|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## Release v1.0.14 (September 1st, 2024) |
| 4 | + |
| 5 | +* Added a new check on workflow runs for accounts which are NOT contributors, presenting a WARNING on screen. This could help identify hack attempts via Workflow runs. |
| 6 | +* Added a new check on releases to identify accounts which create releases/upload assets and are NOT contributors, also WARNING on screen. |
| 7 | +* Added pulling and analysis of Comments for Commits, Issues and Pull Requests. |
| 8 | +* Added messages to point out when comments get updated (Edited) after a day of being created. |
| 9 | +* Added parsing of reactions for comments in Commits, Issues and Pulls. We're printing the comment that had the most Positive, Neutral and Negative reactions in Commits, Issues and PRs. |
| 10 | +* Added support capped to 5000 Workflow runs for analyzing past workflow runs in a repository. Runs can go very high in the, for example, 50k, which is why we cap. |
| 11 | +* Added a limit of 5000 Artifacts inspection to prevent the analysis from being too expensive in really big repositories. |
| 12 | +* Added support to get repository labels, pointing out specifically those which are custom. |
| 13 | +* Added to the repository summary the printing of stargazers and watchers count even if 0, as it talks about reputation. |
| 14 | +* Added code to fetch environment protection rules; but it is commented out because it is seldom used. |
| 15 | +* Added to contributors_xray.py, a message to the user on how to use the filtering function in order to filter results for non-contributors. |
| 16 | +* Added to gx_context.py, two (2) helper methods, isContributor and areContributors which iterate and check logins against the list of cached repo contributors. |
| 17 | +* Added to the UNRELIABLE ACTIVITY message a clarification that the mismatch may be due to a rebased repository. |
| 18 | +* Added count of Pull Requests to the output line showing the PR link for a contributor. |
| 19 | +* Changed the way we refer to account results in gx_output.py - Instead of stating Contributors we're going to say accounts, as we may have non-contributor results. |
| 20 | +* Moved multiple results that were under the "urls" category to the corresponding category instead (eg. commit urls to a commit category). Makes it easier to navigate visually. |
| 21 | +* Fixed a visual typo (extra space) when printing 'starred' public events in verbose mode. |
| 22 | +* Fixed querying of environments for exceptional repository-cases where the API returns a 404 not found in json format instead of an empty list of results. |
| 23 | +* Fixed gh_api code for limiting results count in pagination when the API returns a dict with total_results followed by a list. |
| 24 | +* Fixed identifying unreliable dates in commits mismatching account creation dates. Now only checking against 'author', and not checking against 'committer'. |
| 25 | + |
3 | 26 | ## Release v1.0.13 (August 19th, 2024) |
4 | 27 |
|
5 | 28 | * Added the ability to identify unreliable commits containing unreliable dates in a repository. This could be the case when, for example, a contributor's account creation date is newer than a contributor's commit date in the repository. In certain cases, those can be attempts at faking historic activity by malicious actors, or it could also mean that an account was deleted and the same handle re-registered by someone else (https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/deleting-your-personal-account), among other possibilities. These warnings will show under the "commits" category. Gitxray will present a Warning stating that Unreliable historic activity was detected. |
|
0 commit comments