Filigran XTM Browser Extension v0.0.21
Added
Local PDF File Support: Extension can now scan local PDF files opened via file:// protocol when "Allow access to file URLs" is enabled in browser extension settings
Fixed
AI Configuration Detection: Fixed AI settings always showing as unconfigured in the popup due to reading the wrong property key (aiSettings instead of ai)
Close Button in Floating Mode: The panel close button now properly hides the floating panel by sending XTM_CLOSE_PANEL to the parent content script
PDF Highlight Click: Clicking a highlighted entity in the PDF scanner no longer inadvertently closes the panel (added stopPropagation)
PDF Background Click Selector: Fixed incorrect CSS selector in the PDF scanner that prevented proper click-outside-to-close behavior
Theme Default Consistency: Aligned the default theme between storage.ts and settings.ts to 'dark'
Stale PDF URL in Message Handler: Fixed XTM_GET_PDF_CONTENT handler using a potentially stale closure instead of the ref
Missing Error Handling: Added .catch() to clearHighlights sendMessage call to prevent unhandled promise rejections
Payload Validation: Added Array.isArray() check for ADD_AI_ENTITIES_TO_PDF payload to prevent runtime errors on malformed messages
useEffect Dependency: Fixed scanAndShowPanelRef sync effect running on every render instead of only when dependencies change
Changed
Deduplicated Entity Value Extraction: Replaced inline entity value extraction patterns across PDF scanner components with the shared getEntityValue() helper
Redundant Code Cleanup: Removed redundant platformId || platformId assignments in panel and entity views

Filigran XTM Browser Extension v0.0.20
Added
Inline Entity Editing: Scan result entities can now be edited directly in the results list. Click the pencil icon to modify the entity name/value and type (e.g., change "Salvador" to "El Salvador" and "City" to "Country"). Includes a "Reset to default" button to revert to the originally detected values
Editable Selected Text: The "Add to scan results" view now allows editing the selected text before adding it as an entity, instead of displaying it as read-only
Expanded Entity Type Selection: Added "City" and "Region" to the selectable entity types for manual entity creation and inline editing
URL Auto-Protocol: Platform URLs without a protocol prefix now automatically get https:// prepended during normalization, preventing connection failures from missing protocol (#37)
Changed
Resizable Description Field: The container description text area now auto-grows with content (from 4 to 16 rows) instead of being fixed at 4 rows, making it easier to review and modify longer descriptions (#56)
OpenAI Model Compatibility: The AI client now correctly handles different OpenAI model generations — legacy models (GPT-3.5, GPT-4) use max_tokens, modern models (GPT-4o, o-series) use max_completion_tokens, and reasoning models (o1, o3) skip the unsupported temperature parameter (#32)
Custom AI Provider Setup: Custom AI provider no longer requires the model name at configuration time; validation is deferred to generation time. Test connection now properly sends the custom base URL and model for accurate endpoint validation
Fixed
AI Entity Extraction on PDFs: Fixed AI-extracted entities from PDFs not displaying or being integrated into the entity list (#31). The panel was gating entity addition on DOM highlighting success, which always fails for PDFs since text is canvas-rendered. AI entities are now directly added to the list and broadcast to the PDF scanner for canvas-based highlighting
URL Trailing Punctuation: URLs and domain names no longer include trailing full stops, commas, or other sentence punctuation that was incorrectly captured from surrounding text (e.g., https://example.com. at the end of a sentence is now correctly detected as https://example.com) (#56)
URL Normalization: Consolidated scattered URL normalization logic (trailing slash removal, whitespace trimming) into a shared normalizeUrl() utility used across platform clients, options page, setup wizard, and entity URL builder (#37)
Panel Scrolling: Fixed panel content area not scrolling properly in certain views by changing overflow behavior from hidden to auto

Filigran XTM Browser Extension v0.0.19
Added
New TLD Support: Added .me and .company TLDs for domain detection, enabling detection of domains like example[.]me and example[.]company commonly seen in threat intel reports
Fixed
IOC List Highlighting: Fixed partial highlighting of defanged observables in IOC lists (e.g., on threat intel blog posts). When multiple observables exist in the same text node, all occurrences are now properly highlighted. The fix deduplicates matches by position, sorts for proper DOM traversal order, and applies highlights from end to start to prevent node reference invalidation
First IOC Not Highlighted: Fixed first domain in IOC lists not being highlighted when preceded by a sentence ending with a period (e.g., "Sinkholed by MSTIC." followed by "sopatrasoftware[.]net"). The boundary checker now correctly recognizes DOM text node boundaries, so punctuation from a previous paragraph doesn't incorrectly reject the first item as being "inside an identifier"
PDF IOC Highlighting: Applied same highlighting fix to PDF scanner for consistent behavior when multiple entities appear in the same text region
URL Path File Detection: Fixed incorrect detection of filenames at the end of URLs (e.g., public-index.7162a3fd.js in hxxps://account.proton.me/assets/static/public-index.7162a3fd.js). Files following a / in a URL path are no longer detected as separate entities

Filigran XTM Browser Extension v0.0.18
Changed
Scenario Creation UX: After clicking "Generate Scenario with AI", users are now redirected to step 2 (inject selection) instead of being stuck on step 1
Fixed
Panel Mode Cancel Button: Fixed "Cancel" button not working in Create Scenario when using panel mode
AI Inject Selection: Fixed "Select using AI" button in Create Scenario not selecting any injects. The AI prompt now properly includes attack pattern IDs and available inject information for accurate matching