Commit Graph

486 Commits

Author SHA1 Message Date
dependabot[bot] 846f8c02b4 chore(deps): bump cryptography from 44.0.1 to 46.0.5
Bumps [cryptography](https://github.com/pyca/cryptography) from 44.0.1 to 46.0.5.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.1...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-02-15 16:44:06 -08:00
dependabot[bot] 6e1b5b7a0c chore(deps): bump pillow from 11.3.0 to 12.1.1
Bumps [pillow](https://github.com/python-pillow/Pillow) from 11.3.0 to 12.1.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/11.3.0...12.1.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-version: 12.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-02-15 16:43:54 -08:00
0xallam 40cb705494 fix: Skip clipboard copy for whitespace-only selections 2026-02-07 11:04:31 -08:00
0xallam e0b750dbcd feat: Add mouse text selection auto-copy to clipboard in TUI
Enable native text selection across tool components and agent messages
with automatic clipboard copy, toast notification, and decorative icon
stripping. Replace Padding wrappers with Text to support selection
across multiple renderables.
2026-02-07 11:04:31 -08:00
0xallam 0a63ffba63 fix: Polish finish_scan report schema descriptions and examples
Improve the finish_scan tool schema to produce more professional
pentest reports: expand parameter descriptions with structural
guidance, rewrite recommendations example with proper urgency tiers
instead of Priority 0/1/2, fix duplicated section titles, and clean
up informal language.
2026-02-04 13:30:24 -08:00
0xallam 5a76fab4ae fix: Replace hardcoded git host detection with HTTP protocol probe
Remove hardcoded github.com/gitlab.com/bitbucket.org host lists from
infer_target_type. Instead, detect git repositories on any host by
querying the standard /info/refs?service=git-upload-pack endpoint.

Works for any self-hosted git instance.
2026-01-31 23:24:59 -08:00
dependabot[bot] 85f05c326b chore(deps): bump pypdf from 6.6.0 to 6.6.2
Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.6.0 to 6.6.2.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.6.0...6.6.2)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.6.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-31 23:17:33 -08:00
Ahmed Allam b8cabdde97 Update README 2026-02-01 05:13:59 +04:00
Ahmed Allam 83ce9ed960 Update README.md 2026-02-01 05:11:44 +04:00
0xallam c2fbf81f1d fix(llm): Pass API key and base URL to memory compressor litellm calls
The memory compressor was calling litellm.completion() without passing
the api_key and api_base parameters, causing authentication errors when
LLM_API_KEY is set but provider-specific env vars (OPENAI_API_KEY, etc.)
are not. This matches the pattern used in dedupe.py.
2026-01-28 01:29:33 -08:00
0xallam c5bd30e677 chore: update cloud URLs 2026-01-25 23:06:47 -08:00
0xallam 5d187fcb02 chore: update poetry lock 2026-01-23 12:16:06 -08:00
LegendEvent 39d934ee71 chore: upgrade litellm to 1.81.1 for zai provider support
Updates LiteLLM from ~1.80.7 to ~1.81.1 which includes
full support for z.ai (Zhipu AI) provider using the 'zai/model-name'
format. This enables Strix to work with z.ai subscription
credentials by setting STRIX_LLM="zai/glm-4.7" with appropriate
LLM_API_KEY and LLM_API_BASE environment variables.

Changes:
- Updated litellm version constraint in pyproject.toml
- No breaking changes to Strix API or configuration

Closes #ISSUE_ID (to be linked if applicable)

Signed-off-by: legendevent <legendevent@users.noreply.github.com>
2026-01-23 12:16:06 -08:00
0xallam 386e64fa29 chore: bump version to 0.7.0 v0.7.0 2026-01-23 11:06:29 -08:00
Ahmed Allam 655ddb4d7f Update README with full details section 2026-01-23 23:05:26 +04:00
0xallam 2bc1e5e1cb docs: add benchmarks directory with XBEN results 2026-01-23 11:04:22 -08:00
Ahmed Allam 6bacc796e2 Update README 2026-01-23 06:56:10 +04:00
Ahmed Allam c50c79084b Update README 2026-01-23 06:55:35 +04:00
0xallam 83914f454f docs: update screenshot and add to intro page 2026-01-22 13:09:45 -08:00
0xallam 6da639ce58 chore: unify token stats color scheme 2026-01-22 11:37:21 -08:00
0xallam a97836c335 chore: improve stats panel layout 2026-01-22 11:17:32 -08:00
0xallam 5f77dd7052 docs: update Discord links 2026-01-21 20:27:28 -08:00
0xallam 33b94a7034 docs: improve introduction page with use cases, tools, and architecture 2026-01-21 20:27:28 -08:00
0xallam 456705e5e9 docs: remove custom Docker image example from config 2026-01-21 15:35:26 -08:00
0xallam 82d1c0cec4 docs: update configuration documentation
- Add missing config options: STRIX_LLM_MAX_RETRIES, STRIX_MEMORY_COMPRESSOR_TIMEOUT, STRIX_TELEMETRY
- Remove non-existent options: LLM_RATE_LIMIT_DELAY, LLM_RATE_LIMIT_CONCURRENT
- Fix defaults: STRIX_SANDBOX_EXECUTION_TIMEOUT (500 -> 120), STRIX_IMAGE (0.1.10 -> 0.1.11)
- Add config file documentation section
- Add --config CLI option to cli.mdx
2026-01-21 15:13:15 -08:00
0xallam 1b394b808b docs: update skills documentation for markdown format
Reflect PR #275 changes - skills now use Markdown files with YAML
frontmatter instead of Jinja templates with XML-style tags.
2026-01-21 14:54:09 -08:00
0xallam 25ac2f1e08 docs: add documentation to main repository 2026-01-20 21:13:32 -08:00
0xallam b456a4ed8c fix(llm): collect usage stats from final stream chunk
The early break on </function> prevented receiving the final chunk
that contains token usage data (input_tokens, output_tokens).
2026-01-20 20:36:00 -08:00
0xallam 165887798d refactor: simplify --config implementation to reuse existing config system
- Reuse apply_saved() instead of custom override logic
- Add force parameter to override existing env vars
- Move validation to utils.py
- Prevent saving when using custom config (one-time override)
- Fix: don't modify ~/.strix/cli-config.json when --config is used

