File crowdsec.changes of Package crowdsec
-------------------------------------------------------------------
Sun Mar 23 14:20:13 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- fix service on Leap 15.x,where %{_libexecdir} resolves do
/usr/lib, not /usr/libexec
-------------------------------------------------------------------
Fri Mar 21 16:34:13 UTC 2025 - rrahl0@opensuse.org
- Update to version 1.6.6:
* introduction of a centralized allowlists
* Parallel hubtest
* deprecate capi_whitelists_path
* appsec: use CA from client credentials when connecting to LAPI
* lint: gocritic/httpNoBody
* tests: remove modeline
* pkg/cwhub: refact Item.State.(Downloaded | Installed)
* refact: context propagation (apiclient, cticlient...)
* tests: switch context.Background() -> t.Context() from go 1.24
* refact: avoid use of defer calls in loops
* lint: gocritic/typeDefFirst (ensure type definitions come before methods)
* file acquisition: remove redundant logging info
* appsec: support custom CA for lapi
* enhancement: Add additional ssl options to db configuration
* move ParseQuery to expr helpers, add ExtractQueryParam
* enable/disable options for console enroll - make alert context a default
* enhance: add option to disable magic syslog RFC parsers
* add JA4H expr helper
* leaky bucket: reduce log verbosity
* update appsec test runner
* close appsec transactions after processing request
* opensuse sets OSTYPE to linux
* do not attempt to set db log level if no db config
* appsec: less verbose logging for allowlists and headers check
* enhance: Flags now superceed all log levels
* appsec: handle SendAlert() properly for out of band matches
* cscli: review/update argument number checking
* crowdsec: allow -t to work if using appsec and allowlists
* cron: avoid spamming stdout when the hub index is updated
* cscli: allow non-local symlinks to have a different name than hub items
* cscli hub/items: always show action plan; fix --interactive in pipes
* silence "cscli hub update" if noop in cron jobs
* cscli: don't attempt to download data files when url=""
* update dependencies
-------------------------------------------------------------------
Mon Feb 24 02:20:03 UTC 2025 - Richard Rahl <rrahl0@opensuse.org>
- remove arch_install_post, as it's not needed anymore
-------------------------------------------------------------------
Fri Feb 07 19:37:21 UTC 2025 - rrahl0@opensuse.org
- Update to version 1.6.5:
* cscli: exclude removed commands from generated docs (#3449)
* cscli: replace '--yes' option with '--interactive' (#3448)
* cscli: when prompting, use default in case of EOF instead of going for "no" (#3447)
* merge from master (dc28ae58dc59e72981ee4724b1c72a79ba586ad8) for 1.6.5 (#3444)
* ignore zero value variables for context (#3436)
* bucket: avoid crashing on malformed expression (fix #3351) (#3368)
* fix parsing of noncompliant RFC3339 timestamps missing only a timezone (#3346)
* acquisition/victorialogs: add new datasource (#3310)
* fix: use CreatedAt instead of StartAt (#3427)
* use the actual bucket name when checking for simulation mode (#3416)
* appsec: do not attempt to deduplicate native modsec rules (#3347)
* Removed last_heartbeat update in MachineUpdateBaseMetrics (#3425)
* upgrade coraza to latest version (#3417)
* README revamp (#3408)
* remove dependency from github.com/gofrs/uuid (#3406)
* pkg/cticlient: Add missing field in SmokeItem and FireItem (#3413)
* cscli: cliconfig - remove global variables and gratuitous pointer (#3414)
* enhance: Log appsec error on writing response to remediation (#3412)
* lint: enable errcheck; add allowlist and explicit checks (#3403)
* lint: gocritic/captLocal (don't capitalize local variables) (#3402)
* remove commands "cscli config backup/restore" (#3158)
* test pkg/exprhelpers: explicit message if the tag "expr_debug" is missing (#3400)
* fix: #2790 (#3378)
* log warning if local items have conflicting names (#3399)
* feat(cscli): add env variable flag for dashboard setup (#3110)
* gin: do not use gin context after returning response (#3398)
* expand env var when loading acquis (#3375)
* Hubops tests (#3393)
* build(deps): bump golang.org/x/crypto from 0.26.0 to 0.31.0 (#3381)
* build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#3380)
* cscli hub: refact/split files; add some doc/examples (#3394)
* cscli: restyle table titles; autocomplete "cscli metrics show" (#3391)
