[v1.97.0]
- Report viewer cross-tool triage: when a Kingfisher report is loaded alongside a Gitleaks or TruffleHog report, matching imported findings are enriched with Kingfisher's validation verdict, validation response, validate command, and revoke command. Matching is keyed on
commit + file + linewith afile + linefallback, and enriched rows show an "Enriched by Kingfisher" callout in the detail panel plus an "Enriched" chip in the findings table. Added a Source column to the findings table; a new Duplicates Removed by Tool dashboard panel showing per-tool cards for Kingfisher / TruffleHog / Gitleaks; and an upload-time Deduplicate findings toggle (on by default) so users can inspect the raw rows before fingerprint dedup when needed. - Fixed the HTML report viewer dark mode so charts redraw correctly on theme changes and follow the system color scheme until manually overridden.
- Fixed #344: baseline fingerprints no longer have to be hexadecimal. The fingerprint value emitted by scan output (JSON, JSONL, pretty, SARIF) can now be copied directly into a baseline file and will match on the next scan.
--manage-baselinenow writes fingerprints in decimal to match scan output, and legacy 16-char hex (and0x-prefixed hex) entries continue to be accepted, so existing baseline files keep working unchanged. - Expanded the bundled ruleset to 942 rules (820 standalone detectors + 122 dependent rules), with 484 standalone detectors now including live HTTP / service-specific validation.
- Documentation: expanded coverage of the Report Viewer & Triager across
README.md,docs/USAGE.md, and the docs site (docs-site/docs/features/report-viewer.md,docs-site/docs/usage/basic-scanning.md). The same viewer is available locally viakingfisher view <report.json>and as a hosted static upload-based page at https://mongodb.github.io/kingfisher/viewer/. Both forms import Kingfisher, Gitleaks, and TruffleHog JSON/JSONL for cross-tool triage with fingerprint-based deduplication and blast-radius rendering.