crowdsecurity/crowdsec v1.6.6-rc3

on GitHub

Changes

• empty back-merge from release branch (#3506) @mmetc
• appsec: use CA from client credentials when connecting to LAPI (#3505) @mmetc
• lint: gocritic/httpNoBody (#3493) @mmetc
• tests: remove modeline (#3486) @mmetc
• pkg/cwhub: refact Item.State.(Downloaded | Installed) (#3476) @mmetc
• refact: context propagation (apiclient, cticlient...) (#3477) @mmetc
• CI: use go 1.24 for windows (#3479) @mmetc
• tests: switch context.Background() -> t.Context() from go 1.24 (#3473) @mmetc
• refact: avoid use of defer calls in loops (#3466) @mmetc
• CI: lint docker tests (#3443) @mmetc
• lint: gocritic/typeDefFirst (ensure type definitions come before methods) (#3404) @mmetc
• file acquisition: remove redundant logging info (#3468) @mmetc
• CI: skip unit tests with dynamic build (#3461) @mmetc

New Features

• deprecate capi_whitelists_path (#3504) @blotus
• Add support for centralized allowlists (#3355) @blotus

Improvements

• appsec: support custom CA for lapi (#3503) @mmetc
• enhancement: Add additional ssl options to db configuration (#3387) @LaurenceJJones
• move ParseQuery to expr helpers, add ExtractQueryParam (#3491) @buixor
• enable/disable options for console enroll - make alert context a default (#3487) @buixor
• enhance: add option to disable magic syslog RFC parsers (#3435) @LaurenceJJones
• add JA4H expr helper (#3401) @blotus
• leaky bucket: reduce log verbosity (#3472) @mmetc

Bug Fixes

• appsec: less verbose logging for allowlists and headers check (#3498) @blotus
• enhance: Flags now superceed all log levels (#3496) @LaurenceJJones
• appsec: handle SendAlert() properly for out of band matches (#3497) @blotus
• cscli: review/update argument number checking (#3490) @mmetc
• crowdsec: allow -t to work if using appsec and allowlists (#3484) @blotus
• cron: avoid spamming stdout when the hub index is updated (#3485) @mmetc
• cscli: allow non-local symlinks to have a different name than hub items (#3475) @mmetc
• cscli hub/items: always show action plan; fix --interactive in pipes (#3451) @mmetc
• silence "cscli hub update" if noop in cron jobs (#3460) @mmetc
• cscli: don't attempt to download data files when url="" (#3454) @mmetc

Chore / Deps

• use go 1.24.1 (#3501) @mmetc
• update dependencies: color, go-sqlite3, tail, slack, testify (#3474) @mmetc
• use go 1.24, enable unencrypted http2 (#3470) @mmetc
• deps: use ent 0.14.2 (#3259) @mmetc
• build(deps): bump github.com/golang/glog from 1.2.2 to 1.2.4 (#3431) @dependabot[bot]
• deps: update gin-jwt (#3430) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.