mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
2dfb260850
199 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Martin Angers
|
2dfb260850
|
Move nanodep dependency in monorepo (#16984) | ||
Jahziel Villasana-Espinoza
|
272ce3187f
|
feat: move scep dependency inside the monorepo (#16988)
Following the pattern set up by Martin and Lucas for similar PRs. Can be reviewed by commits: 1. move scep directory into monorepo 2. update import paths 3. update go.mod, go.sum 4. fix golint errors in scep package 5. skip a failing test that's been broken for a while 6. fix that failing test # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Manual QA for all new/changed functionality Also verified that our test suite runs the `scep` tests. |
||
Lucas Manuel Rodriguez
|
6ea8f49f22
|
Replace fasthttp with Go's stdlib (reduces memory footprint) (#16922)
#16423 - To reduce memory footprint I'm replacing fasthttp with Go's stdlib http package: - To reduce CPU usage while Fleet is down am adding a connection check before sending logs (otherwise osquery-perf spends a lot of CPU marshaling JSON). With fasthttp (memory start growing when I bring Fleet down, because it starts to buffer logs):  With golang (memory start growing when I bring Fleet down, because it starts to buffer logs):  |
||
|
Lucas Manuel Rodriguez
|
ea25ce4e9e
|
Fix Fleet Desktop bugs on Windows (#16402)
#15821
This PR is adding two improvements and fixing two Windows bugs in Fleet
Desktop:
## Improvement
- We are now capturing the stderr of Fleet Desktop. This helped me find
bug (1) below (otherwise the panic output below was hidden from us).
- To reduce complexity I'm removing the "Theme detection" routine
because we made the decision to use the colored icon for both themes...,
see here:
|
||
Victor Lyuboslavsky
|
ab4c505f4b
|
Enroll secret in macOS keychain and Windows Credential Manager (#16068)
#13832 For macOS hosts, fleetd now stores and retrieves enroll secret from macOS keychain. - this feature must use the official signed and notarized version of fleetd - for contributors, this feature can disabled with either: - fleetctl package flag: --disable-keystore - fleetd runtime flag: --disable-keystore This feature does not cover the MDM usecase where enroll secret is stored in the MDM profile. This usecase will hopefully be worked on next sprint with the MDM team. For Windows hosts, fleetd now stores and retrieves enroll secret from Windows Credential Manager. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |
||
|
Martin Angers
|
fc3304c902
|
Move nanomdm dependency in monorepo (#16015)
#15557 Following the precedent that Lucas used for other similar PRs, the best way to review is probably by commits. * The first one simply copies over the files from the fork to the monorepo * Second one adjusts all import paths * Third one tidies up the `go.mod` files * Last one fixes the linter issues in the nanomdm package # Checklist for submitter - ~~Changes file added for user-visible changes in `changes/` or `orbit/changes/`.~~ (not a user-visible change) - [x] Manual QA for all new/changed functionality (ran test suite, re-generated mocks) I also verified that our Go test suite did run the newly moved `nanomdm` package steps: ``` ok github.com/fleetdm/fleet/v4/server/mdm/nanomdm/cryptoutil 0.003s coverage: 0.0% of statements in github.com/fleetdm/fleet/v4/... ok github.com/fleetdm/fleet/v4/server/mdm/nanomdm/mdm 0.005s coverage: 46.2% of statements in github.com/fleetdm/fleet/v4/... ok github.com/fleetdm/fleet/v4/server/mdm/nanomdm/service/certauth 1.320s coverage: 20.7% of statements in github.com/fleetdm/fleet/v4/... ok github.com/fleetdm/fleet/v4/server/mdm/nanomdm/storage/file 0.007s coverage: 24.1% of statements in github.com/fleetdm/fleet/v4/... ``` |
||
|
Jahziel Villasana-Espinoza
|
e3ae0b34cc
|
chore: update go.mod to pull latest scep changes (#16044)
> 📜 Related issue: #15635 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality Tests were added in the scep repo: https://github.com/fleetdm/scep/pull/1 |
||
dependabot[bot]
|
01afa82eea
|
Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#15950)
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.3.3 to 1.3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/circl/releases">github.com/cloudflare/circl's releases</a>.</em></p> <blockquote> <h2>CIRCL v1.3.7</h2> <h3>What's Changed</h3> <ul> <li>build(deps): bump golang.org/x/crypto from 0.3.1-0.20221117191849-2c476679df9a to 0.17.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/467">cloudflare/circl#467</a></li> <li>kyber: remove division by q in ciphertext compression by <a href="https://github.com/bwesterb"><code>@bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/468">cloudflare/circl#468</a></li> <li>Releasing CIRCL v1.3.7 by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/469">cloudflare/circl#469</a></li> </ul> <h3>New Contributors</h3> <ul> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/467">cloudflare/circl#467</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/cloudflare/circl/compare/v1.3.6...v1.3.7">https://github.com/cloudflare/circl/compare/v1.3.6...v1.3.7</a></p> <h2>CIRCL v1.3.6</h2> <h3>What's Changed</h3> <ul> <li>internal: add TurboShake{128,256} by <a