github FrancescoStabile/numasec v1.2.1
on GitHub

22 days ago

numasec v1.2.1

numasec 1.2.1 is about making the operator experience tighter.

1.2.0 gave numasec a real cyber operation model: scope, tools, findings, evidence, replay, reports, and AppSec/Pentest workflows. 1.2.1 makes that foundation easier to trust during real work: multiple terminals, multiple operations, long sessions, model switching, evidence lookup, workflow state, and cleaner context.

Highlights

  • Sessions now attach to their own operation, so multi-terminal work feels much cleaner.
  • The startup flow now lets you choose which operation this session should use, or create a new one just for this session.
  • The operation picker now shows all operations in the workspace, with cleaner labels and useful metadata.
  • Operation state is easier for the agent to read through canonical snapshot/query flows.
  • Evidence, findings, routes, reports, and share state are more consistent across the TUI and tools.
  • Evidence search and graph navigation are more useful for real investigation work.
  • Read-only tools now communicate their behavior more clearly.
  • Workflow progress is tracked more reliably, including read-only workflow steps.
  • Model reasoning/thinking controls are clearer, with better provider-specific mappings.
  • Long model runs now expose better status while connecting, waiting, streaming, running tools, finalizing, or interrupting.
  • Provider timeout diagnostics are cleaner and less misleading.
  • numasec is now licensed under AGPL-3.0-or-later.

Multi-operation sessions

numasec now handles multiple operations in the same workspace in a much more natural way.

When you start a fresh session and numasec finds existing operations, it asks what this session should use. You can pick an existing operation or create a new operation for this session.

That means you can keep separate terminals open for separate targets or tasks without everything drifting toward the workspace default.

The workspace default still exists, but an already-running session now has its own operation binding. That is the important part.

Cleaner operation picker

The startup operation picker now lists every operation in the workspace.

The default operation is shown first, but the rest are visible too. Operation names are shown cleanly, with kind, slug, and target kept in the details.

Small thing, but it makes the product feel much less confusing when you actually use it with several operations.

Stronger operation context

The agent now gets a better view of the active operation through snapshot/query flows instead of relying on generated markdown context as truth.

That improves orientation around:

  • routes
  • observations
  • findings
  • evidence
  • deliverables
  • shares
  • workflow state
  • capability readiness

The result is a cleaner separation between canonical operation state and human-readable context artifacts.

Better graph and evidence navigation

The cyber graph is more useful now.

You can query links like:

  • route to findings
  • finding to evidence
  • evidence search across linked finding and observation text

This makes numasec feel more like an investigation workspace and less like a pile of disconnected tool output.

More honest read-only behavior

Read-only tools now expose clearer metadata about what they did.

The goal is simple: when the agent inspects workspace, report, share, or evidence state, it should be clear whether it only read state or actually changed something.

This matters a lot for security work, where evidence, findings, and reports need to be traceable.

Better workflow tracking

Workflow progress is cleaner, especially for steps that are intentionally read-only.

A knowledge or inspection step can be read-only and still count as workflow progress. Read-only should mean "do not mutate facts/evidence/context", not "leave the workflow stuck".

Better model reasoning controls

Model reasoning/thinking controls are clearer across supported providers.

numasec now handles provider-specific reasoning options more carefully, including OpenAI-style reasoning effort, Claude thinking budgets, Gemini thinking config, OpenRouter reasoning effort, and DeepSeek V4 thinking controls.

DeepSeek V4 support was tightened in this release: supported DeepSeek V4, V4 Flash, and V4 Pro models now expose honest high/max controls instead of hiding thinking options or showing fake levels.

Better model run lifecycle

The TUI now gives clearer status during model runs.

You should see better state while numasec is connecting, waiting for model output, streaming, running tools, finalizing, or interrupting.

Interrupt handling is also more deterministic, so a session is better at returning to a clean ready state after you stop a run.

License update

numasec is now licensed under AGPL-3.0-or-later.

The project stays open source, but the license now better matches where numasec is going: a serious open security agent platform, not just a small CLI experiment.

Summary

1.2.1 is not a flashy release. It is a trust release.

The theme is: 

better sessions, better state, better evidence, better control

numasec should now feel smoother when used the way security people actually work: multiple terminals, multiple targets, long sessions, local tools, evidence, reports, and model runs that sometimes need to be interrupted.

Check out latest releases or
releases around FrancescoStabile/numasec v1.2.1

Don't miss a new numasec release

NewReleases is sending notifications on new releases.

Get notifications