Skip to content

Releases: crowdsecurity/crowdsec

v1.5.3-rc4

01 Aug 06:23
1d5baa6
Compare
Choose a tag to compare
v1.5.3-rc4 Pre-release
Pre-release

Changes

  • scenario labels to map string interface (#2201) @AlteredCoder
  • do not send more than group_threshold alerts at once to a notification plugin (#2264) @mmetc
  • cscli: add G (1e9) suffix to metric units (#2254) @mmetc

New Features

Improvements

Bug Fixes

  • fix the rpm build (#2396) @sabban
  • Fix unit file after modification (#2395) @sabban
  • docker: allow GID with no persistent sqlite db (#2381) @mmetc
  • fix "crowdsec-cli/require" log verbosity (#2390) @mmetc
  • fix a confusing debug message (#2386) @buixor
  • Check cscli preconditions with crowdsec-cli/require package (#2388) @mmetc
  • replace all imports of path with path/filepath (#2330) @mmetc
  • go mod tidy for sentinel plugin (#2377) @blotus
  • fix double push of metrics by properly handling tickers (#2374) @mmetc
  • fix the ci by adding the ability to enforce event ordering (#2347) @sabban
  • add object key in src for S3 acquis (#2342) @blotus
  • Properly match new files on windows when doing file acquisition (#2329) @blotus
  • rename status to state in fire response (#2313) @blotus
  • raise error with invalid 'on_success', 'on_failure' in profile (#2303) @mmetc
  • docker: always merge .yaml.local in conf_get() (#2272) @mmetc
  • Change api_key encoding to base64 to comply with bcrypt max size (#2302) @mmetc
  • fix error message when failing to parse ip address or range (#2292) @mmetc

Chore / Deps

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.3-rc3

31 Jul 13:05
a18df9c
Compare
Choose a tag to compare
v1.5.3-rc3 Pre-release
Pre-release

Changes

  • scenario labels to map string interface (#2201) @AlteredCoder
  • do not send more than group_threshold alerts at once to a notification plugin (#2264) @mmetc
  • cscli: add G (1e9) suffix to metric units (#2254) @mmetc

New Features

Improvements

Bug Fixes

  • docker: allow GID with no persistent sqlite db (#2381) @mmetc
  • fix "crowdsec-cli/require" log verbosity (#2390) @mmetc
  • fix a confusing debug message (#2386) @buixor
  • Check cscli preconditions with crowdsec-cli/require package (#2388) @mmetc
  • replace all imports of path with path/filepath (#2330) @mmetc
  • go mod tidy for sentinel plugin (#2377) @blotus
  • fix double push of metrics by properly handling tickers (#2374) @mmetc
  • fix the ci by adding the ability to enforce event ordering (#2347) @sabban
  • add object key in src for S3 acquis (#2342) @blotus
  • Properly match new files on windows when doing file acquisition (#2329) @blotus
  • rename status to state in fire response (#2313) @blotus
  • raise error with invalid 'on_success', 'on_failure' in profile (#2303) @mmetc
  • docker: always merge .yaml.local in conf_get() (#2272) @mmetc
  • Change api_key encoding to base64 to comply with bcrypt max size (#2302) @mmetc
  • fix error message when failing to parse ip address or range (#2292) @mmetc

Chore / Deps

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.3-rc2

07 Jul 11:46
f9ca14f
Compare
Choose a tag to compare
v1.5.3-rc2 Pre-release
Pre-release

Changes

  • do not send more than group_threshold alerts at once to a notification plugin (#2264) @mmetc
  • cscli: add G (1e9) suffix to metric units (#2254) @mmetc

