dependabot[bot]
bf31b6c7e8
chore(deps): bump torch
...
Bumps [torch](https://github.com/pytorch/pytorch ) from 2.10.0 to 2.13.0.
- [Release notes](https://github.com/pytorch/pytorch/releases )
- [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md )
- [Commits](https://github.com/pytorch/pytorch/compare/v2.10.0...v2.13.0 )
---
updated-dependencies:
- dependency-name: torch
dependency-version: 2.13.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-07-17 19:49:32 +00:00
surya
b6af44c1f6
[docs]: reorder detection rules by severity score
...
_PATTERN_RULES list had XXE_INJECTION (0.82) after XSS (0.80) and
CRLF_INJECTION (0.65) after PATH_TRAVERSAL (0.60), placing higher-
scored rules below lower-scored ones. Reordered to strict descending
order and updated the module docstring to match. No change to
scoring behavior — score_request() takes max + boost regardless
of list position.
2026-07-06 18:02:05 +05:30
surya
e8124990af
[fix]: align pnpm override with lockfile version
...
overrides.vite was pinned to npm:rolldown-vite@7.2.5 while
devDependencies and pnpm-lock.yaml both resolved 7.3.1. The mismatch
can produce ERR_PNPM_OUTDATED_LOCKFILE on --frozen-lockfile installs.
Updated override to 7.3.1 to match the resolved version throughout
the lockfile. No lockfile edits required.
2026-07-06 18:01:34 +05:30
surya
b34afd61b9
[refactor]: relocate backend entrypoint outside bind mount
...
Moved entrypoint.sh copy target from /app/entrypoint.sh to
/entrypoint.sh in the dev Dockerfile. The dev compose bind mount
./backend:/app overlays /app entirely; placing the entrypoint above
that boundary ensures the image-baked script is never shadowed by
host directory contents. No startup failure was reproduced — this
is a preventive hardening change.
2026-07-06 18:01:04 +05:30
surya
1709e0cf0a
[fix]: preserve pre-encoded payloads in simulator requests
...
urllib.parse.quote(path, safe='/?&=') was re-encoding % to %25 in
already-encoded attack paths (XXE, XSS, traversal payloads). Replaced
with a manual first-? split: path component encoded with safe='/%\'
(preserving existing percent sequences and backslash traversal vectors),
query string passed through untouched. Covers all 53 attack payloads
across 7 simulation modes. Inline comments removed from XXE_PAYLOADS
to match the style of all other payload lists.
2026-07-06 18:00:52 +05:30
surya
fd5f6a74f1
[fix]: correct encoded SYSTEM XXE regex matching
...
The final branch of _XXE_INJECTION was missing % separators between
hex pairs. Pattern %(?:25)?53(?:25)?59... never matched because after
consuming %53 the next sub-pattern expected 5 or 2, not %. Fixed by
inserting % anchors between each pair so both single-encoded
(%53%59%53%54%45%4D) and double-encoded (%2553%2559...) SYSTEM strings
match correctly. All existing XXE branches are unaffected.
2026-07-06 18:00:25 +05:30
surya
b29476d1d8
[chore]: bump rolldown-vite to 7.3.1 and migrate pnpm overrides to root
2026-07-04 21:36:38 +05:30
surya
ae159b3e7a
[chore]: copy lockfile and workspace config before pnpm install in Dockerfiles
2026-07-04 21:36:29 +05:30
surya
7f536cb617
[fix]: correct postgres volume mount path to /var/lib/postgresql
2026-07-04 21:36:16 +05:30
surya
614fc12bf2
[feat]: add xxe simulation mode with 5 XXE payload variants
2026-07-04 21:36:12 +05:30
surya
a12df57316
[feat]: register XXE_INJECTION detection rule with score 0.82
2026-07-04 21:36:08 +05:30
surya
22c9f66dcf
[feat]: add XXE_INJECTION regex pattern to ATTACK_COMBINED
2026-07-04 21:36:03 +05:30
dependabot[bot]
3af80845a1
chore(deps): bump pyarrow
...
