What's Changed
- Coding style clang format by @jotacarma90 in #35051
- Dovecot decoders don't match correctly by @hossam1522 in #35089
- Fixing CIS 35675 and 35689 rules bug by @hossam1522 in #35088
- Improve buffer handling in regex match processing by @vikman90 in #35106
- Fix empty-message failure in Windows enrollment integration test by @hernanvalenzuela in #35078
- Use daily marker for GuardDuty log collector by @anromerom in #35110
- Fix rate limit handling for /events endpoint by @javiersanchz in #35077
- Upload Size Limit Config Mismatch - Implementation by @jnasselle in #35141
- Update embedded Python and dependencies by @javiersanchz in #35135
- Escape document id in delete bulk operations by @ignaciogalle12git in #35174
- Add length validation after decompression in ReadSecMSG by @MiguelazoDS in #35193
- Fix uncontroller memory allocation in cluster by @FrancoRivero2025 in #35173
- Limit nested JSON depth in API requests - Implementation by @jnasselle in #35224
- Fix clang-format version resolution in CI by @jotacarma90 in #35180
- Align plugin decoder arguments with existing call path by @matigarciadev in #35176
- Add groups path validation by @TomasTurina in #35230
- Fix audit log cache overflow for events with many records by @vikman90 in #35285
- Update dependencies: cryptography, requests by @javiersanchz in #35331
- Fix memory allocation for long registry paths in syscheck by @Darioortegaleyva in #35287
- Fix for rootcheck not generating findings by @jpcerrone in #35297
- Bump 4.14.6 branch by @wazuhci in #35379
- Fix coverity findings in group validation paths by @TomasTurina in #35384
- Fix active config endpoint and Integration tests by @FrancoRivero2025 in #35412
- Server integration tests flaky test by @Antoniogm03 in #35353
- Skip macOS receipts that are no longer installed by @anromerom in #35380
- Revert tag references to main after v5.0.0-beta1 by @jotacarma90 in #35447
- Improve the code to hide information when a user doesn't have permission by @FrancoRivero2025 in #35307
- Validate current user in update-user endpoint by @vikman90 in #35442
- Complete wazuh server requirements docs by @TomasTurina in #35459
- Optimize error handling geoip locator by @LucioDonda in #35187
- wazuh-engine:
/logtestendpoint cleanup temporary fields by @matigarciadev in #35420 - Add fast metrics module by @NahuFigueroa97 in #35142
- Bump 4.14.5 branch by @wazuhci in #35465
- Update changelog for v4.14.5-rc1 by @jotacarma90 in #35467
- Fix guardduty.py size in check files by @MarcelKemp in #35472
- Update uninstall procedure for Windows. by @rjcausarano in #35451
- Ms-graph - handle relationships that contain '/' by @jpcerrone in #35431
- Validate IP address format in host_ip field for Windows by @cborla in #35418
- Avoid using keyentries counter as index by @MiguelazoDS in #35456
- Linux test integration workflow improvements by @rovogel in #35060
- Enhancement/35084 improve it mac os by @rovogel in #35289
- Resume modules before manager sync to reduce coordination pause window by @lchico in #35357
- Check first scan termination before sync start by @anromerom in #35455
- Remove dead python code by @TomasTurina in #35533
- Include source IP in wazuh-remoted log messages by @20syldev in #35358
- Feed update re-scan revision by @ignaciogalle12git in #35271
- Backport: Fix FIM flaky integration tests by @Nicogp in #35535
- Migrate CM store-crud resources to native JSON flow by @jam300 in #35172
- wazuh-engine: Engine rename archiver module to event dumper by @matigarciadev in #35477
- Update inventory sync documentation by @TomasTurina in #35587
- Fix workflow input name: set-as-main → set_as_main in bumper workflow by @jotacarma90 in #35592
- Remove leftover code from deprecated Agent 0 by @fcontrerasc in #35195
- Synchronize Syscollector and VD queue databases during the flush process by @rjcausarano in #35518
- Add manager architecture documentation by @TomasTurina in #35607
- Early populate metadata after handshake by @fcontrerasc in #35387
- Fix script injection vulnerabilities in CI workflows by @jpcerrone in #35480
- (4x) Fix script injection vulnerabilities in CI workflows by @jpcerrone in #35598
- Update manager index names to sync by @juliancnn in #35527
- Suppress unexpected stateless events after SCA initial scan by @jr0me in #35432
