Skip to content

Dev-> 3.0 sync#3022

Open
liquidsec wants to merge 24 commits into3.0from
dev
Open

Dev-> 3.0 sync#3022
liquidsec wants to merge 24 commits into3.0from
dev

Conversation

@liquidsec
Copy link
Copy Markdown
Contributor

@liquidsec liquidsec commented Apr 3, 2026

No description provided.

TheTechromancer and others added 21 commits March 17, 2026 03:22
@TheTechromancer @github-actions
[create-pull-request] automated change
1df86d2
@TheTechromancer
Merge pull request #2971 from blacklanternsecurity/dev
ec1acae 
Dev -> Stable 2.8.4
@liquidsec
Merge pull request #2973 from blacklanternsecurity/update-docs
ddd5d16 
Automated Docs Update
@aconite33
ci: add CLA workflow
e97b880
@aconite33
ci: add org members to CLA allowlist
dcdd46d
@aconite33
ci: use dynamic org membership check for CLA
6d84a4a
@aconite33
fix: use GITHUB_TOKEN for org membership check in CLA workflow
646b6eb
@aconite33
fix: handle org membership check for both PR and comment events
ee514b6
@aconite33
fix: set commit status to success when skipping CLA for org members
1099707
@aconite33
fix: use author_association for CLA membership check
5318a7a
@aconite33
fix: use org-scoped app token for membership check
5ee7b34
@aconite33
fix: use org-scoped app token for reliable CLA membership check
076b175
@aconite33
fix: disable lock-pullrequest-aftermerge in CLA workflow
593fe04
@aconite33
fix CLA workflow to properly skip bots and check all committers
648ce4e 
Replace the single PR-author org membership check with a unified step
that iterates all committers on the PR and checks each against:
1. GitHub API account type (type == "Bot" for App accounts)
2. Org membership

Commits with no associated GitHub login are treated as non-exempt
(prevents bypass via spoofed email with no GitHub account).

Tested on aconite33/cla-workflow-test:
- Human committer: correctly required CLA
- github-actions[bot]: correctly skipped via API type check
@aconite33
drop unnecessary actions:write and contents:write permissions
83833e7 
Tested on aconite33/cla-workflow-test with only pull-requests:write
and statuses:write -- both human CLA and bot skip paths work correctly.
The CLA assistant uses PERSONAL_ACCESS_TOKEN (app token) for writing
signatures to the remote CLA repo, not GITHUB_TOKEN.
@aconite33
Merge pull request #3013 from blacklanternsecurity/fix-cla-bot-skip
de4f04b 
Fix CLA workflow to skip bots and check all committers
@aconite33
Merge remote-tracking branch 'origin/stable' into merge-stable-into-dev
649e32e 
# Conflicts:
#	.github/workflows/cla.yml
@aconite33
Merge pull request #3016 from blacklanternsecurity/merge-stable-into-dev
fde791c 
Merge stable into dev to resolve CLA workflow conflict
@ausmaster
Some fun adjectives :D
876465b
@ausmaster
Alphabet is hard
09cbc86
@ausmaster
Merge pull request #3030 from blacklanternsecurity/fun-stuff
1b5cdc2 
More Adjectives
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 8, 2026
edited
Loading

📊 Performance Benchmark Report

Comparing 3.0 (baseline) vs dev (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.28ms 3.96ms -7.6%
Bloom Filter Large Scale Dns Brute Force 19.17ms 18.02ms -6.0%
Large Closest Match Lookup 323.80ms 329.06ms +1.6%
Realistic Closest Match Workload 177.02ms 173.73ms -1.9%
Event Memory Medium Scan 1781 B/event 1784 B/event +0.1%
Event Memory Large Scan 1768 B/event 1768 B/event +0.0%
Event Validation Full Scan Startup Small Batch 372.02ms 380.64ms +2.3%
Event Validation Full Scan Startup Large Batch 523.30ms 522.70ms -0.1%
Make Event Autodetection Small 26.14ms 26.33ms +0.7%
Make Event Autodetection Large 265.31ms 266.30ms +0.4%
Make Event Explicit Types 11.49ms 11.54ms +0.4%
Excavate Single Thread Small 3.493s 3.397s -2.7%
Excavate Single Thread Large 9.262s 9.180s -0.9%
Excavate Parallel Tasks Small 3.688s 3.609s -2.1%
Excavate Parallel Tasks Large 7.022s 6.985s -0.5%
Is Ip Performance 2.90ms 2.94ms +1.1%
Make Ip Type Performance 10.68ms 10.76ms +0.7%
Mixed Ip Operations 4.15ms 4.24ms +2.0%
Memory Use Web Crawl 43.3 MB 47.0 MB +8.6%
Memory Use Subdomain Enum 19.4 MB 19.4 MB +0.1%
Scan Throughput 100 8.068s 8.070s +0.0%
Scan Throughput 1000 36.725s 36.438s -0.8%
Typical Queue Shuffle 56.99µs 54.47µs -4.4%
Priority Queue Shuffle 624.66µs 608.11µs -2.6%

🎯 Performance Summary

No significant performance changes detected (all changes <10%)

🐍 Python Version 3.11.15

@codecov
Copy link
Copy Markdown

codecov bot commented Apr 8, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91%. Comparing base (d8f056e) to head (7508702).

Additional details and impacted files 
@@          Coverage Diff          @@
##             3.0   #3022   +/-   ##
=====================================
+ Coverage     91%     91%   +1%     
=====================================
  Files        440     440           
  Lines      37685   37685           
=====================================
+ Hits       34104   34114   +10     
+ Misses      3581    3571   -10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

TheTechromancer and others added 3 commits April 16, 2026 13:41
@TheTechromancer
Merge pull request #2007 from blacklanternsecurity/3.0
233c86c 
BBOT 3.0 - blazed_elijah
@dependabot
Bump ruff from 0.15.4 to 0.15.9
978b7ec 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.4 to 0.15.9.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.4...0.15.9)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@liquidsec
Merge pull request #3026 from blacklanternsecurity/dependabot/pip/dev…
7508702 
…/ruff-0.15.9

Bump ruff from 0.15.4 to 0.15.9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@liquidsec @TheTechromancer @aconite33 @ausmaster