Skip to main content

Changelog

All notable changes to SquireX are documented here. This changelog is automatically generated from release tags.

v4.0.1 โ€” 2026-04-26โ€‹

feat(security): v4.0.0 ServiceNow parity gap closureโ€‹

  • Add regulatory compliance tagging (EU AI Act, NIST AI RMF, SOC 2, HIPAA, PCI DSS, OWASP MCP)
  • Implement Latent Memory Poisoning detection (SNOW-12.2)
  • Implement Yokohama Duplication Sybil detection (SNOW-18.2)
  • Implement Role Masking Cascade validation (SNOW-20.2)
  • Implement addUserEncodedQuery enforcement (SNOW-28.6)
  • Add 'Why SquireX' competitive positioning documentation
  • Expand SARIF output to include compliance properties

v4.0.0 โ€” 2026-04-26โ€‹

ServiceNow expansion โ€” multi-platform Agent Capability Scannerโ€‹

83 security rules (79 AGENTFORCE + 4 SNOW) Platforms: Salesforce Agentforce, ServiceNow Now Assist, MuleSoft Agent Fabric, MCP

New SNOW rules: SNOW-28 (ACL), SNOW-29 (Domain Sep), SNOW-30 (Scope), SNOW-31 (MID Trust) New parsers: UpdateSetXmlParser, SnAiaAgentParser, SnAiaToolParser, GlideScriptParser New skills: servicenow-metadata-parser, gliderecord-security-auditor, role-masking-validator, agentic-threat-modeler New CI: servicenow-e2e.yml workflow E2E: 15/15 tests against ServiceNowDevProgram/code-snippets corpus

๐Ÿ“ฆ 4 commit(s) in this release
004c00d feat(security): v4.0.0 ServiceNow parity gap closure
d4c30df feat(website): multi-platform rebrand โ€” Agent Capability Scanner
cc0c2dc docs(changelog): auto-update from release v4.0.0
0ab5471 fix(ci): use npm install over npm ci to resolve rollup linux optional dep bug

v3.8.0 โ€” 2026-04-25โ€‹

Supply Chain Shield, Testing Center Deep & Pricing Parityโ€‹

Supply Chain Shield:

  • MarkdownSkillParser + MCPIDEConfigParser
  • TS-01: Hidden Instruction in Markdown (Critical)
  • TS-02: Base64 Payload in Skill File (High)
  • TS-03: Zero-Width Unicode Injection (High)

Testing Center Deep:

  • 80+ rule test generators in sarif-to-dx.ts
  • Multi-turn adversarial jailbreak templates (TS-01, TS-02)
  • ToxicSkill_Score + OpenGraph_Security_Score eval definitions

Pricing Parity:

  • All rules on all tiers โ€” gating by repo visibility only
  • Removed dead SQUIREX_ENTERPRISE env var (4 call sites)

Website:

  • MuleSoft Agent Fabric feature card (blue accent)
  • Supply Chain Shield feature card (gold accent)
  • 3x2 feature grid, 4-card integration grid
  • Full documentation: supply-chain-shield.md, adversarial-testing.md

Version: 3.8.0 (package.json + interpreter/main.go)

๐Ÿ“ฆ 6 commit(s) in this release
de8ba83 feat(v4.0.0): ServiceNow expansion โ€” multi-platform Agent Capability Scanner
8b1b0ce docs: sync AGENTS.md with v3.8.0 release state
052d202 Merge pull request #27 from samudralap/add-named-credential-parser-test-17994452577944955582
279a50e ๐Ÿงช Fix test regression and MCP parser collision
f3f23d7 ๐Ÿงช Add tests for NamedCredentialParser
1ccfa80 docs(changelog): auto-update from release v3.8.0

v3.6.0 โ€” 2026-04-20โ€‹

release(v3.6.0): fix all pre-release blockers + engineering improvementsโ€‹

Blockers fixed:

  1. Version string sync โ€” package.json (3.0.0โ†’3.6.0), health.ts (3.2.0โ†’3.6.0), SARIF toolVersion (2.0.0โ†’3.6.0)
  2. diagnose.ts missing 4 parsers (ApexTrigger, ConnectedApp, LWC, NamedCredential) โ€” now uses shared factory
  3. SARIF toolVersion updated to 3.6.0
  4. package.json bumped to 3.6.0 (prevents npm semver regression)
  5. health.ts version updated to 3.6.0
  6. Cross-compilation verified: darwin/arm64, darwin/amd64, linux/amd64, windows/amd64 all compile clean

