v0.2.2

2026-01-08

最新

Fixed

MacOS Stability (Critical)Implemented aggressive cleaning of .DS_Store and other system files from rule directories immediately before scanning. This resolves persistent "Exit Code 2" crashes when opengrep attempts to parse these files as configurations.

Debugging

Diagnostic Run (Enhanced)When a scan crashes (Exit Code 2), the extension now automatically re-runs the failing file in "verbose mode" (without --quiet) to capture the full error message (e.g., config parsing errors, missing rules). This provides vastly better debugging information in the output logs.

v0.2.1

2025-12-30

Fixed

macOS Gatekeeper:Automatically remove com.apple.quarantine attribute from bundled binaries to prevent "Exit Code 2" crashes on macOS.
Smart Rule Loading:Fully mitigates crashes caused by .DS_Store or other toxic files in the rules directory by loading rules explicitly.

Improved

User ExperienceThe Login window now automatically closes upon successful authentication, providing a smoother onboarding flow.

v0.2.0

2025-12-30

Performance (Major)

Scanning SpeedReduced workspace scan times by up to 75%(e.g., from 90s to 24s).
Smart Rule SelectionThe scanner now intelligently loads only the OpenGrep rules relevant to your project (e.g., Ruby rules for a Rails app), avoiding the overhead of thousands of irrelevant checks.
Smart ConcurrencyImplemented p-limit and CPU-aware concurrency to maximize scan speed (using up to 8 threads) without freezing the UI.
Persistent AI CacheAI enrichment results are now cached on disk. Re-scanning the same code is instant and costs 0 tokens.

Robustness

Smart FixesImplemented a "fuzzy" patch application strategy. The "Apply Fix" feature is now much more resilient to whitespace differences, line endings (CRLF vs LF), and minor context mismatches.
Build & DependenciesResolved TypeScript/ESM interoperability issues with p-limit and execa to ensure reliable builds across all platforms.
CompatibilityLowered vscode engine requirement to ^1.93.0 to support Cursor and other VS Code forks.

Improved

UI VisibilityThe extension version is now displayed in the sidebar footer for easier debugging.
Process RecoveryAdded automatic retry logic for busy files (ETXTBSY) and robust handling for "toxic" files that crash the scanner.

v0.1.16

2025-12-30

Improved

OpenGrep SpeedIncreased process concurrency from 3 to 6 batches, resulting in significantly faster workspace scans on modern multi-core machines.
AI ReliabilityIncreased enrichment pipeline timeout from 4 to 15 minutes and parallel request limit from 3 to 12. This solves timeouts when enriching large finding sets (>200 findings) while keeping the user workflow intact.

v0.1.15

2025-12-30

Fixed

Critical CompatibilityLowered vscode engine requirement to ^1.93.0 to support Cursor and other VS Code forks.
Startup StabilityAdded automatic retry logic for ETXTBSY errors to prevent scan failures when the extension binary is still locked by the filesystem.

Improved

PerformanceEnabled parallel batch execution (concurrency: 3) for the OpenGrep scanner to significantly speed up analysis on multi-core systems.
RobustnessImplemented chunked execution (batch size 50) for OpenGrep scans to prevent crashes (exit code 2) on large workspaces or complex file structures.
ResilienceAdded automatic failure recovery mechanism that detects if a scan chunk crashes, identifies the specific "toxic" file causing the crash, and seamlessly continues scanning the rest of the workspace.
DiagnosticsEnhanced logging for scanner process errors, capturing full stderr, stdout, and exitCode for precise debugging.

v0.1.14

2025-12-29

Fixed

Fixed OpenGrep scan failing on large build directories (e.g., .next, dist) by updating default exclude patterns.
Fixed glob pattern construction for file scanning to avoid invalid nested braces.
Added extensive default excludes for images, binaries, and temporary files to improve scan performance and stability.

v0.1.13

2025-12-29

Fixed

CriticalImproved error handling for OpenGrep exit code 2 (fatal errors)
Added detailed error messages explaining common causes of scan failures
Enhanced logging to show file counts, command length, and first few files being scanned

Improved

PerformanceExpanded file exclusion patterns to include:
Turbopack build artifacts (.turbo/, .turbopack/)
Source maps (**/*.map)
Minified files (/*.min.js, /*.min.css)
Nuxt output directory (.output/**)
DiagnosticsAdded detailed logging when collecting workspace files
User ExperienceBetter error messages that explain why scans fail and how to fix them

