npm - @vulcn/engine - Versions diffs - 0.9.0 → 0.9.1 - Mend

@vulcn/engine 0.9.0 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/CHANGELOG.md +10 -0
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,15 @@
 # Changelog
+## 0.9.1
+### Patch Changes
+- b4030c8: Migrate `vulcn crawl` to v2 session directory format and add benchmark pipeline.
+  - **`vulcn crawl`**: Now uses `saveSessionDir()` to output v2 session directories (`manifest.yml` + `sessions/` + `auth/`) instead of individual `.vulcn.yml` files. `vulcn run <dir>` loads these directly via `loadSessionDir()`.
+  - **Benchmark runner** (`benchmarks/run.ts`): Automated pipeline that crawls + scans 5 benchmark targets (Acunetix test sites + DVWA + WebGoat), scores findings against ground truth (TPR/FPR/Youden), and publishes results to vulcn.dev.
+  - **Benchmark CI** (`.github/workflows/benchmark.yml`): GitHub Action triggered on release — spins up DVWA, runs benchmarks, uploads artifacts, and comments scorecard on the release.
+  - **www**: Added `POST /api/benchmarks` endpoint (API_SECRET auth) to receive benchmark results from CI, and `GET /api/benchmarks` for the upcoming `/benchmarks` page. New `BenchmarkRun` + `BenchmarkTarget` Prisma models.
 ## 0.9.0
 ### Minor Changes

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vulcn/engine",
-  "version": "0.9.0",
+  "version": "0.9.1",
   "description": "Fast, modern security testing engine — record browser sessions, replay with attack payloads, and detect vulnerabilities automatically. Pluggable driver and detection system for web application penetration testing.",
   "type": "module",
   "main": "./dist/index.cjs",