New Features

Improvements

  • support for stdin with "cscli decision import" and raw values (#2291) @mmetc
  • non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) (#2309) @mmetc
  • Build with libre2 by default, options for wasm and static; add mk/gmsl (#2295) @mmetc
  • send metrics sooner if agents are added/removed (#2296) @mmetc
  • append vendor.tgz to each release (#2288) @mmetc
  • CI: vagrant configuration for debian 12 (#2285) @LaurenceJJones
  • CI: Remove cache entries when closing a PR (#2289) @mmetc
  • Update jsonextract.go (#2287) @LaurenceJJones
  • Implement "crowdsec -fatal" flag; change help message (#2266) @mmetc
  • don't log systemd notification error if not running under systemd (#2274) @mmetc
  • build against libre2-dev if found (#2255) @mmetc
  • log.Warning if a notification is configured twice (#2240) @mmetc
  • CI: publish dev-debian docker image (amd64 only) (#2252) @mmetc
  • CI: use hub cli to upload release tar (#2244) @mmetc

Bug Fixes

  • add object key in src for S3 acquis (#2342) @blotus
  • Properly match new files on windows when doing file acquisition (#2329) @blotus
  • rename status to state in fire response (#2313) @blotus
  • raise error with invalid 'on_success', 'on_failure' in profile (#2303) @mmetc
  • docker: always merge .yaml.local in conf_get() (#2272) @mmetc
  • Change api_key encoding to base64 to comply with bcrypt max size (#2302) @mmetc
  • fix error message when failing to parse ip address or range (#2292) @mmetc

Chore / Deps

  • update dependency on goccy/go-yaml for arm32 fix (#2343) @mmetc
  • CI: bump and lock pytest dependencies (#2340) @mmetc
  • Update grpc dependency to latest stable version (#2339) @mmetc
  • errors.Wrap -> fmt.Errorf (#2333) @mmetc
  • CI: reduce test verbosity; set PKG_CONFIG_PATH for re2 in rpm distros (#2331) @mmetc
  • Update go-re2 dep to fix arm32 build (#2332) @mmetc
  • tests: vagrant refactoring (#2328) @mmetc
  • CI: update ansible tests for re2 (#2318) @mmetc
  • errors.Wrap -> fmt.Errorf (#2317) @mmetc
  • func tests: install some dependencies from make, log test helpers (#2314) @mmetc
  • rename metabase APIClient to avoid confusion (#2305) @mmetc
  • CI: Update setup-go action to v4 (with automatic cache) (#2168) @mmetc
  • docker: build same re2 version for alpine/debian; bump yq (#2311) @mmetc
  • update debian version to have latest systemd (#2304) @he2ss
  • CI: build docker version with c++ re2 (static) (#2307) @mmetc
  • errors.Wrap -> fmt.Errorf; clean up imports (#2301) @mmetc
  • CI: add fedora-37, -38 to vagrant tests (#2299) @mmetc
  • update leakybucket readme (#2298) @mmetc
  • errors.Wrap -> fmt.Errorf (#2297) @mmetc
  • Update go dependencies (#2293) @mmetc
  • spellcheck/style leakybucket readme (#2294) @mmetc
  • Use go 1.20.5 (#2280) @mmetc
  • light pkg/parser cleanup (#2279) @mmetc
  • trim pkg/types: move DataSet/GetData to pkg/cwhub, removed unused Clone function (#2271) @mmetc
  • add missing import (#2275) @mmetc
  • minor refactor to pkg/types, cscli machines (#2270) @mmetc
  • Move grok_pattern.go away from pkg/types to reduce bouncer dependencies (#2269) @mmetc
  • don't pre-create log files (not required anymore) (#2267) @mmetc
  • CI: add tests for metrics configuration (#2251) @mmetc
  • CI: refactor makefile for plugins and vendor target (#2256) @mmetc
  • update notif threshold test on windows (#2265) @mmetc
  • show option -winsvc only under windows (#2258) @mmetc
  • CI: make clean -> remove coverage data (#2259) @mmetc
  • make: allow using a development version of Go, with a warning (#2260) @mmetc
  • gitignore: ignore .vagrant directories (#2262) @mmetc
  • default config: simulation off -> false (yaml 1.2) (#2263) @mmetc
  • dependencies: replaced function calls to pkg/types, errors.Wrap (#2235) @mmetc
  • CI: refactoring pkg/csplugin (#2247) @mmetc
  • CI: separate stderr in all func tests (#2250) @mmetc
  • update libsystemd in debian docker image (#2245) @he2ss
  • types.InSlice() -> slices.Contains() (#2246) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.3-rc1

