What's Changed
General
- Update comment by @directionless in #1650
- Re-enable secure enclave keys by @James-Pickett in #1651
- Add upgradeable packages and patches tables for Zypper package manager by @Micah-Kolide in #1654
- skip secure enclave signing tests when
SKIP_SECURE_ENCLAVE_TESTSis set by @zackattack01 in #1656 - Use unique pid file for osquery per launcher run by @RebeccaMahany in #1657
- abstract bbolt from osquery extension code by @zackattack01 in #1652
- add new meddlesome processes to quarantine checkup by @zackattack01 in #1660
- Refactor runAsUser into tablehelper package by @Micah-Kolide in #1653
- Add
kolide_snap_upgradeabletable and newdata_tableexec parser by @Micah-Kolide in #1636 - add menu json checkup to flare and doctor by @James-Pickett in #1661
- add menu update change detection logs by @zackattack01 in #1664
- Ensure desktop runner shuts down within rungroup interrupt timeout, and log shutdown completion by @RebeccaMahany in #1668
- run osq runtime tests on windows by @James-Pickett in #1665
- Don't autoupdate in modern standby by @RebeccaMahany in #1669
- Include stderr in enrollment details failures so we can capture additional information on Windows by @RebeccaMahany in #1671
- set RecoveryActionsOnNonCrashFailures flag in svc_config_windows by @zackattack01 in #1670
- set up windows event logger first in main by @James-Pickett in #1672
- Upgrade golang.org/x/net to address GO-2024-2687 by @RebeccaMahany in #1673
- Small improvements to logging and flares by @directionless in #1667
- Pass system multislogger through to all launcher subcommands by @RebeccaMahany in #1674
- Do not make additional control server fetch request during control server interval update by @RebeccaMahany in #1675
- Remove incorrect use of TryLock for initial delay state in TUF autoupdater by @RebeccaMahany in #1676
- [TUF] Prevent executable from being overwritten by @RebeccaMahany in #1678
- Remove most of legacy autoupdate package by @RebeccaMahany in #1677
- Ensure file permissions are set appropriately when untarring archives during autoupdate by @RebeccaMahany in #1680
- Fix command exec's
WithUid(RunAsUser) when running as self by @Micah-Kolide in #1682 - Remove arg from flatpak command exec by @Micah-Kolide in #1684
- fix codeql allocation-size-overflow alert by @James-Pickett in #1686
- Fix panic in 1.6.4 by @directionless in #1689
- Bump go version in docker by @directionless in #1688
- Fix potential nil panics in ee/desktop/runner detected by nilaway by @RebeccaMahany in #1694
- auto load ATC config in interactive by @James-Pickett in #1685
- Wrap main and remove os.Exit calls so all deferred functions will execute by @RebeccaMahany in #1693
- Standardize how we log and handle panics by @RebeccaMahany in #1692
- dont interact with desktop client while in standby by @James-Pickett in #1700
- Skip tests legacy autoupdate tests in CI by @RebeccaMahany in #1701
- Forbid use of panic inside launcher by @RebeccaMahany in #1697
- Update TUF root.json metadata asset by @RebeccaMahany in #1704
Full Changelog: v1.6.2...v1.6.5