Releases: eli64s/readme-ai
Releases · eli64s/readme-ai
v0.1.6
✨ Features
- refactor: Reduce complexity of markdown table generator methods. @eli64s (#70)
- enhancement: Add more context to LLM prompts. @eli64s (#69)
- feat: Add CLI option --emojis to change README header prefixes @eli64s (#67)
🪲 Bug Fixes
- fix: #35 Update tokenization logic causing issues for larger codebases @eli64s (#68)
- fix #65: Update dependency parser method for
build.gradlefiles @eli64s (#66)
📄 Documentation
⚙️ Dependency Updates
- Bump urllib3 from 2.0.6 to 2.0.7 @dependabot (#64)
Contributors
dependabot and eli64s
Assets 2
v0.1.5
v0.1.4
v0.1.3
v0.1.2
0.1.1
What's Changed
🚀 Features
- Add CLI option to run readme-ai in offline mode (without calling the LLM) @eli64s (#52)
- Add CLI options for specifying the LLM engine and adjusting temperature @eli64s (#50)
🛠 Maintenance
- Removed redundant git clone operations when preprocessing codebase metadata @eli64s (#51)
- Refactor remaining dataclasses in conf.py to Pydantic models
Contributors
eli64s
Assets 2
0.1.0
[v0.1.0] - 2023-09-20
✨ Features
- Deploy project on Streamlit Community Cloud to provide a web-based interface for generating READMEs.
🐛 Bug Fixes
- Update configuration ignore_files.toml to stop ignoring the following file extensions:
- yaml, toml, txt, lock
🧹 Chore
- Regenerate all README files in the examples directory to reflect the latest changes to the tool.
0.0.9
[v0.0.9] - 2023-09-19
🧹 Chore
- Update README file to enhance project documentation.
- Add Configuration section to provide context for customizing the tool.
- Simplify Getting Started section install and run instructions.
- Update Roadmap section with latest project goals.
0.0.8
[v0.0.8] - 2023-09-18
🐛 Bug Fixes
- Update file parsing logic in parse.py and preprocess.py for codebases containing the following dependency files (issue #37).
- CMakeLists.txt
- Makefile.am
- configure.ac
- Credit to @mooujarrar for the help in solving this issue!
🔐 Security
- Bump gitpython module to version 3.1.36 to address security vulnerability (Dependabot Alert #5 and issue #43).
0.0.7
[v0.0.7] - 2023-08-30
git.exe or git executable.
🔐 Security Fixes
Arbitrary Command Execution Mitigation
- Dependabot Alert #3: GitPython untrusted search path on Windows systems leading to arbitrary code execution.
- The previous git clone implementation sets the
envargument to the path of the git executable in the current working directory. This poses a security risk as the code is susceptible to running arbitrarygitcommands from a malicious repository.git.Repo.clone_from(repo_path, temp_dir, depth=1)
- Updated the
envargument to explicitly set the absolute path of the git executable. This ensures that the git executable used to clone the repository is the one thats installed in the system path, and not the one located in the current working directory.git.Repo.clone_from(repo_path, temp_dir, depth=1, env=git_exec_path)
🚀 New Features and Enhancements
Code Modularity
- Introduced three methods to help isolate the Git executable discovery and validation logic.
find_git_executable(): Determines the absolute path of the Git executable.validate_git_executable(): Validates the found Git executable path.validate_file_permissions(): Validates the file permissions of the cloned repository.
File Permission Checks
- For Unix systems, added checks to ensure the permissions of the cloned repository are set to
0o700. This is a best practice for secure temporary directories and prevents unauthorized users from accessing the directory.
pip install --upgrade readmeai. Please be mindful of this vulnerability and use caution when cloning repositories from untrusted sources, especially for Windows users.