* enhancement: Hubtest respect patterndir option set via config.yaml (#3386)
* lint: explicit error checks (#3388)
* enhancement: add logdata to appsec AccumlateTxToEvent (#3383)
* pkg/cwhub - refact Downloader (#3382)
* lint: replace type assertions and type switch on errors (#3376)
* cscli: improved hub management (#3352)
* Add possibility to configure log format #799 (#2941)
* refactor pkg/leakybucket (#3371)
* refact pkg/database: clean up code and error messages (#3263)
* lint/deep-exit: avoid log.Fatal (#3367)
* loop performance optimizations / 2 (#3364)
* update dependency on docker (#3175)
* cscli: print errors in plain text with -o json (#2973)
* lint/deep-exit: avoid log.Fatal (#3360)
* lint: enable more gocritic checks (#3363)
* acquisition: add some test and warning for wrong source type (#3362)
* support dump: generate pprof files with debug=1 to avoid generating an unusable heap dump (#3361)
* cscli: display expired decisions' expiration time in red (#3357)
* sigmahq: fix functional test (#3359)
* loop performance optimizations / 1 (#3313)
* lint: style, autofix (#3354)
* update golangci-lint to 1.62 (#3332)
* appsec: missing err check when initializing out-of-band engine (#3344)
* Allow bouncers to share API keys (#3323)
* make: improve re2/wasm check (#3335)
* better handle error when sending usage metrics (#3333)
* Support multiple appsec configs (#3314)
* context propagation: papi, loki (#3308)
* fix: Use clientIP when passing coraza (#3322)
* test for cron dependency for packaging (#3331)
* enhance: add fedora 41 (40, with provision to upgrade to 41 since there no image so far on vagrant cloud) (#3328)
* enhance: add opensuse leap 15 vagrant (#3329)
* fix: Add a check to prevent attempting to load a directory within patterns (#3326)
* fix: Ansible fedora 40 to use 40 (#3327)
* fix go version for azure pipeline (#3324)
* add go minor in go.mod (#3318)
* Add explicit configuration for signals sharing and blocklists pull (#3277)
* loki: add no_ready_check option (#3317)
* readme: update bouncers link (#3297)
* add HTTP datasource (#3294)
* update checks for wrapped errors (#3117)
* Alert context appsec (#3288)
* make: allow build on ubuntu 24.10 (#3311)
* refact cscli: decisions, lapi, bouncers, machines (#3306)
* make: remove obsolete/redundant parameters (#3304)
* remove unused code: HandleDeletedDecisions() (#3301)
* context propagation: OneShotAcquisition(); enable contextcheck linter (#3285)
* enhance: Remove if log check in one instance that was not needed as the logged items are not resource intensive (#3300)
* context propagation: appsec, docker, kafka, k8s datasources (#3284)
* enhance: Check if resp is nil in capi metrics and continue (#3299)
* wineventlog: add support for replaying evtx files (#3278)
* avoid deadlock when deleting decisions if PAPI is half configured (#3283)
* context propagation: StreamingAcquisition() (#3274)
* context propagation: pkg/csplugin (#3273)
* Update protobufs (#3276)
* context propagation: pkg/apiserver (#3272)
* lint/revive: check tags on non-exported struct fields (#3257)
* context propagation: apic, unit tests (#3271)
* context propagation: don't store ctx in api controller (#3268)
* Re-generate capi models (#3260)
* context propagation: pass ctx to UpdateScenario() (#3258)
* context propagation: pkg/database/alerts (#3252)
* context propagation: pkg/database/{lock,decision} (#3251)
* context propagation: pkg/database/bouncers (#3249)
* context propagation: pkg/database/machines (#3248)
* remove dependency from pkg/cwversion to pkg/acquisition (#3242)
* lint/nestif: reduce hubtest complexity (#3244)
* context propagation: pkg/database/metrics (#3247)
* context propagation: pkg/database/config (#3246)
* context propagation: bouncer list (#3236)
* context propagation: pkg/database/flush (#3235)
* context propagation: pass context to NewAPIC() (#3231)
* context propagation: explicit ctx parameter in unit tests (#3229)
* refact: alerts query (#3216)
* lint: enable (some) gocritic checks (#3238)
* enable linters: copyloopvar, intrange (#3184)
* logs and user messages: use "parse" and "serialize" instead of marshal/unmarshal (#3240)
* Update go-re2 (#3230)
* context propagation: cscli {capi,lapi,papi} (#3228)
* refact pkg/database: context propagation (start) (#3226)
* refact acquisition: build profiles (optionally exclude datasources from final binary) (#3217)
