FuzzingLabs
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 49 additions & 16 deletions b/‎.github/workflows/test.yml‎
Lines changed: 49 additions & 16 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 0 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎ai/src/fuzzforge_ai/agent_executor.py‎
Lines changed: 0 additions & 12 deletions b/‎ai/src/fuzzforge_ai/agent_executor.py‎
Lines changed: 0 additions & 12 deletions
diff --git a/‎backend/mcp-config.json‎
Lines changed: 0 additions & 1 deletion b/‎backend/mcp-config.json‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎backend/src/main.py‎
Lines changed: 1 addition & 15 deletions b/‎backend/src/main.py‎
Lines changed: 1 addition & 15 deletions
diff --git a/‎backend/src/models/findings.py‎
Lines changed: 1 addition & 5 deletions b/‎backend/src/models/findings.py‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎backend/toolbox/workflows/atheris_fuzzing/metadata.yaml‎
Lines changed: 0 additions & 5 deletions b/‎backend/toolbox/workflows/atheris_fuzzing/metadata.yaml‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎backend/toolbox/workflows/cargo_fuzzing/metadata.yaml‎
Lines changed: 0 additions & 6 deletions b/‎backend/toolbox/workflows/cargo_fuzzing/metadata.yaml‎
Lines changed: 0 additions & 6 deletions
diff --git a/‎backend/toolbox/workflows/gitleaks_detection/metadata.yaml‎
Lines changed: 0 additions & 8 deletions b/‎backend/toolbox/workflows/gitleaks_detection/metadata.yaml‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎backend/toolbox/workflows/llm_analysis/metadata.yaml‎
Lines changed: 0 additions & 6 deletions b/‎backend/toolbox/workflows/llm_analysis/metadata.yaml‎
Lines changed: 0 additions & 6 deletions
@@ -26,30 +26,62 @@ jobs:
         with:
           fetch-depth: 0  # Fetch all history for proper diff
 
-      - name: Check if workers were modified
+      - name: Check which workers were modified
         id: check-workers
         run: |
           if [ "${{ github.event_name }}" == "pull_request" ]; then
             # For PRs, check changed files
             CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD)
             echo "Changed files:"
             echo "$CHANGED_FILES"
-
-            if echo "$CHANGED_FILES" | grep -q "^workers/\|^docker-compose.yml"; then
-              echo "workers_modified=true" >> $GITHUB_OUTPUT
-              echo "✅ Workers or docker-compose.yml modified - will build"
-            else
-              echo "workers_modified=false" >> $GITHUB_OUTPUT
-              echo "⏭️  No worker changes detected - skipping build"
-            fi
           else
             # For direct pushes, check last commit
             CHANGED_FILES=$(git diff --name-only HEAD~1 HEAD)
-            if echo "$CHANGED_FILES" | grep -q "^workers/\|^docker-compose.yml"; then
-              echo "workers_modified=true" >> $GITHUB_OUTPUT
-            else
-              echo "workers_modified=false" >> $GITHUB_OUTPUT
-            fi
+          fi
+
+          # Check if docker-compose.yml changed (build all workers)
+          if echo "$CHANGED_FILES" | grep -q "^docker-compose.yml"; then
+            echo "workers_to_build=worker-python worker-secrets worker-rust worker-android worker-ossfuzz" >> $GITHUB_OUTPUT
+            echo "workers_modified=true" >> $GITHUB_OUTPUT
+            echo "✅ docker-compose.yml modified - building all workers"
+            exit 0
+          fi
+
+          # Detect which specific workers changed
+          WORKERS_TO_BUILD=""
+
+          if echo "$CHANGED_FILES" | grep -q "^workers/python/"; then
+            WORKERS_TO_BUILD="$WORKERS_TO_BUILD worker-python"
+            echo "✅ Python worker modified"
+          fi
+
+          if echo "$CHANGED_FILES" | grep -q "^workers/secrets/"; then
+            WORKERS_TO_BUILD="$WORKERS_TO_BUILD worker-secrets"
+            echo "✅ Secrets worker modified"
+          fi
+
+          if echo "$CHANGED_FILES" | grep -q "^workers/rust/"; then
+            WORKERS_TO_BUILD="$WORKERS_TO_BUILD worker-rust"
+            echo "✅ Rust worker modified"
+          fi
+
+          if echo "$CHANGED_FILES" | grep -q "^workers/android/"; then
+            WORKERS_TO_BUILD="$WORKERS_TO_BUILD worker-android"
+            echo "✅ Android worker modified"
+          fi
+
+          if echo "$CHANGED_FILES" | grep -q "^workers/ossfuzz/"; then
+            WORKERS_TO_BUILD="$WORKERS_TO_BUILD worker-ossfuzz"
+            echo "✅ OSS-Fuzz worker modified"
+          fi
+
+          if [ -z "$WORKERS_TO_BUILD" ]; then
+            echo "workers_modified=false" >> $GITHUB_OUTPUT
+            echo "⏭️  No worker changes detected - skipping build"
+          else
+            echo "workers_to_build=$WORKERS_TO_BUILD" >> $GITHUB_OUTPUT
+            echo "workers_modified=true" >> $GITHUB_OUTPUT
+            echo "Building workers:$WORKERS_TO_BUILD"
           fi
 