Engineering improvements: 7. Created src/parsers/defaultRegistry.ts โ€” single source of truth for parser registration, eliminating the root cause of recurring 'diagnose misses new parsers' drift 8. SARIF toolVersion now injectable via go build -ldflags for build-time version stamping 9. Added scripts/test-golden.sh + golden SARIF baseline for automated regression detection

๐Ÿ“ฆ 18 commit(s) in this release
e4a1d0d feat(v3.8.0): add MuleSoft Agent Fabric + Supply Chain Shield to landing page feature grid
831f6a1 refactor(v3.8.0): remove dead SQUIREX_ENTERPRISE env var + enterprise tier comment cleanup
059aae8 chore(v3.8.0): pre-release flight check fixes โ€” all blockers resolved
d75422f docs(v3.8.0): Phase 3 โ€” Supply Chain Shield docs, Adversarial Testing guide, website update
64b8069 feat(v3.8.0): Testing Center Deep โ€” full rule test generator coverage (80+ rules)
7786cb8 feat(v3.8.0): Supply Chain Shield โ€” ToxicSkill parser, MCP IDE config parser, TS-01/02/03 rules, pricing parity
388ac10 feat(v3.7.0): A2A card + OGP parsers, TS CLI commands, doc stat updates
7321be7 feat(v3.7.0): OpenGraph Security + Agent Fabric + Runtime Observability
c568dc9 Merge pull request #25 from samudralap/testing-improvement-flowparser-11908332029909791070
6da3b31 ๐Ÿงช Fix CI failure in FlowParser tests
7f11856 ๐Ÿงช Add test file for FlowParser
e48e0c2 Merge pull request #24 from samudralap/fix-command-injection-runner-5180390912967615802
b43e943 ๐Ÿ”’ fix: resolve command injection risk in pipeline runner
80c4205 Merge pull request #23 from samudralap/perf-runner-promise-all-9087639838518826290
d58d880 test: fix regression suite sarif mismatch
1c292f6 fix: mock process.cwd() in CI detector tests
6ffa709 perf: optimize test runner with concurrent file loading
bfa66f9 docs(changelog): auto-update from release v3.6.0

v3.5.0 โ€” 2026-04-06โ€‹

chore(ci): consolidate all release workflows into a single file to prevent race conditionsโ€‹

๐Ÿ“ฆ 8 commit(s) in this release
c9c3ce3 release(v3.6.0): fix all pre-release blockers + engineering improvements
cb1f67c fix: wire MCP/AgentFabric parsers into Go linker + fix YAML phantom entries
d916a5d Merge: Headless 360 & AgentExchange capability upgrade (14 rules + 2 parsers)
8e281f7 feat(rules): Headless 360 & AgentExchange capability upgrade โ€” 14 new rules + 2 parsers
0a9ca42 feat(website): homepage redesign โ€” identity, hero copy, trust signals, FAQ, integrations strip
b97267a fix(ci): disable gitleaks SARIF artifact upload to avoid storage quota error
7ebc569 feat(agents): add context-engineering skill suite + AGENTS.md system prompt anchor
ad07556 docs(changelog): auto-update from release v3.5.0

v3.4.0 โ€” 2026-04-06โ€‹

fix(ci): add allowOverwrite to Vercel Blob put() for re-releasesโ€‹

๐Ÿ“ฆ 2 commit(s) in this release
dcb4caa chore(ci): consolidate all release workflows into a single file to prevent race conditions
321b5d4 docs(changelog): auto-update from release v3.4.0