Bumps [pyarrow](https://github.com/apache/arrow ) from 22.0.0 to 23.0.1.
- [Release notes](https://github.com/apache/arrow/releases )
- [Commits](https://github.com/apache/arrow/compare/apache-arrow-22.0.0...apache-arrow-23.0.1 )
---
updated-dependencies:
- dependency-name: pyarrow
dependency-version: 23.0.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-06-05 23:50:09 +00:00
Carter Perez
35efe0806d
Update README.md
2026-06-05 13:18:57 -04:00
dependabot[bot]
f9c1c2c183
chore(deps): bump aiohttp
...
---
updated-dependencies:
- dependency-name: aiohttp
dependency-version: 3.14.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-06-03 23:46:31 +00:00
dependabot[bot]
a455b78639
chore(deps): bump axios
...
Bumps [axios](https://github.com/axios/axios ) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.15.2...v1.16.0 )
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.16.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-29 16:31:21 +00:00
Carter Perez
ac9ed2c0d4
Merge pull request #247 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/idna-3.15
...
chore(deps): bump idna from 3.11 to 3.15 in /PROJECTS/advanced/ai-threat-detection/backend
2026-05-22 14:18:49 -04:00
dependabot[bot]
3474d7711b
chore(deps): bump mlflow
...
Bumps [mlflow](https://github.com/mlflow/mlflow ) from 3.9.0 to 3.11.1.
- [Release notes](https://github.com/mlflow/mlflow/releases )
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mlflow/mlflow/compare/v3.9.0...v3.11.1 )
---
updated-dependencies:
- dependency-name: mlflow
dependency-version: 3.11.1
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-21 20:33:21 +00:00
dependabot[bot]
9b4b6f7772
chore(deps): bump idna in /PROJECTS/advanced/ai-threat-detection/backend
...
Bumps [idna](https://github.com/kjd/idna ) from 3.11 to 3.15.
- [Release notes](https://github.com/kjd/idna/releases )
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md )
- [Commits](https://github.com/kjd/idna/compare/v3.11...v3.15 )
---
updated-dependencies:
- dependency-name: idna
dependency-version: '3.15'
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-19 15:56:13 +00:00
Carter Perez
07f7b3e07f
Merge pull request #225 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/gitpython-3.1.50
...
chore(deps): bump gitpython from 3.1.47 to 3.1.50 in /PROJECTS/advanced/ai-threat-detection/backend
2026-05-13 02:42:01 -04:00
Carter Perez
5b8032754a
Merge pull request #231 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/urllib3-2.7.0
...
chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /PROJECTS/advanced/ai-threat-detection/backend
2026-05-13 02:40:02 -04:00
dependabot[bot]
606b8d93d8
chore(deps): bump urllib3
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.6.3...2.7.0 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-version: 2.7.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-11 16:59:10 +00:00
dependabot[bot]
ca3d45bf63
chore(deps): bump gitpython
...
Bumps [gitpython](https://github.com/gitpython-developers/GitPython ) from 3.1.47 to 3.1.50.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases )
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES )
- [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.47...3.1.50 )
---
updated-dependencies:
- dependency-name: gitpython
dependency-version: 3.1.50
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-09 03:15:11 +00:00
dependabot[bot]
063a1ca222
chore(deps): bump mako in /PROJECTS/advanced/ai-threat-detection/backend
...
Bumps [mako](https://github.com/sqlalchemy/mako ) from 1.3.11 to 1.3.12.
- [Release notes](https://github.com/sqlalchemy/mako/releases )
- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES )
- [Commits](https://github.com/sqlalchemy/mako/commits )
---
updated-dependencies:
- dependency-name: mako
dependency-version: 1.3.12
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-08 10:29:08 +00:00
dependabot[bot]
45d4bc9993
chore(deps): bump axios
...
