v2026.5.22_01: Multi-LLM Compatibility Fix

[2026.5.22_01] - 2026-05-22

Fixed

• Multi-LLM Compatibility: Resolved json_mode errors when using Anthropic, Google, or Ollama providers by using provider-appropriate structured output methods.
• Smart Provider Defaults: The tool now automatically selects the best-suited model when you switch providers (e.g., switching to claude-3-5-sonnet-20241022 when LLM_PROVIDER=anthropic is set).
• Bug Fixes: Eliminated UserWarning regarding unrecognized structured output methods.

Version 2026.5.22.3

AI findings now included in PDF/JSON reports. Suppressed internal INFO logs from user output.

Full Changelog: v2026.5.22.1...v2026.5.22.3

v2026.5.22.1: Multi-LLM Compatibility & Optimization

[2026.5.22.1] - 2026-05-22

Fixed

• Anthropic/Google Compatibility: Resolved 400 Bad Request and 404 Not Found errors by updating to the latest 2026 model families and handling deprecated parameters like temperature.
• CLI Stability: Fixed UnboundLocalError and NoneType errors during scanner initialization.
• Scan-Only Mode: Improved the scan_only flag to correctly bypass AI initialization when not needed.

Added

• Smart Model Selection: The tool now automatically selects the most cost-effective model (e.g., claude-haiku-4-5) when switching providers.
• Enhanced Local Scoring: Refactored scoring logic to ensure consistent results between local and AI-powered scans.

Full Changelog: v2026.5.22...v2026.5.22.1

v2026.5.22: Centralized Reporting & PDF Fixes

[2026.5.22] - 2026-05-22

Added

• Centralized Reporting: All scan reports are now neatly organized in ~/.docksec/results/ by default, following industry standards for professional CLI tools.
• Enhanced --scan-only Mode: Improved the scanner to support Dockerfile-only scans without requiring a Docker image name, enabling high-speed static analysis in any environment.
• Project Governance: Added .cursorrules and updated CONTRIBUTING.md to ensure professional AI-assisted development standards.

Changed

• Modernized PDF Engine: Refactored the PDF generation to use the latest fpdf2 APIs, improving performance and future-proofing the reporting engine.
• Improved Storage Logic: Added automatic directory creation and a smart fallback to local storage if the home directory is not writable.
• CLI Feedback: The tool now explicitly prints the report storage location at the start of every scan for better visibility.

Fixed

• PDF Layout: Resolved the "Not enough horizontal space" error that occurred during PDF generation for complex scan results.
• Deprecation Warnings: Eliminated all font and layout-related deprecation warnings from the fpdf2 library.
• Test Suite: Updated and expanded the unit test suite to cover new reporting logic and dynamic tool requirements, achieving 100% pass rate.
• Linting: Fixed unused variable warnings in configuration.

Full Changelog: v2026.5.21...v2026.5.22

v2026.5.21

What's Changed

• refactor: replace magic strings with Severity and LLMProvider enums (#47) by @OddSteak in #81
• chore(ci)(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in #82
• chore(deps)(deps): bump pandas from 3.0.2 to 3.0.3 by @dependabot[bot] in #84
• feat: add unit tests for report_generator.py (JSON, CSV, PDF, HTML) by @rthakkar0555 in #85

New Contributors

• @OddSteak made their first contribution in #81
• @rthakkar0555 made their first contribution in #85

Full Changelog: v2026.5.15...v2026.5.21

v2026.5.15

AI-Powered Docker Security Analyzer - Version 2026.5.15. This release includes dependency updates, code quality improvements, and security hardening.

What's Changed

• updating documentations by @advaitpatel in #74
• 🔒 fix(security): use stdlib html.escape() for complete XSS protection by @jacksong2049-prog in #75
• chore(deps)(deps): bump pydantic from 2.10.3 to 2.13.4 by @dependabot[bot] in #72
• chore(ci)(deps): bump codecov/codecov-action from 4 to 6 by @dependabot[bot] in #71
• chore(ci)(deps): bump softprops/action-gh-release from 1 to 3 by @dependabot[bot] in #70
• chore(deps)(deps): bump rich from 13.9.4 to 15.0.0 by @dependabot[bot] in #68
• chore(deps)(deps): update setuptools requirement from >=42 to >=82.0.1 by @dependabot[bot] in #67
• chore(deps)(deps): bump pandas from 2.2.3 to 3.0.2 by @dependabot[bot] in #66
• chore(ci)(deps): bump actions/setup-python from 4 to 6 by @dependabot[bot] in #28
• chore(ci)(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #29
• chore(deps)(deps): bump tenacity from 9.0.0 to 9.1.4 by @dependabot[bot] in #38
• fixing security and code quality reports by @advaitpatel in #79
• ci: declare contents:read on python-app workflow by @arpitjain099 in #77
• fixing the vulnerability reports, code scanning findings, and code qu… by @advaitpatel in #80

New Contributors

• @jacksong2049-prog made their first contribution in #75
• @dependabot[bot] made their first contribution in #72
• @arpitjain099 made their first contribution in #77

Full Changelog: v2026.5.6...v2026.5.15

DockSec v2026.5.6 - Major Structural Overhaul

Summary

This release overhauls the DockSec project structure, moving from a flat layout to a standard Python package structure. These changes make the codebase cleaner, more maintainable, and production-ready.

Key Changes

• Package Restructuring: Created a core docksec/ package directory.
• CLI Entry Point: Renamed the main entry point to docksec/cli.py.
• Code Cleanup: Removed redundant main.py and Windows metadata artifacts.
• Imports & Paths: Updated all internal imports to absolute package imports.
• Packaging & Distribution: Updated setup.py, MANIFEST.in, and pyproject.toml.
• Documentation: Updated README.md and CONTRIBUTING.md to reflect the new structure.

Test Plan

• CLI Verification: Confirmed that python3 -m docksec.cli --help works correctly.
• Automated Tests: All 17 unit and integration tests passed successfully.

v2026.4.16

Release v2026.4.16

v2026.4.2

What's Changed

• Add automatic mirror to OWASP repository by @advaitpatel in #24
• fixing the token permissions for mirroring by @advaitpatel in #25
• Adding action to mirror repo by @advaitpatel in #26
• Adding action to mirror repo by @advaitpatel in #27
• fix(score): replace hardcoded config score with real Dockerfile analysis (closes #44) by @advaitpatel in #53
• chore(templates): remove emojis and filler text from PR and issue templates by @advaitpatel in #54
• refactor(version): remove hardcoded version, resolve from setup.py only by @advaitpatel in #55
• ci: enforce pytest as required gate on all PRs, fix pre-existing test failures by @advaitpatel in #56

Full Changelog: v2026.2.23...v2026.4.2

v2026.2.23

What's Changed

• Add multi-LLM provider support (OpenAI, Anthropic, Google, Ollama) by @advaitpatel in #22

Full Changelog: v2026.1.24...v2026.2.23