crowdsecurity/crowdsec v1.7.1-rc4

on GitHub

Changes

• acquisition: set S3 anon creds during tests, prevent deadlock (#3961) @mmetc
• refact: don't call defer in loops, enable linter (#3907) @mmetc
• refact: remove unused struct fields / 2 (#3946) @mmetc
• refact: remove unused struct fields (#3633) @mmetc
• refact pkg/parser: fmt, split grok.go (#3922) @mmetc
• refact pkg/parser: extract RuntimeGrokPattern (#3916) @mmetc
• refact pkg/parser: ExtraField / Static (#3913) @mmetc
• lint: fix nilaway warnings (part 11) (#3910) @mmetc
• lint: errcheck (#3912) @mmetc
• refact: net.Listen -> listenConfig.Listen(), remove context.TODO()/Background() (#3776) @mmetc
• refact pkg/acquisition: split DataSource interface (#3900) @mmetc
• refact: net.Dial() -> Dialer.DialContext() (#3670) @mmetc
• lint: errcheck, nolintlint, intrange (#3904) @mmetc
• lint: fix nilaway warnings (part 5) (#3863) @mmetc
• lint: fix nilaway warnings (part 10) (#3875) @mmetc
• lint: fix nilaway warnings (part 7) (#3865) @mmetc
• lint: fix nilaway warnings (part 6) (#3864) @mmetc
• refact cmd/crowdsec, pkg/apiserver: extract methods (#3743) @mmetc
• lint: fix nilaway warnings (part 9) (#3868) @mmetc
• refact pkg/parser: small optimizations (#3891) @mmetc
• refact simulation: redundant use of pointers; log (stderr) -> print (stdout) (#3889) @mmetc
• refact pkg/parser: extract method processLeaves (#3886) @mmetc
• refact: exec.Command() -> exec.CommandContext() (#3826) @mmetc
• lint: fix nilaway warnings (part 2) (#3854) @mmetc
• refact pkg/parser: extract method (#3849) @mmetc
• lint: fix nilaway warnings (part 8) (#3866) @mmetc
• lint: nosprintfhostport, ifelsechain (#3838) @mmetc
• lint: fix nilaway warnings (part 1) (#3853) @mmetc
• packaging: clean up redundant debian/install, debian/rules (#3781) @mmetc
• rpm: declare ghost file permissions (#3828) @mmetc

Improvements

• cscli hubtest --appsec : Bail when we cannot invoke nuclei (#3798) @buixor
• update kinesis datasource to aws sdk v2 (#3846) @mmetc
• update cloudwatch datasource to sdk v2 (#3847) @mmetc
• waf: store target FQDN in alert meta (#3947) @blotus
• waf: allow glob when including seclang files (#3948) @blotus
• enhance: add timeout resilience to Docker acquisition (socket proxy errors) (#3873) @LaurenceJJones
• update test_env.sh (#3829) @mmetc
• make: support CROWDSEC_API_DEV_ENV (#3931) @mmetc
• metrics: report platform family to console / 2 (#3938) @mmetc
• cscli setup: detect auditd (#3917) @mmetc
• update s3 datasource to aws sdk v2 (#3844) @mmetc
• output: push alerts from a goroutine (#3905) @blotus
• cscli support dump: collect system information with gopsutil (#3879) @mmetc
• replace cron script with systemd timer (#3842) @mmetc
• waf: add fromFile match type (#3880) @blotus
• Improve logging for file acquisition (#3778) @david-garcia-garcia

Bug Fixes

• k8s_audit: fix flaky windows test (#3940) @mmetc
• cloudwatch: fix flaxy test (#3941) @mmetc
• CI: fix flaky cold logs test (#3942) @mmetc
• fix: service name typo (#3920) @mmetc
• apiserver: prevent long bouncer names when IP is changing (bouncer@ip1@ip2..) (#3911) @mmetc
• pkg/database: enable upsert feature flag, use it for config items (#3895) @mmetc
• lint: fix nilaway warnings (part 3), prevent data race (#3855) @mmetc
• journalctl acquisition: fix #3890 (#3893) @mmetc
• refact pkg/parser: review formatting verbs, logs (#3887) @mmetc
• fix: set cache defaults for parser stash (#3883) @mmetc
• [WAF] do not iterate over all transaction variables for nothing // swap alert generation + event send order (#3884) @blotus
• waf: return if we cannot create the TCP listener (#3882) @blotus
• lint: fix nilaway warnings (part 4), prevent data race (#3857) @mmetc

Chore / Deps

• build(deps): bump astral-sh/setup-uv from 6.8.0 to 7.0.0 (#3960) @dependabot[bot]
• build(deps): bump github/codeql-action from 3.30.6 to 4.30.7 (#3958) @dependabot[bot]
• build(deps): bump github/codeql-action from 3.30.5 to 3.30.6 (#3943) @dependabot[bot]
• build(deps): bump astral-sh/setup-uv from 6.7.0 to 6.8.0 (#3936) @dependabot[bot]
• build(deps): bump peter-evans/dockerhub-description from 4.0.2 to 5.0.0 (#3937) @dependabot[bot]
• metrics: report platform family to console (#3897) @mmetc
• deps: update go and golangci-lint (#3921) @mmetc
• build(deps): bump github/codeql-action from 3.30.4 to 3.30.5 (#3928) @dependabot[bot]
• build(deps): bump docker/login-action from 3.5.0 to 3.6.0 (#3929) @dependabot[bot]
• add remediation_sync origin (#3915) @blotus
• build(deps): bump github/codeql-action from 3.30.3 to 3.30.4 (#3919) @dependabot[bot]
• update golang.org/x/time, use fork instead of vendoring (#3892) @mmetc
• pprof: enable block/mutex profiling with a feature flag (#3898) @blotus
• build(deps): bump astral-sh/setup-uv from 6.6.1 to 6.7.0 (#3894) @dependabot[bot]
• build(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (#3885) @dependabot[bot]
• CI: update and pin to commit actions/setup-python v6.0 (#3861) @mmetc
• update fsnotify/fsnotify to 1.9.0 (#3874) @mmetc
• update deps: testify, cobra (#3876) @mmetc
• build(deps): bump github/codeql-action from 3.30.1 to 3.30.2 (#3877) @dependabot[bot]
• build(deps): bump github.com/appleboy/gin-jwt/v2 from 2.10.1 to 2.10.3 (#3772) @dependabot[bot]
• build(deps): bump github.com/go-openapi/errors from 0.22.0 to 0.22.2 (#3858) @dependabot[bot]
• build(deps): bump github/codeql-action from 3.29.11 to 3.30.1 (#3859) @dependabot[bot]
• build(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 (#3860) @dependabot[bot]
• build(deps): bump astral-sh/setup-uv from 6.6.0 to 6.6.1 (#3841) @dependabot[bot]
• build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (#3852) @dependabot[bot]
• use go 1.25.0 (#3839) @mmetc

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.