f31 fix: replace findAll() with Cypher aggregation in QueryService to prevent OOM
- 0a1f473 feat: add Cypher aggregation queries to GraphRepository and GraphStore for OOM fix
- 34255be fix: add -Xmx2g heap limit to Dockerfile to prevent unbounded memory growth
- a1a2f11 checkpoint: pre-yolo 20260330-170757
- 4d3a3dd Fix findByKind query: use explicit @query to avoid converter on String param
- 2960e5b Fix Neo4j enum conversion: add NodeKind/EdgeKind converters for SDN
- 15e51df Remove Hazelcast entirely — use Spring simple cache instead
- 858afae Revert Hazelcast cache to simple — HazelcastInstance lifecycle conflict with Spring Boot 4
- 7f64496 Fix serve to use Neo4j as primary query engine after enrich
- b9c28fc Fix Hazelcast CacheManager: create HazelcastInstance bean, rebuild frontend
- 34bf771 Fix all deep review issues: Hazelcast, Swagger, detectors, MCP, dead code, H2 cache
- 624196a Fix all review issues: security, determinism, infra, docs, frontend
- 777ed98 Remove docs/ — specs, plans, benchmarks, migration guide (internal only)
- 9e7e7a0 Remove uv.lock (Python package manager lock file)
- 55bf79a Clean up Python artifacts and update .gitignore for Java-only project
- 089d4e4 Merge branch 'java'
- e77fcf8 Remove Python CI/CD workflows — project is now Java only
- e3efc41 Remove Python CI/CD workflows — project is now Java only
- 9491eac Fix McpTools FlowEngine dependency: make Optional for H2 fallback
- 6dc2ac9 Fix McpTools FlowEngine dependency: make Optional for H2 fallback
- 7c3085d Fix UI dashboard, topology connections, H2 dedup, Neo4j serve, ResultSet leaks
- 1ef2b1b Fix UI dashboard, topology connections, H2 dedup, Neo4j serve, ResultSet leaks
- a6a26a6 Fix flow command and API to work from H2 cache without Neo4j
- 84ee8ad Fix flow command and API to work from H2 cache without Neo4j
- 4c0f008 Update README: accurate counts, 3-command architecture, topology, React UI, benchmarks
- 4807d2d Update README: accurate counts, 3-command architecture, topology, React UI, benchmarks
- 698db3f Fix beta workflow: add missing GPG passphrase for Maven Central signing
- c2a4f72 Fix beta workflow: add missing GPG passphrase for Maven Central signing
- 81b645c OSSCodeIQ: Complete Java rewrite — Spring Boot 4 + Java 25 LTS
- 0255efd Fix CI/CD: add permissions, target main branch, harden Dockerfile
- e30fcca Add React UI dashboard with Vite, Tailwind, Cytoscape.js, and Monaco Editor
- 7643757 Add serve E2E (H2-backed REST), multi-repo --graph flag, fix TS detector parity
- f95bc54 Add dedicated TypeScript ANTLR grammar for TS-specific syntax detection
- 89c0f43 Document Kotlin Compiler API evaluation: regex approach sufficient
- 245d856 Fix all code review bugs: security, thread safety, correctness, and cleanup
- 1ac7acd Fix BundleCommand: add no-arg constructor for Picocli instantiation
- 29be78a Fix CLI command crashes and H2 cache data loss
- ea6e213 Switch to manual beta releases with auto-versioning and add CLI classifier
- 428cb64 Fix Spring bean wiring: make Neo4j-dependent beans conditional for indexing profile
- 3900087 Implement Phase C: Service Topology — SERVICE nodes, TopologyService, REST + MCP + CLI
- 1030f7b Implement index/enrich/serve three-command architecture for memory optimization
- a40098e Add readFile line range support, startup optimization, and cleanup unused imports
- 3d0c187 Add @DetectorInfo annotation to all 97 detectors with category-based registry queries
- 1b07042 fix: move central-publishing-maven-plugin to release profile so SNAPSHOT deploys work
- b99703a docs: add pipeline configuration & discovery spec
- 7c5573a docs: update memory optimization spec with 3-command architecture (index/enrich/serve)
- ff517b7 Migrate analysis cache from SQLite to H2 for virtual thread compatibility
- c00a47c fix: move GPG signing to release profile only — SNAPSHOTs don't need signing
- 8f4ab51 chore: clean Python code from java branch, update .gitignore
- f6eedf2 build: switch from beta releases to SNAPSHOT deploys