29 Jun 15:06
17cd792
Compare
Choose a tag to compare
v1.5.3-rc1 Pre-release
Pre-release

New Features

Improvements

  • support for stdin with "cscli decision import" and raw values (#2291) @mmetc
  • non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) (#2309) @mmetc
  • Build with libre2 by default, options for wasm and static; add mk/gmsl (#2295) @mmetc
  • send metrics sooner if agents are added/removed (#2296) @mmetc
  • append vendor.tgz to each release (#2288) @mmetc
  • CI: vagrant configuration for debian 12 (#2285) @LaurenceJJones
  • CI: Remove cache entries when closing a PR (#2289) @mmetc
  • Update jsonextract.go (#2287) @LaurenceJJones
  • Implement "crowdsec -fatal" flag; change help message (#2266) @mmetc
  • don't log systemd notification error if not running under systemd (#2274) @mmetc
  • build against libre2-dev if found (#2255) @mmetc
  • log.Warning if a notification is configured twice (#2240) @mmetc
  • CI: publish dev-debian docker image (amd64 only) (#2252) @mmetc
  • CI: use hub cli to upload release tar (#2244) @mmetc

Bug Fixes

  • rename status to state in fire response (#2313) @blotus
  • raise error with invalid 'on_success', 'on_failure' in profile (#2303) @mmetc
  • docker: always merge .yaml.local in conf_get() (#2272) @mmetc
  • Change api_key encoding to base64 to comply with bcrypt max size (#2302) @mmetc
  • fix error message when failing to parse ip address or range (#2292) @mmetc

Chore / Deps

  • CI: update ansible tests for re2 (#2318) @mmetc
  • errors.Wrap -> fmt.Errorf (#2317) @mmetc
  • func tests: install some dependencies from make, log test helpers (#2314) @mmetc
  • rename metabase APIClient to avoid confusion (#2305) @mmetc
  • CI: Update setup-go action to v4 (with automatic cache) (#2168) @mmetc
  • docker: build same re2 version for alpine/debian; bump yq (#2311) @mmetc
  • update debian version to have latest systemd (#2304) @he2ss
  • CI: build docker version with c++ re2 (static) (#2307) @mmetc
  • errors.Wrap -> fmt.Errorf; clean up imports (#2301) @mmetc
  • CI: add fedora-37, -38 to vagrant tests (#2299) @mmetc
  • update leakybucket readme (#2298) @mmetc
  • errors.Wrap -> fmt.Errorf (#2297) @mmetc
  • Update go dependencies (#2293) @mmetc
  • spellcheck/style leakybucket readme (#2294) @mmetc
  • Use go 1.20.5 (#2280) @mmetc
  • light pkg/parser cleanup (#2279) @mmetc
  • trim pkg/types: move DataSet/GetData to pkg/cwhub, removed unused Clone function (#2271) @mmetc
  • add missing import (#2275) @mmetc
  • minor refactor to pkg/types, cscli machines (#2270) @mmetc
  • Move grok_pattern.go away from pkg/types to reduce bouncer dependencies (#2269) @mmetc
  • don't pre-create log files (not required anymore) (#2267) @mmetc
  • CI: add tests for metrics configuration (#2251) @mmetc
  • CI: refactor makefile for plugins and vendor target (#2256) @mmetc
  • update notif threshold test on windows (#2265) @mmetc
  • show option -winsvc only under windows (#2258) @mmetc
  • CI: make clean -> remove coverage data (#2259) @mmetc
  • make: allow using a development version of Go, with a warning (#2260) @mmetc
  • gitignore: ignore .vagrant directories (#2262) @mmetc
  • default config: simulation off -> false (yaml 1.2) (#2263) @mmetc
  • dependencies: replaced function calls to pkg/types, errors.Wrap (#2235) @mmetc
  • CI: refactoring pkg/csplugin (#2247) @mmetc
  • CI: separate stderr in all func tests (#2250) @mmetc
  • update libsystemd in debian docker image (#2245) @he2ss
  • types.InSlice() -> slices.Contains() (#2246) @mmetc

