refactor(burp): replace seh-msft/burpxml with utils package #6763

dogancanbakir · 2026-01-12T12:23:53Z

Summary

Replaces unmaintained github.com/seh-msft/burpxml with github.com/projectdiscovery/utils/parsers/burp/xml
No functional changes

Closes #6762
Depends on projectdiscovery/utils#723

Summary by CodeRabbit

Chores
- Updated several dependencies to newer versions for improved stability and compatibility.
- Removed an unused dependency.
- Refined Burp XML input processing: improved decoding behavior and adjusted parsing to align with the updated parser interface.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

v3.4.8

* CheckRDPEncryption * feat(templating): add vars templating into yaml inputs * fix: enhance code rabbit * fix: change gologger runner version * feat(ytt): add ytt files var + add vars from cli and config * feat: send struct from var file * fix code rabbit * fix(main.go): add errcheck * retain required empty spaces * fixing path * fixing test * use bytes slice * Add option to control number of concurrent templates loaded on startup * adding vnc auth * gen go+js * lint * no changes custom template message should be INF not ERR * Path-Based Fuzzing SQL fix (#6400) * setup claude * migrate to using errkit * fix unused imports + lint errors * update settings.json * fix url encoding issue * fix lint error * fix the path fuzzing component * fix lint error * fix(fuzz): handles duplicate multipart form field names (#6404) * fix: handle duplicate field names in multipart form encoding * fix(fuzz): handles `[]any` type in `*MultiPartForm.Encode` Signed-off-by: Dwi Siswanto <git@dw1.io> * test(fuzz): adds panic recovery & display encoded out Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(fuzz): incorrectly treated mixed type field in `*MultiPartForm.Encode` Signed-off-by: Dwi Siswanto <git@dw1.io> * test(fuzz): refactor compare w decoded instead Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(fuzz): prealloc for `[]any` type Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(fuzz): treats nil value as empty string Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(fuzz): rm early error return for non-array file Signed-off-by: Dwi Siswanto <git@dw1.io> * test(fuzz): adds `TestMultiPartFormFileUpload` test Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: yusei-wy <31252054+yusei-wy@users.noreply.github.com> * limited test, instead of all * lint * integration test * lint * Update pkg/external/customtemplates/github.go Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com> * fix for error.Is false return * bump httpx version * chore(deps): bump github.com/go-viper/mapstructure/v2 Bumps the go_modules group with 1 update in the / directory: [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure). Updates `github.com/go-viper/mapstructure/v2` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/go-viper/mapstructure/releases) - [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md) - [Commits](https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: github.com/go-viper/mapstructure/v2 dependency-version: 2.4.0 dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com> * test(reporting/exporters/mongo): add mongo integration test with test… (#6237) * test(reporting/exporters/mongo): add mongo integration test with testcontainer-go module Signed-off-by: Lorenzo Susini <susinilorenzo1@gmail.com> * execute exportes only on linux --------- Signed-off-by: Lorenzo Susini <susinilorenzo1@gmail.com> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * Refactor to use reflect.TypeFor (#6428) * issue / discussion template update * misc hyperlink update * link update * chore(deps): bump the modules group across 1 directory with 11 updates (#6438) * chore(deps): bump the modules group across 1 directory with 11 updates Bumps the modules group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.6` | `0.4.7` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.92` | `0.0.93` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.105` | `1.0.106` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.120` | `1.0.121` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.5.0` | `0.5.1` | | [github.com/projectdiscovery/gozero](https://github.com/projectdiscovery/gozero) | `0.0.3` | `0.1.0` | | [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) | `0.0.81` | `0.0.82` | | [github.com/projectdiscovery/tlsx](https://github.com/projectdiscovery/tlsx) | `1.1.9` | `1.2.0` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.37` | `0.2.43` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.1.27` | `1.1.33` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.6 to 0.4.7 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.6...v0.4.7) Updates `github.com/projectdiscovery/hmap` from 0.0.92 to 0.0.93 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.92...v0.0.93) Updates `github.com/projectdiscovery/retryabledns` from 1.0.105 to 1.0.106 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.105...v1.0.106) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.120 to 1.0.121 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.120...v1.0.121) Updates `github.com/projectdiscovery/dsl` from 0.5.0 to 0.5.1 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.5.0...v0.5.1) Updates `github.com/projectdiscovery/gozero` from 0.0.3 to 0.1.0 - [Release notes](https://github.com/projectdiscovery/gozero/releases) - [Commits](https://github.com/projectdiscovery/gozero/compare/v0.0.3...v0.1.0) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.20 to 0.1.21 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.20...v0.1.21) Updates `github.com/projectdiscovery/ratelimit` from 0.0.81 to 0.0.82 - [Release notes](https://github.com/projectdiscovery/ratelimit/releases) - [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.81...v0.0.82) Updates `github.com/projectdiscovery/tlsx` from 1.1.9 to 1.2.0 - [Release notes](https://github.com/projectdiscovery/tlsx/releases) - [Changelog](https://github.com/projectdiscovery/tlsx/blob/main/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/tlsx/compare/v1.1.9...v1.2.0) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.37 to 0.2.43 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.37...v0.2.43) Updates `github.com/projectdiscovery/cdncheck` from 1.1.27 to 1.1.33 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.1.27...v1.1.33) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-version: 0.0.93 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.106 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.121 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gozero dependency-version: 0.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/ratelimit dependency-version: 0.0.82 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/tlsx dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.43 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.1.33 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * bump * httpx dev * mod tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * Reporting validation (#6456) * add custom validator for reporting issues * use httpx dev branch * remove yaml marshal/unmarshal for validator callback * chore(deps): bump the workflows group across 1 directory with 2 updates (#6462) Bumps the workflows group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/stale](https://github.com/actions/stale). