In dev checkouts where submodules are built in the repo root rather than
vendored into hate_path, OMEN binaries were not found. Introduces _omen_dir
that checks hate_path/omen first and falls back to the repo root omen dir.
Also removes vendor-assets from install/update targets and drops vendored
submodule paths from pyproject.toml package data.
- Remove 6 duplicate per-version pytest workflows (matrix build covers all)
- Pin GitHub Actions to SHA hashes with version comments
- Add persist-credentials: false to checkout steps
- Replace mypy with ty for type checking (faster, stricter)
- Pin dev deps to exact versions (ty==0.0.17, ruff==0.15.1, pytest==9.0.2, pytest-cov==7.0.0)
- Remove types-* stub packages (ty doesn't need them)
- Remove stale [dependency-groups] section from pyproject.toml
- Update shell scripts to use set -euo pipefail
- Add prek.toml for git hook management (pre-push, post-commit)
- Add lint-infra.yml workflow (shellcheck + actionlint)
- Fix actionlint warning: pass github.head_ref through env var
- Track CLAUDE.md and .claude/ scripts in git
- Update README.md and Makefile references from mypy to ty
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add ability to fine-tune PassGPT models on custom password wordlists.
Models save locally to ~/.hate_crack/passgpt/ with no data uploaded to
HuggingFace (push_to_hub=False, HF_HUB_DISABLE_TELEMETRY=1). The
PassGPT menu now shows available models (default + local fine-tuned)
and a training option. Adds datasets to [ml] deps and passgptTrainingList
config key.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add PassGPT as attack mode 17, using a GPT-2 model trained on leaked
password datasets to generate candidate passwords. The generator pipes
candidates to hashcat via stdin, matching the existing OMEN pipe pattern.
- Add standalone generator module (python -m hate_crack.passgpt_generate)
- Add [ml] optional dependency group (torch, transformers)
- Add config keys: passgptModel, passgptMaxCandidates, passgptBatchSize
- Wire up menu entries in main.py, attacks.py, and hate_crack.py
- Auto-detect GPU (CUDA/MPS) with CPU fallback
- Add unit tests for pipe construction, handler, and ML deps check
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace hardcoded version with setuptools-scm so the version updates
automatically from git tags. The ASCII banner strips the dirty date
suffix but preserves the git node hash.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add HashcatRosetta and hashcat-utils to mypy exclude patterns in pyproject.toml
- Update .github/workflows/mypy.yml to exclude submodule directories
- Update pre-push hook to exclude submodules and use consistent mypy flags
- Set ignore_missing_imports=true to handle external dependencies gracefully
- Ensure pre-push hook permissions are set correctly (executable)
Fixes mypy check failures caused by missing hashcat_rosetta.formatting stub.
- Add server reachability check before attempting connection
- Test skips if Hashview server is not available on localhost:5000
- Prevents test failures when HASHVIEW_TEST_REAL env var is set but server isn't running
- Allows test to succeed when Docker/server is available and configured
- Add optional [dev] dependency group with mypy, ruff, pytest, and type stubs
- Include types-requests, types-beautifulsoup4, and types-openpyxl
- Add mypy config to exclude submodule directories
- Update GitHub workflow to install with optional dev dependencies
- Remove --ignore-missing-imports flag from mypy for stricter type checking
