v0.8.3
This is a very small release mostly triggered by a security update to OPA.
Breaking changes
There should be no breaking changes.
Highlights
Fixes/Security Updates
- Bump OPA dependency from v0.42.0 to v0.44.0 (#2172)
- Fixed
security_file_open
event dependencies (#2166)
Improvements
- New
/healthz
endpoint for both tracee-ebpf and tracee-rules (#2116) security_inode_unlink
event has been enriched with more arguments (#2136)- You can now specify env
DEBUG=1
while building to include DWARF symbols (#2164)
Docker images
docker pull docker.io/aquasec/tracee:0.8.3 (embedded eBPF CO-RE obj with BTFHUB support)
docker pull docker.io/aquasec/tracee:full-0.8.3 (compiles non CO-RE eBPF object on startup)
Full Changelog
792b510 - security: bump OPA from 0.42.0 to 0.44.0 (#2172) (Rafael David Tinoco)
5b91c25 - events_derived: merge into existing files (Nadav Strahilevitz)
f1ebce6 - events/derive: simplify files (Nadav Strahilevitz)
a573fe2 - tracee: debug mode: only enable net probes if needed (Rafael David Tinoco)
0321b78 - docs/installing: add 'tracee-system' namespace to the manual installation (#2167) (Vitor Duque)
e53c5c0 - net_events: remove current net debugging mechanism (Rafael David Tinoco)
42d9a2c - tracee.bpf.c: move license and kernel version to the top (Rafael David Tinoco)
048daa8 - pkg/ebpf: enrich security_inode_unlink (#2136) (Alon Zivony)
7a82831 - events: add execve and execveat to security_file_open syscalls (#2166) (Nadav Strahilevitz)
63cead8 - feat: add healthz endpoint (#2116) (Jose Donizetti)
c83ac80 - Makefile: add DEBUG flag to enable symbols (#2164) (Geyslan Gregório)
999e44f - k8s: fix tracee version to latest release v0.8.2 (#2162) (Jose Donizetti)