v3.7.1

[dogancanbakir]

Proposed changes

closes #6974

Proof

Checklist

• Pull request is created against the dev branch
• All checks passed (lint, unit/integration/regression tests etc.) with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Incremental review: analyzed only the delta between commit 51205f8 and 884d0b5
• Changes limited to dependency manifest files (go.mod, go.sum) - no application code modified
• Dependency updates include toolchain bump (go1.24.4) and various transitive dependency version updates
• All security scanners (TruffleHog, Semgrep, ast-grep) returned zero findings
• No new attack surface introduced - dependency version bumps only

Hardening Notes

• Monitor release notes for updated dependencies to ensure no security advisories are published
• The v3.7.1 release has been thoroughly reviewed across 7 previous commits with no exploitable vulnerabilities identified

_{Comment @neo help for available commands. · Open in Neo}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 226e04b1-4762-4631-bab5-e17fb51a891f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dogancanbakir]

@neo create an issue for this PR to track the new version release

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@dogancanbakir I'll create an issue to track the v3.7.1 release for this PR.

---

🏁 Script executed:

#!/bin/bash
# Create a GitHub issue to track the v3.7.1 release
gh issue create \
  --title "Track v3.7.1 Release" \
  --body "This issue tracks the v3.7.1 release.

Related PR: https://github.com/projectdiscovery/nuclei/pull/7034

Requested by: `@dogancanbakir`" \
  --assignee dogancanbakir

Length of output: 54

---

@dogancanbakir I've created issue #7035 to track the v3.7.1 release for this PR.

[neo-by-projectdiscovery-dev]

@dogancanbakir Created issue #7036 to track the v3.7.1 release

Check it out here: #7036

[neo]

@dogancanbakir could you please come up with a better name for the bot and stop tagging me?

[dogancanbakir]

@neo my bad!

[neo-by-projectdiscovery-dev]

💡 Question

What should I investigate about PR #7034?

Answer

No worries! I previously reviewed PR #7034 (v3.7.1 release) and didn't find any security vulnerabilities. To help you better, could you clarify what you'd like me to investigate?

---

💬 Follow-up questions:

• @neo investigate @neo investigate the dependency updates in go.mod
• @neo investigate @neo investigate file [specific-file-path]
• @neo investigate @neo investigate the changes in pkg/protocols/
• @neo investigate @neo investigate issue #6974

[dwisiswant0]

Please don't push to the default HEAD branch directly (10421e9 & 0b9665d). Those kind of fixes are queued in #7018.

[dogancanbakir]

@dwisiswant0 reverted changes here so we can merge this without pain #7018 (test fail)

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.