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/stale` from 9 to 10 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v9...v10) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: workflows - dependency-name: actions/stale dependency-version: '10' dependency-type: direct:production update-type: version-update:semver-major dependency-group: workflows ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: added new text/template syntax to jira custom fields * feat: added additional text/template helpers * dont load templates with the same ID * using synclockmap * lint * lint * chore(deps): bump the modules group with 9 updates Bumps the modules group with 9 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.7` | `0.4.9` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.106` | `1.0.107` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.121` | `1.0.123` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.5.1` | `0.6.0` | | [github.com/projectdiscovery/httpx](https://github.com/projectdiscovery/httpx) | `1.7.1-0.20250902174407-8d6c2658663f` | `1.7.1` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.21` | `0.1.23` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.4.24-0.20250823123502-bd7f2849ddb4` | `0.5.0` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.43` | `0.2.45` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.1.33` | `1.1.35` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.7 to 0.4.9 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.7...v0.4.9) Updates `github.com/projectdiscovery/retryabledns` from 1.0.106 to 1.0.107 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.106...v1.0.107) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.121 to 1.0.123 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.121...v1.0.123) Updates `github.com/projectdiscovery/dsl` from 0.5.1 to 0.6.0 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.5.1...v0.6.0) Updates `github.com/projectdiscovery/httpx` from 1.7.1-0.20250902174407-8d6c2658663f to 1.7.1 - [Release notes](https://github.com/projectdiscovery/httpx/releases) - [Changelog](https://github.com/projectdiscovery/httpx/blob/dev/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/httpx/commits/v1.7.1) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.21 to 0.1.23 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.21...v0.1.23) Updates `github.com/projectdiscovery/utils` from 0.4.24-0.20250823123502-bd7f2849ddb4 to 0.5.0 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/commits/v0.5.0) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.43 to 0.2.45 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.43...v0.2.45) Updates `github.com/projectdiscovery/cdncheck` from 1.1.33 to 1.1.35 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.1.33...v1.1.35) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.107 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.123 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/httpx dependency-version: 1.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.45 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.1.35 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * httpx fix * release fix * code from https://github.com/projectdiscovery/nuclei/pull/6427 * lint * centralizing ratelimiter logic * adding me * refactor * Remove the stack trace when the nuclei-ignore file does not exist (#6455) * remove the stack trace when the nuclei-ignore file does not exist * removing useless debug stack --------- Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * chore(deps): bump the modules group with 7 updates Bumps the modules group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.9` | `0.4.10` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.93` | `0.0.94` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.123` | `1.0.124` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.6.0` | `0.7.0` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.23` | `0.1.24` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.45` | `0.2.46` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.1.35` | `1.1.36` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.9 to 0.4.10 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.9...v0.4.10) Updates `github.com/projectdiscovery/hmap` from 0.0.93 to 0.0.94 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.93...v0.0.94) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.123 to 1.0.124 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.123...v1.0.124) Updates `github.com/projectdiscovery/dsl` from 0.6.0 to 0.7.0 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.6.0...v0.7.0) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.23 to 0.1.24 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.23...v0.1.24) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.45 to 0.2.46 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.45...v0.2.46) Updates `github.com/projectdiscovery/cdncheck` from 1.1.35 to 1.1.36 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.1.35...v1.1.36) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-version: 0.0.94 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.124 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.24 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.46 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.1.36 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * fix: update go jira deps (#6475) * fix: handle jira deprecated endpoint * refactor: update Jira issue search result structure to include 'Self' field * Revert "refactor: update Jira issue search result structure to include 'Self' field" This reverts commit b0953419d33dff3fb61f1bcdcddab0ae759379b8. * Revert "fix: handle jira deprecated endpoint" This reverts commit 1fc05076cdb31906f403d80455b2e1609a66e2ae. * chore(deps): bump github.com/andygrunwald/go-jira to v1.16.1 and tidy * fix(jira): migrate Issue.Search to SearchV2JQL with explicit Fields * cache, goroutine and unbounded workers management (#6420) * Enhance matcher compilation with caching for regex and DSL expressions to improve performance. Update template parsing to conditionally retain raw templates based on size constraints. * Implement caching for regex and DSL expressions in extractors and matchers to enhance performance. Introduce a buffer pool in raw requests to reduce memory allocations. Update template cache management for improved efficiency. * feat: improve concurrency to be bound * refactor: replace fmt.Sprintf with fmt.Fprintf for improved performance in header handling * feat: add regex matching tests and benchmarks for performance evaluation * feat: add prefix check in regex extraction to optimize matching process * feat: implement regex caching mechanism to enhance performance in extractors and matchers, along with tests and benchmarks for validation * feat: add unit tests for template execution in the core engine, enhancing test coverage and reliability * feat: enhance error handling in template execution and improve regex caching logic for better performance * Implement caching for regex and DSL expressions in the cache package, replacing previous sync.Map usage. Add unit tests for cache functionality, including eviction by capacity and retrieval of cached items. Update extractors and matchers to utilize the new cache system for improved performance and memory efficiency. * Add tests for SetCapacities in cache package to ensure cache behavior on capacity changes - Implemented TestSetCapacities_NoRebuildOnZero to verify that setting capacities to zero does not clear existing caches. - Added TestSetCapacities_BeforeFirstUse to confirm that initial cache settings are respected and not overridden by subsequent capacity changes. * Refactor matchers and update load test generator to use io package - Removed maxRegexScanBytes constant from match.go. - Replaced ioutil with io package in load_test.go for NopCloser usage. - Restored TestValidate_AllowsInlineMultiline in load_test.go to ensure inline validation functionality. * Add cancellation support in template execution and enhance test coverage - Updated executeTemplateWithTargets to respect context cancellation. - Introduced fakeTargetProvider and slowExecuter for testing. - Added Test_executeTemplateWithTargets_RespectsCancellation to validate cancellation behavior during template execution. * Refactored header-based auth scans not to normalize the header names. (#6479) * Refactored header-based auth scans not