reference

Changelog

What shipped, by date — derived from merged pull requests, not a hand-written narrative. PR numbers are noted so any line here traces back to the actual diff on GitHub.

Documentation hub

#121, #122
  • Launched /docs: a sidebar-navigated documentation section inside the product.
  • Trust pages — security & data handling, scan limits, suppressions.
  • Reference — detector overview and the 17-signal posture score.

Landing & comparison honesty

#118, #119, #120
  • One-click positioning hero and an honest /compare page (where TriageRook wins and where it doesn't).
  • Marketing counts bound to the rule catalog at the source, so numbers can't drift.

Detection surface expansion

#107–#112
  • Container OS-package CVEs ingested from a committed Trivy SARIF report.
  • Dedicated Helm values scanner and a hardcoded-secret-in-workflow-env rule.
  • A round of detector gap-closing and false-positive fixes.

New detectors

#99–#101
  • AI-generated insecure-code detector (placeholder creds, deferred-security TODOs, swallowed exceptions).
  • Business-logic / broken-access-control scanner (IDOR, mass assignment, privilege escalation).
  • License scanning for PyPI / Go / RubyGems via deps.dev.

Major detector wave

#89–#95
  • Terraform and Kubernetes IaC misconfiguration scanners.
  • Open-source license / compliance scanner.
  • Cloud IAM-in-code scanner.
  • Opt-in secret liveness validation.
  • Context-aware (framework-gated) SAST.
  • Blast-radius and attack-path correlation over findings.

Rebrand to TriageRook

#80, #84
  • RepoGuard became TriageRook.
  • Production moved to www.triagerook.com.

Launch readiness

#75
  • Tunable rate limits and structured scan-event logging.
  • Server-side GitHub token to lift the anonymous-scan API quota under load.

Earlier history (the initial detector set, secret patterns, SARIF export, and the public-scan path) predates this log — browse the full merged-PR history on GitHub for the complete record.