- Dynamic getWazuhHome by @jepalfer in #35232
- Improve fast metrics interface managment and test by @NahuFigueroa97 in #35540
- Engine - Add Filter Sync by @NahuFigueroa97 in #35613
- Persist VD first-sync state in table_metadata by @anromerom in #35590
- Merge branch '4.14.5' into '4.14.6' by @jotacarma90 in #35655
- Normalize stateless check fields by @AnDumu in #35404
- Fix token validation race condition after revoke by @javiersanchz in #35218
- unify sandbox and trace into a single static parameter in policy creation by @LucioDonda in #35541
- Flush feed RocksDB memtable before marking feed ready on download completion by @Nicogp in #35639
- Remove unused SSL/TLS transport option from cluster by @vikman90 in #35648
- Fix WUA hotfix collection regression in Windows Agent v5.0.0 by @nbertoldo in #35662
- Handle stop signal during vulnerability feed download by @fcontrerasc in #35657
- Bump main branch by @wazuhci in #35699
- Revert "Merge pull request #35699 from wazuh/enhancement/wqa35624-bum… by @TomasTurina in #35700
- Emit WCS-aligned JSON for agent-start and buffer-status events by @lchico in #35671
- Support revert bump by @TomasTurina in #35660
- wazuh-engine: add retention policies for streamlog module by @matigarciadev in #35565
- Support revert bump by @jotacarma90 in #35714
- Merge 4.14.6 into main by @TomasTurina in #35705
- Fix rootcheck and security API IT by @TomasTurina in #35722
- Improve Active Response Custom Script Documentation by @nbertoldo in #35723
- Update GDPR control mappings in SCA rulesets by @Johnng007 in #35711
- Fix flaky API IT by @TomasTurina in #35724
- Fix agents API IT by @TomasTurina in #35746
- wazuh-engine: Improve graceful shutdown (fast shudown) by @juliancnn in #35585
- Remove legacy unclassified category by @jam300 in #35542
- Fix SCA YAML size drift + missing workflow path triggers by @jr0me in #35748
- Add cluster validations by @TomasTurina in #35757
- Prevent agent.host.ip from being silently dropped when agent IP is empty by @jotacarma90 in #35475
- Apply register_configure_agent.sh on reinstall after apt-get remove by @Miguevrgo in #35727
- Directory layout improvement by @jepalfer in #35622
- Improve message handling robustness in wazuh-remoted by @vikman90 in #35773
- Fix stale generated headers after clean by @jr0me in #35777
- Fix agent 5x sends trailing null byte 0 in messages by @jr0me in #35658
- Improve Python security scans - Implementation by @jnasselle in #35653
- Skip vdFirst and polling for vdSync when a feedUpdate occurs by @Antoniogm03 in #35421
- Fix SCA integration tests flakiness and deadlocks on Windows by @Darioortegaleyva in #35461
- Adapt support-new-oss template by @rafabailon in #35326
- Separate public and private APIs and split OpenAPI specs by @jam300 in #35614
- Update decoders and filters Jschemas by @NahuFigueroa97 in #35760
- engine: Improve devContainer for e2e by @juliancnn in #35775
- Improve agent name validation by @vikman90 in #35833
- Don't trigger manager checks in draft PR by @TomasTurina in #35842
- Don't trigger the agent's PR checks in drafts by @MarcelKemp in #35852
- Vulnerability scanner - CVSSV4.0 support. by @MiguelazoDS in #35759
- Change VD provider name by @jotacarma90 in #35863
- Send wodle command event in a WCS JSON compatible format. by @rjcausarano in #35703
- Validate user name in API by @TomasTurina in #35866
- OS_type field addition to db by @jepalfer in #35794
- Preserve manager files during package upgrades by @ignaciogalle12git in #35580
- Add wazuh.event.id to correlate events from a single log by @jam300 in #35840
- Add workflow_dispatch to engine unit and integration tests by @cborla in #35892
- Fix labels for dedicated arm64 runner by @AlexRuiz7 in #35920
- Add unit tests and a test tool for the Indexer-Connector Module by @LucioDonda in #35720
- wazuh-engine: Async router worker pool by @matigarciadev in #35868
- Solved the deliminer bug in enrich protocol by @NahuFigueroa97 in #35972
- Improve manual dispatch for it workflows by @Nicogp in #35971
- Enhancement/33940 implement use cases by @LucioDonda in #35970
- Prevent segfault when stopping disabled vulnerability scanner module by @vikman90 in #36011
- Graceful termination via cooperative cancellation by @jotacarma90 in #35953
- Fix Coverity findings in SCA, sync protocol, router init, and command cleanup by @fcontrerasc in #35985