href="https://github.com/bwesterb"><code>@bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/430">cloudflare/circl#430</a></li> <li>Kangaroo12 draft -10 by <a href="https://github.com/bwesterb"><code>@bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/431">cloudflare/circl#431</a></li> <li>Add K12 as XOF by <a href="https://github.com/bwesterb"><code>@bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/437">cloudflare/circl#437</a></li> <li>xof/k12: Fix a typo in the package documentation by <a href="https://github.com/cjpatton"><code>@cjpatton</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/438">cloudflare/circl#438</a></li> <li>Set CIRCL version for generated assembler code. by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/440">cloudflare/circl#440</a></li> <li>Add tkn20 benchmarks by <a href="https://github.com/tanyav2"><code>@tanyav2</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/442">cloudflare/circl#442</a></li> <li>Add partially blind RSA implementation by <a href="https://github.com/chris-wood"><code>@chris-wood</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/445">cloudflare/circl#445</a></li> <li>Update doc.go by <a href="https://github.com/nadimkobeissi"><code>@nadimkobeissi</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/447">cloudflare/circl#447</a></li> <li>tss/rsa: key generation for threshold RSA (safe primes) by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/450">cloudflare/circl#450</a></li> <li>Bumping Go version for CI jobs. by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/457">cloudflare/circl#457</a></li> <li>Spelling by <a href="https://github.com/jsoref"><code>@jsoref</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/456">cloudflare/circl#456</a></li> <li>blindrsa: updating blindrsa to be compliant with RFC9474 by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/464">cloudflare/circl#464</a></li> <li>Releasing CIRCL v1.3.6 by <a href="https://github.com/armfazh"><code>@armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/465">cloudflare/circl#465</a></li> </ul> <h3>New Contributors</h3> <ul> <li><a href="https://github.com/nadimkobeissi"><code>@nadimkobeissi</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/447">cloudflare/circl#447</a></li> <li><a href="https://github.com/jsoref"><code>@jsoref</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/456">cloudflare/circl#456</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.6">https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.6</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Lucas Manuel Rodriguez
|
417f45fc61
|
Move external dependency fleetdm/kolide-kit to monorepo (#15861)
#15556 We will need to pay attention when releasing fleet (the github actions were modified to use the local file now). Should be reviewed by commits (first commit is the actual adding of the `version.go` file) - [X] Manual QA for all new/changed functionality Manually tested the following: - `Settings -> My account` on the UI and checked the `/version` endpoint response. (Or also visiting https://localhost:8080/version on a browser). - Ran `make fleetctl fleet`, `./build/fleetctl --version` and `./build/fleet version`. |
||
|
Lucas Manuel Rodriguez
|
38b8c9cc58
|
Move external dependency goose to monorepo (#15859)
#15555 Probably the best way to review this is commit by commit: - First commit does the actual moving. - Second commit fixes golangci-lint issues (in the least effort way to avoid refactoring or rearrangement of some of the code). - Third commit moves a printf to before the migration step is executed. In the past some customers hitting migration issues (like migration steps hanging or taking long to execute) and wanted to know which one was it. The only way to know was to look at the repository and looking for the next migration after the last one logged. Checks: - [X] Manual QA for all new/changed functionality Manual tests: - `make fleet && make db-reset`. - Adding a new migration via `make migration name=Foobar` and then running `./build/fleet prepare db`. - Enrolling a new device to Fleet (smoke test). |
||
|
dependabot[bot]
|
ac8bcea518
|
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841)
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
6806f1b3a2
|
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#15741)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Sarah Gillespie
|
b660715e56
|
Add database migrations to support software titles feature (#15401)
Issue #15222 |
||
|
Jahziel Villasana-Espinoza
|
5131879292
|
feat: remove file if it exists before creating new one (#15186)
# Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality |
||
|
Victor Lyuboslavsky
|
eada583ff1
|
Updating CPE generator to use new NVD API. (#15018)
Loom explaining changes (hit 5 min limit):
https://www.loom.com/share/e59b63bf638e4d9cad7984ef589b878d?sid=111fff75-115a-4a44-ae4f-6f25fede0d51
#14887
- [x] Need to merge fleetdm/nvd PR
https://github.com/fleetdm/nvd/pull/25 before this one.
# Checklist for submitter
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- Manually tested (with corresponding fleetdm/fleet changes) in my
personal fork: https://github.com/getvictor/nvd/releases
# QA Plan (must be done before merging this PR, and after merging the
nvd PR)
- [ ] Fork https://github.com/fleetdm/nvd and point `generate.yml` to
this branch.