v3.2.3 โ€” 2026-04-06โ€‹

CI pipeline fixesโ€‹

๐Ÿ“ฆ 24 commit(s) in this release
0022f83 fix(ci): add allowOverwrite to Vercel Blob put() for re-releases
6441dd3 docs(changelog): auto-update from release v3.4.0
0d678ef fix(ci): semver padding for 2-part tags + changelog regenerate-on-main to avoid stash conflicts
a1741ad docs(changelog): auto-update from release v3.4
ffc2923 Merge branch 'test/regression-automation'
9fb823e feat: binary distribution via Vercel Blob CDN + npm publish pipeline
051dae5 Merge pull request #14 from samudralap/test/regression-automation
00cd31f fix: align CI Go version to 1.25 & normalize informationUri in regression
cce0475 fix: stabilize regression pipeline & update website npm installs
6a5307e test: bypass CI gate for internal regressions and stabilize sarif baseline
ced391c fix(parser, runtime): resolve parser infinite loop on enum keywords and rectify soql logical condition off-by-ones
3d47984 test: fix vitest coverage hang on external repo clone and resolve turso mock failures
96fde91 ci: manually clear node_modules and package-lock to force rollup architecture resolve in GH Actions
3e5c7b5 ci: remove GHAS dependency review action on private repository
8935042 ci: replace npm ci with npm install to resolve rollup architecture bug
046cae4 ci: fix gitleaks pull_requests read permission
aa9b30e test: implement automated regression testing and coverage architecture
2bb673d docs: fix deprecated pricing model in MCP documentation
2356948 docs: sync global project READMEs
4de6485 opt: remove costly diagnostic stderr from hot execution context initialized
0dfa996 feat(skills): introduce custom agentic capabilities library
f367b93 build(security): implement strict CI security controls
e7cf5c3 docs: update Docusaurus favicon to use main website SVG logo
36aeca7 docs(changelog): auto-update from release v3.2.3

v3.2.2 โ€” 2026-04-06โ€‹

Docs sequence sync, Vercel API fix, MCP Server NPM publish pipelineโ€‹

๐Ÿ“ฆ 2 commit(s) in this release
21c9774 ci: fix non-fast-forward push in changelog workflow
e135876 docs(changelog): auto-update from release v3.2.1

v3.2.1 โ€” 2026-04-06โ€‹

Documentation sync, Vercel fix, MCP npm publish pipelineโ€‹

  • fix(vercel): Remove compiled .js duplicates from api/ that caused Vercel build failure

  • Updated api/health.ts to v3.2 stats (51 rules, 19 categories)

  • Added api/*.js to .gitignore to prevent recurrence

  • security-rules.md: Reordered Categories 11-19 in proper numerical sequence (was sprint-ordered: 12โ†’15โ†’18โ†’11โ†’13โ†’16โ†’14โ†’17โ†’19)

  • Removed all duplicate category blocks from sprint insertions

  • what-is-squirex.md: 51+ rules, 19 categories, 14 parsers, 17 nodes, 14 edges

  • scanner/overview.md: Updated graph diagram with PlatformEvent/NamedCredential/Trigger

  • scanning-basics.md: Added 4 new metadata types (Trigger, LWC, ConnectedApp, NamedCredential)

  • quick-start.md: Updated metadata discovery list

  • README.md: v3.2 badge, 51+ rules, 14 parsers, updated architecture diagram

  • release.yml: Added publish-mcp job โ€” auto-publishes @squirex.dev/mcp-server to npm on tag push

  • mcp-server/README.md: Updated to 51+ rules / 19 categories with full category table

v3.2 โ€” 2026-04-06โ€‹

Agentforce Security Rules Expansionโ€‹

17 new security rules completing all 19 Agentforce-native platform categories.

Sprint A:

  • AGENTFORCE-12.2: GenAiPlannerBundle API Version Drift (Critical)
  • AGENTFORCE-7.3: Orphaned Bot Without AiEvaluationDefinition (High)
  • AGENTFORCE-18.2: Sybil Identity in Multi-Agent Orchestration (High)
  • AGENTFORCE-15.2: Dynamic Cloaking via External RAG Source (High)
  • AGENTFORCE-9.1: Adversarial patterns v2.0 โ€” syntactic masking + urgency framing

Sprint B:

  • AGENTFORCE-11.1: Unguarded Autonomous Scheduled Action (Critical)
  • AGENTFORCE-11.2: Time-Window Privilege Drift (High)
  • AGENTFORCE-12.1: Latent Memory Poisoning in Prompt Template (Critical)
  • AGENTFORCE-13.1: RAG Without Schema Classification (Critical)
  • AGENTFORCE-15.1: External Service Without Certificate Pinning (High)
  • AGENTFORCE-16.1: Agent Action Without Custom Permission Gate (High)

Sprint C:

