Skip to content

release katana v1.5.0#1566

Open
dogancanbakir wants to merge 22 commits intomainfrom
dev
Open

release katana v1.5.0#1566
dogancanbakir wants to merge 22 commits intomainfrom
dev

Conversation

@dogancanbakir
Copy link
Member

@dogancanbakir dogancanbakir commented Mar 5, 2026
edited by neo-by-projectdiscovery-dev bot
Loading

Relates to #1568

fail-open and others added 18 commits January 24, 2026 05:49
@fail-open @dwisiswant0
fix(runner): prioritize chrome-ws-url over headless flag (#1506)
dc82e82 
* Fix: Prioritize -cwu over -headless flag

When both -cwu (Chrome WebSocket URL) and -headless flags are used
together, -cwu should take precedence since the user explicitly wants
to connect to an existing browser session.

Without this fix, when users run:
  katana -headless -u URL -cwu ws://... -no-incognito

The -headless flag causes Katana to launch a new Chrome instance,
completely ignoring the -cwu WebSocket URL. This makes authenticated
crawling via existing browser sessions impossible when following the
official documentation.

Changes:
- Prioritize ChromeWSUrl check in engine selection (runner.go)
- Add warning when -headless is used with -cwu (options.go)
- Ensure hybrid engine is selected when -cwu is specified

This fix maintains backward compatibility while making the documented
workflow actually work as intended.

Fixes issue where -cwu flag is ignored when -headless is present.

* chore(runner): rm logs

---------

Co-authored-by: aparsons2 <[email protected]>
Co-authored-by: Dwi Siswanto <[email protected]>
@dogancanbakir
chore: add pull request template
30123f5
@dogancanbakir
feat(headless): add captcha detection and solving
2d73d9b
@dogancanbakir
feat: add knowledge base classification using dit
5150df5 
- Add -kb flag to enable page/form/field classification via dit
- Add -fpt flag to filter results by page type (auto-enables -kb)
- Classification works across all engines (standard, headless, hybrid)
- KB data included in jsonl output via knowledgebase field
- Bump Go version to 1.25.x across CI, Dockerfile, and docs
@dogancanbakir
fix: use golangci-lint v2 action for Go 1.25 compat
b136de5
@dogancanbakir
fix: use projectdiscovery/actions/setup/go in all workflows
fb60a5c
@dogancanbakir
feat: add -filter-similar flag for URL path pattern deduplication (#1527
0b0dead 
)

Two-layer hybrid system:
- Layer 1: Heuristic regex detects UUIDs, hashes, dates, timestamps, and numeric IDs
- Layer 2: Adaptive per-host trie learns parameter positions at runtime via cardinality tracking

Structurally identical URLs (e.g., /users/123 and /users/456) are collapsed
during crawling, preventing the crawler from wasting time on duplicate pages.
@dogancanbakir
fix: add mutex to PathTrie for concurrent access safety
778d712
@dogancanbakir
feat: add LRU-bounded host tracking and configurable threshold for -f…
69b54c3 
…ilter-similar
@dogancanbakir
Merge pull request #1550 from projectdiscovery/feature/filter-similar…
b6264eb 
…-urls

feat: add -filter-similar flag for URL path pattern deduplication
@Mzack9999
Merge branch 'dev' into feature/captcha-solver
80a662d
@dependabot
chore(deps): bump goreleaser/goreleaser-action from 4 to 7
38d2e16 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 7.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](goreleaser/goreleaser-action@v4...v7)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dogancanbakir
Merge pull request #1536 from projectdiscovery/feature/captcha-solver
db64389 
feat(headless): add captcha detection and solving support
@dogancanbakir
Merge pull request #1553 from projectdiscovery/dependabot/github_acti…
3689151 
…ons/dev/goreleaser/goreleaser-action-7

chore(deps): bump goreleaser/goreleaser-action from 4 to 7
@dogancanbakir
merge dev
f8628da
@dogancanbakir
use dit for captcha type detection pre-check
411698a
@dogancanbakir
fallback to data-sitekey check when dit detects none
39abb7e
@dogancanbakir
fix lint errors
38a79ac
@dogancanbakir dogancanbakir self-assigned this Mar 5, 2026
@neo-by-projectdiscovery-dev
Copy link

neo-by-projectdiscovery-dev bot commented Mar 5, 2026
edited
Loading

Neo - PR Security Review

No security issues found

Highlights

  • Adds captcha solving integration with CapSolver API for reCAPTCHA v2/v3, hCaptcha, and Cloudflare Turnstile
  • Implements URL fingerprinting with adaptive path trie for deduplication of similar URLs
  • Introduces filter-similar feature to reduce crawl noise by collapsing parameter variations
Hardening Notes
  • Consider adding rate limiting on captcha solver API calls in pkg/engine/headless/captcha/capsolver/capsolver.go to prevent excessive API usage if a target has many captcha pages
  • Add validation for the captcha solver API key format in pkg/engine/headless/captcha/captcha.go:16 before initializing the solver to fail fast with a clear error message
  • Consider adding a timeout configuration option for the captcha solving operation (currently hardcoded to 120s in capsolver.go:17) to allow users to tune based on their needs

Comment @neo help for available commands. · Open in Neo

@dogancanbakir dogancanbakir requested a review from knakul853 March 5, 2026 11:38
@dogancanbakir
Copy link
Member Author

dogancanbakir commented Mar 5, 2026

@pdneo create an issue to track this release

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 5, 2026
edited
Loading

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b2cbc184-50d4-4950-a54c-9581a3f7511e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dev

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

Comment @coderabbitai help to get the list of available commands and usage tips.

@neo-by-projectdiscovery-dev
Copy link

neo-by-projectdiscovery-dev bot commented Mar 5, 2026
edited
Loading

@dogancanbakir Created issue #1568 to track katana v1.5.0 release

Check it out here: #1568

  • Linked: relates (PR description updated)

@neo-by-projectdiscovery-dev neo-by-projectdiscovery-dev bot mentioned this pull request Mar 5, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@knakul853 knakul853 Awaiting requested review from knakul853

At least 1 approving review is required to merge this pull request.

Assignees

@dogancanbakir dogancanbakir

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dogancanbakir @fail-open @Mzack9999