[example](
|
||
|
Lucas Manuel Rodriguez
|
4cf682d78f
|
Downgrade osquery-go due to panics in Shutdown and add more logging (#15017)
#15022 The issue in the package is being fixed here https://github.com/osquery/osquery-go/pull/117 But to not block on that we will downgrade the osquery-go version we use. - ~[ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information.~ - ~[ ] Documented any permissions changes (docs/Using Fleet/manage-access.md)~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [ ] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |
||
|
dependabot[bot]
|
fa566dbf96
|
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.40.0 to 0.44.0 (#14588)
Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.40.0 to 0.44.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/releases">go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux's releases</a>.</em></p> <blockquote> <h2>Release v1.20.0/v0.45.0/v0.14.0</h2> <h3>Added</h3> <ul> <li>Set the description for the <code>rpc.server.duration</code> metric in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4302">#4302</a>)</li> <li>Add <code>NewServerHandler</code> and <code>NewClientHandler</code> that return a <code>grpc.StatsHandler</code> used for gRPC instrumentation in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3002">#3002</a>)</li> <li>Add new Prometheus bridge module in <code>go.opentelemetry.io/contrib/bridges/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4227">#4227</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade dependencies of OpenTelemetry Go to use the new <a href="https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0"><code>v1.19.0</code>/<code>v0.42.0</code>/<code>v0.0.7</code> release</a>.</li> <li>Use <code>grpc.StatsHandler</code> for gRPC instrumentation in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/example</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4325">#4325</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/puckpuck"><code>@puckpuck</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4302">open-telemetry/opentelemetry-go-contrib#4302</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.19.0...v1.20.0">https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.19.0...v1.20.0</a></p> <h2>Release v1.19.0/v0.44.0/v0.13.0</h2> <h3>Added</h3> <ul> <li>Add <code>gcp.gce.instance.name</code> and <code>gcp.gce.instance.hostname</code> resource attributes to <code>go.opentelemetry.io/contrib/detectors/gcp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4263">#4263</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ec2</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ecs</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/eks</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/lambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>) <ul> <li>The <code>faas.execution</code> attribute is now <code>faas.invocation_id</code>.</li> <li>The <code>faas.id</code> attribute is now <code>aws.lambda.invoked_arn</code>.</li> </ul> </li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The <code>http.request.method</code> attribute will only allow known HTTP methods from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> </ul> <h3>Removed</h3> <ul> <li>The high cardinality attributes <code>net.sock.peer.addr</code>, <code>net.sock.peer.port</code>, <code>http.user_agent</code>, <code>enduser.id</code>, and <code>http.client_ip</code> were removed from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/utsushiiro"><code>@utsushiiro</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4260">open-telemetry/opentelemetry-go-contrib#4260</a></li> <li><a href="https://github.com/RangelReale"><code>@RangelReale</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4230">open-telemetry/opentelemetry-go-contrib#4230</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.18.0...v1.19.0">https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.18.0...v1.19.0</a></p> <h2>Release v1.18.0/v0.43.0/v0.12.0</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md">go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux's changelog</a>.</em></p> <blockquote> <h2>[1.19.0/0.44.0/0.13.0] - 2023-09-12</h2> <h3>Added</h3> <ul> <li>Add <code>gcp.gce.instance.name</code> and <code>gcp.gce.instance.hostname</code> resource attributes to <code>go.opentelemetry.io/contrib/detectors/gcp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4263">#4263</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ec2</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ecs</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/eks</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/lambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>) <ul> <li>The <code>faas.execution</code> attribute is now <code>faas.invocation_id</code>.</li> <li>The <code>faas.id</code> attribute is now <code>aws.lambda.invoked_arn</code>.</li> </ul> </li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The <code>http.request.method</code> attribute will only allow known HTTP methods from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> </ul> <h3>Removed</h3> <ul> <li>The high cardinality attributes <code>net.sock.peer.addr</code>, <code>net.sock.peer.port</code>, <code>http.user_agent</code>, <code>enduser.id</code>, and <code>http.client_ip</code> were removed from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> </ul> <h2>[1.18.0/0.43.0/0.12.0] - 2023-08-28</h2> <h3>Added</h3> <ul> <li>Add <code>NewMiddleware</code> function in <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/2964">#2964</a>)</li> <li>The <code>go.opentelemetry.io/contrib/exporters/autoexport</code> package to provide configuration of trace exporters with useful defaults and environment variable support. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/2753">#2753</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4100">#4100</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4130">#4130</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4132">#4132</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4134">#4134</a>)</li> <li><code>WithRouteTag</code> in <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code> adds HTTP route attribute to metrics. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/615">#615</a>)</li> <li>Add <code>WithSpanOptions</code> option in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3768">#3768</a>)</li> <li>Add testing support for Go 1.21. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4233">#4233</a>)</li> <li>Add <code>WithFilter</code> option to <code>go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4230">#4230</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Change interceptors in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code> to disable <code>SENT</code>/<code>RECEIVED</code> events. Use <code>WithMessageEvents()</code> to turn back on. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3964">#3964</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>go.opentelemetry.io/contrib/detectors/gcp</code>: Detect <code>faas.instance</code> instead of <code>faas.id</code>, since <code>faas.id</code> is being removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4198">#4198</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>AWS XRay Remote Sampling to cap <code>quotaBalance</code> to 1x quota in <code>go.opentelemetry.io/contrib/samplers/aws/xray</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3651">#3651</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3652">#3652</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Martin Angers
|
f42f4d48af
|
Implement the database migrations for the Windows profiles story. (#14973) | ||
George Karr
|
51772873bc
|
Update to latest gon with notarytool until we find a better solution (#14918)
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com> |
||
|
George Karr
|
970854e078
|
Switching systray dependency to one without glibc requirements (#14197) | ||
Sharon Katz
|
ab7717009e
|
Add Kolide osquery tables | ||
|
dependabot[bot]
|
8659155c98
|
Bump github.com/docker/docker from 23.0.4+incompatible to 24.0.7+incompatible (#14795)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.4+incompatible to 24.0.7+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v24.0.7</h2> <h2>24.0.7</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.7">docker/cli, 24.0.7 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.7">moby/moby, 24.0.7 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Write overlay2 layer metadata atomically. <a href="https://redirect.github.com/moby/moby/pull/46703">moby/moby#46703</a></li> <li>Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. <a href="https://redirect.github.com/moby/moby/pull/46626">moby/moby#46626</a></li> <li>Fix <code>dockerd-rootless-setuptools.sh</code> when username contains a backslash. <a href="https://redirect.github.com/moby/moby/pull/46407">moby/moby#46407</a></li> <li>Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when <code>dockerd --bridge=none</code> is used. <a href="https://redirect.github.com/moby/moby/pull/46702">moby/moby#46702</a></li> <li>Fix a bug where cancelling an API request could interrupt container restart. <a href="https://redirect.github.com/moby/moby/pull/46697">moby/moby#46697</a></li> <li>Fix an issue where containers would fail to start when providing <code>--ip-range</code> with a range larger than the subnet. <a href="https://redirect.github.com/docker/for-mac/issues/6870">docker/for-mac#6870</a></li> <li>Fix data corruption with zstd output. <a href="https://redirect.github.com/moby/moby/pull/46709">moby/moby#46709</a></li> <li>Fix the conditions under which the container's MAC address is applied. <a href="https://redirect.github.com/moby/moby/pull/46478">moby/moby#46478</a></li> <li>Improve the performance of the stats collector. <a href="https://redirect.github.com/moby/moby/pull/46448">moby/moby#46448</a></li> <li>Fix an issue with source policy rules ending up in the wrong order. <a href="https://redirect.github.com/moby/moby/pull/46441">moby/moby#46441</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Add support for Fedora 39 and Ubuntu 23.10. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/940">docker/docker-ce-packaging#940</a>, <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/955">docker/docker-ce-packaging#955</a></li> <li>Fix <code>docker.socket</code> not getting disabled when uninstalling the <code>docker-ce</code> RPM package. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/852">docker/docker-ce-packaging#852</a></li> <li>Upgrade Go to <code>go1.20.10</code>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/951">docker/docker-ce-packaging#951</a></li> <li>Upgrade containerd to <code>v1.7.6</code> (static binaries only). <a href="https://redirect.github.com/moby/moby/pull/46103">moby/moby#46103</a></li> <li>Upgrade the <code>containerd.io</code> package to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.24"><code>v1.6.24</code></a>.</li> </ul> <h3>Security</h3> <ul> <li>Deny containers access to <code>/sys/devices/virtual/powercap</code> by default. This change hardens against <a href="https://scout.docker.com/v/CVE-2020-8694">CVE-2020-8694</a>, <a href="https://scout.docker.com/v/CVE-2020-8695">CVE-2020-8695</a>, and <a href="https://scout.docker.com/v/CVE-2020-12912">CVE-2020-12912</a>, and an attack known as <a href="https://platypusattack.com/">the PLATYPUS attack</a>. For more details, see <a href="https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p">advisory</a>, <a href=" |
||
|
Lucas Manuel Rodriguez
|
512699614d
|
Update facebookincubator/nvdtools package to fix false positive (#14798)
#14543
Python's certifi package is ingested with the following version string:
`2023.7.22`.
The NVD dataset uses the following versioning: `2023.07.22`.
This PR updates the nvdtools package.