Bumps [axios](https://github.com/axios/axios ) from 1.15.0 to 1.15.2.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.15.0...v1.15.2 )
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.15.2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-08 09:54:42 +00:00
Carter Perez
eb1cdb4671
Merge pull request #190 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/python-dotenv-1.2.2
...
chore(deps): bump python-dotenv from 1.2.1 to 1.2.2 in /PROJECTS/advanced/ai-threat-detection/backend
2026-04-26 23:53:53 -04:00
dependabot[bot]
07d3b3967c
chore(deps): bump gitpython
...
Bumps [gitpython](https://github.com/gitpython-developers/GitPython ) from 3.1.46 to 3.1.47.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases )
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES )
- [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.46...3.1.47 )
---
updated-dependencies:
- dependency-name: gitpython
dependency-version: 3.1.47
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-26 01:24:42 +00:00
dependabot[bot]
066ab85b34
chore(deps): bump python-dotenv
...
Bumps [python-dotenv](https://github.com/theskumar/python-dotenv ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/theskumar/python-dotenv/releases )
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md )
- [Commits](https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2 )
---
updated-dependencies:
- dependency-name: python-dotenv
dependency-version: 1.2.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-21 22:42:21 +00:00
CarterPerez-dev
dc6567ae25
chore complete + add pre commit chnages
2026-04-19 18:54:08 -04:00
dependabot[bot]
786a1ea0c3
chore(deps): bump mako in /PROJECTS/advanced/ai-threat-detection/backend
...
Bumps [mako](https://github.com/sqlalchemy/mako ) from 1.3.10 to 1.3.11.
- [Release notes](https://github.com/sqlalchemy/mako/releases )
- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES )
- [Commits](https://github.com/sqlalchemy/mako/commits )
---
updated-dependencies:
- dependency-name: mako
dependency-version: 1.3.11
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-16 23:20:58 +00:00
Carter Perez
f19599356e
Merge pull request #162 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/pillow-12.2.0
...
chore(deps): bump pillow from 12.1.1 to 12.2.0 in /PROJECTS/advanced/ai-threat-detection/backend
2026-04-15 07:02:41 -04:00
dependabot[bot]
74a2dd18f4
chore(deps): bump axios
...
Bumps [axios](https://github.com/axios/axios ) from 1.13.6 to 1.15.0.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.13.6...v1.15.0 )
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.15.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-15 11:00:49 +00:00
dependabot[bot]
1285310112
chore(deps): bump pytest
...
Bumps [pytest](https://github.com/pytest-dev/pytest ) from 9.0.2 to 9.0.3.
- [Release notes](https://github.com/pytest-dev/pytest/releases )
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pytest-dev/pytest/compare/9.0.2...9.0.3 )
---
updated-dependencies:
- dependency-name: pytest
dependency-version: 9.0.3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-14 03:08:08 +00:00
dependabot[bot]
a7410bc34e
chore(deps): bump pillow
...
Bumps [pillow](https://github.com/python-pillow/Pillow ) from 12.1.1 to 12.2.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases )
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst )
- [Commits](https://github.com/python-pillow/Pillow/compare/12.1.1...12.2.0 )
---
updated-dependencies:
- dependency-name: pillow
dependency-version: 12.2.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-13 23:45:45 +00:00
Carter Perez
9edf1f6cff
Merge pull request #153 from CarterPerez-dev/project/sbom-generator-vulnerability-matcher
...
feat: sbom generator & vulnerability matcher + docstrings across 6 pr…
2026-04-08 23:54:50 -04:00
CarterPerez-dev
d277d50a93
feat: sbom generator & vulnerability matcher + docstrings across 6 projects
...
Add bomber CLI tool (Go) — scans dependencies across Go/Node/Python
ecosystems, generates SPDX 2.3 and CycloneDX 1.5 SBOMs, and matches
against OSV/NVD vulnerability databases with policy engine for CI/CD.
Add file-level docstrings to ai-threat-detection, firewall-rule-engine,
hash-cracker, linux-cis-hardening-auditor, binary-analysis-tool, and
credential-enumeration.