  • AGENTFORCE-14.1: Slack Channel Bot Without DLP Guard (High)
  • AGENTFORCE-17.1: Commerce Agent Without Idempotency Key (Critical)
  • AGENTFORCE-17.2: Commerce Agent Amount Without Bounds Check (Critical)
  • AGENTFORCE-18.1: Compositional Fragment Trap Risk (Critical, Enterprise)
  • AGENTFORCE-19.1: Sub-agent Spawning via Platform Event (Critical, Enterprise)
  • AGENTFORCE-19.2: CDC Without Field Filter in Agent Context (High)

Infrastructure:

  • NamedCredentialParser.ts (new parser)
  • NodeNamedCredential + EdgePublishes (new graph types)
  • 14 new parser metadata flags across Apex, PromptTemplate, and Trigger parsers

Total: 51+ rules across 19 Agentforce categories + OWASP LLM + Enterprise Graph

๐Ÿ“ฆ 4 commit(s) in this release
a9806e4 ci(release): auto-publish MCP server to npm on tag push
8864f82 fix(vercel): remove compiled .js duplicates from api/
ef78f97 docs: reorder Categories 11-19 in numerical sequence + sync all docs
eec4312 docs(changelog): comprehensive changelog + auto-generation pipeline

v3.1 โ€” 2026-04-05โ€‹

OWASP LLM + Graph Analyzer Security Rulesโ€‹

13 new detection rules across community and enterprise tiers:

Community (AGENTFORCE-20.1โ€“24.2):

  • FLS bypass in invocable actions (Critical)
  • ModifyAllData in agent context (Critical)
  • PII/PHI payload leakage (Critical)
  • Agent XSS / insecure output handling (High)
  • SSRF via unsafe HTTP callouts (Critical)
  • Agent DoS via unbounded SOQL (High)
  • Missing HMAC webhook signature (High)

Enterprise Graph Analyzer (AGENTFORCE-30.1โ€“34.1):

  • Context window PII poisoning โ€” 4-hop BFS graph traversal
  • Without-sharing privilege escalation graph
  • Unintended blast radius via ApexTrigger chain
  • MCP over-provisioning / ConnectedApp OAuth scope
  • Agent-to-LWC XSS component injection graph

Infrastructure:

  • ApexTriggerParser, LWCComponentParser, ConnectedAppParser
  • FIRES, RENDERS_IN, AUTHORIZES, CLASSIFIES edge types
  • RegisterEnterprise() gated by SQUIREX_ENTERPRISE=1
  • complianceGroup extraction in customFieldParser

Total rules: 34 community + 5 enterprise graph = 39

๐Ÿ“ฆ 4 commit(s) in this release
a68219a feat(rules): Sprint C โ€” 7 new rules completing all 19 platform categories
edfd4e2 feat(rules): Sprint B โ€” 6 new rules + NamedCredential parser + parser metadata upgrades
e01a4f8 feat(rules): Sprint A โ€” 4 new rules + adversarial pattern v2.0
77e45ce docs(rules): fix Category 8/9 header mismatch, add Categories 11-19 reserved block

v3.0.1 โ€” 2026-03-31โ€‹

MCP Server v1.0.2 + Agentforce Testing Center Bridgeโ€‹

  • squirex generate-tests CLI command (26 rules, AGENTFORCE-X.Y IDs)
  • SARIF โ†’ Agentforce DX YAML conversion pipeline
  • sf agent test run integration (validate + push)
  • MCP server delegating to CLI (thin proxy architecture)
  • @squirex.dev/mcp-server@1.0.2 published to npm
  • sync-mcp GitHub Action workflow
  • Updated READMEs across all repos
๐Ÿ“ฆ 15 commit(s) in this release
bb6db82 feat(security): implement 13 OWASP LLM + Graph Analyzer rules
1250dc4 feat(scanner): extend apex body analysis + remove hardcoded rule counts
452349b feat(docs): add Docusaurus docs site at /docs/ with Vercel integration
3f6d7d3 fix(website): OG image โ€” 1200x630px, real logo, CTA button, shorter title (39 chars)
91b88fe chore(website): replace OG image with version using actual SquireX logo
2357954 feat(website): 3-tier pricing, legal pages, OG/Twitter meta, sitemap, robots.txt
e9a67a6 debug: expose Stripe error in checkout response
7baca90 chore: trigger redeploy to pick up Stripe env vars
0599dd3 feat(billing): add Stripe Checkout, pricing + activate pages, license-key endpoint
90f8bbb feat(licensing): migrate Gumroad โ†’ Stripe + Turso; three-tier pricing model
d5faa15 feat(website): update brand identity with new Neon Green SVG logo
a3e4aac fix(vercel): use dynamic imports for ESM modules
c0c15f0 fix(vercel): add api/tsconfig.json to fix Serverless Function compilation
6ca51cb feat: SquireX GitHub App โ€” Vercel serverless webhook, onboarding, legal pages
bc84e53 website: announce MCP Server + Testing Center Bridge