This is the fix in nvdtools that fixes this exact false positive:
|
||
Marcos Oviedo
|
f0d77ab3db
|
Merging Bitlocker feature branch (#14350)
This relates to #12577 --------- Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Roberto Dip <dip.jesusr@gmail.com> |
||
Roberto Dip
|
ea6b59f179
|
upgrade Go version to 1.21.1 (#13877)
For #13715, this: - Upgrades the Go version to `1.21.1`, infrastructure changes are addressed separately at https://github.com/fleetdm/fleet/pull/13878 - Upgrades the linter version, as the current version doesn't work well after the Go upgrade - Fixes new linting errors (we now get errors for memory aliasing in loops! 🎉 ) After this is merged people will need to: 1. Update their Go version. I use `gvm` and I did it like: ``` $ gvm install go1.21.1 $ gvm use go1.21.1 --default ``` 2. Update the local version of `golangci-lint`: ``` $ go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.54.2 ``` 3. (optional) depending on your setup, you might need to re-install some packages, for example: ``` # goimports to automatically import libraries $ go install golang.org/x/tools/cmd/goimports@latest # gopls for the language server $ go install golang.org/x/tools/gopls@latest # etc... ``` |
||
|
Martin Angers
|
7b0a0fbe5e
|
DB migrations for saved scripts (#13765) | ||
|
gillespi314
|
37fb4b0dab
|
Add fleetctl run-script command (#13622)
|
||
|
gillespi314
|
e08bb000c9
|
Update nanomdm dependency (#12721)
Updates include: - Fix issues where `GetBootstrapToken` returned `500` instead of no data and no error per Apple MDM [documentation](https://developer.apple.com/documentation/devicemanagement/get_bootstrap_token) - Incorporate additional updates from the upstream nanomdm repo |
||
|
Roberto Dip
|
19a5ae6465
|
update macadmins/osquery-extension to v0.0.15 (#13371)
changelog for the version bump can be found here: https://github.com/macadmins/osquery-extension/releases/tag/v0.0.15 related to #13158 as this fixes a bug in the extension causing `profiles show --type enrollment` to be run almost every time we queried something from the `mdm` table. I couldn't find any new tables. Other than that, some dependencies were updated on their repo as well, most notably `osquery/osquery-go` |
||
|
Martin Angers
|
6f77911ffe
|
Fix performance regression found in load testing (#12981) | ||
|
gillespi314
|
410cbc3972
|
Add certificate management for Microsoft MDM (WSTEP) (#12543)
Issue #12261 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |
||
|
dependabot[bot]
|
349149ef6a
|
Bump github.com/aws/aws-sdk-go from 1.43.16 to 1.44.288 (#12466)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.16 to 1.44.288. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-go/releases">github.com/aws/aws-sdk-go's releases</a>.</em></p> <blockquote> <h1>Release v1.44.288 (2023-06-22)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/chime-sdk-identity</code>: Updates service API and documentation</li> <li><code>service/chime-sdk-messaging</code>: Updates service API and documentation</li> <li><code>service/kendra</code>: Updates service API and documentation <ul> <li>Introducing Amazon Kendra Retrieve API that can be used to retrieve relevant passages or text excerpts given an input query.</li> </ul> </li> <li><code>service/states</code>: Updates service API and documentation <ul> <li>Adds support for Versions and Aliases. Adds 8 operations: PublishStateMachineVersion, DeleteStateMachineVersion, ListStateMachineVersions, CreateStateMachineAlias, DescribeStateMachineAlias, UpdateStateMachineAlias, DeleteStateMachineAlias, ListStateMachineAliases</li> </ul> </li> </ul> <h1>Release v1.44.287 (2023-06-21)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/dynamodb</code>: Updates service API, documentation, waiters, paginators, and examples <ul> <li>Documentation updates for DynamoDB</li> </ul> </li> <li><code>service/elasticmapreduce</code>: Updates service API, documentation, and paginators <ul> <li>This release introduces a new Amazon EMR EPI called ListSupportedInstanceTypes that returns a list of all instance types supported by a given EMR release.</li> </ul> </li> <li><code>service/inspector2</code>: Updates service API and documentation</li> <li><code>service/mediaconvert</code>: Updates service API and documentation <ul> <li>This release introduces the bandwidth reduction filter for the HEVC encoder, increases the limits of outputs per job, and updates support for the Nagra SDK to version 1.14.7.</li> </ul> </li> <li><code>service/mq</code>: Updates service API and documentation <ul> <li>The Cross Region Disaster Recovery feature allows to replicate a brokers state from one region to another in order to provide customers with multi-region resiliency in the event of a regional outage.</li> </ul> </li> <li><code>service/sagemaker</code>: Updates service API and documentation <ul> <li>This release provides support in SageMaker for output files in training jobs to be uploaded without compression and enable customer to deploy uncompressed model from S3 to real-time inference Endpoints. In addition, ml.trn1n.32xlarge is added to supported instance type list in training job.</li> </ul> </li> <li><code>service/transfer</code>: Updates service API and documentation <ul> <li>This release adds a new parameter StructuredLogDestinations to CreateServer, UpdateServer APIs.</li> </ul> </li> </ul> <h1>Release v1.44.286 (2023-06-20)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/appflow</code>: Updates service API and documentation</li> <li><code>service/config</code>: Updates service API</li> <li><code>service/ec2</code>: Updates service API and documentation <ul> <li>Adds support for targeting Dedicated Host allocations by assetIds in AWS Outposts</li> </ul> </li> <li><code>service/lambda</code>: Updates service API and documentation <ul> <li>This release adds RecursiveInvocationException to the Invoke API and InvokeWithResponseStream API.