salvacybersec/strix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
229 Commits 10 Branches 12 Tags
c433d4ffb2597d262e2fff36ebf451caf8afdd91
Commit Graph

229 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
c433d4ffb2 chore(deps): bump pyasn1 from 0.6.1 to 0.6.2 
Bumps [pyasn1](https://github.com/pyasn1/pyasn1) from 0.6.1 to 0.6.2.
- [Release notes](https://github.com/pyasn1/pyasn1/releases)
- [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst)
- [Commits](https://github.com/pyasn1/pyasn1/compare/v0.6.1...v0.6.2)

---
updated-dependencies:
- dependency-name: pyasn1
  dependency-version: 0.6.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-16 15:26:13 -08:00
0xallam
ed6861db64 fix(tool_server): include request_id in worker errors and use get_running_loop 
- Add request_id to worker error responses to prevent client hangs
- Replace deprecated get_event_loop() with get_running_loop() in execute_tool
 2026-01-16 01:11:02 -08:00
0xallam
a74ed69471 fix(tool_server): use get_running_loop() instead of deprecated get_event_loop() 2026-01-16 01:11:02 -08:00
0xallam
9102b22381 fix(python): prevent stdout/stderr race on timeout 
Add cancelled flag to prevent timed-out thread's finally block from
overwriting stdout/stderr when a subsequent execution has already
started capturing output.
 2026-01-16 01:11:02 -08:00
0xallam
693ef16060 fix(runtime): parallel tool execution and remove signal handlers 
- Add ThreadPoolExecutor in agent_worker for parallel request execution
- Add request_id correlation to prevent response mismatch between concurrent requests
- Add background listener thread per agent to dispatch responses to correct futures
- Add --timeout argument for hard request timeout (default: 120s from config)
- Remove signal handlers from terminal_manager, python_manager, tab_manager (use atexit only)
- Replace SIGALRM timeout in python_instance with threading-based timeout

This fixes requests getting queued behind slow operations and timeouts.
 2026-01-16 01:11:02 -08:00
0xallam
8dc6f1dc8f fix(llm): remove hardcoded temperature from dedupe check 
Allow the model's default temperature setting to be used instead of
forcing temperature=0 for duplicate detection.
 2026-01-15 18:56:48 -08:00
0xallam
4d9154a7f8 fix(config): keep non-LLM saved env values 
When LLM env differs, drop only LLM-related saved entries instead of
clearing all saved env vars, preserving other config like API keys.
 2026-01-15 18:37:38 -08:00
0xallam
2898db318e fix(config): canonicalize LLM env and respect cleared vars 
Drop saved LLM config if any current LLM env var differs, and treat
explicit empty env vars as cleared so saved values are removed and
not re-applied.
 2026-01-15 18:37:38 -08:00
0xallam
960bb91790 fix(tui): suppress stderr output in python renderer 2026-01-15 17:44:49 -08:00
0xallam
4de4be683f fix(executor): include error type in httpx RequestError messages 
The str() of httpx.RequestError was often empty, making error messages
unhelpful. Now includes the exception type (e.g., ConnectError) for
better debugging.
 2026-01-15 17:40:21 -08:00
0xallam
d351b14ae7 docs(tools): add comprehensive multiline examples and remove XML terminology 
- Add professional, realistic multiline examples to all tool schemas
- finish_scan: Complete pentest report with SSRF/access control findings
- create_vulnerability_report: Full SSRF writeup with cloud metadata PoC
- file_edit, notes, thinking: Realistic security testing examples
- Remove XML terminology from system prompt and tool descriptions
- All examples use real newlines (not literal \n) to demonstrate correct usage
 2026-01-15 17:25:28 -08:00
Ahmed Allam
ceeec8faa8 Update README 2026-01-16 02:34:30 +04:00
0xallam
e5104eb93a chore(release): bump version to 0.6.1 v0.6.1 2026-01-14 21:30:14 -08:00
0xallam
d8a08e9a8c chore(prompt): discourage literal \n in tool params 2026-01-14 21:29:06 -08:00
0xallam
f6475cec07 chore(prompt): enforce single tool call per message and remove stop word usage 2026-01-14 19:51:08 -08:00
0xallam
31baa0dfc0 fix: restore ollama_api_base config fallback for Ollama support 2026-01-14 18:54:45 -08:00
0xallam
56526cbf90 fix(agent): fix agent loop hanging and simplify LLM module 
- Fix agent loop getting stuck by adding hard stop mechanism
- Add _force_stop flag for immediate task cancellation across threads
- Use thread-safe loop.call_soon_threadsafe for cross-thread cancellation
- Remove request_queue.py (eliminated threading/queue complexity causing hangs)
- Simplify llm.py: direct acompletion calls, cleaner streaming
- Reduce retry wait times to prevent long hangs during retries
- Make timeouts configurable (llm_max_retries, memory_compressor_timeout, sandbox_execution_timeout)
- Keep essential token tracking (input/output/cached tokens, cost, requests)
- Maintain Anthropic prompt caching for system messages
 2026-01-14 18:54:45 -08:00
0xallam
47faeb1ef3 fix(agent): use correct agent name in identity instead of class name 2026-01-14 11:24:24 -08:00
0xallam
435ac82d9e chore: add defusedxml dependency 2026-01-14 10:57:32 -08:00
0xallam
f08014cf51 fix(agent): fix tool schemas not retrieved on pyinstaller binary and validate tool call args 2026-01-14 10:57:32 -08:00
dependabot[bot]
bc8e14f68a chore(deps-dev): bump virtualenv from 20.34.0 to 20.36.1 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.34.0 to 20.36.1.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/20.34.0...20.36.1)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-version: 20.36.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-13 17:15:58 -08:00
dependabot[bot]
eae2b783c0 chore(deps): bump filelock from 3.20.1 to 3.20.3 
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.20.1 to 3.20.3.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.20.1...3.20.3)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.20.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-13 17:15:43 -08:00
dependabot[bot]
058cf1abdb chore(deps): bump azure-core from 1.35.0 to 1.38.0 
Bumps [azure-core](https://github.com/Azure/azure-sdk-for-python) from 1.35.0 to 1.38.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Commits](https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.35.0...azure-core_1.38.0)

