All notable changes to PatchPilot will be documented here.
The format follows Keep a Changelog. PatchPilot uses Semantic Versioning: MAJOR.MINOR.PATCH.
Changes on main that haven't been tagged yet will appear here.
0.1.0 — 2026-05-27
Initial public release.
POST /scan— upload a ZIP codebase and run security scannersPOST /scan-url— import a GitHub repository URL and scan it server-sidePOST /fix— generate proposed remediations for selected findingsPOST /verify— run verification checks on a scanned jobPOST /evidence-pack— export a ZIP containing audit artifacts and diffsDELETE /jobs/{job_id}— clean up a job workspaceGET /health— health check endpoint- Aggregated findings from Semgrep (SAST), OSV-Scanner (dependency vulnerabilities), and Gitleaks (secret detection)
- Simple severity + category sorting on findings
- React + Vite + Tailwind frontend with Dashboard, Findings, and Verify views
- FastAPI backend with async job handling
README.mdwith setup, usage, and API documentationLICENSE(MIT)CONTRIBUTING.mdwith ML roadmap and contributor guideCODE_OF_CONDUCT.mdSECURITY.mdwith responsible disclosure policy- GitHub issue templates (bug report, feature request, ML component)
- GitHub PR template
- CI workflow (backend lint + frontend build)
- Root
.gitignore