</li> </ul> </li> <li><code>service/redshift</code>: Updates service API, documentation, and paginators <ul> <li>Added support for custom domain names for Redshift Provisioned clusters. This feature enables customers to create a custom domain name and use ACM to generate fully secure connections to it.</li> </ul> </li> </ul> <h1>Release v1.44.285 (2023-06-19)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/cloudformation</code>: Updates service API and documentation <ul> <li>Specify desired CloudFormation behavior in the event of ChangeSet execution failure using the CreateChangeSet OnStackFailure parameter</li> </ul> </li> <li><code>service/ec2</code>: Updates service API, documentation, and examples <ul> <li>API changes to AWS Verified Access to include data from trust providers in logs</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
gillespi314
|
e2243d24bf
|
Insert "verified" to mdm_apple_delivery_status table (#12033)
|
||
|
Lucas Manuel Rodriguez
|
6de555a181
|
Update sockjs-go package to v3.0.2 (#11884)
In #10957, a customer attempted to run a live query on ~60k devices. We saw that Fleet receives all results from the devices, but stops sending them to the browser. We believe this _might_ be a deadlock (we couldn't confirm this because of lack of access to the Fleet instance itself). We haven't fully confirmed this to be the reason of the hang/missing-results, but it's worth updating because it [fixes a possible deadlock in the package](https://github.com/igm/sockjs-go/releases/tag/v3.0.2). The remaining changes are the result of running `go mod tidy`. - ~[ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information.~ - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~ |
||
Juan Fernandez
|
827c4a7c33
|
Feature 8058: Added resource.syso metadata file (#10783)
Addresses https://github.com/fleetdm/fleet/issues/8058, https://github.com/fleetdm/fleet/issues/11012 and https://github.com/fleetdm/fleet/issues/11013 This PR adds a new VERSIONINFO metadata file using the https://github.com/josephspurrier/goversioninfo library. |
||
Zach Wasserman
|
3f0111964f
|
Add macos_rsr table from macadmins extension (#11537)
# Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). --------- Co-authored-by: Roberto Dip <me@roperzh.com> Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> |
||
|
Martin Angers
|
b3993ebda4
|
Allow "not_before" timestamp for worker jobs, schedule more quickly (#11512) | ||
Zachary Winnerman
|
2ec19979c2
|
APM Improvements (#11103)
# Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |
||
|
dependabot[bot]
|
23a2964eef
|
Bump github.com/docker/docker from 20.10.23+incompatible to 23.0.4+incompatible (#11259)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.23+incompatible to 23.0.4+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v23.0.4</h2> <h2>23.0.4</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/milestone/77?closed=1">docker/cli, 23.0.4 milestone</a></li> <li><a href="https://github.com/moby/moby/milestone/117?closed=1">moby/moby, 23.0.4 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Fix a performance regression in Docker CLI 23.0.0 <a href="https://redirect.github.com/docker/cli/pull/4141">docker/cli#4141</a>.</li> <li>Fix progress indicator on <code>docker cp</code> not functioning as intended <a href="https://redirect.github.com/docker/cli/pull/4157">docker/cli#4157</a>.</li> <li>Fix shell completion for <code>docker compose --file</code> <a href="https://redirect.github.com/docker/cli/pull/4177">docker/cli#4177</a>.</li> <li>Fix an error caused by incorrect handling of "default-address-pools" in <code>daemon.json</code> <a href="https://redirect.github.com/moby/moby/pull/45246">moby/moby#45246</a>.</li> </ul> <h3>Packaging Updates</h3> <ul> <li>Fix missing packages for CentOS 9 Stream.</li> <li>Upgrade Go to <code>1.19.8</code>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/878">docker/docker-ce-packaging#878</a>, <a href="https://redirect.github.com/docker/cli/pull/4164">docker/cli#4164</a>, <a href="https://redirect.github.com/moby/moby/pull/45277">moby/moby#45277</a>, which contains fixes for <a href="https://github.com/advisories/GHSA-fp86-2355-v99r">CVE-2023-24537</a>, <a href="https://github.com/advisories/GHSA-v4m2-x4rp-hv22">CVE-2023-24538</a>, <a href="https://github.com/advisories/GHSA-8v5j-pwr7-w5f8">CVE-2023-24534</a>, and <a href="https://github.com/advisories/GHSA-9f7g-gqwh-jpf5">CVE-2023-24536</a></li> </ul> <h2>v23.0.3</h2> <h2>23.0.3</h2> <blockquote> <p><strong>Note</strong></p> <p>Due to an issue with CentOS 9 Stream's package repositories, packages for CentOS 9 are currently unavailable. Packages for CentOS 9 may be added later, or as part of the next (23.0.4) patch release.</p> </blockquote> <h3>Bug fixes and enhancements</h3> <ul> <li>Fixed a number of issues that can cause Swarm encrypted overlay networks to fail to uphold their guarantees, addressing <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841">CVE-2023-28841</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28840">CVE-2023-28840</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28842">CVE-2023-28842</a>. <ul> <li>A lack of kernel support for encrypted overlay networks now reports as an error.</li> <li>Encrypted overlay networks are eagerly set up, rather than waiting for multiple nodes to attach.</li> <li>Encrypted overlay networks are now usable on Red Hat Enterprise Linux 9 through the use of the <code>xt_bpf</code> kernel module.</li> <li>Users of Swarm overlay networks should review <a href="https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw">GHSA-vwm3-crmr-xfxw</a> to ensure that unintentional exposure has not occurred.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zachary Winnerman
