Safi
|
258eff3e9f
|
feat: composite surprise score — cross-type, cross-repo, community distance, peripheral→hub
|
2026-04-05 00:20:56 +01:00 |
|
Safi
|
a7f910667d
|
feat: GraphML export (--graphml flag) for Gephi and yEd
|
2026-04-05 00:20:56 +01:00 |
|
Safi
|
81a43f028f
|
feat: 13-language AST support and token benchmark
Java, C, C++, Ruby, C#, Kotlin, Scala, PHP via tree-sitter (13 total)
benchmark.py measures BFS subgraph tokens vs corpus tokens
5 skill bug fixes (cohesion crash, dead step, missing MCP tool)
|
2026-04-04 18:56:38 +01:00 |
|
Safi
|
41e4e3576a
|
security: SSRF protection, HTML escaping, path guards, encoding hardening
- graphify/security.py (new): centralised security module
- validate_url(): blocks file://, ftp://, data:, any non-http/https scheme
- _NoFileRedirectHandler: re-validates redirect targets, blocks file:// redirects
- safe_fetch(): streams response, 50MB hard cap, non-2xx raises, timeout
- safe_fetch_text(): safe_fetch + UTF-8 decode with errors=replace
- validate_graph_path(): resolves path, requires inside .graphify/, base must exist
- sanitize_label(): strip control chars, cap 256, html.escape() — mirrors
code-review-graph's _sanitize_name pattern
- graphify/ingest.py: _fetch_html() and _download_binary() now use safe_fetch*;
ingest() validates URL scheme and wraps network calls in try/except;
YAML frontmatter: newlines stripped from question before embedding
- graphify/extract.py: all 33 bare .decode() → .decode("utf-8", errors="replace")
— non-UTF-8 source files degrade gracefully instead of crashing extraction
- graphify/export.py: sanitize_label() on all node labels and edge titles
before pyvis embeds them in HTML output
- graphify/serve.py: _load_graph() validates graph_path via validate_graph_path()
and wraps JSONDecodeError with recovery message; sanitize_label() on MCP
text output
- graphify/detect.py: os.walk(..., followlinks=False) made explicit
- SECURITY.md (new): threat model, mitigations table, reporting process
- tests/test_security.py (new): 20 tests covering all security.py functions
|
2026-04-04 18:56:38 +01:00 |
|
Safi
|
0b7460a9e3
|
perf+fix: parallel extraction, faster imports, bug fixes
45x faster cluster import, 135x faster detect, parallel subagent extraction,
auto-exclude venvs/caches, suggest_questions fix, manifest fix, install CLI
|
2026-04-04 18:56:38 +01:00 |
|
Safi
|
e7a03a0539
|
feat: cache, multi-language extraction, MCP, memory feedback
call-graph INFERRED edges, multi-language semantic extraction, SHA256 cache,
MCP stdio server with shortest_path, Q&A memory feedback loop
|
2026-04-04 18:56:38 +01:00 |
|
Safi
|
ce47198be1
|
feat: Claude Code skill, Obsidian vault, install, tests
skill.md with full pipeline steps, Obsidian as default output (canvas, tags,
dataview, graph colors), two-command install, 71 tests, .gitignore, deps
|
2026-04-04 18:53:43 +01:00 |
|
Safi
|
77966a7622
|
feat: core pipeline
detect, extract (AST + call-graph), build, cluster, analyze, report, export
PDF extraction, tree-sitter AST, pyvis HTML, schema validation
|
2026-04-04 18:52:44 +01:00 |
|