- wazuh-engine: Architecture doc by @juliancnn in #36028
- Engine metrics collection, normalization and indexing by @Darioortegaleyva in #35774
- Remove selinux from manager by @Antoniogm03 in #35965
- Added new CVE5 fields by @MiguelazoDS in #36030
- Restart Wazuh service on version check by @hernanvalenzuela in #36003
- Add caller module context to indexer connector logging by @jotacarma90 in #35963
- Fix wrong value of wazuh.cluster.name field in metrics indices by @Darioortegaleyva in #36012
- Align threat fields under wazuh by @NahuFigueroa97 in #35902
- Revert the changes that preserve all configuration files when upgrading an agent by @MarcelKemp in #36050
- Add code coverage reporting to legacy unit test workflows by @Nicogp in #36047
- Update JSON property names in Wodle event by @rjcausarano in #36031
- Remove msgpack and pacman from external dependencies by @jotacarma90 in #35987
- Defer engine sync while indexer is updating by @juliancnn in #35945
- Add protection for double VDFirst scan by @TomasTurina in #36004
- Update python requirements by @TomasTurina in #35990
- Update cryptography and python multipart by @TomasTurina in #35982
- Fix string handling in version comparison function by @vikman90 in #36059
- Dependency Reduction Evidence — Debian/Ubuntu by @Miguevrgo in #36027
- Improve cluster file handling path validation in end_receiving_file by @vikman90 in #36060
- Solve agent disconnect on direct 4.13→5.0 custom WPK upgrade by @lchico in #36052
- Prevent Windows agent restart abort when service is already stopping by @cborla in #35991
- Remove /bin and /sbin from monitored directories on usrmerge distros by @Darioortegaleyva in #36058
- Fix Coverity Medium Impact Defects - Release 5.0.0 Beta 1 (Agent) by @nbertoldo in #35959
- Removal of unused dependencies by @jepalfer in #36010
- Deprecate API IT tier 2 by @TomasTurina in #36074
- Expand Windows environment variables in SCA rule inputs by @fcontrerasc in #36054
- Update wodle command arg construction for Windows paths by @anromerom in #35973
- fix: Coverity Low Impact Defects by @rovogel in #36032
- Include os_type in agent keepalive cluster sync by @jotacarma90 in #36075
- Resolve relative indexer certificate paths by @jotacarma90 in #36090
- wazuh-engine: Improve wic index deteccion by @juliancnn in #36087
- Adapted curl call for old system on wazuh-control by @juliancnn in #36094
- Remove 4_X workflows code from main by @Miguevrgo in #36044
- Update changelog for 4.14.6 by @jotacarma90 in #36110
- Merge 4.14.6 into main by @jotacarma90 in #36109
- Build binutils 2.41 in the deb-agent amd64 builder image by @jr0me in #36128
- Ensure all workflows use specific OS by @TomasTurina in #36104
- Refresh apt index before installing flex/bison for binutils 2.41 by @jr0me in #36133
- Improve json schema for optional time by @juliancnn in #36136
- Improve Unit test's readme by @jpcerrone in #36055
- Refresh deb-agent amd64 checkfiles sizes for ld 2.41 by @jr0me in #36144
- Local wazuh-manager installation by @MiguelazoDS in #36100
- Update support new OSs issue template for devOps team by @Enaraque in #36154
- Unchecked return value defects reported by coverity by @hernanvalenzuela in #36056
- Add workflow to upgrade external dependencies by @jr0me in #36048
- Upgrade external deps: curl, sqlite, xz, libarchive (DEPS_VERSION 99-29734) by @jr0me in #36152
- Honor shutdown signal in agent-upgrade StartMQ to avoid timeout by @cborla in #36141
- Add keystore and indexer connector component tests workflows by @MiguelazoDS in #36142
- DockerListener messages as log by @rovogel in #36179
- Drop orphan paths before promoting on agent startup by @jr0me in #36198
- Build windows externals inside compile_windows_agent image by @jr0me in #36206
- Make sync_end_delay interruptible to remove stale modulesd.pid by @lchico in #36240
- Restore vulnerability scanner database workflow by @jotacarma90 in #36254
- Bump main branch by @wazuhci in #36294
- Update CHANGELOG for v5.0.0 Beta 2 by @jotacarma90 in #36295
- Complete v5.0.0 Beta 2 stage bump and align spec.yaml blob URLs by @jotacarma90 in #36297
New Contributors
- @hossam1522 made their first contribution in #35089
- @20syldev made their first contribution in #35358
- @Enaraque made their first contribution in #36154
Full Changelog: v5.0.0-beta1...v5.0.0-beta2