- 53e7b6f docs: add Java version README, CLAUDE.md, and migration guide
- 89f7691 build: cross-platform CI matrix, SonarCloud config, Docker AOT + health check
- 3a0a55f build: remove JaCoCo coverage enforcement, let SonarCloud handle quality gate
- 73fa1f4 feat: add stats CLI command with rich categorized output
- 7ad7d99 feat: add stats CLI command with rich categorized graph statistics
- 78e2ab8 fix: synchronize SQLite cache for virtual thread safety
- 0a2a0f2 feat: wire MCP tools, bundle with flow.html, incremental analysis cache
- 6fe7cf6 feat: add YAML export, --parallelism flag, /api/file endpoint, .osscodeiq.yml config loading
- f80a7dd fix: resolve ANTLR performance regression — skip parsing for regex-only detectors, add parse cache
- 5427eeb Rewrite 13 TypeScript/JavaScript detectors from regex to ANTLR AST
- ebbac6b Rewrite 12 detectors (Go/C#/Rust/Kotlin/Scala/C++) from regex to ANTLR AST
- dddddb1 Rewrite 11 Python detectors from regex to ANTLR AST with regex fallback
- cdf947b checkpoint: pre-yolo 20260329-143828
- 7031310 fix: suppress all logging noise in CLI mode for clean output
- a8bc0f8 fix: add source JAR, javadoc JAR, GPG signing for Maven Central
- e366852 fix: switch Maven Central publishing from OSSRH to Central Portal
- edd7cbd docs: update benchmark results with actual measured data
- 4383d6e test: add extended tests to boost JaCoCo coverage from 77% to 87%
- d605e48 fix: add JacksonConfig, clean up McpTools unused import
- a6f482e feat: add beta auto-release workflow for Java rewrite
- 3ffadac docs: add comprehensive benchmark results — Java vs Python
- cf86baf feat: add Phase 5 — Thymeleaf + HTMX web UI for graph exploration
- f464364 feat: add Phase 6 — CI/CD pipelines, Docker image, Helm chart, and release setup
- a720d7b feat: add Phase 4 — Picocli CLI layer with all 11 commands
- 07944fe feat: add Phase 3 — query engine, REST API, MCP server, Hazelcast caching
- d73b1eb fix: make JavaParser thread-safe with ThreadLocal to close node gap
- 4a8e1e1 feat: upgrade 6 Java detectors to JavaParser AST parsing with regex fallback
- 4e81645 fix: close edge count gap — set module on all nodes and fix structured parser wrappers
- 9bc141b test: add full analysis integration test against real spring-boot codebase
- b7c3d84 feat: add analysis pipeline — file discovery, graph builder, linkers, layer classifier
- 3dcc737 feat: port remaining 27 detectors from Python to Java (13 categories)
- 496c9d1 feat: port all 28 Java detectors from Python to Java
- 702564a feat: port all 18 config/infrastructure detectors from Python to Java
- 2f6a69a feat: port all 13 TypeScript/JavaScript detectors from Python to Java
- cbb926c feat: port all 11 Python-language detectors to Java
- 32e1b0b feat: detector infrastructure + benchmarks + test framework
- 8254424 feat: add detector infrastructure — interface, records, base classes, registry, and utilities
- bb4c8ef feat: add benchmark tests, language mapping test, and DetectorUtils
- 40e4611 fix: address Phase 1 code review findings for Java rewrite
- e0060f5 feat: Spring Boot 4 project foundation (Phase 1 Java rewrite)
- c9418f4 checkpoint: pre-yolo 20260329-071346
- 963e692 fix: flow view uses iframe for full-page HTML, add API docs links to header
- efda176 Fix critical bugs and polish NiceGUI Explorer UI to production grade
- 78135b0 docs: update README with Explorer UI, MCP console, correct stats
- 5ad4807 feat: rename .code-intelligence to .osscodeiq, add nicegui dep, add design specs
- f04efc3 Boost server/ui test coverage: extract testable logic, add 35 new tests
- 55d0689 Wire NiceGUI UI into FastAPI server (Task 9)
- f4c8733 Add MCP Console and Flow View UI pages (Tasks 7-8)
- dd35046 Add Explorer page with card grid, drill-down nav, search, and pagination (Task 6)
- 53b3de8 Add Explorer UI theme module and components helpers (Tasks 4-5)
- d81ecf1 Add Explorer UI service methods and API routes (Tasks 2-3)
- 9e0e1e9 checkpoint: pre-yolo 20260328-202904