|
b43aa3a911
|
Upgtade opentelemetry dependancies (#10950)
``` go get -u go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux go.opentelemetry.io/otel go.opentelemetry.io/otel/exporters/otlp/otlptrace go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc go.opentelemetry.io/otel/sdk; go mod tidy ``` # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |
||
|
Zach Wasserman
|
9246a2e61a
|
Downgrade Docker client version (#10570)
A recent dependabot PR (#9792) upgraded the Docker library, resulting in errors running some tests: ``` FLEET_VERSION_A=v4.28.0 FLEET_VERSION_B=main go test ./test/upgrade *[main] go: downloading github.com/stretchr/testify v1.8.2 --- FAIL: TestUpgradeAToB (34.73s) fleet_test.go:71: start fleet: Error response from daemon: client version 1.42 is too new. Maximum supported API version is 1.41 ``` Even after upgrading Docker Desktop to the latest, this error still persisted. It seems that Docker released a version of the client that is newer than the latest version of the server. Reverting to a supported client version. |
||
|
gillespi314
|
2ddf377c73
|
Treat MDM profile not found error as if profile was successfully removed (#10579) | ||
|
Roberto Dip
|
305392e7bb
|
enforce an uniform collation for all tables (#10515)
related to #10441, inspired by the prior work done in https://github.com/kolide/fleet/pull/1360, this PR: 1. Adds a migration to use `utf8mb4_general_ci` as the default collation for the database and all the tables. From [MySQL's documentation][1]: > To change the table default character set and all character columns > (CHAR, VARCHAR, TEXT) to a new character set, use a statement like > this: > > ``` > ALTER TABLE tbl_name CONVERT TO CHARACTER SET charset_name; > ``` > The statement also changes the collation of all character columns. If > you specify no COLLATE clause to indicate which collation to use, the > statement uses default collation for the character set. 2. Changes the connection settings to use `utf8mb4_general_ci` as the default collation, from the [driver docs][2]: > Sets the collation used for client-server interaction on connection. In contrast to charset, collation does not issue additional queries. If the specified collation is unavailable on the target server, the connection will fail. [1]: https://dev.mysql.com/doc/refman/5.7/en/alter-table.html [2]: https://github.com/go-sql-driver/mysql **TODO:** discuss how we can enforce this, is setting the database default collation enough? should we add some kind of custom lint rule to all migrations? # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality |
||
|
gillespi314
|
c838395c44
|
Add profile name to host mdm apple profiles (#10455) | ||
|
dependabot[bot]
|
f3ed6f3037
|
Bump github.com/kevinburke/go-bindata from 3.22.0+incompatible to 3.24.0+incompatible (#10186)
Bumps [github.com/kevinburke/go-bindata](https://github.com/kevinburke/go-bindata) from 3.22.0+incompatible to 3.24.0+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kevinburke/go-bindata/releases">github.com/kevinburke/go-bindata's releases</a>.</em></p> <blockquote> <p>v3.24.0</p> <p>v3.23.0</p> <p>test</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kevinburke/go-bindata/blob/master/CHANGELOG.md">github.com/kevinburke/go-bindata's changelog</a>.</em></p> <blockquote> <h2>3.24.0</h2> <p>Remove uses of io/ioutil; you must use Go 1.18 or higher with this version of go-bindata and its generated asset files.</p> <p>Update generated doc comments for compatibility with Go's updated doc comment guidelines.</p> <h2>3.21.0</h2> <p>Replace "Debug" with "AssetDebug" to reduce the likelihood of conflicts.</p> <h2>3.20.0</h2> <p>Add the "Debug" constant if assets have been generated using the <code>--debug</code> flag at the command line.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e28288a618
|
Bump github.com/go-kit/log from 0.2.0 to 0.2.1 (#10187)
Bumps [github.com/go-kit/log](https://github.com/go-kit/log) from 0.2.0 to 0.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-kit/log/releases">github.com/go-kit/log's releases</a>.</em></p> <blockquote> <h2>v0.2.1</h2> <p>This release fixes a few small bugs and adds <code>level.Parse</code> which allows levels to be set by a string input from e.g. flags or environment variables. Thanks, <a href="https://github.com/mcosta74"><code>@mcosta74</code></a>!</p> <h2>What's Changed</h2> <ul> <li>fix safeError & safeString for json format by <a href="https://github.com/dwiyanr"><code>@dwiyanr</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/20">go-kit/log#20</a></li> <li>Update CI and add badges to README by <a href="https://github.com/ChrisHines"><code>@ChrisHines</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/21">go-kit/log#21</a></li> <li>Allow to configure allowed levels by string value by <a href="https://github.com/mcosta74"><code>@mcosta74</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/22">go-kit/log#22</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dwiyanr"><code>@dwiyanr</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/20">go-kit/log#20</a></li> <li><a href="https://github.com/mcosta74"><code>@mcosta74</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/22">go-kit/log#22</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-kit/log/compare/v0.2.0...v0.2.1">https://github.com/go-kit/log/compare/v0.2.0...v0.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
85a665aa6b
|
Bump golang.org/x/net from 0.5.0 to 0.7.0 (#9941)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to 0.7.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
145f143dde
|
Bump github.com/getsentry/sentry-go from 0.12.0 to 0.18.0 (#9793)
