This update helps you catch more issues before launch with new security coverage, broader framework and service detection, and clearer results in the terminal.
New Capabilities
Dependency vulnerability scanning is now available during scans, with stack-aware checks that run the right audit tool for your project. Results include guidance when a required auditing tool is not installed, so you can get to a clean bill of health faster.
IndexNow support is now built in during setup and scanning. Preflight can detect existing key files, validate setup more flexibly when multiple keys are present, and provide clearer guidance when your configuration does not match what it finds.
Ads support is now available as an opt-in check during setup. Preflight also verifies that key web standards files are not just present, but contain content, so empty placeholders do not accidentally pass.
Quality of Life
Framework and stack detection is broader and more informative. Preflight can now recognize more frontend frameworks, more CMS and site generators, and it shows friendly stack names plus detected versions where supported.
Service detection is more accurate and more complete. Preflight now scans the full codebase across common file types, reduces false positives by relying on more specific patterns, and can fetch a limited set of external scripts to identify analytics that load from third-party URLs.
Security header checks are clearer and more actionable. Results display on separate lines, report production and staging status side by side, and skip HSTS checks on non-HTTPS URLs to avoid misleading failures.
Web standards and asset discovery is more reliable across different project layouts. Preflight searches common web root directories and subdirectories, supports more image formats for apple-touch-icon detection, and improves detection for icons and sitemap generation.
Output formatting is easier to read, with clearer spacing and categories, including dedicated sections for dependency vulnerabilities and IndexNow. Detected services are now sorted alphabetically and shown with friendly names, and local URL checks can try both HTTP and HTTPS where appropriate.