Quantify Issues

Recent GitHub Issues Activity

_{Like all software activity quantification, these numbers are imperfect but sometimes useful. Comments, Labels, and Milestones refer to those issues opened in the timespan in question.}

Quantify commits

Quantified Commit Activity Over 30 Days

Developer	Avatar	Branches	PRs	Commits	Files	Changes
Dwi Siswanto		2	13/10/2	19	29	866
Tarun Koyalwar		2	4/3/0	6	24	359
Dogan Can Bakir		3	6/6/0	13	20	332
dependabot[bot]		2	27/24/2	25	2	225
Mzack9999		1	0/0/0	4	8	220
Ramana Reddy		2	3/3/0	4	13	212
Deleted user		1	0/0/0	1	3	135
Mohammed Diaa		1	0/1/0	1	11	133
Tryfon Papatriantafyllou		1	2/2/0	2	6	64
Roy Reznik		1	1/1/0	1	3	31
Ice3man		1	1/1/0	1	1	13
Sandeep Singh		1	2/1/0	2	4	9
alban-stourbe-wmx		1	0/1/0	1	1	7
Peter Kasza		1	1/1/0	1	1	3
Peter Dave Hello		1	1/1/0	1	1	2
4shen0ne (zrquan)		0	1/0/0	0	0	0
geeknik (geeknik)		0	0/0/2	0	0	0

_{PRs: created by that dev and opened/merged/closed-unmerged during the period}

Report On: Fetch issues

Recent Activity Analysis

The Nuclei GitHub repository has seen a significant amount of recent activity, with 298 open issues currently being tracked. Among these, there are numerous bug reports and feature requests, indicating an active engagement from the community and developers. Notably, there are several issues related to bugs in the headless protocol, template validation, and performance optimizations. A recurring theme is the need for enhancements in handling various protocols and improving the user experience with clearer error messages and more robust functionality.

Several issues stand out due to their implications for the project's stability and usability. For instance, issues related to the headless protocol not properly handling relative paths could hinder users attempting to automate scans on dynamic web applications. Additionally, the ongoing discussions about memory usage optimizations highlight a critical area for improvement as users report crashes during extensive scans.

Issue Details

Here are some of the most recently created and updated issues:

1. Issue #5582: [BUG] Unable to get stats when running two Nuclei instances

   • Priority: Medium
   • Status: Open
   • Created: 1 day ago
   • Update: Not updated

2. Issue #5581: [FEATURE] DNS TRACE

   • Priority: Low
   • Status: Open
   • Created: 1 day ago
   • Update: Not updated

3. Issue #5580: [BUG] Escaping string in dsl function: "Cannot transition token types from STRING [] to VARIABLE [xxxx]"

   • Priority: High
   • Status: Open
   • Created: 1 day ago
   • Update: Not updated

4. Issue #5579: [BUG] -eh options makes nuclei stuck

   • Priority: High
   • Status: Open
   • Created: 1 day ago
   • Update: Not updated

5. Issue #5577: [BUG] Using the timeout parameter results in abnormal termination

   • Priority: Medium
   • Status: Open
   • Created: 1 day ago
   • Update: Not updated

6. Issue #5569: Android(arm64)Not working properly

   • Priority: Medium
   • Status: Open
   • Created: 3 days ago
   • Update: Not updated

7. Issue #5567: [FEATURE] Template Profile Improvements

   • Priority: Low
   • Status: Open
   • Created: 3 days ago
   • Update: Not updated

8. Issue #5566: [FEATURE] Add Integrations or providers for Secrets File

   • Priority: Low
   • Status: Open
   • Created: 3 days ago
   • Update: Not updated

9. Issue #5565: [FEATURE] Support Tamper Scripts via Javascript using passive templates

   • Priority: Low
   • Status: Open
   • Created: 3 days ago
   • Update: Not updated

10. Issue #5564: [BUG] Fix target being skipped due to max-host-error

    • Priority: High
    • Status: Open
    • Created: 3 days ago
    • Update: Edited

Important Observations

• The presence of multiple high-priority bugs indicates potential stability issues that could affect user experience.
• Feature requests are focused on enhancing existing functionalities, such as better support for DNS operations and improved template management.
• There is a noticeable trend towards improving error handling and reporting mechanisms within the tool, which is crucial for user trust and ease of use.

