What's shipped recently

Linux distro CVE detection — Alpine, Debian, Red Hat, Oracle Linux

Native CVE detectors per distro, with each stream updating on its own cadence — distinct from upstream OSV. A vendor advisory becomes a block-list entry the same hour the distro publishes it. Modular ingest means an Alpine stall doesn't hold up Red Hat coverage.

Read more →

Bundled Hugging Face malware feed

Native HF coordinate-match feed shipped in-process — closes the gap where public SCA indexes lag on model-repo malware. Lookup is constant-time at resolve; a hit drops trust score to -100.

Read more →

chainsaw doctor verify-hook and doctor logs

Two new CLI subcommands. verify-hook detects client-side install-hook bypasses — a developer skipping the proxy via .npmrc edits or env overrides now shows up in doctor output. doctor logs surfaces operator-actionable WARN lines from the server so on-call doesn't have to grep raw stdout.

Docker OCI inspector and Swift git-fallback ON by default

Per-layer image inspection and Swift's git-tag fallback no longer need an opt-in flag. New deployments get container depth and Swift coverage out of the box. Existing installs keep their explicit config; the default only changes when the flag is unset.

Silent-success write telemetry + SQL tripwire

published_to_inventory counters, drop counters, and a SQL tripwire fire when a write looks like it succeeded but didn't land. Six operator log lines were promoted DEBUG→WARN so the cases that used to need code-reading now show up in doctor logs.

VEX-aware exception CLI

chainsaw exception create now accepts --cve, --decision, and --vex-note. Exceptions carry VEX semantics — not_affected, affected, fixed, under_investigation — so the audit log answers vendor questionnaires directly.

chainsaw cargo-credentials — credential provider for cargo 1.74+

Cargo's native credential-provider protocol now has a first-class Chainsaw integration. No more .cargo/config.toml token-in-plaintext patterns; the provider sources credentials from the OS keyring.

Supply-chain attack signals catalogue

Install-script exfiltration, maintainer takeover, version anomalies, hidden Unicode, publish-velocity bursts, reserved-namespace dependency confusion, Docker malware feed, per-layer image enforcement, APT/Yum/DNF hash-chain provenance, typosquat across 14 ecosystems including Go, CocoaPods, and GitHub Actions, repo liveness plus ownership match, and checksum fail-closed enforcement — 25 signals total, composable in a single policy. Four run on every ecosystem (CVE, license, reserved namespaces, trust score); the rest light up where each registry exposes the metadata we need. See POLICY_PROXY_MATRIX.md for the per-ecosystem grid.

Read more →

Browser-based CLI login with Turnstile

chainsaw auth login now opens a browser to the dashboard and uses a device-code flow with Cloudflare Turnstile to block automated login attempts. Works on headless shells via a short code; works on desktop via redirect. Tokens land in the OS keyring — macOS Keychain, Windows Credential Manager, Linux secret-service.

Cross-platform signed CLI binaries

Signed builds for macOS (Intel and Apple Silicon), Linux (x86_64, arm64), and Windows (x86_64). Signature verification runs by default; CHAINSAW_REQUIRE_SIGNATURE=1 is the new opt-out. The server URL can be baked into the binary at build time for air-gapped shipping.

Strict JWT mode is now default

Chainsaw refuses to boot without CHAINSAW_JWT_SECRET or a persistent store to hold a generated secret. Multi-replica deployments are safer out of the box. Single-process dev still works with CHAINSAW_STRICT_JWT=0.

FORCE_HTTPS scheme upgrade for CLI auth

The CLI login URL now honours FORCE_HTTPS. Reverse-proxied Chainsaw deployments with TLS termination upstream no longer emit http:// redirects.

Web UI URLs resolved via NEXT_APP_BASEPATH

Dashboard URLs printed by the CLI during auth now respect NEXT_APP_BASEPATH and CHAINSAW_WEB_UI_URL, so Chainsaw deployments on a subpath or a custom domain get correct browser links.