legion (0.7.0-0) UNRELEASED; urgency=medium

  * Continue the web-first replatform by splitting routes into domain modules,
    adding service/schema boundaries, and shrinking the monolithic WebRuntime
    into focused runtime modules for projects, scans, scheduler, workspace,
    graph, reports, artifacts, processes, and settings.
  * Harden high-risk execution and control paths, including bind-all handling,
    public tool execution, approval idempotency, MCP state contracts, and local
    secret-store backed provider credential storage.
  * Improve project bundle export/restore fidelity, restore staging, restored
    path rebasing, artifact handling, and damaged legacy project behavior.
  * Add service/open-port filtering, graph filtering tied to host filters,
    service port visibility, stronger OS enrichment, and expanded device
    categorization for phone and out-of-band management systems.
  * Add bundled pipettes for Cisco Smart Install, internal SMTP/SPF review,
    Windows SMB/RDP discovery, and IPMI/iDRAC/iLO discovery.
  * Improve Nmap output isolation, screenshot target handling, process/tool
    execution paths, artifact cleanup, Responder/NTLMRelay workspace handling,
    and cross-surface regression coverage.

 -- Shane Scott <sscott@shanewilliamscott.com>  Wed, 29 Apr 2026 18:27:37 -0500

legion (0.6.0-0) UNRELEASED; urgency=medium

  * Promote the web UI to the primary operator workflow while keeping the shared
    orchestrator, approvals, reporting, and graph/state pipeline aligned across
    web, headless, MCP, and remaining Qt compatibility paths.
  * Add normalized scheduler models, engagement policies, richer approvals, and
    a larger governed action registry covering deeper web follow-up and safer
    internal enumeration.
  * Add shared target-state persistence, local evidence graphing, graph export,
    graph-backed reporting, and a richer browser graph workspace.
  * Expand MCP/API coverage, optional runner support, strategy-pack planning,
    regression corpus coverage, and scan/execution auditability.
  * Harden web execution and operator UX with better Nmap/Nuclei normalization,
    duplicate suppression, scheme-aware targeting, screenshot reliability, retry
    by intent, workspace restore fixes, and updated web-first documentation.

 -- Shane Scott <sscott@shanewilliamscott.com>  Thu, 19 Mar 2026 09:10:00 -0500

legion (0.5.2-0) UNRELEASED; urgency=medium

  * Standardize OS detection and icons across the Hosts/OS tabs with a shared classifier.
  * Add the OS tab and per-status process filters/run-time column for better workflow visibility.
  * Fix manual port add/delete routines so they work for hostname entries.
  * Refresh snmpbrute.py for modern Python to resolve bytes vs str errors.
  * Add a dedicated Responder / Relay tab with live output and stop/start controls.
  * Parse/store captured hashes and relayed credentials in-project with per-host review support.
  * Harden SQLite operations with integrity checks, backups, and repair tooling.
  * Expand smoke tests for import, save/load, and credential workflows (including headless Qt usage in CI).
  * Easy mode now defaults host discovery to -Pn and adds Stealth (-sS) and Include UDP toggles.
  * Add Broad RFC1918 Discovery (Balanced) with selectable sample sizes (16/32/64/128), automatic RFC1918 defaults (10/8, 172.16/12, 192.168/16), and controlled canary/full chunking for progressive imports on large ranges.
  * Default Hard mode Port Scan Option to TCP SYN (-sS).
  * Improve process/database hardening for shutdown/load edge cases, descriptor pressure, and transient SQLite open failures.

 -- Shane Scott <sscott@shanewilliamscott.com>  Wed, 11 Feb 2026 10:12:00 -0600

legion (0.5.0-0) UNRELEASED; urgency=medium

  * Harden Nmap importer host/port lookups so staged scans no longer crash when data is missing.
  * Wrap raw SQL statements in SQLAlchemy text() helpers to prevent CVE refresh failures.
  * Improve importer logging and edge-case handling for long-running scan workflows.