v3.0.0 โ€” 2026-03-30โ€‹

Graph linker normalization, XML vulnerability detection, parser hardening, CI fixโ€‹

๐Ÿ“ฆ 10 commit(s) in this release
6858d6f fix: sync-mcp workflow token handling + workflow_dispatch trigger
1db91ef Merge: Testing Center Bridge โ†’ Core CLI + MCP v1.0.2
7e7b5df feat: migrate Testing Center Bridge to core CLI
11c650b feat(mcp): v1.0.1 published โ€” Testing Center bridge with 13/26 rule coverage
1f64c7c fix(mcp): update package scope to @squirex.dev/mcp-server โ€” published v1.0.0
bd96e54 fix(mcp): add @types/node devDep โ€” CI fix
121b4cd feat(ci): add MCP sync workflow + fix CI build
f7aea07 feat: Phase 3 + Phase 4 โ€” Marketplace setup + Testing Center bridge
2b4e958 feat(github-app): add hosted scanning service
65c45a6 feat(mcp): add @squirex/mcp-server โ€” 12 tools, 6 resources, 4 prompts

v2.9.1 โ€” 2026-03-29โ€‹

Security Hardening: Anti-RE and License Enforcementโ€‹

  • Stripped Go binary of debug and DWARF symbols via -ldflags="-s -w" to prevent decompilation/reverse engineering of proprietary IP.
  • Added a strict defense-in-depth environment handshake across the Node CI engine and the Go Scanner (SQUIREX_VERIFIED) to prevent standalone binary execution.
  • Reconfigured TypeScript build pipeline to securely wipe source maps and declaration maps from the exported distribution bundle.
  • Expanded isCI() filesystem heuristics for tamper resistance.
๐Ÿ“ฆ 3 commit(s) in this release
e473cb9 fix: pass SQUIREX_VERIFIED to diagnose command for CI compatibility
ff1d3ba v3.0.0: Graph linker normalization, XML vulnerability detection, parser hardening
b67b7ef feat(website): redesign Hero workflow, SARIF PR mock, and Pricing tiers for release

v2.9.0 โ€” 2026-03-29โ€‹

26-rule engine โ€” Phase 3+4 completeโ€‹

New rules:

  • AGENTFORCE-9.2: Cross-Topic Instruction Boundary
  • AGENTFORCE-10.1: Validation Rule Conflict
  • AGENTFORCE-SC-03: Managed Package Origin

Observability:

  • InstructionsDiag type + instruction audit in diagnose output
  • LLM-visible text manifest with preview/length per field

26 rules across 10 categories. All tests pass.

๐Ÿ“ฆ 1 commit(s) in this release
5aa3666 Security Hardening: Anti-RE and License Enforcement

v2.2.7 โ€” 2026-03-29โ€‹

Instruction Poisoning, Cycle Detection, Diagnostics & Fixesโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
1736101 v2.9.0: 26-rule engine โ€” Phase 3+4 complete

v2.2.6 โ€” 2026-03-29โ€‹

feat(diagnose): Add squirex diagnose command for deep pipeline observabilityโ€‹

  • New 'squirex diagnose' top-level CLI command
  • Reports: AST health, semantic graph topology, linker trace, per-rule timing
  • Detects orphan nodes, dangling edges, nil ASTs, parse error details
  • Fix: SARIF rule help text (resolves 'No rule help available')
  • Fix: SARIF allRules stale list (9โ†’22 rules)
  • --dump-request flag for repo-agnostic golden file generation
๐Ÿ“ฆ 1 commit(s) in this release
0cf6c79 v2.2.7: Instruction Poisoning, Cycle Detection, Diagnostics & Fixes

v2.2.5 โ€” 2026-03-29โ€‹

fix(sarif): Remove Fixes array from SARIF output to resolve schema validation errors on GitHub Advanced Securityโ€‹

