v1.20.5

Tool Improvements

• fix: harden UPX exec calls and limit file name length by @egibs in #1342
• chore: simplify string interning using sync.Map; add tests by @egibs in #1343

Rule Improvements

• Update third-party rules as of 2026-01-30 by @octo-sts[bot] in #1341
• Update third-party rules as of 2026-02-01 by @octo-sts[bot] in #1344

Full Changelog: v1.20.4...v1.20.5

v1.20.4

Tool Improvements

• fix: add zlib path validation; tighten up remaining file/directory permissions by @egibs in #1337

Rule Improvements

• Update third-party rules as of 2026-01-28 by @octo-sts[bot] in #1338
• Update third-party rules as of 2026-01-29 by @octo-sts[bot] in #1339

Developer Improvements

• Update malcontent-samples references to chainguard-sandbox by @eslerm in #1336

New Contributors

• @eslerm made their first contribution in #1336

Full Changelog: v1.20.3...v1.20.4

v1.20.3

Tool Improvements

• chore: bump yara-x to 1.12.0 by @egibs in #1333

Rule Improvements

• Update third-party rules as of 2026-01-27 by @octo-sts[bot] in #1332

Full Changelog: v1.20.2...v1.20.3

v1.20.2

Tool Improvements

• chore: update deps, golangci-lint, and crane; address findings by @egibs in #1326

Rule Improvements

• Update third-party rules as of 2026-01-24 by @octo-sts[bot] in #1322
• Update third-party rules as of 2026-01-25 by @octo-sts[bot] in #1324
• chore: add false positive for duosecurity/duo_universal_php by @toabctl in #1327
• Update third-party rules as of 2026-01-26 by @octo-sts[bot] in #1329

New Contributors

• @toabctl made their first contribution in #1327

Full Changelog: v1.20.1...v1.20.2

v1.20.1

Rule Improvements

• Update third-party rules as of 2026-01-22 by @octo-sts[bot] in #1317
• chore: 2026-01-23 false positive reduction by @egibs in #1320

Developer Improvements

• fix: update conditional Workflow expressions; relocate permissions by @egibs in #1319

Full Changelog: v1.20.0...v1.20.1

v1.20.0

Tool Improvements

• chore: bump yara-x to 1.11.0 by @egibs in #1307
• chore: add goleak to integration test; fix nil receive by @egibs in #1315

Rule Improvements

• Update third-party rules as of 2026-01-18 by @octo-sts[bot] in #1310
• Update third-party rules as of 2026-01-19 by @octo-sts[bot] in #1313
• chore: 2026-01-20 false positive reduction by @egibs in #1314

Full Changelog: v1.19.4...v1.20.0

v1.19.4

Rule Improvements

• Update third-party rules as of 2026-01-07 by @octo-sts[bot] in #1297
• chore: 2026-01-08 false positive reduction by @egibs in #1300

Developer Improvements

• chore: give the README an overhaul for 2026 by @egibs in #1296

Full Changelog: v1.19.3...v1.19.4

v1.19.3

Tool Improvements

• feat: replace levenshtein calculations with file-based reconciliation by @egibs in #1294

Rule Improvements

• Update third-party rules as of 2026-01-05 by @octo-sts[bot] in #1293

Full Changelog: v1.19.2...v1.19.3

v1.19.2

Rule Improvements

• fix: change regex pattern causing panics on linux/aarch64 by @egibs in #1288

Full Changelog: v1.19.1...v1.19.2

v1.19.1

Tool Improvements

• feat: add support for diff sensitivity by @egibs in #1283
• chore: ignore more document filetypes by default by @egibs in #1285
• feat: improve detection of man pages; improve clarity of programkind code by @egibs in #1286

Rule Improvements

• Update third-party rules as of 2025-12-29 by @octo-sts[bot] in #1282

Developer Improvements

• chore: use larger runners for some CI Workflows by @egibs in #1284

Full Changelog: v1.19.0...v1.19.1