 -- Shane Scott <sscott@shanewilliamscott.com>  Thu, 09 Oct 2025 19:30:00 -0500

legion (0.4.9-0) UNRELEASED; urgency=medium

  * Prefer hostnames for automated screenshots (fallback to IP)
  * Add right-click Save/export for tool tabs (text & screenshots)
  * Process list shows only core columns with improved layout
  * Fix tab restoration, Tools dedupe, and crash handling safeguards

 -- Shane Scott <sscott@shanewilliamscott.com>  Wed, 08 Oct 2025 18:59:51 -0500

legion (0.4.0-0) UNRELEASED; urgency=medium

  * Refactored to Python 3.8+
  * Refactored to PyQt 6
  * Database calls migrated to sessions (dramatically improves performance, reliability and huge memory reductions)
  * Refactored Logging
  * General cleanup
  * Screenshot tool revised to use PhantomJs webdriver (other webdrivers coming soon)
  * Simplify startup scripts, dependancy installations scripts, etc
  * Eliminate support for distributions other than Kali 2022 and later or Ubuntu 20.04 or later
  * Improved WSL support (handling of path conversions for calling the Windows NMAP installation from the program)

 -- Shane Scott <sscot@shanewilliamscott.com>  Thur, 09 Nov 2023 19:04:55 -0600

legion (0.4.1-0) UNRELEASED; urgency=medium

  * Add checkXserver.sh to help users troubleshoot connections to X
  * Fix a few missing dependencies

 -- Shane Scott <sscot@shanewilliamscott.com>  Thur, 13 Nov 2023 10:54:55 -0600

legion (0.4.2-0) UNRELEASED; urgency=medium

  * Tweak the screenshooter to use eyewitness as suggested by daniruiz
  * Add a Wsl check before running unixPath2Win
  * Include Revision by daniruiz to tempPath creation routine
  * Revise to monospaced font to improve readability as suggested by daniruiz
  * Revise dependancies to resolve missing PhantomJs import
  * Set log level to Info
  * Eliminate some temporary code, debug lines, and other cleanup
  * Revise screenshooter to use schema://ip:port when url is a single node
  * Fix typo in startLegion.sh

 -- Shane Scott <sscot@shanewilliamscott.com>  Mon, 20 Nov 2023 12:50:55 -0600

legion (0.4.7-0) UNRELEASED; urgency=medium

  * Fix Unix/Windows path problem
  * Rollback Selenkum to aboid breaking eyewitness

 -- Shane Scott <sscott@shanewilliamscott.com>  Tue, 04 Sep 2025 14:25:39 -0500

legion (0.4.8-0) UNRELEASED; urgency=medium

  * Restore tool tab state correctly when re-opening sessions and deduplicate Tools tab entries
  * Replace failed screenshot loads with a placeholder image to avoid popup dialogs
  * Add opt-in IPv6 scanning with incompatible flag filtering and automatic connectivity fallback
  * Streamline process table by hiding unused columns for a cleaner view
  * Add context-menu save support for tool results and screenshots
  * Prefer hostnames for automated screenshots when available (fallback to IP)

 -- Shane Scott <sscott@shanewilliamscott.com>  Wed, 08 Oct 2025 18:08:21 -0500

legion (0.4.6-0) UNRELEASED; urgency=medium

  * Dockerfiles updated
  * Dependancies for Eyewitness (mainly geckodriver and xvfb) will be checked
    and installed
  * Minor fixes related to data structures

 -- Shane Scott <sscott@shanewilliamscott.com>  Tue, 04 Sep 2025 11:25:39 -0500

legion (0.4.5-0) UNRELEASED; urgency=medium

  * Added CLI (headless) mode: Run Legion without a GUI for automation and scripting. Supports input/output files, discovery scans, staged scans, and automated actions.
  * Introduced MCP (Model Context Protocol) server: Enables programmatic and AI integration with Legion via JSON-RPC. The MCP server exposes tools such as project listing and automated discovery scans, returning structured results for external consumption. See README for detailed usage and examples.

 -- Shane Scott <sscott@shanewilliamscott.com>  Tue, 03 Sep 2025 20:40:39 -0500

legion (0.4.4-0) UNRELEASED; urgency=medium

  * Major overhaul of screenshotting subsystem: asynchronous operation, EyeWitness integration, deterministic filenames, and UI improvements for screenshot management.
  * Enhanced CVE mapping: CVEs now include ExploitDB IDs and direct links, with improved association to services and hosts.
  * Numerous quality of life improvements: better context menus, tab management, error handling, configurability, and expanded test coverage.

 -- Shane Scott <sscott@shanewilliamscott.com>  Tue, 03 Sep 2025 13:33:00 -0500

legion (0.4.3-0) UNRELEASED; urgency=medium

  * Revise NMAP import process
  * Fix import progress calculations
  * Doubleckick to copy hostname (Linux only)
  * Script to generate huge bogus NMAP XML imports for testing.

 -- Shane Scott <sscott@shanewilliamscott.com> Mon, 20 Nov 2023 19:17:00 -0600