Changes

  • do not send more than group_threshold alerts at once to a notification plugin (#2264) @mmetc
  • cscli: add G (1e9) suffix to metric units (#2254) @mmetc
  • allow running rootless docker tests (#2281) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.2

26 May 14:37
4fbc340
Compare
Choose a tag to compare

Changes

Improvements

Bug Fixes

Chore / Deps

  • decouple bouncer dependencies: use go-cs-lib/pkg/ptr (#2228) @mmetc
  • decouple bouncer dependencies: use go-cs-lib in test code (#2229) @mmetc
  • makefiles: de-duplicate, simplify and remove unused code (#2222) @mmetc
  • decouple bouncer dependencies: use go-cs-lib/pkg/ptr in apiclient (#2227) @mmetc
  • decouple bouncer dependencies: use go-cs-lib/pkg/* (#2216) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.2-rc1

25 May 13:49
9167bd1
Compare
Choose a tag to compare
v1.5.2-rc1 Pre-release
Pre-release

Changes

Improvements

Bug Fixes

  • test cleanup: remove /tmp/crowdsec_tests* directories (#2232) @mmetc
  • merge system cert pool with own certs (#2226) @mmetc

Chore / Deps

  • decouple bouncer dependencies: use go-cs-lib/pkg/ptr (#2228) @mmetc
  • decouple bouncer dependencies: use go-cs-lib in test code (#2229) @mmetc
  • makefiles: de-duplicate, simplify and remove unused code (#2222) @mmetc
  • decouple bouncer dependencies: use go-cs-lib/pkg/ptr in apiclient (#2227) @mmetc
  • decouple bouncer dependencies: use go-cs-lib/pkg/* (#2216) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.1

17 May 09:36
eddb994
Compare
Choose a tag to compare

Security Notice

This release includes a security fix for the Windows version of crowdsec regarding a potential privesc when installing crowdsec in a non-default path (different than C:\Program Files\CrowdSec).
This release removes the ability to choose a custom installation path. If you have installed crowdsec in a non-default path, we strongly encourage you to reinstall crowdsec at the default location.

Changes

Bug Fixes

  • fallback to master for hub index download if it does not exist (#2210) @blotus
  • Don't allow to customize the installation directory on windows (#2208) @blotus
  • fix incorrect version strip (#2206) @blotus