This analysis highlights critical areas that require attention to ensure that Nuclei continues to meet user needs effectively while maintaining robust performance across various use cases.

Report On: Fetch pull requests

Report on Pull Requests

Overview

The project repository for Nuclei has a total of 18 open pull requests (PRs) and a significant history of closed PRs, indicating active development and maintenance. The recent PRs focus on various improvements, bug fixes, and dependency updates, reflecting ongoing efforts to enhance functionality and stability.

Summary of Pull Requests

1. PR #5583: Nuclei - v3.3.2 release prep

   • State: Open
   • Created: 0 days ago
   • Significance: This draft PR is preparing for the v3.3.2 release, indicating ongoing enhancements and possibly new features or fixes.

2. PR #5572: chore(deps): bump github.com/projectdiscovery/retryablehttp-go from 1.0.74 to 1.0.75

   • State: Open
   • Created: 2 days ago
   • Significance: Updates a dependency to improve functionality or security.

3. PR #5563: WIP: Openapi input mode bug fixes

   • State: Open
   • Created: 4 days ago
   • Significance: This work-in-progress PR addresses bugs related to OpenAPI input mode, crucial for maintaining compatibility with API specifications.

4. PR #5554: support stop-at-first-match for network templates

   • State: Open
   • Created: 6 days ago
   • Significance: Implements a feature that enhances the efficiency of network templates by stopping at the first match, reducing unnecessary processing.

5. PR #5545: feat(headless): add ActionWaitDialog type

   • State: Open
   • Created: 9 days ago
   • Significance: Introduces a new action type for headless operations, expanding the capabilities of the tool in automated testing scenarios.

6. PR #5243: Add ncat command to replicate raw request

   • State: Open
   • Created: 89 days ago
   • Significance: This PR adds functionality to replicate raw requests using ncat, enhancing testing capabilities.

7. PR #4723: feat: first implementation of global matchers

   • State: Open
   • Created: 207 days ago
   • Significance: Introduces global matchers that allow for broader detection capabilities across multiple templates.

8. PR #5515: fix findGlobPathMatches

   • State: Open
   • Created: 16 days ago
   • Significance: Addresses issues with path matching in templates, crucial for accurate template execution.

9. PR #5421: Add more support for fs.FS in template parsing

   • State: Open
   • Created: 39 days ago
   • Significance: Enhances template parsing capabilities by adding support for file system interfaces.

10. PR #5370: disable non-default templates as default

    • State: Open
    • Created: 55 days ago
    • Significance: Aims to streamline template usage by disabling non-default templates unless explicitly specified.

11. Various other PRs related to dependency updates and minor fixes (e.g., PRs #5538, #5537, etc.) that reflect routine maintenance and improvements in code quality.

Analysis of Pull Requests

The current landscape of pull requests within the Nuclei project highlights several key themes:

Active Maintenance and Feature Development

The presence of numerous open PRs indicates a vibrant development cycle, with contributors actively working on both new features (such as the ActionWaitDialog type and global matchers) and critical bug fixes (like those addressing OpenAPI input mode). This dual focus on enhancement and stability is vital for maintaining user trust and software reliability.

Dependency Management

A significant number of recent PRs involve updating dependencies (e.g., retryablehttp-go, gologger). This reflects an awareness of the importance of keeping dependencies current to mitigate security risks and leverage improvements from upstream libraries. Regular updates are essential in modern software development to ensure compatibility with other components and frameworks.

Community Engagement

The variety of contributors involved in these PRs suggests a healthy community around the project. Contributions from different developers not only bring diverse perspectives but also foster collaboration that can lead to innovative solutions and enhancements.

Long-standing Issues

Some older PRs (like #4723 regarding global matchers) indicate ongoing discussions about implementing complex features that may require more extensive testing or integration efforts before merging. The delay in merging these could suggest challenges in achieving consensus on design or implementation strategies among maintainers.

Recent Merges vs. Activity Levels

While there is a high volume of open PRs, it is essential to monitor how many are being merged regularly. The frequency of merges can serve as an indicator of project health; if many PRs remain open without merging, it may signal resource constraints or prioritization issues within the team.