2026-04-08 23:53:40 -04:00
Carter Perez
0421ccd9e5
Merge pull request #141 from CarterPerez-dev/dependabot/uv/PROJECTS/advanced/ai-threat-detection/backend/onnx-1.21.0
...
chore(deps): bump onnx from 1.20.1 to 1.21.0 in /PROJECTS/advanced/ai-threat-detection/backend
2026-04-08 00:25:19 -04:00
dependabot[bot]
d0fbd65d4d
chore(deps): bump aiohttp
...
---
updated-dependencies:
- dependency-name: aiohttp
dependency-version: 3.13.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-01 22:21:09 +00:00
dependabot[bot]
14486ab5a1
chore(deps): bump onnx in /PROJECTS/advanced/ai-threat-detection/backend
...
Bumps [onnx](https://github.com/onnx/onnx ) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/onnx/onnx/releases )
- [Changelog](https://github.com/onnx/onnx/blob/main/docs/Changelog-ml.md )
- [Commits](https://github.com/onnx/onnx/compare/v1.20.1...v1.21.0 )
---
updated-dependencies:
- dependency-name: onnx
dependency-version: 1.21.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-01 22:11:19 +00:00
dependabot[bot]
73a2831f00
chore(deps): bump cryptography
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 46.0.5 to 46.0.6.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/46.0.5...46.0.6 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 46.0.6
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-03-28 13:10:01 +00:00
Carter Perez
da37954241
Update Cybersecurity Projects badge link
...
Updated badge link for Cybersecurity Projects from Project #6 to Project #17 .
2026-03-26 00:47:23 -04:00
dependabot[bot]
cbe757e261
chore(deps): bump requests
...
Bumps [requests](https://github.com/psf/requests ) from 2.32.5 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.32.5...v2.33.0 )
---
updated-dependencies:
- dependency-name: requests
dependency-version: 2.33.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-03-25 21:41:31 +00:00
dependabot[bot]
77f0b4b471
chore(deps): bump pyasn1
...
Bumps [pyasn1](https://github.com/pyasn1/pyasn1 ) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/pyasn1/pyasn1/releases )
- [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst )
- [Commits](https://github.com/pyasn1/pyasn1/compare/v0.6.2...v0.6.3 )
---
updated-dependencies:
- dependency-name: pyasn1
dependency-version: 0.6.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-03-17 20:37:48 +00:00
CarterPerez-dev
4224b7d283
97% complete
2026-03-02 17:29:48 -05:00
CarterPerez-dev
f9b5a614d3
feat: did a couple things idk
2026-02-28 14:08:36 -05:00
CarterPerez-dev
65e01d055c
chore(frontend): fix lint errors and update biome schema
...
Fix exhaustive deps, non-null assertion, a11y roles, and error boundary
type. Migrate biome config to 2.4.4.
2026-02-28 12:29:20 -05:00
CarterPerez-dev
cda830a4e5
feat(frontend): build dashboard, threats, and models pages
...
Dashboard: stat cards, severity bar, live alert feed, top IPs/paths.
Threats: filtered paginated table with detail slide-in panel.
Models: status banner, model cards with metrics, retrain button.
2026-02-28 12:13:38 -05:00
CarterPerez-dev
0b2035a793
feat(frontend): add shared components and dotted grid background
...
Severity badge, stat card, alert feed, threat detail panel. Add
severity/accent color tokens and dotted grid pattern on content area.
2026-02-28 11:36:49 -05:00
CarterPerez-dev
3b4f6ce8a6
feat(frontend): add React Query hooks and WebSocket alert feed
...
Hooks for threats list/detail, stats, model status/retrain, and live
WebSocket alert stream with auto-reconnect and ring buffer.
2026-02-28 11:32:23 -05:00
CarterPerez-dev
cdeb1451ef
feat(frontend): add Zod schemas for threat detection API
...
Type-safe schemas matching backend Pydantic models for threats, stats,
models status, and WebSocket alerts.
2026-02-28 11:24:03 -05:00