---
updated-dependencies:
- dependency-name: azure-core
  dependency-version: 1.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-13 17:15:22 -08:00
Ahmed Allam
d16bdb277a Update README 2026-01-14 05:00:16 +04:00
0xallam
d7f712581d chore: Bump strix version to 0.6.0 0.6.0 v0.6.0 2026-01-12 09:19:19 -08:00
0xallam
4818a854d6 feat: modernize TUI status bar with sweep animation 
- Replace braille spinner with ping-pong sweep animation using colored squares
- Add smooth gradient fade with 8 color steps from dim to bright green
- Modernize keymap styling: keys in white, actions in dim, separated by ·
- Move "esc stop" to left side next to animation
- Change ctrl-c to ctrl-q for quit
- Simplify "Initializing Agent" to just "Initializing"
- Remove italic styling from status text
- Waiting state shows only "Send message to resume" hint
- Remove unused action verbs and related dead code

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-11 23:54:24 -08:00
0xallam
9bcb43e713 fix: correct GitHub repository URL in README 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:53:10 -08:00
0xallam
5672925736 docs: document config persistence in README 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
61c94189c6 fix: allow clearing saved config by setting empty env var 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
f539e5aafd fix: apply saved config at module level before strix imports 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
1ffeedcf55 fix: handle chmod failure on Windows gracefully 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
c059f47d01 refactor: add explicit STRIX_IMAGE validation 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
7dab26cdd5 refactor: remove unused LLMRequestQueue constructor params 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
498032e279 refactor: replace type ignores with inline fallbacks 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
b80bb165b9 refactor: use Config.get() in validate_environment() 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
fe456d57fe fix: set restrictive permissions on config file 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
13e804b7e3 refactor: remove STRIX_IMAGE constant, use Config.get() instead 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
2e3dc0d276 fix: remove default for strix_llm, keep it required 2026-01-10 15:49:03 -08:00
0xallam
83efe3816f feat: add centralized Config class with auto-save to ~/.strix/cli-config.json 
- Add Config class with all env var defaults in one place
- Auto-load saved config on startup (env vars take precedence)
- Auto-save config after successful LLM warm-up
- Replace scattered os.getenv() calls with Config.get()

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 15:49:03 -08:00
0xallam
52aa763d47 fix: add missing 'low' value to reasoning effort options 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 20:17:46 -08:00
Ahmed Allam
d932602a6b Update args in strix/interface/main.py 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-01-09 20:00:01 -08:00
0xallam
6f4ca95338 feat: add STRIX_REASONING_EFFORT env var to control thinking effort 
- Add configurable reasoning effort via environment variable
- Default to "high", but use "medium" for quick scan mode
- Document in README and interface error panel

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 20:00:01 -08:00
0xallam
fb6f6295c5 docs: reformat recommended models as bulleted list 2026-01-09 16:49:16 -08:00
0xallam
f56f56a7f7 docs: add Gemini 3 Pro Preview to recommended models 2026-01-09 16:47:33 -08:00
0xallam
86a687ede8 fix: restrict result type check to dict or str 2026-01-09 16:44:05 -08:00
0xallam
7b7ea59a37 fix: handle string results in tool renderers 
Previously, tool renderers assumed result was always a dict and would
crash with AttributeError when result was a string (e.g., error messages).
Now all renderers properly check for string results and display them.
 2026-01-09 16:44:05 -08:00
Daniel Sangorrin
226678f3f2 fix: add thinking blocks 2026-01-09 15:40:21 -08:00
Ahmed Allam
49421f50d5 Remove title from README 2026-01-10 02:35:20 +04:00
0xallam
b6b0778956 Simplify stats panel display format 2026-01-09 14:25:00 -08:00
0xallam
4a58226c9a Modernize vulnerability detail dialog styling 2026-01-09 14:25:00 -08:00