* refact / split APIServer.Run() method (#3215)
* fix #3225: info->debug for trigger bucket overflow (#3227)
* refact cscli - don't export functions if not required (#3224)
* refact: cscli papi (#3222)
* refact: pkg/apiclient set and use default user agent (#3219)
* fix appsec/tls issues by cloning http transport (#3213)
* tests: prevent "make bats-fixture" to run if instance-data is locked (#3201)
* enhance: add additional explain options to hubtest (#3162)
* cscli refact: package clialert, clidecision (#3203)
* refact: reduce code nesting (acquisition/file, tests) (#3200)
* update grokky and deps (#3206)
* cscli refact: package cliitem (#3204)
* cscli dashboard: exit earlier on docker (#3210)
* Allow auto registration of machines in LAPI (#3202)
* enhance: return an error if cscli dashboard is run within a container (#3207)
* cscli refact: package cli{support, machine, bouncer} (#3199)
* cscli refact: package 'clihub' (#3198)
* cscli refact: extract packages ask, clientinfo (#3197)
* cscli refact: package 'clihubtest' (#3174)
* cscli hub update: option --with-content to keep embedded items in index; use it in docker (#3192)
* implement GetFSType on openbsd with the correct statfs struct member (#3191)
* cscli refact: notifications, simulation, papi, setup (#3190)
* cscli refact: package 'clicapi', 'clilapi' (#3185)
* pkg/cwhub: cache control / send etag header from file contents, check with HEAD req (#3187)
* pkg/cwhub: simpler accessor methods (#3165)
* cscli refact: package 'cliexplain' (#3151)
* pkg/cwhub: improve support for k8s config maps with custom items (#3154)
* cscli refact: package 'cliconsole' (#3149)
* refact (nestif): reduce complexity of pkg/leakybucket (#3139)
-------------------------------------------------------------------
Sat Jan 4 22:05:29 UTC 2025 - Richard Rahl <rrahl0@opensuse.org>
- use for loops, so we have less lines in general
- extract the service file
- patch the config file, in comparison to sed in the spec file
- recommend crowdsec-firewall-bouncer
- fix the zsh completion dir, as the file was in the wrong directory
- add prepare-crowdsec script, so the daemon can actually run after install
-------------------------------------------------------------------
Thu Jan 02 03:07:33 UTC 2025 - rrahl0@opensuse.org
- Update to version 1.6.4:
* merge from master for 1.6.4 (#3337)
* Update go-re2 (#3230) (#3234)
* fix appsec/tls issues by cloning http transport (#3214)
* update grokky and deps (backport) (#3211)
* backport: return an error if cscli dashboard is run within a container (#3208)
* Allow auto registration of machines in LAPI (backport) (#3209)
* cscli hub update: option --with-content to keep embedded items in index; use it in docker (#3195)
* implement GetFSType on openbsd with the correct statfs struct member (#3196)
* pkg/cwhub: cache control / send etag header from file contents, check with HEAD req (#3189)
* hide geoip related warnings (#3179)
* CI: use go 1.22.6 (#3171)
* add missing ApiKeyAuthorizer to decisions swagger endpoint (#3178)
* cscli: add option --ignore-missing to "bouncers delete", "machines delete" (#3177)
* Remove useragent set by RC (#3167)
* prevent nil deref when loading cti config (#3176)
* metrics: avoid nil deref with inactive bouncers or malformed response (#3170)
* command "cscli doc --target /path/to/dir" (#3169)
* fix #1742 : Allow QueryCAPIStatus to return as well enrollment status (#3159)
* reduce log verbosity, minor CI fixes, lint (#3157)
* cscli metrics: explicit message "no bouncer metrics found" (#3155)
* cscli/hub: don't return error if some file can't be recognized (#3150)
* Use the new hub api url (#3132)
* docker: symlink all data files to the staging area (#3120)
* perf: retrieve unsorted metrics (#3148)
* LAPI: detailed metrics endpoint (#2858)
* update table test
* CI: update test dependencies (#3146)
* update expr (#3144)
* CI: update action versions (#3143)
* allow .index.json to embed item content (#3145)
* bats: curl helpers to mock log processors and bouncers (#3141)
* docker: make sure the sqlite db is present before changing GID (#3140)
* lint: dockerfiles (#3138)
* CI: use go 1.22.5 (#3128)
* refact cscli metrics: fix lines between tables, skip wrapper api (#3137)
* deps: use go-cs-lib 0.13 (#3136)
* Store alert remediations status in DB (#3115)
* enhance: add crowdsec user agent to cti do request func (#3130)
