github Dicklesworthstone/ultimate_bug_scanner v5.0.0
on GitHub

latest releases: v5.0.6, v5.0.5, v5.0.4...
one month ago

v5.0.0 - Major Release: Windows Support, AST Accuracy, Module Upgrades

This release represents a significant evolution of Ultimate Bug Scanner with 105 commits and 10,600+ line additions across 50 files. Key themes include comprehensive Windows compatibility, mandatory AST-powered JS/TS analysis, and all language modules upgraded to v3.0+ standards.

🪟 Windows Compatibility (Breaking: Now Fully Supported)

  • Added .ubsignore fallback chain when rsync unavailable: rsync → tar → Python
  • Fixed Windows path parsing (C:/path:line:code) across all 8 language modules
  • Added parse_grep_line() helper with proper regex for drive letter handling
  • Portable SHA256 verification (sha256sum/shasum/openssl)
  • Cross-platform installer improvements for Git Bash/MSYS2

🎯 AST Accuracy Enforcement (Breaking: ast-grep Now Required for JS/TS)

  • JS/TS scanner now requires ast-grep for accuracy guarantees
  • Noisy grep-based patterns removed in favor of AST-confirmed findings
  • Type narrowing properly gated to TypeScript inputs only
  • Exit code 2 signals environment errors (missing tools)

📦 Module Upgrades

All 8 language modules upgraded to v3.0+ standards:

Module Version Key Features
ubs-js.sh v3.0 React hook dependency analysis, AST-powered
ubs-python.sh v3.0 Scope-aware resource lifecycle
ubs-golang.sh v7.1 Return/defer handling, context leak detection
ubs-cpp.sh v7.1 Modern C++20 patterns, RAII checks
ubs-rust.sh v3.0 Type narrowing, cargo integration
ubs-java.sh v3.0 JDBC lifecycle, CompletableFuture checks
ubs-ruby.sh v3.0 Block/ensure analysis
ubs-swift.sh v1.8.0 Guard-let analysis, AST rules

🛡️ Security & Quality

  • Added Claude Code hook to block destructive git commands
  • Supply chain: SHA256 checksums auto-synced via GitHub Action
  • Inline suppression: ubs:ignore, nolint, noqa markers respected
  • Resource lifecycle analyzers now scope-aware (handles return/yield/defer)

🔧 Infrastructure

  • GitHub Action for checksum auto-sync on push
  • Portable update_sha256sums.sh (Linux/macOS)
  • AI agent guardrails for Cursor, Codex, Gemini, Windsurf, Cline
  • Test suite with manifest-driven cases

⚠️ Breaking Changes

  1. ast-grep is now REQUIRED for JS/TS scanning (install via brew install ast-grep, cargo install ast-grep, or npm i -g @ast-grep/cli)
  2. Exit code 2 indicates environment errors (missing required tools)
  3. Windows paths now parsed correctly (may affect downstream tooling that depended on broken parsing)

📥 Installation

# Fresh install
curl -fsSL https://ubs.sh | bash

# Or upgrade existing
ubs --update

# Verify
ubs --version  # Should show 5.0.0

🐳 Docker

docker pull ghcr.io/dicklesworthstone/ubs-tools:v5.0.0

🍺 Homebrew

# ubs.rb formula included in release assets

📋 Artifacts

File Description
ubs Main scanner binary
install.sh Installation script
SHA256SUMS Checksums for verification
SHA256SUMS.minisig Signed checksums (minisign)
sbom.spdx.json Software Bill of Materials
ubs.rb Homebrew formula
oci-sbom.spdx.json Docker image SBOM
oci-provenance.json SLSA provenance attestation

🔗 Full Changelog

v4.6.5...v5.0.0

This release includes work from the Ultimate Bug Scanner team with AI-assisted development using Claude Code.

Check out latest releases or
releases around Dicklesworthstone/ultimate_bug_scanner v5.0.0

Don't miss a new ultimate_bug_scanner release

NewReleases is sending notifications on new releases.

Get notifications