Skip to content

Changelog: June 23, 2026 #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
maekuss wants to merge 7 commits into
base: main
Choose a base branch
from
+37 −1
Open

Changelog: June 23, 2026 #29

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
22c92df
docs: add changelog entry for June 23, 2026
maekuss Jun 23, 2026
dafb6c6
docs: consolidate June 18 entry into changelog, dedupe June 23
maekuss Jun 23, 2026
98bcd7e
docs: reorganize June 23 entry around Context page, applications, thr…
maekuss Jun 23, 2026
0ee4ca9
docs: consolidate threat-model items into one changelog entry
maekuss Jun 23, 2026
290fb54
docs: trim Context page label and shorten threat-model entry
maekuss Jun 23, 2026
23e1efa
docs: drop sync/badge/PR sentence from threat-models entry
maekuss Jun 23, 2026
fbeafcc
docs: remove PDF limit, add-document modal, PR link, and taint-trace …
maekuss Jun 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 37 additions & 1 deletion changelog.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,43 @@ description: "New features, improvements, and fixes to the Hacktron platform."
rss: true
---

{/* CHANGELOG:INSERT last-prod-sha=4b314a3536105727eddda2a900d822e02633438f - the changelog workflow inserts new <Update> blocks directly below this line. Do not remove this marker. */}
{/* CHANGELOG:INSERT last-prod-sha=fbbbf5cf881c716c00a469e53524fdbbecbb46fd - the changelog workflow inserts new <Update> blocks directly below this line. Do not remove this marker. */}

<Update label="June 23, 2026" tags={["Code Review","Whitebox","Integrations","MCP"]}>
## A new Context page for your repositories, applications, and threat models

**Context page**: A dedicated Context page now gathers what Hacktron knows about your code, split across Repositories and Applications tabs. Cards are sorted by most recent threat-model update and show a badge for each model's status; clicking one opens its threat model.

**Applications**: Group related repositories into an application, and Hacktron synthesizes an application-level threat model by merging the threat models of its member repos. You can scan an application as a single target so findings are grounded in the combined model, and any context documents you upload to the application are folded into it.

**Threat models**: Repository and application threat models now open in an inline reading view with a file tree and outline, and you can edit them with your changes preserved across regenerations.

**Redacted findings on public PRs**: For public repositories, the PR review comment no longer includes full titles, descriptions, proof-of-concept code, or file locations for findings outside the changed lines. You see a count and a link back to Hacktron, so sensitive details stay out of the public thread. Private and internal repos are unchanged, and inline comments on the diff itself are unaffected.

**Org-level fail-on severity default**: Organization admins can now set a default severity threshold for PR/MR checks in settings. Individual repo configs still take precedence when set.

**Enterprise SSO sign-in**: A dedicated single sign-on page and a "Single sign-on (SSO)" button on the login screen let users authenticate via your organization's SAML or OIDC identity provider. Invite tokens survive the IdP round-trip, so onboarding links still work.

**Duplicate marking in the MCP tool**: The `update_finding` MCP tool now accepts a `duplicate_of` field so you can mark or unmark duplicates programmatically.

**[<u>Set up GitHub or GitLab →</u>](/code-review/integrations/github-gitlab)** · **[<u>Start a Whitebox scan →</u>](/white-box-pentest/quickstart)** · **[<u>Read the API reference →</u>](/api-reference/findings/update-finding)**
</Update>

<Update label="June 18, 2026" tags={["Code Review","Whitebox","Billing"]}>
## Dismiss a finding and your PR check clears instantly

**PR and MR checks update on triage**: When you mark a finding as a false positive or accepted risk, the GitHub check or GitLab commit status flips back to passing right away, with no manual re-run needed. If you later reopen the finding, the check fails again to match.

**Close findings as duplicates**: You can now mark a finding as a duplicate of another finding in the same repository, and unmark it if needed. A duplicated finding inherits its canonical finding's severity when the PR gate counts blocking issues.

**Scan volume chart**: The dashboard's scan volume widget now shows a stacked bar chart instead of a line graph, with a tooltip on each bar showing the Code Review and Whitebox scan counts for that day.

**Upload scans named after the archive**: When you start a Whitebox scan from an uploaded archive, the scan now takes the archive's filename as its name instead of a generic label.

**Legal agreement before trial or billing**: You now review and accept the terms of service before starting a free trial or adding a payment method.

**[<u>Set up GitHub or GitLab →</u>](/code-review/integrations/github-gitlab)**
</Update>

<Update label="June 15, 2026" tags={["Code Review","Billing","MCP"]}>
## Control your scans and account security like never before
Expand Down