Download Latest Version graphify 0.9.17 source code.zip (4.0 MB)
Email in envelope

Get an email when there's a new version of Graphify

Home / v0.9.15
Name Modified Size InfoDownloads / Week
Parent folder
graphify-self-graph.tar.gz 2026-07-13 253.7 kB
graphifyy-0.9.15-py3-none-any.whl 2026-07-13 1.1 MB
graphifyy-0.9.15.tar.gz 2026-07-13 1.4 MB
README.md 2026-07-13 1.5 kB
v0.9.15 source code.tar.gz 2026-07-13 3.5 MB
v0.9.15 source code.zip 2026-07-13 4.0 MB
Totals: 6 Items   10.3 MB 4

A small, security-focused patch on top of 0.9.14.

Highlights

  • Security (stored XSS): the exported graph.html is fixed (#1838). The report's neighbor links dropped an unescaped stringified node id into an inline onclick — which broke every neighbor link and, when a node id/label contained a double-quote (e.g. from a document or a title scraped via graphify add <url>), let a hostile source inject a live event handler into a report opened locally. The id is now carried in an HTML-escaped data-nid attribute dispatched through a single delegated listener. If you generate reports from untrusted corpora, upgrade.

All fixes

  • Security: close a stored XSS and repair the (previously always-broken) neighbor "focus" links in the exported graph.html (#1838, thanks @edgestack-ai).
  • Fix: detection honors nested .gitignore/.graphifyignore files below the scan root, matching git — a vendor/sub/.gitignore deeper in the tree is now applied to its own subtree instead of being ignored (#1847, thanks @Mohak-Agrawal). Composes with .git/info/exclude (0.9.14): a nearer ! re-include still wins.
  • Fix: graphify update now keeps human-readable community_name labels instead of stripping them back to numeric ids on every incremental rebuild (#1808 / [#1855], thanks @latreon).

Install

pip install --upgrade graphifyy
# or
uv tool install graphifyy@0.9.15

Then graphify install to update the skill for your agent.

Source: README.md, updated 2026-07-13