๐Ÿ“ฆ 2 commit(s) in this release
62ad608 feat(diagnose): Add squirex diagnose command for deep pipeline observability
322641b fix(sarif): Add rule help/helpUri to SARIF output and fix stale allRules list (9โ†’22 rules)

v2.2.4 โ€” 2026-03-29โ€‹

fix(cli): Extract Go binary from pkg snapshot virtual file system to execute correctlyโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
6be1c81 fix(sarif): Remove Fixes array from SARIF output to resolve schema validation errors on GitHub Advanced Security

v2.2.3 โ€” 2026-03-29โ€‹

fix(license): Require strict product_id binding for test purchase keysโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
d85fe3d fix(cli): Extract Go binary from pkg snapshot virtual file system to execute correctly

v2.2.2 โ€” 2026-03-29โ€‹

๐Ÿ“ฆ 2 commit(s) in this release
dbc0952 fix(license): Require strict product_id binding for test purchase keys
7444dd3 fix(license): Do not increment Gumroad uses count during CI checks

v2.2.1 โ€” 2026-03-29โ€‹

fix: Exit 0 on commander --version invocationโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
4ce9dfb fix(license): Support squirex-ent permalink for CI verification

v2.2.0 โ€” 2026-03-29โ€‹

fix: Add '--output' alias to scan commandโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
8ac84c7 fix: Exit 0 on commander --version invocation

v2.1.0 โ€” 2026-03-29โ€‹

docs: Update README SAST terminology and Rule tableโ€‹

๐Ÿ“ฆ 4 commit(s) in this release
f89703f fix: Add '--output' alias to scan command
991da13 feat: Implement Salesforce Object Context Graph and Context Traversal rule (AGENTFORCE-8.1)
f2f581e docs: Update README with missing metadata parsers
2a90264 feat: Add Supply Chain and Agentic Architecture security rules

v2.0.0 โ€” 2026-03-29โ€‹

fix(git): add newly untracked capability files and ci detectorโ€‹

๐Ÿ“ฆ 5 commit(s) in this release
fbb8ff4 docs: Update README SAST terminology and Rule table
1dd22e9 feat(rules): Add 5 new Agentforce PT and Flow security rules
73a3351 feat(linker): natively support Flow and PromptTemplate edges pointing to exact schemas
2c4d026 feat(parser): add Fast-XML capability parsers for Flow and Prompt Templates
852c382 ci: upgrade github actions to node 24 to fix deprecation warnings

v1.1.0 โ€” 2026-02-14โ€‹

fix: add missing command modules to git (gitignore was matching src/bin/)โ€‹

๐Ÿ“ฆ 8 commit(s) in this release
01c8518 fix(git): add newly untracked capability files and ci detector
2ac3e94 chore(capability): pivot SAST string terminology to Agentforce Capability Scan and add CI/CD guards
0007ed7 docs: rewrite README for Agentforce SAST pivot, update PR scan workflow
d92219e feat(sast): expand rule engine to 10 rules across all 4 security categories
39deb85 feat(sast): Phase 4 โ€” SARIF output, scan CLI, and pipeline integration
7ed9f7b feat(sast): Agentforce SAST engine โ€” Phases 1-3
fd3385f docs: comprehensive README overhaul โ€” 1389 โ†’ 420 lines
b5f371d docs: expand all CLI command sections with full options, examples, and sample output

v1.0.5 โ€” 2026-01-31โ€‹

Fix array return type parsingโ€‹

  • Parser: SOQL regex requires SELECT keyword to avoid array type false matches
  • Parser: isMethodDeclaration skips LBRACKET/RBRACKET during lookahead
  • Go: Add debug logging for class/method registration
  • TS: Add stderr passthrough for Go interpreter debug output

Classes with array return types (SObject[] methodName()) now parse correctly.