* usage metrics: validate maxLength for some elements (#3131)
* remove warning "maxopenconns is 0, default to 100" (#3129)
* tests: increase delta for flaky float comparison (#3122)
* command "cscli metrics show bouncers" (#3126)
* revert "db: round created, updated... timestamps to 1 second" (#3127)
* cscli machines/bouncers: dry helper code and move to cscli (#3123)
* func tests: update curl wrapper (#3121)
* update vagrant config for opensuse (#3119)
* typos (#3104)
* make: remove redundant go version check (#3118)
* enhance: Add default_range_remediation (#3109)
* refact cscli metrics: split stat types to own files (#3107)
* cscli refact: extract metrics to own package (#3106)
* cscli refact: extract table wrapper to own package (#3105)
* command cscli [machines|bouncers] inspect (#3103)
* lapi detailed metrics: API spec + models (#3100)
* db refact: drop column machines.status (#3102)
* fix "cscli [machines|bouncers] delete" autocompletion (#3101)
* lapi detailed metrics: db schema (#3099)
* lint: replace "github.com/pkg/errors" in apiserver (#3097)
* lint: import statement order (#3085)
* CI: use go 1.22.4 (#3095)
* improved tls middleware revocation checks (#3034)
* lint: replace gocognit with revive (#3094)
* lint: github.com/pkg/errors -> errors (#3091)
* lint (intrange) (#2970)
* lint (copyloopvar) (#2971)
* config: expand env variables in local_api_credentials.yaml and .yaml.local (#3093)
* refactor: prefer logrus.WithField over WithFields with a single param (#3087)
* db: don't set machine heartbeat until first connection (#3019)
* db: don't set bouncer last_pull until first connection (#3020)
* enable linter: revive (superfluous-else) (#3082)
* cscli: refactor hubtests / extract methods run(), coverage() (#3086)
* Typos (#3084)
* cscli: fixed some inconsistency in returning errors (#3076)
* lint: disable redundant linters, update revive configuration and code metrics (#3081)
* refactor pkg/parser: extract processGrok (#3080)
* cscli: refactor "cscli setup" to avoid global variable (#3075)
* refactor context (cscli, pkg/database) (#3071)
* enhancement: add deprecation notice to cscli dashboard prerun (#3079)
* enable linter: revive (deep-exit) (#3077)
* cscli: fix deprecation message for "context delete" (#3078)
* enable linter: revive (var-declaration) (#3069)
* enable linter: revive (indent-error-flow) (#3068)
* CI: update golangci-lint to 1.59; enforce canonical HTTP headers (#3074)
* enhancement: add other log levels to docker start script and document them (#3072)
* lint: replace cyclop, gocyclo with revive; basic pkg/hubtest helper (#3065)
* pkg/cwhub: use explicit context for item install, upgrade (#3067)
* pkg/cwhub: use explicit context for version check, index update (#3064)
* enable linter: revive (early-return) (#3051)
* add: go reference badge (#3066)
* lint revive(deep-exit): refactor cmd/crowdsec (#3063)
* enable linter: revive (blank-imports) (#3062)
* Use cmp.Or from go 1.22 (#3058)
* enable linter "stylecheck" (#3060)
* fix test 01_cscli by avoiding discrepancies in cscli explain (#3059)
* refactor "cscli decisions" (#3061)
* refactor pkg/database, pkg/models (#3022)
* lint: enable revive/if-return, revive/error-strings (#3057)
* tests: log.Fatal -> return err (#3056)
* fix tests in 01_crowdsec.bats for packages testing (#3054)
* add decently new version of python for centos 7 and 8 for testing (#3053)
* CI/bats: test remediation api via socket (#3052)
* pkg/database: refactor & rename "soft delete" to "expire" (#3025)
* lint: revive/useless-break (#3050)
* enable linter: revive(bool-literal-in-expr) (#2983)
* cscli: log.Fatal -> return err (#3049)
* cscli: refactor alerts/console/decisions/setup (#3003)
* CI/lint: enable some "revive" rules (#3041)
* db,lapi: round durations and timestamps to 1 second (#3015)
* pkg/dumps.DumpTree: split to reduce complexity (#3001)
* update vagrant image for fc39, fc40 and ubuntu24.04 (#3042)
* pkg/database: simplify flush agents/bouncers (#3026)
* db: mark immutable columns / remove unused (#3024)
* deps: use ent 0.13.1 (#3023)
-------------------------------------------------------------------
Sun Jun 2 09:00:54 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- new package crowdsec (including crowdsec-cli): the open-source
and participative security solution offering crowdsourced
protection against malicious IPs and access to the most advanced
real-world CTI