Quality Assurance

Several PRs include references to tests or documentation updates, which are critical for maintaining code quality as new features are added or existing ones modified. Ensuring that tests accompany changes helps prevent regressions and maintains confidence in the software's functionality.

Conclusion

Overall, the Nuclei project appears to be in a robust state of development with active contributions focused on both enhancing features and maintaining stability through dependency management and bug fixes. However, attention should be given to older PRs that may need resolution or further discussion to ensure they do not hinder progress on newer initiatives.

Report On: Fetch commits

Repo Commits Analysis

Development Team and Recent Activity

Team Members:

1. Dwi Siswanto (dwisiswant0)

   • Recent activity includes implementing a conditional panic-recover strategy, refactoring code to use mapsutil.Map, and adding various features related to headless actions. Collaborated with Dogan Can Bakir on multiple features and bug fixes.
   • Total: 19 commits, 866 changes across 29 files.

2. Dogan Can Bakir (dogancanbakir)

   • Focused on fixing issues related to the -ms option for scanning non-accessible hosts, improving error logging, and adding integration tests. Also involved in minor lint fixes and dependency updates.
   • Total: 13 commits, 332 changes across 20 files.

3. Peter Dave Hello (PeterDaveHello)

   • Made a single commit to remove a conflicting option in the Dockerfile.
   • Total: 1 commit, 2 changes across 1 file.

4. Dependabot[bot]

   • Actively managing dependency updates with a total of 25 commits focused on bumping various Go module versions.
   • Total: 25 commits, 225 changes across 2 files.

5. Mzack9999

   • Involved in merging pull requests and making minor fixes, including addressing a race condition and upgrading GitLab integration.
   • Total: 4 commits, 220 changes across 8 files.

6. AdallomRoy

   • Contributed to upgrading GitLab with a single commit.
   • Total: 1 commit, 31 changes across 3 files.

7. Ice3man543

   • Made one commit related to fuzzing enhancements.
   • Total: 1 commit, 13 changes across 1 file.

8. Sandeep Singh (ehsandeep)

   • Involved in minor version updates and documentation improvements.
   • Total: 2 commits, 9 changes across 4 files.

9. Tarun Koyalwar (tarunKoyalwar)

   • Focused on bug fixes related to OpenAPI and fuzzing enhancements, as well as implementing new features for network templates.
   • Total: 6 commits, 359 changes across 24 files.

10. Tryfon Papatriantafyllou (trypa11)

    • Contributed bug fixes related to OpenAPI templates.
    • Total: 2 commits, 64 changes across 6 files.

11. Ramana Reddy (RamanaReddy0M)

    • Worked on several features including support for multiple auth strategies and fixing bugs in the OpenAPI generator.
    • Total: 4 commits, 212 changes across 13 files.

12. Ghost

    • Contributed with one commit focused on auto-generating syntax documentation.
    • Total: 1 commit, 135 changes across 3 files.

13. Mrschyte (Peter Kasza)

    • Made a minor fix regarding the FileAuthProvider.
    • Total: 1 commit, 3 changes across 1 file.

14. Alban Stourbe (alban-stourbe-wmx)

    • Contributed by adding workflows for SDK scanning.
    • Total: 1 commit, 7 changes across 1 file.

15. Mohammed Diaa (mhmdiaa)

    • Worked on input transformation for multi-protocol templates.
    • Total: 1 commit, 133 changes across 11 files.

Patterns and Themes:

• The team is actively engaged in both feature development and bug fixing, with a notable focus on improving error handling and enhancing existing functionalities.
• Dwi Siswanto is particularly active in refactoring efforts and implementing new features while collaborating closely with Dogan Can Bakir on several tasks.
• Dependabot plays a crucial role in maintaining the project's dependencies, ensuring that the codebase remains up-to-date with the latest libraries.
• The contributions from various team members indicate a collaborative environment where multiple aspects of the project are being addressed simultaneously.
• There is an ongoing effort to improve testing coverage through integration tests and unit tests as seen in recent commits by multiple developers.

Conclusion:

The development team demonstrates strong collaboration and active contributions towards enhancing the Nuclei project through both feature additions and maintenance tasks. The focus on robust error handling and dependency management reflects a commitment to quality and stability within the software project.