Chore / Deps

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.0

16 May 13:26
0ddd42c
Compare
Choose a tag to compare

New Features

Improvements

Bug Fixes

  • Wait for both api and agent chans if necessary when daemonize is false or running on windows (#2155) @blotus
  • check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker (#2152) @blotus
  • Properly load k8s audit configuration (#2158) @mmetc
  • Allow subcommands to be activated by feature.yaml (#2156) @mmetc
  • fix awkward stacktrace in conditional filter (#2145) @buixor
  • Docker: don't re-register local agent if not needed (#2141) @mmetc
  • Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) @mmetc
  • Unit tests: remove leftover files (#2134) @mmetc
  • Report docker systems in version and user agents (#2136) @mmetc
  • fix dateparse (#2135) @buixor
  • CI: avoid conflict with pkg/build cache in golangci-lint action (#2123) @mmetc
  • actually fix expr-debugger to work with the new version (#2124) @blotus
  • cscli explain : avoid concurrent map writes (#2113) @buixor
  • Fix cscli explain when running from testenv (#2114) @AlteredCoder
  • Load lapi config for config show output (#2097) @mmetc
  • Fix docker tests by increasing timeout (#2107) @mmetc
  • Unit tests: fix authentication to localstack (#2106) @mmetc
  • Fix log destination in one-shot mode (#2084) @mmetc
  • CI: Limit parallel docker builds for performance on small machines (#2082) @mmetc
  • ugly workaround to fix the tests (#2080) @sabban
  • fix the way acquisition is stopped (#2069) @sabban
  • Strip version with ~ instead of - (#2076) @AlteredCoder
  • Fix docker tests (network creation) (#2077) @mmetc
  • email plugin: add "starttls" as accepted encryption_type in the comment (#2068) @mmetc
  • Propagate taints to top collections (fix #2064) (#2066) @mmetc
  • fix message "empty scenario" (#2065) @mmetc
  • Do not try to refresh JWT token when doing a login request (#2059) @blotus
  • add indexes on the FK between alerts and {decisions,metas,events} (#2188) @blotus
  • defaults to inotify to detect changes in file datasource to avoid too many call to stat() (#2181) @blotus

Chore / Deps

  • timeout of ci jobs (20 -> 30) (#2160) @buixor
  • Rename k8s_audit to k8s-audit (easier to type, consistent with labels) (#2153) @mmetc
  • use expr.Function for custom functions instead of passing them in the env (#2133) @blotus
  • Only use pgx for postgresql database (#2118) @blotus
  • Update expr (#2110) @blotus
  • Fix docker tests by increasing timeout (again) and move compose test to plugin (#2112) @mmetc
  • Lint (type inference): remove redundant type declarations (#2111) @mmetc
  • Run lint after tests instead of separate workflow (#2103) @mmetc
  • Build notification plugins with current crowdsec; mod tidy (#2102) @mmetc
  • Make: extract "goversion.mk" to reuse it in bouncers (#2101) @mmetc
  • Rename directory "tests" to "test" (#2094) @mmetc
  • Add tests and typo fixes (#2092) @mmetc
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/slack (#2088) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/splunk (#2086) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/http (#2087) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/email (#2085) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 (#2089) @dependabot
  • CI: limit -dev docker image to amd64 to speed up the pipeline (#2090) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/http (#2074) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/email (#2073) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/splunk (#2071) @dependabot
  • Bump bats-core to 1.9 (#2083) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 (#2072) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/slack (#2070) @dependabot
  • Docker tests: use pytest-cs 0.2 (#2079) @mmetc
  • Pin pytest-cs to a stable tag, cache virtualenvs, don't install ipython in CI (#2075) @mmetc
  • chore: simplify pkg/database/alerts (#2062) @mmetc
  • replace log.Fatal -> fmt.Errorf (#2058) @mmetc
  • Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#2060) @dependabot
  • Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible (#1996) @dependabot
  • CAPI error code handling tests (#2027) @rr404
  • CI: set GOBIN instead of go install + cp (#2030) @mmetc
  • CI: build with go 1.20 (#2031) @mmetc
  • test: bats-detect tests for "cscli setup" (#2057) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.0-rc6

