What's Changed

• New rules and version bump by @ajinabraham in #84

Full Changelog: 0.3.8...0.3.9

What's Changed

• fix possible redirect ssrf by @ajinabraham in #82

Full Changelog: 0.3.7...0.3.8

What's Changed

• [SECURITY] Fix SSRF in applink check, dependency update. by @ajinabraham in #81

Full Changelog: 0.3.6...0.3.7

• Added Thredpool for assetlink.json check
• Android SDK bump for manifest analysis
• Handle AppLink host with asterisk

• Manifest Analysis Code QA
• Added new rules strandhogg1.0, strandhogg2.0, AppLink assetlinks.json check, improved minsdk support check
• Bump dependencies

• Huge Performance Improvement from libsast bump

Full Changelog: 0.3.3...0.3.4

• Semgrep and libsast Bump

• iOS Objective C Biometric rule update
• iOS Swift Biometric rule description change.

• Add pre-scan suppression support for android manifest files by:
  • Filename
  • Pathname
• Handle None form user supplied config

• IOS Swift Rules updates
  • Updated or added rules
    • ios_biometric_bool
    • ios_biometric_acl
    • ios_keychain_weak_acl_device_passcode
    • ios_keychain_weak_accessibility_value
    • ios_insecure_random_no_generator
• Regex Hardening: Fixes possible Regex DoS
• Add support for --type android|ios|auto for explicitly forcing a rule set on source directory.