rep+ Files

This release is a major step forward for rep+, combining a cleaner internal architecture with powerful new passive security capabilities and a smoother scanning experience.

✨ Highlights

Core Architecture Improvements

• Introduced centralized state actions to ensure consistent, predictable state updates.
• Standardized event-driven communication across request list, filters, blocking, and timeline, reducing tight coupling and improving maintainability.
• Added a Vitest-based test suite covering core utilities, state, events, extractors, and network parsing.
• New build and packaging scripts for Chrome Web Store–ready bundles.

🔐 Kingfisher Rules–Powered Secret Detection

• Replaced hardcoded regexes with Kingfisher rule support, enabling detection of secrets from hundreds of providers (AWS, Azure, GitHub, GCP, Stripe, Slack, Twilio, and more).
• Standardized patterns with entropy checks and validation logic for higher signal and easier rule maintenance.
• Thanks to @mickgmdb for the Kingfisher rules.

Passive JavaScript Parameter Extraction

• Passively extracts query, body, header, and path parameters directly from JavaScript responses.
• Automatically associates parameters with endpoints and flags high-risk parameters (auth, IDOR, debug, feature flags, etc.).
• Strong false-positive suppression, deduplication, confidence scoring, and smart defaults.
• Rich UI with endpoint grouping, badges, domain filtering, search, sorting, and one-click cURL generation.

Scanning UI Improvements

• Step-by-step scan checklist showing all phases (secrets → endpoints → parameters → processing).
• More accurate progress tracking, fixed file counts, clear phase separation, and improved timeout handling.