12 May 11:53
8aca0ea
Compare
Choose a tag to compare
v1.5.0-rc6 Pre-release
Pre-release

New Features

Improvements

Bug Fixes

  • Wait for both api and agent chans if necessary when daemonize is false or running on windows (#2155) @blotus
  • check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker (#2152) @blotus
  • Properly load k8s audit configuration (#2158) @mmetc
  • Allow subcommands to be activated by feature.yaml (#2156) @mmetc
  • fix awkward stacktrace in conditional filter (#2145) @buixor
  • Docker: don't re-register local agent if not needed (#2141) @mmetc
  • Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) @mmetc
  • Unit tests: remove leftover files (#2134) @mmetc
  • Report docker systems in version and user agents (#2136) @mmetc
  • fix dateparse (#2135) @buixor
  • CI: avoid conflict with pkg/build cache in golangci-lint action (#2123) @mmetc
  • actually fix expr-debugger to work with the new version (#2124) @blotus
  • cscli explain : avoid concurrent map writes (#2113) @buixor
  • Fix cscli explain when running from testenv (#2114) @AlteredCoder
  • Load lapi config for config show output (#2097) @mmetc
  • Fix docker tests by increasing timeout (#2107) @mmetc
  • Unit tests: fix authentication to localstack (#2106) @mmetc
  • Fix log destination in one-shot mode (#2084) @mmetc
  • CI: Limit parallel docker builds for performance on small machines (#2082) @mmetc
  • ugly workaround to fix the tests (#2080) @sabban
  • fix the way acquisition is stopped (#2069) @sabban
  • Strip version with ~ instead of - (#2076) @AlteredCoder
  • Fix docker tests (network creation) (#2077) @mmetc
  • email plugin: add "starttls" as accepted encryption_type in the comment (#2068) @mmetc
  • Propagate taints to top collections (fix #2064) (#2066) @mmetc
  • fix message "empty scenario" (#2065) @mmetc
  • Do not try to refresh JWT token when doing a login request (#2059) @blotus
  • add indexes on the FK between alerts and {decisions,metas,events} (#2188) @blotus
  • defaults to inotify to detect changes in file datasource to avoid too many call to stat() (#2181) @blotus

Chore / Deps

  • timeout of ci jobs (20 -> 30) (#2160) @buixor
  • Rename k8s_audit to k8s-audit (easier to type, consistent with labels) (#2153) @mmetc
  • use expr.Function for custom functions instead of passing them in the env (#2133) @blotus
  • Only use pgx for postgresql database (#2118) @blotus
  • Update expr (#2110) @blotus
  • Fix docker tests by increasing timeout (again) and move compose test to plugin (#2112) @mmetc
  • Lint (type inference): remove redundant type declarations (#2111) @mmetc
  • Run lint after tests instead of separate workflow (#2103) @mmetc
  • Build notification plugins with current crowdsec; mod tidy (#2102) @mmetc
  • Make: extract "goversion.mk" to reuse it in bouncers (#2101) @mmetc
  • Rename directory "tests" to "test" (#2094) @mmetc
  • Add tests and typo fixes (#2092) @mmetc
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/slack (#2088) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/splunk (#2086) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/http (#2087) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/email (#2085) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 (#2089) @dependabot
  • CI: limit -dev docker image to amd64 to speed up the pipeline (#2090) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/http (#2074) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/email (#2073) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/splunk (#2071) @dependabot
  • Bump bats-core to 1.9 (#2083) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 (#2072) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/slack (#2070) @dependabot
  • Docker tests: use pytest-cs 0.2 (#2079) @mmetc
  • Pin pytest-cs to a stable tag, cache virtualenvs, don't install ipython in CI (#2075) @mmetc
  • chore: simplify pkg/database/alerts (#2062) @mmetc
  • replace log.Fatal -> fmt.Errorf (#2058) @mmetc
  • Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#2060) @dependabot
  • Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible (#1996) @dependabot
  • CAPI error code handling tests (#2027) @rr404
  • CI: set GOBIN instead of go install + cp (#2030) @mmetc
  • CI: build with go 1.20 (#2031) @mmetc
  • test: bats-detect tests for "cscli setup" (#2057) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