Co-Authored-By: FeedClogger <feedclogger@users.noreply.github.com>
2026-01-20 17:02:29 -08:00
FeedClogger 4ab9af6e47 Added .env variable override through --config param 2026-01-20 17:02:29 -08:00
0xallam 4337991d05 chore: update Discord invite link 2026-01-20 12:58:14 -08:00
0xallam 9cff247d89 docs: update skills README for markdown format 2026-01-20 12:50:59 -08:00
0xallam af2c830f70 refactor: standardize vulnerability skills format 2026-01-20 12:50:59 -08:00
0xallam 91feb3e01c fix: remove icon from ListFilesRenderer 2026-01-20 12:50:59 -08:00
0xallam 762c25d6ed fix: exclude scan_modes and coordination from available skills 2026-01-20 12:50:59 -08:00
0xallam 6cb1c20978 refactor: migrate skills from Jinja to Markdown 2026-01-20 12:50:59 -08:00
0xallam 4b62169f74 fix: remove unintended margin from stats panel 2026-01-19 21:48:56 -08:00
0xallam e948f06d64 refactor: improve stats panel styling and add version display 2026-01-19 21:46:13 -08:00
0xallam 3d4b1bfb08 refactor: update agent tree status indicators 2026-01-19 21:23:29 -08:00
0xallam 8413987fcd feat: remove docker container on shutdown
Add automatic cleanup of Docker containers when the application exits.
Uses a singleton runtime pattern and spawns a detached subprocess for
cleanup to ensure fast exit without blocking the UI.
2026-01-19 18:26:41 -08:00
0xallam a67fe4c45c refactor: redesign finished dialogs and UI elements 2026-01-19 16:52:02 -08:00
0xallam 9f7b532056 refactor: revamp proxy tool renderers for better UX
- Show actual request/response data with visual flow (>> / <<)
- Display all relevant params: filters, sort, scope, modifications
- Add type-safe handling for streaming edge cases
- Use color-coded status codes (2xx green, 3xx yellow, 4xx/5xx red)
- Show search context (before/after) not just matched text
- Show full request details in send/repeat request renderers
- Show modifications on separate lines with full content
- Increase truncation limits for better visibility (200 char lines)
- Use present tense lowercase titles (listing, viewing, searching)
2026-01-19 15:33:53 -08:00
0xallam 43572242f1 fix: remove 'unknown' fallback display in browser tool renderer 2026-01-19 13:46:20 -08:00
0xallam a7bd635c11 fix: strip ANSI codes from Python tool output and optimize highlighting
- Add comprehensive ECMA-48 ANSI pattern to strip escape sequences from output
- Fix _truncate_line to strip ANSI before length calculation
- Cache PythonLexer instance (was creating new one per call)
- Memoize token color lookups to avoid repeated parent chain traversal
2026-01-19 12:21:08 -08:00
0xallam e30ef9aec8 perf: optimize TUI streaming rendering performance
- Pre-compile regex patterns in streaming_parser.py
- Move hot-path imports to module level in tui.py
- Add streaming content caching to avoid re-rendering unchanged content
- Track streaming length to skip unnecessary re-renders
- Reduce UI update interval from 250ms to 350ms
2026-01-19 11:46:38 -08:00
0xallam 03fb1e940f fix: always show shell restart warning after install 2026-01-18 19:22:44 -08:00
0xallam 7417e6f8d0 fix: improve install script PATH handling for more shells
- Add ZDOTDIR support for zsh users who relocate their config
- Add XDG_CONFIG_HOME paths for zsh and bash
- Add ash and sh shell support (Alpine/BusyBox)
- Warn user instead of silently creating .bashrc when no config found
- Add user feedback on what file was modified
- Handle non-writable config files gracefully
2026-01-18 19:11:44 -08:00
0xallam 86f8835ccb chore: bump version to 0.6.2 and sandbox to 0.1.11 v0.6.2 2026-01-18 18:29:44 -08:00
0xallam 2bfb80ff4a refactor: share single browser instance across all agents
- Use singleton browser with isolated BrowserContext per agent instead of
  separate Chromium processes per agent
- Add cleanup logic for stale browser/playwright on reconnect
- Add resource management instructions to browser schema (close tabs/browser when done)
- Suppress Kali login message in Dockerfile
2026-01-18 17:51:23 -08:00
0xallam 7ff0e68466 fix: create fresh gql client per request to avoid transport state issues 2026-01-17 22:19:21 -08:00