Added

File count and command length validation before scanning

v0.1.12

2025-12-26

Changed

Added proprietary license configuration for Open VSX Registry compliance
Updated package.json license field to "Proprietary"
Added LICENSE file with copyright information

v0.1.11

2025-12-22

Fixed

Removed all non-YAML test files from rules directory (only rule definitions remain)
Reduced package from 2,653 to 1,962 files
Reduced package size from 226.5MB to 226MB
Faster Marketplace validation (no false positive secrets in test files)

v0.1.10

2025-12-22

Fixed

Excluded Semgrep rule test files from VSIX package to avoid false positive secret detection in VS Code Marketplace
Reduced package size from 4,011 to 2,653 files while maintaining full detection capability

v0.1.9

2025-12-22

Added

MajorBundled 2,025 Semgrep security rules (18MB) directly in the extension
Offline SupportExtension now works 100% offline for security scanning
No SSL IssuesEliminates SSL certificate problems in corporate networks

Fixed

Made time_to_fix_minutes optional in AI schema with default value of 15 minutes
Removed invalid configuration files from rules directory

Improved

No internet connection required for security scans
Faster scans (no download time)
More reliable in restricted network environments

v0.1.8

2025-12-22

Improved

PerformanceExpanded file exclusion patterns to skip non-analyzable files (images, documents, multimedia, compressed files, fonts, binaries, databases, logs)
Scan SpeedAdded exclusions for lock files, framework build directories (.next, .nuxt), and common cache folders (target, __pycache__, vendor)
AccuracyReduced false positives by not scanning binary and non-code files

v0.1.7

2025-12-22

Fixed

CriticalAdded scan subcommand to OpenGrep execution to fix exit code 2 error on Windows
CriticalChanged --config format from two separate arguments to --config=value format for better compatibility
Improved error logging to include full command, stderr, and exit code for easier debugging

Known Issues

In corporate networks with SSL interception (e.g., EY, Deloitte), OpenGrep may fail to download rules from semgrep.dev due to certificate verification errors.
WorkaroundSet environment variables before launching VS Code:
`cmd
set REQUESTS_CA_BUNDLE=
set SSL_CERT_FILE=
`

v0.1.6

2025-12-17

General

- Architectural RefactorModularized the extension by introducing specialized services (ScanService, EnrichmentService, UploadService, FindingsManager) to replace the monolithic "God Object" pattern in extension.ts.
- AI Schema ValidationImplemented strict Zod schema validation for AI responses (src/ai/schema.ts), ensuring robust and type-safe data enrichment.
- Centralized Error HandlingImproved error message extraction and logging consistency.
- PerformanceOptimized memory usage by better state management in FindingsManager.

v0.1.5

2025-12-11

General

- Multi-Platform SupportAdded bundled OpenGrep binaries for Windows (x64), Linux (x64, ARM64), and macOS (Intel, Apple Silicon). The extension now works out-of-the-box on all major platforms.
- Robust ExecutionImproved binary execution logic to handle permission restrictions more gracefully.
- Windows CompatibilityFixed path resolution and binary execution specifically for Windows environments.

v0.1.4

2025-12-11

General

- Bundled EngineOpenGrep is now included directly in the extension. No external installation required for Linux (x64/ARM64) and macOS (x64/ARM64).
- Engine UpdateUpgraded bundled OpenGrep to v1.12.1 for improved detection capabilities.
- DocumentationComplete overhaul of the User Guide (README.md).

v0.1.2

2025-12-10

General

- Better severity normalization for OpenGrep results (handles WARNING/ERROR aliases and alternate severity fields).
- Updated branding assets to PNG logos in the login and sidebar views.
- Production builds now optionally obfuscate the bundle for publishing.

v0.1.0

2025-01-08

General

- Initial public preview of the Oryon extension.
- OpenGrep runner for single files and workspaces with live diagnostics.
- Authentication lifecycle (login, refresh, whoami, logout) backed by SecretStorage.
- AI enrichment pipeline with ephemeral key issuance and concurrency-limited requests.
- Bulk uploader with idempotent chunking and exponential backoff.
- Results webview with filtering, AI context, and JSON/CSV export.
- English and Spanish localization plus JSON output logging.

設定