SpyBara
Go Premium

security/plugin/changelog.md 2026-06-17 17:02 UTC to 2026-06-18 23:01 UTC

46 added, 0 removed.

2026
Sat 20 03:58 Fri 19 23:57 Thu 18 23:01 Wed 17 17:02 Tue 16 20:00 Mon 15 19:59 Sun 14 16:58 Sat 13 00:58 Fri 12 18:02 Thu 11 20:02 Wed 10 20:00 Tue 9 18:50 Sat 6 00:58 Fri 5 18:45 Thu 4 01:09 Wed 3 19:27 Tue 2 19:22

Codex Security plugin changelog

This changelog highlights changes that affect how you run scans, review results, and move findings toward remediation.

0.1.9 (June 2026)

Review scans in the findings workspace

  • Review completed scans in a dedicated workspace that brings findings, coverage, severity, confidence, and scan artifacts together.
  • Filter and sort findings, including sorting by highest confidence, while preserving your workspace state during refreshes.
  • Open a finding to review source evidence, validation details, reachability, impact, and remediation guidance in one place.

Run scans with less setup

  • Run standard scans against Git repositories, individual folders, or codebases without Git history. Deep scans can also target a specific folder.
  • Cancel an active scan explicitly, resume an interrupted scan without another setup prompt, and receive a warning before starting concurrent deep scans.
  • Follow clearer setup and progress states, with more compact progress summaries and errors that remain visible until you address them.

Export portable, verifiable results

  • Use a consistent completed-scan format with a manifest, structured findings, coverage data, and a Markdown report derived from the same canonical result.
  • Export findings as JSON, CSV, or SARIF for analysis, archiving, and integration with other security tools.
  • Improved scan completion and filesystem handling, including fixes for Windows paths and scan locking.

Triage and track existing findings

  • Triage existing findings from scanners, advisories, bug bounty reports, GitHub, Jira, Linear, or Codex Security results against the current codebase. The triage workflow returns an evidence-backed verdict and a prioritized action queue.
  • Track selected validated findings in Linear, Jira, or GitHub issues, or create a private draft GitHub Security Advisory when the repository meets the advisory requirements.
  • Review duplicate checks, source context, destination visibility, and the exact proposed content before approving a write. Codex reads the result back after creation or update to verify it.