to normalize the header names. * Removed the header validation as it's not really useful here. * adding docs --------- Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * docs: update syntax & JSON schema 🤖 * chore(deps): bump the modules group with 6 updates Bumps the modules group with 6 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.10` | `0.4.11` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.124` | `1.0.125` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.54` | `1.1.55` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.24` | `0.1.25` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.46` | `0.2.47` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.1.36` | `1.2.0` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.10 to 0.4.11 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.10...v0.4.11) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.124 to 1.0.125 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.124...v1.0.125) Updates `github.com/projectdiscovery/gologger` from 1.1.54 to 1.1.55 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.54...v1.1.55) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.24 to 0.1.25 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.24...v0.1.25) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.46 to 0.2.47 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.46...v0.2.47) Updates `github.com/projectdiscovery/cdncheck` from 1.1.36 to 1.2.0 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.1.36...v1.2.0) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.125 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.55 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.25 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.47 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * Feat 6231 deadlock (#6469) * fixing recursive deadlock * using atomics * fixing init * feat(fuzz): enhance `MultiPartForm` with metadata APIs (#6486) * feat(fuzz): enhance `MultiPartForm` with metadata APIs * add `SetFileMetadata`/`GetFileMetadata` APIs for file metadata management. * implement RFC-2046 boundary validation (max 70 chars). * add boundary validation in `Decode` method. * fix `filesMetadata` initialization. * fix mem leak by removing defer from file reading loop. * fix file metadata overwriting by storing first file's metadata instead of last. Closes #6405, #6406 Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(fuzz): satisfy lint errs Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * jira: hotfix for Cloud to use /rest/api/3/search/jql (#6489) * jira: hotfix for Cloud to use /rest/api/3/search/jql in FindExistingIssue; add live test verifying v3 endpoint * jira: fix Cloud v3 search response handling (no total); set Self from base * fix lint error * tests(jira): apply De Morgan to satisfy staticcheck QF1001 * fix headless template loading logic when `-dast` option is enabled * fix: improve cleanup in parallel execution (#6490) * fixing logic * fix(templates): suppress warn code flag not found on validate. fixes #6498 Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(config): adds known misc directories and excludes em in IsTemplate func. Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(disk): uses `config.IsTemplate` instead fixes #6499 Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(make): rm unnecessary flag on template-validate Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(confif): update known misc dirs & improve IsTemplate func Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump the modules group with 7 updates (#6505) Bumps the modules group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.125` | `1.0.126` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.7.0` | `0.7.1` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.55` | `1.1.56` | | [github.com/projectdiscovery/mapcidr](https://github.com/projectdiscovery/mapcidr) | `1.1.34` | `1.1.95` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.5.0` | `0.6.0` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.47` | `0.2.48` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.0` | `1.2.3` | Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.125 to 1.0.126 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.125...v1.0.126) Updates `github.com/projectdiscovery/dsl` from 0.7.0 to 0.7.1 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.7.0...v0.7.1) Updates `github.com/projectdiscovery/gologger` from 1.1.55 to 1.1.56 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.55...v1.1.56) Updates `github.com/projectdiscovery/mapcidr` from 1.1.34 to 1.1.95 - [Release notes](https://github.com/projectdiscovery/mapcidr/releases) - [Changelog](https://github.com/projectdiscovery/mapcidr/blob/main/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/mapcidr/compare/v1.1.34...v1.1.95) Updates `github.com/projectdiscovery/utils` from 0.5.0 to 0.6.0 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/compare/v0.5.0...v0.6.0) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.47 to 0.2.48 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.47...v0.2.48) Updates `github.com/projectdiscovery/cdncheck` from 1.2.0 to 1.2.3 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.0...v1.2.3) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.126 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.56 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/mapcidr dependency-version: 1.1.95 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.48 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(config): normalize `fpath` in `IsTemplate` * normalize file `fpath` in `IsTemplate` using filepath.FromSlash to ensure consistent matching across platforms. * update `GetKnownMiscDirectories` docs to clarify that trailing slashes prevent false positives, since `IsTemplate` compares against normalized full paths. Signed-off-by: Dwi Siswanto <git@dw1.io> * ai recommendations * chore(deps): bump the modules group with 10 updates Bumps the modules group with 10 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.11` | `0.4.12` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.94` | `0.0.95` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.107` | `1.0.108` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.126` | `1.0.127` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.7.1` | `0.7.2` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.56` | `1.1.57` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.25` | `0.1.26` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.101` | `0.0.102` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.48` | `0.2.49` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.3` | `1.2.4` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.11 to 0.4.12 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.11...v0.4.12) Updates `github.com/projectdiscovery/hmap` from 0.0.94 to 0.0.95 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.94...v0.0.95) Updates `github.com/projectdiscovery/retryabledns` from 1.0.107 to 1.0.108 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.107...v1.0.108) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.126 to 1.0.127 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.126...v1.0.127) Updates `github.com/projectdiscovery/dsl` from 0.7.1 to 0.7.2 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.7.1...v0.7.2) Updates `github.com/projectdiscovery/gologger` from 1.1.56 to 1.1.57 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.56...v1.1.57) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.25 to 0.1.26 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.25...v0.1.26) Updates `github.com/projectdiscovery/useragent` from 0.0.101 to 0.0.102 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](https://github.com/projectdiscovery/useragent/compare/v0.0.101...v0.0.102) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.48 to 0.2.49 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.48...v0.2.49) Updates `github.com/projectdiscovery/cdncheck` from 1.2.3 to 1.2.4 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.3...v1.2.4) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-version: 0.0.95 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.108 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.127 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.7.