Releases · varalys/redactyl · GitHub

30 Dec 17:20

v1.0.2 Latest

Latest

Changed

Migrate GitHub repository from redactyl/redactyl to varalys/redactyl

Assets 15

checksums.txt

sha256:511a75140f1ff20678d863472ab69681c4edb98d34a4f08d13375f88ed320f28

1.12 KB 2025-12-30T17:20:06Z
redactyl_1.0.2_linux_amd64.apk

sha256:14de14be0ffbeec52024daa8a79967040fa41047e4f11a844421d06d2b2e5c10

5.34 MB 2025-12-30T17:20:06Z
redactyl_1.0.2_linux_amd64.deb

sha256:1c41d79e15bf5aa1d8b1a166a3f53820ce66e7274ea145522d8d2b1752aea953

5.13 MB 2025-12-30T17:20:06Z
redactyl_1.0.2_linux_amd64.rpm

sha256:97a7b7a421e76df0499e81dce0593646438de079c8168b4a8a666cb27ba247d4

5.34 MB 2025-12-30T17:20:05Z
redactyl_1.0.2_linux_arm64.apk

sha256:ef81ac41a3534b04b689540b761f01a3d2d3c4843c9391a97bbe4bfddcca7bf0

4.87 MB 2025-12-30T17:20:06Z
redactyl_1.0.2_linux_arm64.deb

sha256:7bb93ec522b36e05d8bf10ad2d45920a7bb8ef557eca40056589bb8155018941

4.71 MB 2025-12-30T17:20:06Z
redactyl_1.0.2_linux_arm64.rpm

sha256:2203819750f5c0ea173519cf8a28d85552638f93ac3e09f4eda5d12bc8b5b432

4.89 MB 2025-12-30T17:20:05Z
redactyl_darwin_amd64.tar.gz

sha256:48ec9f2267c98ffcc7e62ae29e90b6d8c6e4903098050f14480366e9a73a3213

5.18 MB 2025-12-30T17:20:04Z
redactyl_darwin_arm64.tar.gz

sha256:98ccb8aa4a060e18764efc2ba027ad79b2b812db9faf4dc0493b52dcdf5cbca6

4.88 MB 2025-12-30T17:20:04Z
redactyl_linux_amd64.tar.gz

sha256:9d017c40d1b70c1772109391c5eb8503fa42eb5db4c805c5f33b3413d60e5b40

5.12 MB 2025-12-30T17:20:04Z
Source code (zip)

2025-12-30T17:08:18Z
Source code (tar.gz)

2025-12-30T17:08:18Z

19 Dec 00:34

v1.0.1

Security

Redact audit logs by default (raw matches and secrets no longer persisted).
Add opt-in raw audit logging toggle in the TUI (R), persisted in user prefs.
Baseline keys now use a stable fingerprint instead of raw match text.

Fixed

Audit log history now loads JSONL correctly (scan history and delete work reliably).
Default excludes now cover redactyl.baseline.json.

Changed

TUI diff and baseline matching use the new fingerprinted keys, while honoring legacy baselines.
README updated to document audit log redaction and the R toggle.
.gitignore now includes baseline, audit log, last scan cache, and cover.out.

Assets 15

18 Dec 15:43

v1.0.0

Added

Interactive TUI (default mode)
- Visual findings table with color-coded severity (High/Medium/Low)
- Detail pane with code context, metadata, and git blame info
- Hide/show secrets toggle (* key) - secrets hidden by default
- Search and filter by severity, detector, or path
- Quick actions: open in editor (o), ignore (i), baseline (b), export (e)
- Keyboard navigation with vim-style bindings (j/k, g/G, Ctrl+d/u)
- Responsive legend adapts to terminal width
- View cached results without rescanning (--view-last)
Cloud-native artifact scanning
- Helm chart scanning (--helm) - .tgz archives and directories
- Kubernetes manifest scanning (--k8s) - auto-detects K8s YAML
- OCI image format support with layer context
- Flags: --archives, --containers, --iac
- Guardrails: --max-archive-bytes, --max-entries, --max-depth, --scan-time-budget, --global-artifact-budget
- Virtual paths for nested artifacts (e.g., chart.tgz::templates/secret.yaml)
- Streaming readers; no extraction to disk
Baseline management
- Add/remove findings from baseline in TUI (b/U)
- Baselined findings shown with indicator, can be filtered
Output formats
- --json-extended adds artifactStats and schema_version
- SARIF output with artifact stats
- Export from TUI (JSON/CSV/SARIF)
Audit logging
- All TUI actions logged to .redactyl_audit.jsonl
CI/CD support
- redactyl ci init --provider {gitlab|bitbucket|azure}
- --no-tui flag for non-interactive environments
- --fail-on threshold for CI gates
Public Go API
- pkg/core facade exposing Config, Finding, and Scan(cfg)
- JSON schemas under docs/schemas/

Changed

TUI is now the default mode (use --no-tui for CI/CD)
Secrets are hidden by default in TUI for safety

Fixed

Silent failures during artifact scanning now reported in Result.ArtifactErrors

Assets 15