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.12.0 to 0.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/releases">github.com/getsentry/sentry-go's releases</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( "go.opentelemetry.io/otel" sdktrace "go.opentelemetry.io/otel/sdk/trace" "github.com/getsentry/sentry-go" "github.com/getsentry/sentry-go/otel" // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: "<strong>DSN</strong>", EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md">github.com/getsentry/sentry-go's changelog</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( "go.opentelemetry.io/otel" sdktrace "go.opentelemetry.io/otel/sdk/trace" "github.com/getsentry/sentry-go" "github.com/getsentry/sentry-go/otel" // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: "<strong>DSN</strong>", EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9192d5ce91
|
Bump github.com/docker/docker from 20.10.17+incompatible to 23.0.1+incompatible (#9792)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.17+incompatible to 23.0.1+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v23.0.1</h2> <h2>23.0.1</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/milestone/73?closed=1">docker/cli, 23.0.1 milestone</a></li> <li><a href="https://github.com/moby/moby/milestone/113?closed=1">moby/moby, 23.0.1 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Fix containers not starting if the kernel has AppArmor enabled, but <code>apparmor_parser</code> is not available. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44942">moby/moby#44942</a></li> <li>Fix BuildKit-enabled builds with inline caching causing the daemon to crash. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44944">moby/moby#44944</a></li> <li>Fix BuildKit improperly loading cached layers created by previous versions. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44959">moby/moby#44959</a></li> <li>Fix an issue where <code>ipvlan</code> networks created prior to upgrading would prevent the daemon from starting. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44937">moby/moby#44937</a></li> <li>Fix the <code>overlay2</code> storage driver failing early in <code>metacopy</code> testing when initialized on an unsupported backing filesystem. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44922">moby/moby#44922</a></li> <li>Fix <code>exec</code> exit events being misinterpreted as container exits under some runtimes, such as Kata Containers. <a href="https://github-redirect.dependabot.com/moby/moby/pull/44892">moby/moby#44892</a></li> <li>Improve the error message returned by the CLI when recieving a truncated JSON response caused by the API hanging up mid-request. <a href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li> <li>Fix an incorrect CLI exit code when attempting to execute a directory with a <code>runc</code> compiled using Go 1.20. <a href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li> <li>Fix mishandling the size argument to <code>--device-write-bps</code> as a path. <a href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li> </ul> <h3>Packaging</h3> <ul> <li>Add <code>/etc/docker</code> to RPM and DEB packaging. <a href="https://github-redirect.dependabot.com/docker/docker-ce-packaging/pull/842">docker/docker-ce-packaging#842</a> <ul> <li>Not all use cases will benefit; if you depend on this, you should explicitly <code>mkdir -p /etc/docker</code>.</li> </ul> </li> <li>Upgrade Compose to <code>v2.16.0</code>. <a href="https://github-redirect.dependabot.com/docker/docker-ce-packaging/pull/844">docker/docker-ce-packaging#844</a></li> </ul> <h2>v23.0.0</h2> <h2>23.0.0</h2> <p>For more information about:</p> <ul> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v23.0.0/docs/deprecated.md">Deprecated Engine Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v23.0.0/docs/api/version-history.md">Engine API version history</a>.</li> </ul> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/milestone/51?closed=1">docker/cli, 23.0.0 milestone</a></li> <li><a href="https://github.com/moby/moby/milestone/91?closed=1">moby/moby, 23.0.0 milestone</a></li> </ul> <h3>New</h3> <ul> <li>Set Buildx and BuildKit as the default builder on Linux. <a href="https://github-redirect.dependabot.com/moby/moby/pull/43992">moby/moby#43992</a> <ul> <li>Alias <code>docker build</code> to <code>docker buildx build</code>. <a href="https://github-redirect.dependabot.com/docker/cli/pull/3314">docker/cli#3314</a></li> <li>The legacy builder can still be used by explicitly setting <code>DOCKER_BUILDKIT=0</code>.</li> <li>There are differences in how BuildKit and the legacy builder handle multi-stage builds. For more information, see <a href="https://github.com/docker/docker/build/building/multi-stage.md#differences-between-legacy-builder-and-buildkit">Multi-stage builds</a>.</li> </ul> </li> <li>Add support for pulling <code>zstd</code> compressed layers. <a href="https://github-redirect.dependabot.com/moby/moby/pull/41759">moby/moby#41759</a>, <a href="https://github-redirect.dependabot.com/moby/moby/pull/42862">moby/moby#42862</a></li> <li>Add support for alternate OCI runtimes on Linux, compatible with the containerd runtime v2 API. <a href="https://github-redirect.dependabot.com/moby/moby/pull/43887">moby/moby#43887</a>, <a href="https://github-redirect.dependabot.com/moby/moby/pull/43993">moby/moby#43993</a></li> <li>Add support for the containerd <code>runhcs</code> shim on Windows (off by default). <a href="https://github-redirect.dependabot.com/moby/moby/pull/42089">moby/moby#42089</a></li> <li>Add <code>dockerd --validate</code> to check the daemon JSON config and exit. <a href="https://github-redirect.dependabot.com/moby/moby/pull/42393">moby/moby#42393</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
gillespi314
|
e31fc889f1
|
Add MDM profiles to host detail in API responses (#10034)
Issue #9599 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). |