v1.5.0-rc5

05 Apr 13:46
7fa469d
Compare
Choose a tag to compare
v1.5.0-rc5 Pre-release
Pre-release

New Features

Improvements

Bug Fixes

  • Wait for both api and agent chans if necessary when daemonize is false or running on windows (#2155) @blotus
  • check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker (#2152) @blotus
  • Properly load k8s audit configuration (#2158) @mmetc
  • Allow subcommands to be activated by feature.yaml (#2156) @mmetc
  • fix awkward stacktrace in conditional filter (#2145) @buixor
  • Docker: don't re-register local agent if not needed (#2141) @mmetc
  • Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) @mmetc
  • Unit tests: remove leftover files (#2134) @mmetc
  • Report docker systems in version and user agents (#2136) @mmetc
  • fix dateparse (#2135) @buixor
  • CI: avoid conflict with pkg/build cache in golangci-lint action (#2123) @mmetc
  • actually fix expr-debugger to work with the new version (#2124) @blotus
  • cscli explain : avoid concurrent map writes (#2113) @buixor
  • Fix cscli explain when running from testenv (#2114) @AlteredCoder
  • Load lapi config for config show output (#2097) @mmetc
  • Fix docker tests by increasing timeout (#2107) @mmetc
  • Unit tests: fix authentication to localstack (#2106) @mmetc
  • Fix log destination in one-shot mode (#2084) @mmetc
  • CI: Limit parallel docker builds for performance on small machines (#2082) @mmetc
  • ugly workaround to fix the tests (#2080) @sabban
  • fix the way acquisition is stopped (#2069) @sabban
  • Strip version with ~ instead of - (#2076) @AlteredCoder
  • Fix docker tests (network creation) (#2077) @mmetc
  • email plugin: add "starttls" as accepted encryption_type in the comment (#2068) @mmetc
  • Propagate taints to top collections (fix #2064) (#2066) @mmetc
  • fix message "empty scenario" (#2065) @mmetc
  • Do not try to refresh JWT token when doing a login request (#2059) @blotus

Chore / Deps

  • timeout of ci jobs (20 -> 30) (#2160) @buixor
  • Rename k8s_audit to k8s-audit (easier to type, consistent with labels) (#2153) @mmetc
  • use expr.Function for custom functions instead of passing them in the env (#2133) @blotus
  • Only use pgx for postgresql database (#2118) @blotus
  • Update expr (#2110) @blotus
  • Fix docker tests by increasing timeout (again) and move compose test to plugin (#2112) @mmetc
  • Lint (type inference): remove redundant type declarations (#2111) @mmetc
  • Run lint after tests instead of separate workflow (#2103) @mmetc
  • Build notification plugins with current crowdsec; mod tidy (#2102) @mmetc
  • Make: extract "goversion.mk" to reuse it in bouncers (#2101) @mmetc
  • Rename directory "tests" to "test" (#2094) @mmetc
  • Add tests and typo fixes (#2092) @mmetc
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/slack (#2088) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/splunk (#2086) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/http (#2087) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220418201149-a630d4f3e7a2 to 0.7.0 in /plugins/notifications/email (#2085) @dependabot
  • Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 (#2089) @dependabot
  • CI: limit -dev docker image to amd64 to speed up the pipeline (#2090) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/http (#2074) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/email (#2073) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/splunk (#2071) @dependabot
  • Bump bats-core to 1.9 (#2083) @mmetc
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 (#2072) @dependabot
  • Bump golang.org/x/text from 0.3.7 to 0.3.8 in /plugins/notifications/slack (#2070) @dependabot
  • Docker tests: use pytest-cs 0.2 (#2079) @mmetc
  • Pin pytest-cs to a stable tag, cache virtualenvs, don't install ipython in CI (#2075) @mmetc
  • chore: simplify pkg/database/alerts (#2062) @mmetc
  • replace log.Fatal -> fmt.Errorf (#2058) @mmetc
  • Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#2060) @dependabot
  • Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible (#1996) @dependabot
  • CAPI error code handling tests (#2027) @rr404
  • CI: set GOBIN instead of go install + cp (#2030) @mmetc
  • CI: build with go 1.20 (#2031) @mmetc
  • test: bats-detect tests for "cscli setup" (#2057) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.