Product Updates

Changelog

What's new in Pullminder. Follow our progress as we build the verification layer for AI-assisted code.

CLI Launch & Rule Pack Registry

Feature
  • Full CLI with 12 top-level commands: init, auth, check, ci, diff, score, brief, hooks, packs, rules, registry, and config.
  • Offline local scanning with pullminder check — run 25 rule packs with 210+ detection rules locally without sending code to any server.
  • CI-optimized analysis with pullminder ci — auto-detects GitHub Actions, GitLab CI, CircleCI, Jenkins, and Bitbucket Pipelines.
  • Multiple output formats: JSON, SARIF v2.1.0, JUnit XML, GitHub annotations, and AI-agent optimized output via the --agent flag.
  • 11 language security packs: Go, Python, React, Ruby, PHP, Rust, Java, C#, Kotlin, Swift, and Shell.
  • Git hook installation via pullminder hooks with Husky and Lefthook detection for pre-push and pre-commit workflows.
  • Community pack publishing with pullminder rules publish — validate, test, and submit packs to the public registry via GitHub PR.
  • OpenTelemetry integration for CLI telemetry with opt-out consent manager.

Dashboard Improvements

Enhancement
  • Premium rule gating with source badges, lock indicators, and tier upgrade flow from community to premium packs.
  • App version display in the sidebar footer for easier support and debugging.
  • Refreshed UI copy across onboarding, empty states, tooltips, and error messages.

PR Comment Redesign

Feature
  • New PR comment format with progressive disclosure: risk score badge, findings summary, coverage delta, and reviewer brief — all in a single structured GitHub comment.
  • HMAC-signed badge URLs for tamper-proof inline SVG badges (risk score, findings, coverage, policies).

Framework Detection & Rule Packs

Feature
  • Automatic framework detection for repositories (Go, React, Node.js, Python, etc.).
  • Pre-built rule packs per framework with one-click enable/disable.
  • Deep tree scanning for monorepo framework detection.

Baseline Scanning

Feature
  • Scan all repos for baseline risk assessment.
  • Risk trend recording against baseline.
  • Paginated baseline reports in dashboard.

Analytics & Coverage

Enhancement
  • Risk trend charts (7-day / 30-day configurable).
  • Top risk categories breakdown.
  • Reviewer activity leaderboard.
  • Coverage trend tracking with delta analysis.

Security Hardening

Security
  • Field-level encryption for sensitive data (webhook URLs, tokens).
  • Session inactivity timeout (30 minutes).
  • Rate limiting with Redis backend.
  • /metrics endpoint bearer token auth.

Dashboard Quality

Enhancement
  • TanStack Query migration for server state.
  • Unit test suite with MSW mocks.
  • Code splitting with lazy routes.
  • Mobile-responsive navigation with bottom nav.

Stay updated — follow our progress

Get started with Pullminder and see how AI-powered PR verification works for your team.

Start Free Trial