Historial de versiones de YetAnotherBrowserExtension - 5 versiones
YetAnotherBrowserExtension por ONSEC
Historial de versiones de YetAnotherBrowserExtension - 5 versiones
¡Ten cuidad con las versiones antiguas! Se suelen mostrar para pruebas y a modo de referencia.Deberías usar siempre la última versión disponible de un complemento.
Última versión
Versión 1.4
Lanzada el 20 de abr. de 2026 - 97,87 KBCompatible con firefox 126.0 y superioresRelease Notes - v1.4
Highlights
Major release expanding the extension from a basic secret scanner into
a full-featured security toolkit with severity classification, smart
validation, live key verification, and persistent false-positive
management.
New Features
Severity & Classification
- Severity levels for every finding: critical, high, medium, low, info.
- Color-coded severity badges with filtering in the Findings UI.
Active API Key Verification
- Live verification of detected keys via real HTTP requests.
- Supports 10 providers: Google, GitHub, GitLab, Slack, Stripe,
SendGrid, Telegram, npm, Cloudflare, and more.
- Automatic severity upgrade to "high" on confirmed-valid keys.
- Rate-limited to avoid provider throttling.
- Per-finding Verify button and status badges.
LLM-Based Validation
- OpenAI-compatible API integration for intelligent false-positive
detection.
- Configurable endpoint, model, and API key (stored securely).
- Auto-validate new findings or validate on demand (single / bulk).
- Connection test button in Settings.
Heuristic Pre-Filter
- Catches placeholder values, low-entropy strings, and documentation
examples before storing findings. Toggleable in Settings.
False-Positive Allowlist
- Persistent suppression of known false positives across re-scans.
- Per-origin or global scope.
- Manual mark as false-positive / confirmed from the Findings UI.
- Bulk delete, export, and import of the allowlist.
In-Tab Alerts
- Replaced OS notifications with in-tab JavaScript alerts.
- Configurable minimum severity threshold.
- 1-hour deduplication per origin.
AI / LLM Context File Scanning
- Active probes for AGENTS.md, CLAUDE.md, llms.txt, .cursor/, .claude/,
and other AI-related exposure points.
Detection Expansion- Pattern count: 35 -> 99 (95 secrets + 4 vulnerabilities).
- New providers: ElevenLabs, DeBounce, Square (prod and sandbox),
Discord (Bot token and Webhook), Cloudinary, Databricks, Instagram,
Contentful, Postman, Figma, Airtable, Flutterwave, Razorpay, HubSpot,
Pulumi, Age encryption keys, Artifactory, Branch.io, Sentry DSN, New
Relic, Algolia, Supabase (multiple key types), GitHub Fine-Grained
PAT, Google Service Account JSON, AWS Session Tokens, and DB
connection strings (MongoDB, PostgreSQL, Redis, MySQL). - Vulnerability detection skipped for JS files to reduce noise.
Improvements- Wildcard support in origin deny list at any position
(e.g. .domain.com, .gov., app.example.com). - .gov. added to the default deny list.
- Rescan disabled on extension and denied pages.
- Lazy pattern compilation for improved performance.
- Debug Mode page showing cached origins and live settings.
Fixes- Fixed browser notifications handling.
- Multiple stability and correctness improvements.
Se publicó el código fuente bajo la licencia Todos los derechos reservados
Versiones antiguas
Versión 1.1.3
Lanzada el 4 de feb. de 2026 - 73,52 KBCompatible con firefox 126.0 y superioresv1.1.3 - add Supabase Key detection and optional JWT detect toggleSe publicó el código fuente bajo la licencia Todos los derechos reservados
Versión 1.1.2
Lanzada el 26 de dic. de 2025 - 73,34 KBCompatible con firefox 126.0 y superiores- Improve JS file detection
- Fix popup showing "Scanning" when findings already exist
- Change default origin cache expiration: 1h → 24h
- Deduplication: Now uses type+match only
- Skip content script on about: and chrome: pages
- Fix popup for about: pages (origin returns "null" string)
- Add isSpecialPage() and isOriginInDenyList() helpers
Se publicó el código fuente bajo la licencia Todos los derechos reservados
Versión 1.1.0
Lanzada el 25 de dic. de 2025 - 70,55 KBCompatible con firefox 126.0 y superiores• Added Debug Console for troubleshooting
• Reduced false positives on JavaScript files
• Improved scanning status feedback
• Fixed various UI bugsSe publicó el código fuente bajo la licencia Todos los derechos reservados
Versión 1.0.0
Lanzada el 2 de nov. de 2025 - 68,07 KBCompatible con firefox 126.0 y superioresSe publicó el código fuente bajo la licencia Todos los derechos reservados