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.57 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-version: 0.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.49 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * feat: http(s) probing optimization * small changes * updating docs * chore(typos): fix typos * log failed expr compilations * Update Go version badge in README update accordingly * Update README.md edit correct version of go * Update Go version requirement in README (#6529) need to update required go version from 1.23 to >=1.24.1 * fix(variable): global variable not same between two request in flow mode (#6395) * fix(variable): global variable not same between two request in flow mode(#6337) * update gitignore --------- Co-authored-by: chuu <7704684+lizhi3n@user.noreply.gitee.com> Co-authored-by: PDTeamX <8293321+ehsandeep@users.noreply.github.com> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * chore: add typos check into tests CI Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump github/codeql-action in the workflows group Bumps the workflows group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: workflows ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump the modules group with 7 updates Bumps the modules group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.12` | `0.4.13` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.127` | `1.0.128` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.7.2` | `0.8.0` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.57` | `1.1.58` | | [github.com/projectdiscovery/mapcidr](https://github.com/projectdiscovery/mapcidr) | `1.1.95` | `1.1.96` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.49` | `0.2.50` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.4` | `1.2.5` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.12 to 0.4.13 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.12...v0.4.13) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.127 to 1.0.128 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.127...v1.0.128) Updates `github.com/projectdiscovery/dsl` from 0.7.2 to 0.8.0 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.7.2...v0.8.0) Updates `github.com/projectdiscovery/gologger` from 1.1.57 to 1.1.58 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.57...v1.1.58) Updates `github.com/projectdiscovery/mapcidr` from 1.1.95 to 1.1.96 - [Release notes](https://github.com/projectdiscovery/mapcidr/releases) - [Changelog](https://github.com/projectdiscovery/mapcidr/blob/main/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/mapcidr/compare/v1.1.95...v1.1.96) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.49 to 0.2.50 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.49...v0.2.50) Updates `github.com/projectdiscovery/cdncheck` from 1.2.4 to 1.2.5 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.4...v1.2.5) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.128 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.58 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/mapcidr dependency-version: 1.1.96 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.50 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * docs: update syntax & JSON schema 🤖 * Revert "chore: add typos check into tests CI" This reverts commit 73e70ea49d18faee311be47a4207de8e476ee3a3. * chore: preserve issue report w/ issue form (#6531) Signed-off-by: Dwi Siswanto <git@dw1.io> * perf(loader): reuse cached parsed templates (#6504) * perf(loader): reuse cached parsed templates in `(*Store).areWorkflowOrTemplatesValid`, which is being called during template `-validate`-ion. Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(testutils): optionally assign template info in `NewMockExecuterOptions`, which is not required for specific case, like when we want to `(*Store).ValidateTemplates`. Signed-off-by: Dwi Siswanto <git@dw1.io> * test(loader): adds `(*Store).ValidateTemplates` bench Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(templates): adds fast read parser Signed-off-by: Dwi Siswanto <git@dw1.io> * test(templates): adds `Parser*` benchs Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(templates): satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * revert(templates): rm fast read parser Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * fix: Add important context to `tl` flag option * feat: template list alphabetical order * fix: Implement coderabbit suggestion * Http probing optimizations high ports (#6538) * feat: Assume HTTP(S) server on high port is HTTP * feat: enhance http probing tests * improving issue description --------- Co-authored-by: Matej Smycka <smycka@ics.muni.cz> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> * chore(deps): bump the modules group with 5 updates (#6543) Bumps the modules group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.128` | `1.0.129` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.8.0` | `0.8.1` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.58` | `1.1.59` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.50` | `0.2.51` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.5` | `1.2.6` | Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.128 to 1.0.129 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.128...v1.0.129) Updates `github.com/projectdiscovery/dsl` from 0.8.0 to 0.8.1 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.8.0...v0.8.1) Updates `github.com/projectdiscovery/gologger` from 1.1.58 to 1.1.59 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.58...v1.1.59) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.50 to 0.2.51 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.50...v0.2.51) Updates `github.com/projectdiscovery/cdncheck` from 1.2.5 to 1.2.6 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.5...v1.2.6) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.129 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.59 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.51 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.6 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fixing failing integration tests * clean up pools after 24hours inactivity * fixing lint * fixing go routine leak * bump utils * fixing leak * fixing syntax * removing go logo * fix: populate req_url_pattern before event creation (#6547) * refactor(disk): templates catalog (#5914) * refactor(disk): templates catalog Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(disk): drying err Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(disk): simplify `DiskCatalog.OpenFile` method since `BackwardsCompatiblePaths` func is already deprecated. Signed-off-by: Dwi Siswanto <git@dw1.io> * test: update functional test cases Signed-off-by: Dwi Siswanto <git@dw1.io> * feat: reuse error Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(disk): handle glob errors consistently Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(disk): use forward slashes for fs.FS path ops to fix Windows compat. The io/fs package requires forward slashes ("/") as path separators regardless of the OS. Using [filepath.Separator] or [os.PathSeparator] breaks [fs.Open] and [fs.Glob] ops on Windows where the separator is backslash ("\"). Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * adding support for execution in docker * adding test for virtual code * executing virtual only on linux * chore(deps): bump actions/upload-artifact in the workflows group Bumps the workflows group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: workflows ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump the modules group with 5 updates (#6551) Bumps the modules group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.13` | `0.4.14` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.8.1` | `0.8.2` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.26` | `0.1.27` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.51` | `0.2.52` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.6` | `1.2.7` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.13 to 0.4.14 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.13...v0.4.14) Updates `github.com/projectdiscovery/dsl` from 0.8.1 to 0.8.2 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.8.1...v0.8.2) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.26 to 0.1.27 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](https://github.com/projectdiscovery/networkpolicy/compare/v0.1.26...v0.1.27) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.51 to 0.2.52 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.51...v0.2.52) Updates `github.com/projectdiscovery/cdncheck` from 1.2.6 to 1.2.7 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.6...v1.2.7) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.52 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.7 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fixing tests * adding virtual python * adding xpath + json extractors * adding tests * chore: satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * using clone options for auth store * fix(headless): fixed memory leak issue during page initialization (#6569) * fix(headless): fixed memory leak issue during page initialization * fix(headless): typo fix and added comment * fix(headless): one more typo fix * feat: best-effort keyboard-interactive support for SSH * fix: provide answer only when asked for * fix: add logging * feat(js): enhance SSH keyboard interactive auth by: * implement regex-based prompt matching for password variants. * add support for filling username prompts in keyboard interactive challenges. * improve debug logging with structured output. this addresses issues with servers using non-standard prompt formats and provides better visibility into auth failures. Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(js): migrate `github.com/go-pg/pg` => `github.com/go-pg/pg/v10` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(templates): add file metadata fields to `parsedTemplate` (#6534) * feat(templates): add file metadata fields to `parsedTemplate` to track template file information for cache validation purposes. closes #6515. Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(templates): satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump the modules group with 7 updates Bumps the modules group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.14` | `0.4.15` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.129` | `1.0.130` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.8.2` | `0.8.3` | | [github.com/projectdiscovery/mapcidr](https://github.com/projectdiscovery/mapcidr) | `1.1.96` | `1.1.97` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.6.1-0.20251022145046-e013dc9c5bed` | `0.6.1-0.20251030144701-ce5c4b44e1e6` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.52` | `0.2.53` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.7` | `1.2.8` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.14 to 0.4.15 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.4.14...v0.4.15) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.129 to 1.0.130 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.129...v1.0.130) Updates `github.com/projectdiscovery/dsl` from 0.8.2 to 0.8.3 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.8.2...v0.8.3) Updates `github.com/projectdiscovery/mapcidr` from 1.1.96 to 1.1.97 - [Release notes](https://github.com/projectdiscovery/mapcidr/releases) - [Changelog](https://github.com/projectdiscovery/mapcidr/blob/main/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/mapcidr/compare/v1.1.96...v1.1.97) Updates `github.com/projectdiscovery/utils` from 0.6.1-0.20251022145046-e013dc9c5bed to 0.6.1-0.20251030144701-ce5c4b44e1e6 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/commits) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.52 to 0.2.53 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.52...v0.2.53) Updates `github.com/projectdiscovery/cdncheck` from 1.2.7 to 1.2.8 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.7...v1.2.8) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.130 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/mapcidr dependency-version: 1.1.97 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.6.1-0.20251030144701-ce5c4b44e1e6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.53 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.8 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * fix(templates): mem leaks in parser cache Fixes duplicate template storage & removes unnecessary raw bytes caching. Mem usage reduced by ~30%. > 423MB => 299MB heap alloc. * Use `StoreWithoutRaw()` to avoid storing raw bytes. * Remove duplicate storage in both caches. * Remove ineffective raw bytes retrieval logic. Benchmarks show 45% perf improvement with no regressions. Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(http): resolve timeout config issues (#6562) across multiple layers Fixes timeout configuration conflicts where HTTP requests would timeout prematurely despite configured values in `@timeout` annotations or `-timeout` flags. RCA: * `retryablehttp` pkg overriding with default 30s timeout. * Custom timeouts not propagating to `retryablehttp` layer. * Multiple timeout layers not sync properly. Changes: * Propagate custom timeouts from `@timeout` annotations to `retryablehttp` layer. * Adjust 5-minute maximum cap to prevent DoS via extremely large timeouts. * Ensure `retryableHttpOptions.Timeout` respects `ResponseHeaderTimeout`. * Add comprehensive tests for timeout capping behavior. This allows templates to override global timeout via `@timeout` annotations while preventing abuse thru unreasonably large timeout values. Fixes #6560. Signed-off-by: Dwi Siswanto <git@dw1.io> * add env variable for nuclei tempaltes dir * chore(deps): bump github.com/opencontainers/runc Bumps the go_modules group with 1 update in the / directory: [github.com/opencontainers/runc](https://github.com/opencontainers/runc). Updates `github.com/opencontainers/runc` from 1.2.3 to 1.2.8 - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/v1.2.8/CHANGELOG.md) - [Commits](https://github.com/opencontainers/runc/compare/v1.2.3...v1.2.8) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-version: 1.2.8 dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com> * adding env tests on linux * docs: update syntax & JSON schema 🤖 * chore(deps): bump the modules group with 4 updates Bumps the modules group with 4 updates: [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go), [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl), [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) and [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck). Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.130 to 1.0.131 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.130...v1.0.131) Updates `github.com/projectdiscovery/dsl` from 0.8.3 to 0.8.4 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.8.3...v0.8.4) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.53 to 0.2.54 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.2.53...v0.2.54) Updates `github.com/projectdiscovery/cdncheck` from 1.2.8 to 1.2.9 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](https://github.com/projectdiscovery/cdncheck/compare/v1.2.8...v1.2.9) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.131 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl depe…

