crowdsecurity/crowdsec v1.4.2-rc4

on GitHub

New features

• Implement reinject command to send notifications of alerts (#1638) @sabban
• Print cscli usage in color, fix windows terminal detection (#1801) @mmetc
• Add LookupHost expr lib func (#1775) @ThinkChaos
• Acqusition : Add support for exclusion regexps (#1735) (fix #1733) @buixor
• Datasource/kafka (#1698) @he2ss
• Add cscli support dump (#1634) @blotus
• Generic dateparse approach (#1669) @buixor
• Hub auto update cronjob (#1817) @LaurenceJJones
• New tables for cscli commands (#1763) @mmetc
• Add helo config for mail plugin (#1765) @LaurenceJJones

Bug Fixes

• Fix #1746 (#1749) @sabban
• Restrict permissions for plugin configurations (#1745) @mmetc
• Simpler makefiles for static targets (#1744) @mmetc
• Fix expr scope #1737 (#1738) @sabban
• Acually postoverflow before reprocessing (#1739) @sabban
• Fix logging for email plugin (#1670) @sabban
• Fix decision delete #1724 (#1725) @sabban
• Fix cscli notifications list crash (#1697) @blotus
• Fix the ssltls by actually doing ssltls in email notification plugin (#1672) @sabban
• Fix one shot acq race (#1783) @sbs2001
• Bulk delete alert optimization (#1782) @mmetc
• Fix counter bucket (#1807) @sabban
• Fix for #1839 (#1840) @mmetc
• Fix for collections delete (#1824) @mmetc
• Blocklist: Do not duplicate decisions when pulling (#1796) @blotus
• Update codecov action (node 12 is deprecated) (#1830) @mmetc
• Rpm spec fix cron removal (#1829) @LaurenceJJones
• Add check for .deb remove (#1827) @LaurenceJJones

Changes

• Use explicit transaction when inserting community blocklist (#1835) @blotus
• Update chocolatey spec file and publish nupkg in github releases (#1826) @blotus
• Support decisions deletion via scenario + alerts delete via ID (#1798) @buixor
• Add WAL support for sqlite (#1752) @blotus
• Replace shodan with crowdsec cti in notification template (#1741) @sbs2001
• Use ansible roles from crowdsecurity.testing collection (#1743) @mmetc
• Add config option to enable or not local API and agent (#1730) @AlteredCoder
• Allow plugins to load environment variable (#1727) @AlteredCoder
• golangci-lint 1.49 and related fixes (#1736) @mmetc
• Ansible changed_when fix; ansible/vagrant lint (#1734) @mmetc
• Update sprig to v3 (#1722) @LaurenceJJones
• Hardcode db password in CI to allow tests from third parties (#1729) @mmetc
• Allow user to disable decision deduplication (#1687) @buixor
• Switch to go 1.19 (#1709) @blotus
• Fix typo in func tests (#1718) @sabban
• Replace wizard patch for debian package with an envvar check (#1630) @mmetc
• Func tests: enable capi only when needed (#1710) @mmetc
• golangci-lint v1.48 and fixes for "usestdlibvars" (#1711) @mmetc
• Functional tests: json, stderr helpers (#1704) @mmetc
• Ansible testing improvements (#1700) @mmetc
• Add suggestion on cscli install items (#1686) @AlteredCoder
• Ansible testing (#1691) @mmetc
• cscli machines delete: return an error if machines doesn't exist (#1689) @AlteredCoder
• Add -a options in cscli alerts list (#1690) @AlteredCoder
• Don't run azure pipeline on freeBSD tags (#1684) @blotus
• Functional tests instrumented by ansible/vagrant (#1682) @mmetc
• Adjust test timing for slow boxes (#1681) @mmetc
• Fix --column-statistics handling in mysql tests (#1680) @mmetc
• Cronjob remove fails due to [[ (#1818) @LaurenceJJones
• Warn if no acquisition files are found, acquisition_test refactoring, func tests (#1816) @mmetc
• Refactor broker_test.go, extract cstest/filenotfound*.go (#1815) @mmetc
• Rename pkg/cstest -> pkg/hubtest (#1811) @mmetc
• Force postgres 14 for func tests (#1813) @mmetc
• Enable all static checks + minor fixes and typos (#1806) @mmetc
• Add test and fix for configuration reload (#1808) @mmetc
• Fix missing metrics cscli (#1809) @blotus
• Replace log.Fatal with t.Fatal (#1805) @mmetc
• Don't install jq to build windows, docker (not required anymore) (#1800) @mmetc
• Unit tests: always capture testcase variable -> allow parallel testing (#1797) @mmetc
• Check is TLS == "true" before to enable in LAPI (#1795) @stephdl
• Bats helper fixes (#1792) @mmetc
• Fast alert delete (#1791) @sbs2001
• Update ent and grokky package (#1772) @AlteredCoder
• Fork dlog to ease debian packaging on official repos (#1790) @sabban
• Simplify one shot tests (#1786) @sbs2001
• Remove a wrong warning when pulling list content from CAPI (#1789) @blotus
• tests/bin cleanup (#1760) @mmetc
• Make: accept BUILD_VENDOR_FLAGS variable (#1771) @mmetc
• Renamed security.MD -> SECURITY.md (#1774) @mmetc
• Fix & cleanup cloudwatch_test.go (#1780) @mmetc
• Cleanup + fix flaky tests in file_test.go, apic_test.go (#1773) @mmetc
• "make localstack": added zookeper+kafka services (#1770) @mmetc
• Tighten windows sqlite database permissions (#1769) @blotus
• Don't suggest an item which user already mentioned (#1702) @sbs2001
• Fix misspelling of instantiate participles (#1759) @xconverge
• spf13/cobra v1.5.0; antonmedv/expr v1.9.0 (#1756) @mmetc
• Improvement: Docker one shot error message (#1666) @LaurenceJJones
• Tighten permissions for creds and notification configuration files on windows (#1757) @blotus
• Rename ROOT var to CS_ROOT in Makefile (#1755) @blotus
• Cronjob via packages (#1820) @LaurenceJJones

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.