Version 1.0.14 is primarily oriented around debugability, but has a big change around accessing the thrift socket. As has come up many times, osquery only allows a single actions on the thrift socket at a time. This can inadvertently create race conditions when working with go routines. As the go sdk now has locks, launcher can use those to avoid socket contention.
It also has a fix for opening notification URLs on some linux X11 enviroments.
Table Changes
- Add debian important updates table by @Micah-Kolide in #1249
- Add tables for rhel and arch package managers by @Micah-Kolide in #1275
- Adjust timeout on
mdfindfrom 30 to 60 seconds by @James-Pickett in #1271 - Don't return errors for
falconctlby @directionless in #1238 - Update error message in firmware password table by @directionless in #1256
General
- Appease the linter with small, inconsequential, "security" fixes by @directionless in #1245
- Fix a couple run groups not exiting by @RebeccaMahany in #1272
- Only lock mutex while accessing auth map on runner server by @James-Pickett in #1274
- Remove superfluous logs in actor.Interrupt by @RebeccaMahany in #1273
- Replace mutex's with locking baked into the osquery-go SDK by @RebeccaMahany in #1212
- Subscribe and log power events on Windows by @RebeccaMahany in #1248
- [Autoupdater] Include arch in release file path and download file path by @RebeccaMahany in #1195
- [Autoupdater] Keep staging directory clean by @RebeccaMahany in #1270
- [Desktop] Ensure we can open links with xdg-open on x11 by @RebeccaMahany in #1252
- [Desktop] Fixed relativeTime 36-48 hours displaying as "1 days" by @seejdev in #1225
- [Desktop] add random suffix to socket by @James-Pickett in #1262
- [Desktop] expose process info in log checkpoint and in
kolide_desktop_procstable by @James-Pickett in #1240 - [Flare] Add Network checkup to
flareanddoctorby @RebeccaMahany in #1280 - [Flare] Add additional checkups to
flareanddoctorcommands by @directionless in #1261 - [Flare] Refactor
flareanddoctorby @directionless in #1255 - [Flare] Tidy Flare and Doctor by @directionless in #1260
- [Logging] Use
%v+to cast unsupported types to string by @RebeccaMahany in #1246 - [Logging] add device identifying info to the log shipper by @James-Pickett in #1242
- [Logging] ship logs to http endpoint by @James-Pickett in #1228
- [Logging] update log shipping to use
copyon arrays. And add ulid and caller to log shipper logs by @James-Pickett in #1239
Build and Package
- Add GHA hosted runners to the smoke tests by @directionless in #1279
- Add GHA smoke test step by @directionless in #1277
- Add retry logic to getting all target metadata form notary by @James-Pickett in #1278
- Bump golang version to 1.20.6 to address GO-2023-1878 by @RebeccaMahany in #1251
- Don't use hardcoded path to signtool.exe if we can help it by @RebeccaMahany in #1259
- Ensure that the root directory is 0755 by @RebeccaMahany in #1265
- Pick golang version from go.mod by @RebeccaMahany in #1254
- Replace altool with notarytool by @RebeccaMahany in #1258
- Set
MACOSX_DEPLOYMENT_TARGETon builds by @directionless in #1282 - Update
osquery-goto include trace instrumentation by @RebeccaMahany in #1244 - Updating to a new version of signtool by @RebeccaMahany in #1253
Full Changelog: v1.0.12...v1.0.14