Skip to content

graphify

v0.7.8 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 28d RAG & Retrieval
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

antigravity claude-code codex gemini graphrag knowledge-graph
+5 more
leiden openclaw llm skills tree-sitter

Summary

AI summary

Added Gemini and OpenAI backend support, Groovy/Spock handling, Luau parsing, Markdown structural extraction, extended file‑type sync, and improved TypeScript import resolution.

Full changelog

What's new

  • Gemini + OpenAI backendsgraphify extract ./docs --backend gemini (GEMINI_API_KEY / GOOGLE_API_KEY) or --backend openai (OPENAI_API_KEY); pip install graphifyy[gemini] / graphifyy[openai]
  • Groovy + Spock support.groovy and .gradle via tree-sitter-groovy; Spock def "feature"() syntax handled via regex fallback
  • Luau support.luau (Roblox Luau) extracted using the Lua parser
  • Markdown structural extraction — headings, code blocks, and nesting hierarchy extracted as graph nodes from .md/.mdx files (zero new deps)
  • collect_files() extension sync — 18 extensions (.sql, .vue, .svelte, .jsx, .ex, .jl, etc.) were silently skipped in skill-mode extraction; now auto-syncs with _DISPATCH
  • TS import resolution — bare-path, .svelte.ts, .svelte.js, index.ts directory, and multi-dot imports now resolve correctly

Bug fixes

  • cluster-only now loads and saves .graphify_labels.json — human labels survive re-clustering (#744)
  • graphify export wiki fails fast (exit 1) when .graphify_analysis.json is missing — prevents silent wiki deletion (#746)
  • detect_incremental forwards follow_symlinks — symlinked subtrees no longer vanish on --update (#736)
  • Ollama import error now says "Ollama" and points to pip install openai (#750)
  • hooks.py path execution validates scripts are within repo root — closes supply-chain attack vector (#747)

Upgrade

uv tool upgrade graphifyy
pip install --upgrade graphifyy

Security Fixes

  • hooks.py execution now validates scripts are within repo root — closes supply‑chain attack vector (#747)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track graphify

Get notified when new releases ship.

Sign up free

About graphify

AI coding assistant skill (Claude Code, Codex, OpenCode, Cursor, Gemini CLI, OpenClaw, Factory Droid, Trae). Turn any folder of code, docs, papers, images, videos, or YouTube links into a queryable knowledge graph

All releases →

Related context

Earlier breaking changes

  • v0.8.18 Breaks Java `extends` edges; they are renamed to `inherits`. Update queries filtering on `relation="extends"` for Java nodes.

Beta — feedback welcome: [email protected]