       - name: Set up Docker Buildx
@@ -59,8 +91,9 @@ jobs:
       - name: Build worker images
         if: steps.check-workers.outputs.workers_modified == 'true'
         run: |
-          echo "Building worker Docker images..."
-          docker compose build worker-python worker-secrets worker-rust worker-android worker-ossfuzz --no-cache
+          WORKERS="${{ steps.check-workers.outputs.workers_to_build }}"
+          echo "Building worker Docker images: $WORKERS"
+          docker compose build $WORKERS --no-cache
         continue-on-error: false
 
   lint:
 
@@ -40,7 +40,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 #### Documentation
 - Updated README for Temporal + MinIO architecture
-- Removed obsolete `volume_mode` references across all documentation
 - Added `.env` configuration guide for AI agent API keys
 - Fixed worker startup instructions with correct service names
 - Updated docker compose commands to modern syntax
 
@@ -831,20 +831,9 @@ async def list_fuzzforge_runs(
             async def submit_security_scan_mcp(
                 workflow_name: str,
                 target_path: str = "",
-                volume_mode: str = "",
                 parameters: Dict[str, Any] | None = None,
                 tool_context: ToolContext | None = None,
             ) -> Any:
-                # Normalise volume mode to supported values
-                normalised_mode = (volume_mode or "ro").strip().lower().replace("-", "_")
-                if normalised_mode in {"read_only", "readonly", "ro"}:
-                    normalised_mode = "ro"
-                elif normalised_mode in {"read_write", "readwrite", "rw"}:
-                    normalised_mode = "rw"
-                else:
-                    # Fall back to read-only if we can't recognise the input
-                    normalised_mode = "ro"
-
                 # Resolve the target path to an absolute path for validation
                 resolved_path = target_path or "."
                 try:
@@ -883,7 +872,6 @@ async def submit_security_scan_mcp(
                 payload = {
                     "workflow_name": workflow_name,
                     "target_path": resolved_path,
-                    "volume_mode": normalised_mode,
                     "parameters": cleaned_parameters,
                 }
                 result = await _call_fuzzforge_mcp("submit_security_scan_mcp", payload)
 
@@ -22,7 +22,6 @@
         "parameters": {
           "workflow_name": "string",
           "target_path": "string",
-          "volume_mode": "string (ro|rw)",
           "parameters": "object"
         }
       },
 