๐Ÿ“ฆ 39 commit(s) in this release
314b5c6 fix: add missing command modules to git (gitignore was matching src/bin/)
d3d3237 fix(ci): fix release workflow version injection using ldflags
e4565b6 feat: CLI modernization - all 5 phases complete
9575e09 fix(parser): resolve getFieldPath parsing issue by correctly identifying control flow keywords
7cb747a fix(parser): handle surrounding parentheses and ternary operator to prevent truncation
dc77a6f Fix virtual dispatch bug and update test runner
66a0c94 Fix base class initialization and Set(List) constructor logic
9428158 fix(interpreter): resolve fflib compatibility issues (Schema.getGlobalDescribe, Test.createStub)
cbd30ca chore: remove all debug trace logging from context.go
a771631 fix: add ForEachStatement struct fields to ASTNode for collection deserialization
2e1b196 Merge Sprint 4: Cross-Class Analysis & Schema Tooling
68fa694 docs: Update README with Sprint 4 schema analysis features
a2aae63 Sprint 4: Cross-class aggregation and custom relationships COMPLETE
b8b2ce9 Sprint 4: Schema aggregator - cross-class field usage tracking
dad5847 Merge Sprint 3: Advanced Relationships - Complete
df39a38 Sprint 3 COMPLETE: Relationship Graph - 12/12 tests passing (100%)
d2f7123 Sprint 3: Polymorphic lookup detection - 4/4 tests passing
c542c4f Sprint 3: Child relationship inference - 4/4 tests passing
d2f6fb1 Merge Sprint 2 & 2.1: Schema Inference - 90% test pass rate
9ed40ea Add min() helper function for confidence boosting
70d6d11 Sprint 2.1: Enhanced WHERE clause parsing - 5/5 tests passing
312791c Sprint 2.1: Add AST-level DML and type declaration hooks
af8a2d5 Sprint 2: Wire schema inference into execution context
a9bf790 Sprint 2: Schema inference foundation
d7d3bab Sprint 1 complete: Method overload resolution working
1317d58 WIP: Method overload resolution implementation
1125a06 Fix nested inner class instantiation and method resolution
3232e6b fix(interpreter): add parent inner class lookup for nested inner class inheritance
d7abb76 fix(interpreter): collection initializer elements now preserved through eval chain
69784fa fix(interpreter): improve collection initializer handling
c1c22a8 fix(parser): add braceDepth tracking for collection initializers in constructor args
80779d1 fix(parser/interpreter): collection initializers and inner class field init
d617e12 fix(interpreter): field initialization with preserved type info
5111181 fix(interpreter): preserve this binding across method calls
c7fa3e8 feat(interpreter): add implicit this field lookup in lookupVariable
0326eaf fix(parser): support braceless control flow statements
8632bca feat(interpreter): Phase 1 enterprise Apex compatibility
432d9bf fix(website): disable parallax on terminal blocks to prevent overlap
2b64b36 feat(website): add parallax scrolling effects for 'blazing fast' theme

v1.0.4 โ€” 2026-01-31โ€‹

Fix Go interpreter bundling in pkg releasesโ€‹

  • Add --config package.json to npx pkg command
  • This ensures pkg reads assets config and bundles squireinterp
  • Coverage tracking should now work in bundled releases
๐Ÿ“ฆ 1 commit(s) in this release
c226d2a fix(parser): Fix array return type parsing and improve debugging

v1.0.3 โ€” 2026-01-31โ€‹

Fix pkg snapshot extraction with readFileSyncโ€‹

  • Use readFileSync instead of existsSync for pkg virtual filesystem
  • Add debug logging for troubleshooting bundling issues
  • Add workflow verification step to confirm Go binary exists
  • Cache extracted binary to temp directory
๐Ÿ“ฆ 1 commit(s) in this release
23c478c fix: Add --config package.json to pkg command to bundle Go interpreter

v1.0.2 โ€” 2026-01-31โ€‹

Fix Go interpreter extraction for bundled releasesโ€‹

  • Extract bundled squireinterp to temp directory before spawning
  • Fixes coverage tracking not working in pkg-bundled binaries
  • Adds chmod 755 for executable permissions
๐Ÿ“ฆ 1 commit(s) in this release
7b5a1ed fix: Use readFileSync for pkg snapshot extraction

v1.0.1 โ€” 2026-01-31โ€‹

Fix Go interpreter bundlingโ€‹

  • Build Go interpreter for each target platform
  • Bundle squireinterp with coverage tracking
  • Fix pkg assets configuration
๐Ÿ“ฆ 1 commit(s) in this release
1f3b687 fix: Extract Go interpreter from pkg snapshot before execution

v1.0.0 โ€” 2026-01-31โ€‹

Stable Releaseโ€‹

First stable release with:

