Releases · ppiankov/pastewatch · GitHub

06 Apr 12:36

v0.26.2 Latest

Latest

Release v0.26.2

Assets 14

pastewatch

sha256:0b451120fec6290b065d039a1f9067d0e606059994a85ce51f30036e0ca06cf7

1.85 MB 2026-04-06T12:36:57Z
pastewatch-cli

sha256:f81cb05910649e8df0797c7910780ca5c13a9e4bc048095251a82610c33ed6a6

8.21 MB 2026-04-06T12:36:57Z
pastewatch-cli-linux-amd64

sha256:39302188e9e06184c8aecf059a9103398dd508fcb43e7f53df7d922de15d6a6b

17.9 MB 2026-04-06T12:36:57Z
pastewatch-cli-linux-amd64.sha256

sha256:f300e8b019a17de05fde0bfe98c7aea68a67157948db80228ae98b386ee23b79

93 Bytes 2026-04-06T12:36:57Z
pastewatch-cli-linux-arm64

sha256:da7ef8988c381c84d10bc5d3218b157b167a7775424ddb11abb996e89f4fde06

17.7 MB 2026-04-06T13:50:10Z
pastewatch-cli-linux-arm64.sha256

sha256:29a616cf87360ea55855ca53ec7614880d04714d62961fb3cca22159e5c8db7b

98 Bytes 2026-04-06T13:52:17Z
pastewatch-cli.sha256

sha256:471e17c0df4cdaa7122e53e7459519933adbf58b4e3907c23697d5c5842dcb5e

81 Bytes 2026-04-06T12:36:57Z
Pastewatch-v0.26.2.dmg

sha256:e8b44fe83abf6a92c7252f252c6eefde7c2224436d8e5c7005febc489d837186

2.21 MB 2026-04-06T12:36:57Z
Pastewatch-v0.26.2.dmg.sha256

sha256:c79bbc2884fa58f08a25409221948b133e6f1aa49c7f36ce8d68b790ffb9722c

89 Bytes 2026-04-06T12:36:57Z
Pastewatch-v0.26.2.zip

sha256:113302d914cdce3c3fa801feedf9d152c797120bbb53a464b3dcceb74fad38ae

1.83 MB 2026-04-06T12:36:57Z
Source code (zip)

2026-04-06T10:56:25Z
Source code (tar.gz)

2026-04-06T10:56:25Z

06 Apr 04:51

v0.26.1

Fixed

Proxy silent death on client disconnect — ignore SIGPIPE at process level and use MSG_NOSIGNAL on Linux sends. Previously, any send() to a closed client socket killed the proxy instantly with no error or log
Proxy send error handling — check send() return values and log client disconnects instead of silently discarding
Proxy upstream timeout — add 120-second timeout on upstream semaphore wait; hung connections now return 504 instead of blocking threads indefinitely

Assets 14

28 Mar 07:01

v0.25.8

Added

Proxy log shows type breakdown per redaction (Credential x3, DB Connection x2)
Proxy log includes actionable fix suggestion for the human operator
Proxy log deduplicates repeated lines when conversation history re-scans same secrets

Assets 14

28 Mar 05:28

v0.25.7

Fixed

Launch command strips leading -- from passthrough args (fixes execvp: No such file or directory)

Assets 14

28 Mar 05:06

v0.25.6

Added

Proxy alert now includes actionable fix suggestion per secret type (use env vars, store in key file, use detectable keywords)

Assets 12

27 Mar 10:30

v0.25.5

Added

Credential storage rules in CLAUDE.md snippet — prevents agents from echoing or storing plaintext credentials
Setup step added to Quick Start — pastewatch-cli setup claude-code is now essential, not optional

Assets 14

27 Mar 09:29

v0.25.4

Fixed

Credential false positives — documentation text like password: rotated, token: POST no longer triggers detection
Proxy stderr log suppressed in launch mode to prevent TUI interference with interactive CLIs
Added --quiet flag to proxy command

Assets 14

27 Mar 07:08

v0.25.3

Fixed

Launch command uses fork/exec for proper TTY passthrough to interactive agents

Assets 14

27 Mar 05:02

v0.25.2

Fixed

Launch command now passes TTY through to agent for interactive CLIs

Assets 14

27 Mar 03:46

v0.25.1

Added

Bash command argument scanning — guard now scans full command string for inline secrets (DSNs, API keys, tokens)
Bash tool handling in shell guard hook — blocks commands containing secrets before execution
Test credential exclusions — AWS EXAMPLE keys and Stripe sk_test_ keys bypass guard blocking
CodeQL code scanning and Dependabot dependency monitoring

Fixed

VS Code extension workflow skips publish when version unchanged

Assets 14