@@ -212,14 +212,6 @@ def _lookup_workflow(workflow_name: str):
     metadata = info.metadata
     defaults = metadata.get("default_parameters", {})
     default_target_path = metadata.get("default_target_path") or defaults.get("target_path")
-    supported_modes = metadata.get("supported_volume_modes") or ["ro", "rw"]
-    if not isinstance(supported_modes, list) or not supported_modes:
-        supported_modes = ["ro", "rw"]
-    default_volume_mode = (
-        metadata.get("default_volume_mode")
-        or defaults.get("volume_mode")
-        or supported_modes[0]
-    )
     return {
         "name": workflow_name,
         "version": metadata.get("version", "0.6.0"),
@@ -229,9 +221,7 @@ def _lookup_workflow(workflow_name: str):
         "parameters": metadata.get("parameters", {}),
         "default_parameters": metadata.get("default_parameters", {}),
         "required_modules": metadata.get("required_modules", []),
-        "supported_volume_modes": supported_modes,
-        "default_target_path": default_target_path,
-        "default_volume_mode": default_volume_mode
+        "default_target_path": default_target_path
     }
 
 
@@ -256,10 +246,6 @@ async def list_workflows_mcp() -> Dict[str, Any]:
             "description": metadata.get("description", ""),
             "author": metadata.get("author"),
             "tags": metadata.get("tags", []),
-            "supported_volume_modes": metadata.get("supported_volume_modes", ["ro", "rw"]),
-            "default_volume_mode": metadata.get("default_volume_mode")
-            or defaults.get("volume_mode")
-            or "ro",
             "default_target_path": metadata.get("default_target_path")
             or defaults.get("target_path")
         })
 
@@ -14,7 +14,7 @@
 # Additional attribution and requirements are provided in the NOTICE file.
 
 from pydantic import BaseModel, Field
-from typing import Dict, Any, Optional, Literal, List
+from typing import Dict, Any, Optional, List
 from datetime import datetime
 
 
@@ -73,10 +73,6 @@ class WorkflowMetadata(BaseModel):
         default_factory=list,
         description="Required module names"
     )
-    supported_volume_modes: List[Literal["ro", "rw"]] = Field(
-        default=["ro", "rw"],
-        description="Supported volume mount modes"
-    )
 
 
 class WorkflowListItem(BaseModel):
 
@@ -16,11 +16,6 @@ tags:
 # - "copy-on-write": Download once, copy for each run (balances performance and isolation)
 workspace_isolation: "isolated"
 
-default_parameters:
-  target_file: null
-  max_iterations: 1000000
-  timeout_seconds: 1800
-
 parameters:
   type: object
   properties:
 
@@ -16,12 +16,6 @@ tags:
 # - "copy-on-write": Download once, copy for each run (balances performance and isolation)
 workspace_isolation: "isolated"
 
-default_parameters:
-  target_name: null
-  max_iterations: 1000000
-  timeout_seconds: 1800
-  sanitizer: "address"
-
 parameters:
   type: object
   properties:
 
@@ -30,13 +30,5 @@ parameters:
       default: false
       description: "Scan files without Git context"
 
-default_parameters:
-  scan_mode: "detect"
-  redact: true
-  no_git: false
-
 required_modules:
   - "gitleaks"
-
-supported_volume_modes:
-  - "ro"
@@ -13,12 +13,6 @@ tags:
 # Workspace isolation mode
 workspace_isolation: "shared"
 
-default_parameters:
-  agent_url: "http://fuzzforge-task-agent:8000/a2a/litellm_agent"
-  llm_model: "gpt-5-mini"
-  llm_provider: "openai"
-  max_files: 5
-
 parameters:
   type: object
   properties:
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,6 @@`
`22`	`22`	`"parameters": {`
`23`	`23`	`"workflow_name": "string",`
`24`	`24`	`"target_path": "string",`
`25`		`- "volume_mode": "string (ro\|rw)",`
`26`	`25`	`"parameters": "object"`
`27`	`26`	`}`
`28`	`27`	`},`