Remove genproto replace directives from go.mod

* Multi Port Support Added - JS * minor -changes * restoring basic sequential multiport support * better error handling * feat(openapi/swagger): direct fuzzing using target url * fix (openapi/swagger): improve error handling and tmpDir cleanup * fix(openapi/swagger): err shadowing on write failure * fix(openapi/swagger): remove discarded error in defer * fix(openapi/swagger): linter and url validation * fix(openapi/swagger): remove code duplication * reusing dialer * removing debug log * fix: restore parallel processing in workflow & file proto add missing `go` keyword to anonymous funcs that were intended to run as goroutines but were executing synchronously instead. Fixes #6492 Signed-off-by: Dwi Siswanto <git@dw1.io> * test: adds `Test(FileProtocol|Workflows)ConcurrentExecution` tests Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(file): satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(integration-test): enhance debug mode detects * replace hardcoded `DEBUG` env var check with extensible helper func. * add support for GitHub Actions Runner env var. * accept multiple truthy value variants. Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(core): race cond in workflow execution caused by shared context callbacks. it was exposed after adding concurrent exec to workflow processing and occurred when multiple goroutines attempted to write to the same `ctx.OnResult` callback field simultaneously, causing data races during workflow template exec. Signed-off-by: Dwi Siswanto <git@dw1.io> * introducing workflow sequential mode * Revert "introducing workflow sequential mode" This reverts commit 1093bbc. * refactor(core): keep workflow exec seq Signed-off-by: Dwi Siswanto <git@dw1.io> * test(core): rm unused tests Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(sdk): configure tmpDir for SDK Closes #6595. * docs(sdk): update comment to more accurately reflect purpose * feat(sdk): add tmpDir configuration option for SDK users * fix(sdk): init default engine tmpDir when unconfigured * style(sdk): remove unnecessary else block * feat(sdk): create parent & tmp dir in WithTemporaryDirectory * test(cmd): enable `BenchmarkRunEnumeration/Default` bench Signed-off-by: Dwi Siswanto <git@dw1.io> * test(cmd): collect CPU & heap profiles Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(cmd): satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * Merge pull request #6610 from projectdiscovery/feat-result-upload allow custom id for upload * feat: write resume file specified by flag * updating docs * chore(deps): bump the modules group with 6 updates Bumps the modules group with 6 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.59` | `1.1.60` | | [github.com/projectdiscovery/httpx](https://github.com/projectdiscovery/httpx) | `1.7.2-0.20250911192144-fc425deb041a` | `1.7.2` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.27` | `0.1.28` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.6.1-0.20251030144701-ce5c4b44e1e6` | `0.6.1` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.54` | `0.2.55` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.9` | `1.2.10` | Updates `github.com/projectdiscovery/gologger` from 1.1.59 to 1.1.60 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.59...v1.1.60) Updates `github.com/projectdiscovery/httpx` from 1.7.2-0.20250911192144-fc425deb041a to 1.7.2 - [Release notes](https://github.com/projectdiscovery/httpx/releases) - [Changelog](https://github.com/projectdiscovery/httpx/blob/dev/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/httpx/commits/v1.7.2) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.27 to 0.1.28 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.1.27...v0.1.28) Updates `github.com/projectdiscovery/utils` from 0.6.1-0.20251030144701-ce5c4b44e1e6 to 0.6.1 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/commits/v0.6.1) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.54 to 0.2.55 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.54...v0.2.55) Updates `github.com/projectdiscovery/cdncheck` from 1.2.9 to 1.2.10 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](projectdiscovery/cdncheck@v1.2.9...v1.2.10) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.60 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/httpx dependency-version: 1.7.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.55 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.10 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * refactor(sdk): don't create parentDir when configuring tmpDir * adding test case * lint * removing unused check * adding multiport template * refactor test * chore(deps): bump golang.org/x/crypto Bumps the go_modules group with 1 update in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto). Updates `golang.org/x/crypto` from 0.43.0 to 0.45.0 - [Commits](golang/crypto@v0.43.0...v0.45.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com> * feat(variables): check for undefined params for lazy eval (#6618) * feat(variables): check for undefined params for lazy eval Signed-off-by: Dwi Siswanto <git@dw1.io> * test(variables): add TestCheckForLazyEval Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(variables): fail safe on err compile expr Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump github.com/projectdiscovery/fastdialer@v0.4.16 Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(interactsh): skip DNS lookups on interactsh domains (#6614) * fix(interactsh): skip DNS lookups on interactsh domains to prevent false positives. Prevents nuclei from resolving interactsh domains injected in Host headers, which would cause self-interactions to be incorrectly reported as matches. Changes: * Add `GetHostname()` method to `interactsh.Client` to expose active server domain. * Skip CNAME DNS lookups in `(*http.Request).addCNameIfAvailable` when hostname matches the `(*interactsh.Client).GetHostname`. Fixes #6613 Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(http): prevent false `interactshDomain` matches Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * feat: bump dsl with deserialization helpers * chore: omit unnecessary reassignment (#6622) Signed-off-by: ledigang <shuangcui@msn.com> * disable stale workflow for enhancements * ci: cache go-rod browser (#6640) Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump actions/checkout from 5 to 6 in the workflows group Bumps the workflows group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 5 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: workflows ... Signed-off-by: dependabot[bot] <support@github.com> * do not exempt abandoned issues and prs * ci: apply free-disk-space on tests Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: bump PD modules & update `httputil` calls (#6629) * chore(deps): bump the modules group across 1 directory with 11 updates Bumps the modules group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.16` | `0.4.17` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.95` | `0.0.96` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.108` | `1.0.109` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.131` | `1.0.132` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.60` | `1.1.61` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.28` | `0.1.29` | | [github.com/projectdiscovery/tlsx](https://github.com/projectdiscovery/tlsx) | `1.2.1` | `1.2.2` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.102` | `0.0.103` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.6.1` | `0.7.1` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.55` | `0.2.56` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.10` | `1.2.11` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.16 to 0.4.17 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](projectdiscovery/fastdialer@v0.4.16...v0.4.17) Updates `github.com/projectdiscovery/hmap` from 0.0.95 to 0.0.96 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.95...v0.0.96) Updates `github.com/projectdiscovery/retryabledns` from 1.0.108 to 1.0.109 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.108...v1.0.109) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.131 to 1.0.132 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.131...v1.0.132) Updates `github.com/projectdiscovery/gologger` from 1.1.60 to 1.1.61 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.60...v1.1.61) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.28 to 0.1.29 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.1.28...v0.1.29) Updates `github.com/projectdiscovery/tlsx` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/projectdiscovery/tlsx/releases) - [Changelog](https://github.com/projectdiscovery/tlsx/blob/main/.goreleaser.yml) - [Commits](projectdiscovery/tlsx@v1.2.1...v1.2.2) Updates `github.com/projectdiscovery/useragent` from 0.0.102 to 0.0.103 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.102...v0.0.103) Updates `github.com/projectdiscovery/utils` from 0.6.1 to 0.7.1 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](projectdiscovery/utils@v0.6.1...v0.7.1) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.55 to 0.2.56 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.55...v0.2.56) Updates `github.com/projectdiscovery/cdncheck` from 1.2.10 to 1.2.11 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Changelog](https://github.com/projectdiscovery/cdncheck/blob/main/.goreleaser.yaml) - [Commits](projectdiscovery/cdncheck@v1.2.10...v1.2.11) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-version: 0.0.96 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.109 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.132 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.61 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.29 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/tlsx dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-version: 0.0.103 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.7.