- fad24cf checkpoint: pre-yolo 20260328-202708
- a0d58a8 Rewrite CLAUDE.md for OSSCodeIQ — comprehensive project reference
- e3efc6c Add GitHub release creation to PyPI publish workflow
- 32bebc6 Fix pyproject.toml: move dependencies back under [project] section
- 64355e7 Add project URLs, classifiers, and keywords for PyPI metadata
- be93848 Fix PyPI publish: patch version from workflow input before building
- dd1ac56 Add 109 more tests to reach 86% coverage (2074 total)
- b6a730c Add 109 more tests to reach 86% coverage (2074 total)
- 598678a Install kuzu in CI and SonarCloud pipelines for full test coverage
- a0e9b3c Restore PyPI trusted publisher environment for verified publishing
- 1afe1e9 Add README and license metadata to pyproject.toml for PyPI
- 08670ed Fix 3 SonarCloud reliability bugs
- c6f7266 Add 277 tests to reach 85% code coverage
- 6e7b669 checkpoint: pre-yolo 20260328-184404
- 28d49db Fix SonarCloud issues: vulnerabilities, bugs, and code smells
- 729fd62 Fix BLOCKER BUG: wrong keyword argument in generate_flow route
- df5d28a Suppress websockets deprecation warnings in serve command
- 9523a4f Fix GitHub repo URLs back to RandomCodeSpace/code-iq
- abddd00 Fix SonarCloud source path after rename to osscodeiq
- 5ad9975 Rename project to osscodeiq
- 1945f6e Move server dependencies to core, restore optional-dependencies section
- 9cc4f81 Update uv.lock with server dependencies
- aeb5ec5 Remove environment block from PyPI publish workflow
- 4075699 Add unified REST API + MCP server on a single port
- 8d5822a Remove Python 3.11 support for Ubuntu 20.04
- ac7797a Remove Amazon Linux 2023 from publish workflow
- 67cf039 Fix Windows encoding error when writing flow HTML output
- db6fde6 Fix Windows encoding error when reading vendor JS files
- 2daecc1 Replace Mermaid with Cytoscape.js for interactive flow visualization
- a5f1002 Use PEP 440 format for beta tags (v0.0.1b0 instead of v0.0.1-beta.0)
- 276ff5e Use latest stable release tag for beta base version instead of pyproject.toml
- b2e57f4 Reset versioning to 0.0.0 and use incremental beta numbering
- 495c281 checkpoint: pre-yolo 20260328-162842
- 047cbfd checkpoint: pre-yolo 20260328-162231
- f23fadb checkpoint: pre-yolo 20260328-162212
- 2823173 checkpoint: pre-yolo 20260328-162119
- 33ff7de checkpoint: pre-yolo 20260328-162113
- 35d313b Redesign flow UI with Tailwind CSS — premium look + working edges
- 29682a8 Add .codeignore + .gitignore support, fix node_modules exclude bug
- 5f4c37c Replace Snyk with SBOM + pip-audit dependency scan workflow
- 53cf042 Fix Snyk badge: use shields.io dynamic badge, link to Snyk dashboard
- 64e202f Remove requirements.txt — Snyk supports pyproject.toml directly
- 5d04b2c Fix CVE-2025-59844: upgrade sonarqube-scan-action v5 → v6
- d9bb1f6 Add requirements.txt for Snyk vulnerability scanning
- a0253d9 Add SonarCloud workflow with coverage + test results
- c45e1ba Replace custom security workflow with Snyk + Sonarcloud badges
- 08b2ce6 Replace static security badges with live GitHub Actions status
- 5176eab Fix security scan: exclude local package from pip-audit, fix pip-licenses format
- b315653 Fix pip-audit: skip editable/local package, scan dependencies only
- 832a0e2 Allow all security scan jobs to fail without blocking
- 47e1931 Add comprehensive security scanning workflow (Nexus IQ alternative)
- ffc7ad7 Rename CLI to code-iq, add version command, fix beta versioning
- dc80b01 Add manual trigger to beta workflow
- 2dce46c Fix beta workflow: merge duplicate env blocks
- f717be2 Make release badge dynamic — pulls latest from GitHub Releases API
- bffa7f3 Add auto-increment beta publish on every push to main
- 8db62ac Fix 2 CodeQL alerts: pin pypi-publish action SHA + fix Svelte regex
- 77180fa Simplify publish workflow: no root/system deps needed for install
- e231732 Update publish workflow: comprehensive cross-platform matrix + refresh uv.lock
- 9167205 Add manual publish workflow for PyPI with cross-platform testing