  • Version injection from git tags (fixed)
  • Code coverage tracking
  • PR stamp feature with github-pr format
  • shields.io badges support
  • Collapsible PR comments
๐Ÿ“ฆ 1 commit(s) in this release
e1664be fix: Build and bundle Go interpreter in release workflow

v0.5.0 โ€” 2026-01-31โ€‹

PR Stamp Featureโ€‹

  • GitHub Actions PR scan workflow with branded comments
  • New --format github-pr with shields.io badges
  • Collapsible, non-intrusive PR reports
  • SquireX branding footer
๐Ÿ“ฆ 1 commit(s) in this release
91337b8 fix: Add version injection from git tag in release workflow

v0.4.0 โ€” 2026-01-31โ€‹

Code Coverage Supportโ€‹

๐Ÿ“ฆ 1 commit(s) in this release
5d1f1ef feat: Add PR stamp feature with github-pr format

v0.3.0 โ€” 2026-01-31โ€‹

Date/Datetime, JSON fix, platform warningsโ€‹

๐Ÿ“ฆ 4 commit(s) in this release
4acd83d feat: Add code coverage tracking to test runner
7c65d5b docs: Update README with correct repo URLs and code coverage feature
477e9ec ci: Release binaries to both source repo and squirex-apex-forge
8a94cb4 fix: Parser now handles inline collection initializers in DML statements

v0.2.0 โ€” 2026-01-26โ€‹

SquireX Rebrand Releaseโ€‹

Major Changes:

  • Rebrand from ApexForge to SquireX
  • New CLI: squirex (formerly apexforge)
  • New Go interpreter: squireinterp
  • Enhanced website with shield logo and new tagline
  • Major Go interpreter improvements for fflib support
  • File-based IPC for large payloads
  • For-each loop implementation
  • 20+ method stubs for fflib patterns
๐Ÿ“ฆ 4 commit(s) in this release
c832628 fix: Update release repo to samudralap/squirex-apex-forge
1f840c9 docs: Update README with new features
ec33105 feat: Complete Date/Datetime classes, fix JSON.serialize, add platform warnings
9e4d246 Rebrand to SquireX + update license validation and pricing

v0.1.0 โ€” 2026-01-20โ€‹

Fix package-lock.json sync for npm ciโ€‹

๐Ÿ“ฆ 29 commit(s) in this release
1cd78ef chore: Replace author name with SquireX branding
43b672f feat(website): Rebrand to SquireX with enhanced marketing
b369479 chore: Remove playground from git tracking
1675819 chore: Rebrand ApexForge to SquireX
4ab196d feat(interpreter): Major Go interpreter improvements for fflib support
bbb3522 feat: Add Assert.isInstanceOfType support with robust exception matching
c20b3f4 feat: Add ClassLiteral and CollectionInitializer support to Go interpreter
75af716 feat: Add collection initializers and fix expression statement parsing
3eb1546 feat: Add .class literal and inherited sharing parser support
bea6fae feat: Add multi-class loading and static field initializer parser fix
68029ca feat: Add HttpRequest methods and Http instance send() support
9d5f9e7 feat: Add Transaction State, Mixed DML detection, and Metadata Bridge
7daa1d4 feat: Add try-catch-finally exception handling support
3cef023 feat: Add Schema-Aware Execution with MetadataMap
4e0b170 feat: Add String/List methods, NullPointerException, SOQL governor limits
d961f6f fix: add missing 'sharing' and 'inherited' keywords to parser
c4c6913 chore: update release workflow to push to squirex-apex-forge
a4f4e2f feat: add license validation api
2cdfac1 Remove intro paragraph from AI Integration section
1a76370 Simplify AI Integration section
f472e73 Add MCP and AI agent integration section to website
f706753 Add website landing page and Vercel deployment configuration
13bcc84 Update README with comprehensive CI/CD examples and current implementation details
c414f5a Add embedded author metadata and copyright headers to all source files
9010922 Fix package-lock.json sync for npm ci
de02e4d Add GitHub Actions workflow for building and releasing
e49de16 Add binary distribution support with pkg
d76694f Add proprietary license - restrict copying, redistribution, and derivative works
e2fe904 Initial commit: ApexForge MVP - Local Apex test runner and conflict analyzer

Earlier Releasesโ€‹

Contact support@squirex.dev for release notes prior to v2.9.0.