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.56 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.11 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * chore: update utils.httputil calls Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump github.com/projectdiscovery/utils => v0.7.3 Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dwi Siswanto <git@dw1.io> * chore(deps): bump the modules group with 11 updates Bumps the modules group with 11 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.4.17` | `0.4.18` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.96` | `0.0.97` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.109` | `1.0.110` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.132` | `1.0.133` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.8.5` | `0.8.6` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.61` | `1.1.62` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.29` | `0.1.30` | | [github.com/projectdiscovery/uncover](https://github.com/projectdiscovery/uncover) | `1.1.0` | `1.2.0` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.103` | `0.0.104` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.56` | `0.2.57` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.11` | `1.2.12` | Updates `github.com/projectdiscovery/fastdialer` from 0.4.17 to 0.4.18 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](projectdiscovery/fastdialer@v0.4.17...v0.4.18) Updates `github.com/projectdiscovery/hmap` from 0.0.96 to 0.0.97 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.96...v0.0.97) Updates `github.com/projectdiscovery/retryabledns` from 1.0.109 to 1.0.110 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.109...v1.0.110) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.132 to 1.0.133 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.132...v1.0.133) Updates `github.com/projectdiscovery/dsl` from 0.8.5 to 0.8.6 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.8.5...v0.8.6) Updates `github.com/projectdiscovery/gologger` from 1.1.61 to 1.1.62 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.61...v1.1.62) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.29 to 0.1.30 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.1.29...v0.1.30) Updates `github.com/projectdiscovery/uncover` from 1.1.0 to 1.2.0 - [Release notes](https://github.com/projectdiscovery/uncover/releases) - [Commits](projectdiscovery/uncover@v1.1.0...v1.2.0) Updates `github.com/projectdiscovery/useragent` from 0.0.103 to 0.0.104 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.103...v0.0.104) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.56 to 0.2.57 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.56...v0.2.57) Updates `github.com/projectdiscovery/cdncheck` from 1.2.11 to 1.2.12 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Commits](projectdiscovery/cdncheck@v1.2.11...v1.2.12) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.4.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-version: 0.0.97 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.110 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.0.133 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.62 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.30 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/uncover dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-version: 0.0.104 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.57 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.12 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> * feat(loader): implement persistent metadata cache (#6630) * feat(loader): implement persistent metadata cache for template filtering optimization. Introduce a new template metadata indexing system with persistent caching to dramatically improve template loading perf when filters are applied. The implementation adds a new index pkg that caches lightweight template metadata (ID, tags, authors, severity, .etc) and enables filtering templates before expensive YAML parsing occurs. The index uses an in-memory LRU cache backed by `otter` pkg for efficient memory management with adaptive sizing based on entry weight, defaulting to approx. 40MB for 50K templates. Metadata is persisted to disk using gob encoding at "~/.cache/nuclei/index.gob" with atomic writes to prevent corruption. The cache automatically invalidates stale entries using `ModTime` to detect file modifications, ensuring metadata freshness w/o manual intervention. Filtering has been refactored from the previous `TagFilter` and `PathFilter` approach into a unified `index.Filter` type that handles all basic filtering ops including severity, authors, tags, template IDs with wildcard support, protocol types, and path-based inclusion and exclusion. The filter implements OR logic within each field type and AND logic across different field types, with exclusion filters taking precedence over inclusion filters and forced inclusion via `IncludeTemplates` and `IncludeTags` overriding exclusions. The `loader` integration creates an index filter from store configuration via `buildIndexFilter` and manages the cache lifecycle through `loadTemplatesIndex` and `saveTemplatesIndex` methods. When `LoadTemplatesOnlyMetadata` or `LoadTemplatesWithTags` is called, the system first checks the metadata cache for each template path. If cached metadata exists and passes validation, the filter is applied directly against the metadata without parsing. Only templates matching the filter criteria proceed to full YAML parsing, resulting in significant performance gains. Advanced filtering via "-tc" flag (`IncludeConditions`) still requires template parsing as these are expression-based filters that cannot be evaluated from metadata alone. The `TagFilter` has been simplified to handle only `IncludeConditions` while all other filtering ops are delegated to the index-based filtering system. Cache management is fully automatic with no user configuration required. The cache gracefully handles errors by logging warnings & falling back to normal op w/o caching. Cache files use schema versioning to invalidate incompatible cache formats across nuclei updates (well, specifically `Index` and `Metadata` changes). This optimization particularly benefits repeated scans with the same filters, CI/CD pipelines running nuclei regularly, development and testing workflows with frequent template loading, and any scenario with large template collections where filtering would exclude most templates. * test(loader): adds `BenchmarkLoadTemplates{,OnlyMetadata}` benchs Signed-off-by: Dwi Siswanto <git@dw1.io> * ci: cache nuclei-templates index Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(index): satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(index): correct metadata filter logic for proper template matching. The `filter.matchesIncludes()` was using OR logic across different filter types, causing incorrect template matching. Additionally, ID matching was case-sensitive, failing to match patterns like 'CVE-2021-*'. The filter now correctly implements: (author1 OR author2) AND (tag1 OR tag2) AND (severity1 OR severity2) - using OR within each filter type and AND across different types. Signed-off-by: Dwi Siswanto <git@dw1.io> * test(index): resolve test timing issue in CI environments. Some test was failing in CI due to filesystem timestamp resolution limitations. On filesystems with 1s ModTime granularity (common in CI), modifying a file immediately after capturing its timestamp resulted in identical ModTime values, causing IsValid() to incorrectly return true. Signed-off-by: Dwi Siswanto <git@dw1.io> * ci: cache nuclei with composite action Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(index): file locking issue on Windows during cache save/load. Explicitly close file handles before performing rename/remove ops in `Save` and `Load` methods. * In `Save`, close temp file before rename. * In `Load`, close file before remove during error handling/version mismatch. Signed-off-by: Dwi Siswanto <git@dw1.io> * test(index): flaky index tests on Windows Fix path separator mismatch in `TestCacheSize` and `TestCachePersistenceWithLargeDataset` by using `filepath.Join` consistently instead of hardcoded forward slashes. Signed-off-by: Dwi Siswanto <git@dw1.io> * test(cmd): init logger to prevent nil pointer deref The integration tests were panicking with a nil pointer dereference in `pkg/catalog/loader` because the logger was not init'ed. When `store.saveMetadataIndexOnce` attempted to log the result of the metadata cache op, it dereferenced the nil logger, causing a crash. Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(loader): resolve include/exclude paths for metadata cache filter. The `indexFilter` was previously init'ed using raw relative paths from the config for `IncludeTemplates` and `ExcludeTemplates`. But the persistent metadata cache stores templates using their absolute paths. This mismatch caused the `matchesPath` check to fail, leading to templates being incorrectly excluded even when explicitly included via flags (e.g., "-include-templates loader/excluded-template.yaml"). This commit updates `buildIndexFilter` to resolve these paths to their absolute versions using `store.config.Catalog.GetTemplatesPath` before creating the filter, ensuring consistent path matching against the metadata cache. Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(index): adds `NewMetadataFromTemplate` func Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(index): return metadata when `(*Index).cache` is nil Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(loader): restore pre‑index behavior semantics Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: bump version Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: ledigang <shuangcui@msn.com> Co-authored-by: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: tvroi <roy.oswaldha@traveloka.com> Co-authored-by: Niek den Breeje <n.denbreeje@guardian360.nl> Co-authored-by: circleous <circleousdev@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ice3man <nizamulrana@gmail.com> Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com> Co-authored-by: ledigang <shuangcui@msn.com> Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>