- b0ad4b0 Remove scripts/ — badge update script no longer needed
- d4feef9 Remove auto-commit badge workflow — causes push race conditions
- e1933a3 Remove docs/specs from repo, add to .gitignore
- 8e254b5 Fix README: resolve merge conflicts, update with current stats
- fdd31e9 chore: update README badges [skip ci]
- ecf5d38 Phase 4b: 5 ORM/database detectors (Prisma, Sequelize, Mongoose, Pydantic, Django models)
- 99318e1 chore: update README badges [skip ci]
- 2baea28 Phase 4a: 6 high-impact structure + framework detectors
- 592daba chore: update README badges [skip ci]
- 9f51f57 Add comprehensive edge case, race condition, and boundary tests
- 2c2562f Phase 3: Flow generator with interactive HTML drill-down UI
- e442189 Add flow generator implementation plan
- e7ebc49 Add flow generator design spec
- 15bd098 Eliminate all code duplication + add 150 tests for 20 dark detectors
- 5689c01 Update README badges and CLAUDE.md for Phase 2 completion
- bebf0d9 chore: update README badges [skip ci]
- cf47ac8 Phase 2: Tech debt cleanup — auto-discovery, utils, split imports, dispatch table, linker protocol, extensions, tests
- 6c4fd92 Add project CLAUDE.md with architecture, conventions, and rules
- a59a45f chore: update README badges [skip ci]
- e5335e0 feat: add cypher and find CLI commands for querying the graph
- 7a9778f chore: update README badges [skip ci]
- 620b32c feat: KuzuDB CSV bulk import + buffered node/edge insertion in GraphBuilder
- da3aef3 chore: update README badges [skip ci]
- beaf335 fix: buffer edges in GraphBuilder for 100% cross-backend parity
- 794e1f7 chore: update README badges [skip ci]
- 367fb5e fix: enforce consistent edge behavior across all backends
- 7a103d3 chore: update README badges [skip ci]
- c7b1900 feat: multi-backend graph storage — KuzuDB, SQLite, NetworkX adapters
- c2ae257 feat: introduce GraphBackend protocol and refactor GraphStore as facade
- 2e34d7c chore: update README badges [skip ci]
- d58b133 Fix LayerClassifier to update networkx data in-place via classify_store
- 287f185 Add 14 new detectors: 9 auth + 5 frontend + layer classifier integration
- c72241a feat: add LayerClassifier for deterministic graph node layer assignment
- 246eea0 feat: add COMPONENT, GUARD, MIDDLEWARE, HOOK node kinds and PROTECTS, RENDERS edge kinds
- f8b4efa Add implementation plan for layer classification, auth, and frontend detectors
- 8675eca Add design spec for layer classification, auth detection, and frontend components
- 2e45893 chore: update README badges [skip ci]
- f7c9c24 Add .markdown extension support (quick win: +1,586 files covered)
- 4ef716a chore: update README badges [skip ci]
- 71187a2 Fix non-determinism bug: ensure 100% consistent results across runs
- 08c6a17 Remove custom CodeQL workflow, use GitHub default setup instead
- 3ea5617 Add permissions to CI/CodeQL workflows, fix vulnerability badge 404
- a9a7e79 Dismiss Pygments CVE-2026-4539 (low, no fix available), update vulnerability badge to 0
- 2de0b5f Fix 404 badges: replace dynamic Release and Dependabot with static ones
- 076cc5a Add dynamic vulnerability badge to README
- 7f9e2ec Add security badges and CodeQL workflow
- 7f25f2d Add GitHub Actions for CI and dynamic README badge updates
- 6ea2081 Fix README: remove stats table, add file/LOC badges, fix PyPI link
- 3d27ed1 Add README.md with full documentation and MIT LICENSE
- d722a51 Add docs/superpowers/ to .gitignore
- a15c244 Remove superpowers design docs from repo
- 5d26339 Update .gitignore with comprehensive exclusions
- 6431cca Add 16 structured data detectors for JSON, YAML, TOML, INI, Markdown, Proto, SQL, Batch
- 5d2ac25 Add design spec for 16 new structured data detectors
- 822161d checkpoint: pre-yolo 20260327-202059
- e84b5a5 checkpoint: pre-yolo 20260327-201539
- 5b96d3d checkpoint: pre-yolo 20260327-201507
- d8f7ba4 checkpoint: pre-yolo 20260327-201337
- 3a527ea checkpoint: pre-yolo 20260327-170944
Built with Go 1.25.10 via Goreleaser.