main fix history

v3.6.1

Release v3.6.2

coderabbitai · 2026-01-12T12:24:04Z

Walkthrough

Migrates the Burp XML parser from the unmaintained github.com/seh-msft/burpxml to github.com/projectdiscovery/utils and updates code to use the new parser API and adjusted struct fields; also updates go.mod dependency versions and removes the old module entry.

Changes

Cohort / File(s)	Summary
Dependency updates `go.mod`	Removed `github.com/seh-msft/burpxml`; bumped `github.com/projectdiscovery/utils` and updated indirect dependencies (`publicsuffix-go`, `zcrypto`).
Burp parser usage `pkg/input/formats/burp/burp.go`	Replaced import with `github.com/projectdiscovery/utils/parsers/burp/xml` (aliased `burpxml`); switched from `burpxml.Parse` to `burpxml.ParseXML` with `XMLParseOptions{DecodeBase64: true}`; adjusted `item.Url` → `item.URL`; removed commented debug code.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I hopped through modules, swift and spry,
Swapped an old parser for one maintained nearby,
Base64 decoded, requests anew,
Fields renamed, the loop runs true,
A tiny hop — fresh parsing sky ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and accurately summarizes the main change: replacing an unmaintained burpxml dependency with the utils package alternative.
Linked Issues check	✅ Passed	The pull request successfully replaces the unmaintained github.com/seh-msft/burpxml dependency with the new maintained version from github.com/projectdiscovery/utils, meeting the primary objective of issue `#6762`.
Out of Scope Changes check	✅ Passed	All changes are directly related to replacing the burpxml dependency: go.mod updates reflect the dependency swap, and burp.go changes adapt to the new parser API. No unrelated modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Mzack9999

LGTM!

Merge conflict

Then merge!

ehsandeep and others added 11 commits August 22, 2025 02:00

Merge pull request #6383 from projectdiscovery/dev

113d3b9

v3.4.8

Merge remote-tracking branch 'origin'

a00b24d

Merge remote-tracking branch 'origin'

5bff7a2

Merge pull request #6608 from projectdiscovery/dev

6c8dba0

Remove genproto replace directives from go.mod

Merge commit 'f181a691' into main-fix-history

85a7b3d

Merge pull request #6696 from projectdiscovery/main-fix-history

b33fa0c

main fix history

Merge pull request #6694 from projectdiscovery/dev

526e468

v3.6.1

Merge pull request #6745 from projectdiscovery/release/v3.6.2

337b4e7

Release v3.6.2

refactor(burp): replace seh-msft/burpxml with utils package

f549a36

auto-assign bot requested a review from dwisiswant0 January 12, 2026 12:23

dogancanbakir requested a review from Mzack9999 January 12, 2026 12:25

Mzack9999 requested changes Jan 18, 2026

View reviewed changes

Merge branch 'dev' into feat/replace-burpxml-with-utils

615f1d9

dogancanbakir merged commit 9c951a2 into dev Jan 19, 2026
19 checks passed

dogancanbakir deleted the feat/replace-burpxml-with-utils branch January 19, 2026 10:51

dwisiswant0 added this to the v3.7.0 milestone Jan 21, 2026

BrewTestBot mentioned this pull request Jan 28, 2026

nuclei 3.7.0 Homebrew/homebrew-core#264850

Merged

blsaccess mentioned this pull request Jan 29, 2026

Update nuclei to 3.7.0 blacklanternsecurity/bbot#2886

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

refactor(burp): replace seh-msft/burpxml with utils package #6763

refactor(burp): replace seh-msft/burpxml with utils package #6763

Uh oh!

dogancanbakir commented Jan 12, 2026 •

edited by coderabbitai bot

Loading

Uh oh!

coderabbitai bot commented Jan 12, 2026 •

edited

Loading

Uh oh!

Mzack9999 left a comment •

edited by dogancanbakir

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

refactor(burp): replace seh-msft/burpxml with utils package #6763

refactor(burp): replace seh-msft/burpxml with utils package #6763

Uh oh!

Conversation

dogancanbakir commented Jan 12, 2026 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Summary by CodeRabbit

Uh oh!

coderabbitai bot commented Jan 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Estimated code review effort

Poem

Uh oh!

Mzack9999 left a comment • edited by dogancanbakir Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

dogancanbakir commented Jan 12, 2026 •

edited by coderabbitai bot

Loading

coderabbitai bot commented Jan 12, 2026 •

edited

Loading

Mzack9999 left a comment •

edited by dogancanbakir

Loading