Commit Graph

153 Commits

Author SHA1 Message Date
dependabot[bot]
85a665aa6b
Bump golang.org/x/net from 0.5.0 to 0.7.0 (#9941)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to
0.7.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8e2b117aee"><code>8e2b117</code></a>
http2/hpack: avoid quadratic complexity in hpack decoding</li>
<li><a
href="547e7edf38"><code>547e7ed</code></a>
http2: avoid referencing ResponseWrite.Write parameter after
returning</li>
<li><a
href="39940adcaa"><code>39940ad</code></a>
html: parse comments per HTML spec</li>
<li><a
href="87ce33ecb4"><code>87ce33e</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="415cb6d518"><code>415cb6d</code></a>
all: fix some comments</li>
<li><a
href="7e3c19ca52"><code>7e3c19c</code></a>
all: correct typos in comments</li>
<li><a
href="296f09aa38"><code>296f09a</code></a>
http2: case insensitive handling for 100-continue</li>
<li><a
href="f8411da775"><code>f8411da</code></a>
nettest: fix tests on dragonfly and js/wasm</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.5.0...v0.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.5.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/fleetdm/fleet/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 09:38:33 -08:00
dependabot[bot]
145f143dde
Bump github.com/getsentry/sentry-go from 0.12.0 to 0.18.0 (#9793)
Bumps
[github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go)
from 0.12.0 to 0.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-go/releases">github.com/getsentry/sentry-go's
releases</a>.</em></p>
<blockquote>
<h2>0.18.0</h2>
<p>The Sentry SDK team is happy to announce the immediate availability
of Sentry Go SDK v0.18.0.
This release contains initial support for <a
href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug
fixes and improvements.</p>
<p><strong>Note</strong>: This is the last release supporting Go
1.17.</p>
<h3>Features</h3>
<ul>
<li>
<p>Initial support for <a
href="https://opentelemetry.io/">OpenTelemetry</a>.
You can now send all your OpenTelemetry spans to Sentry.</p>
<p>Install the <code>otel</code> module</p>
<pre lang="bash"><code>go get github.com/getsentry/sentry-go \
       github.com/getsentry/sentry-go/otel
</code></pre>
<p>Configure the Sentry and OpenTelemetry SDKs</p>
<pre lang="go"><code>import (
    &quot;go.opentelemetry.io/otel&quot;
    sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot;
    &quot;github.com/getsentry/sentry-go&quot;
    &quot;github.com/getsentry/sentry-go/otel&quot;
    // ...
)
<p>// Initlaize the Sentry SDK
sentry.Init(sentry.ClientOptions{
Dsn:              &quot;<strong>DSN</strong>&quot;,
EnableTracing:    true,
TracesSampleRate: 1.0,
})</p>
<p>// Set up the Sentry span processor
tp := sdktrace.NewTracerProvider(
sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
// ...
)
otel.SetTracerProvider(tp)</p>
<p>// Set up the Sentry propagator
otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
</code></pre></p>
<p>You can read more about using OpenTelemetry with Sentry in our <a
href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p>
</li>
</ul>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md">github.com/getsentry/sentry-go's
changelog</a>.</em></p>
<blockquote>
<h2>0.18.0</h2>
<p>The Sentry SDK team is happy to announce the immediate availability
of Sentry Go SDK v0.18.0.
This release contains initial support for <a
href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug
fixes and improvements.</p>
<p><strong>Note</strong>: This is the last release supporting Go
1.17.</p>
<h3>Features</h3>
<ul>
<li>
<p>Initial support for <a
href="https://opentelemetry.io/">OpenTelemetry</a>.
You can now send all your OpenTelemetry spans to Sentry.</p>
<p>Install the <code>otel</code> module</p>
<pre lang="bash"><code>go get github.com/getsentry/sentry-go \
       github.com/getsentry/sentry-go/otel
</code></pre>
<p>Configure the Sentry and OpenTelemetry SDKs</p>
<pre lang="go"><code>import (
    &quot;go.opentelemetry.io/otel&quot;
    sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot;
    &quot;github.com/getsentry/sentry-go&quot;
    &quot;github.com/getsentry/sentry-go/otel&quot;
    // ...
)
<p>// Initlaize the Sentry SDK
sentry.Init(sentry.ClientOptions{
Dsn:              &quot;<strong>DSN</strong>&quot;,
EnableTracing:    true,
TracesSampleRate: 1.0,
})</p>
<p>// Set up the Sentry span processor
tp := sdktrace.NewTracerProvider(
sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
// ...
)
otel.SetTracerProvider(tp)</p>
<p>// Set up the Sentry propagator
otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
</code></pre></p>
<p>You can read more about using OpenTelemetry with Sentry in our <a
href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b97c8e661"><code>4b97c8e</code></a>
release: 0.18.0</li>
<li><a
href="79724631e3"><code>7972463</code></a>
fix(release): Bump root module version in submodules (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/576">#576</a>)</li>
<li><a
href="612c167049"><code>612c167</code></a>
fix(build): Tidy otel submodule (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/575">#575</a>)</li>
<li><a
href="3ec3943355"><code>3ec3943</code></a>
doc: Prepare 0.18.0 (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/572">#572</a>)</li>
<li><a
href="bb6e2bdbf0"><code>bb6e2bd</code></a>
fix(otel): Use vendored bagggage implementation in propagator (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/573">#573</a>)</li>
<li><a
href="3964ecefd0"><code>3964ece</code></a>
fix(baggage): Update baggage parsing and encoding in vendored otel
package (#...</li>
<li><a
href="ef3a838eef"><code>ef3a838</code></a>
test: Add Codecov configuration file (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/569">#569</a>)</li>
<li><a
href="de904d6e97"><code>de904d6</code></a>
fix(otel): Require otel 1.11.0 and higher (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/567">#567</a>)</li>
<li><a
href="d0a2aa3ebd"><code>d0a2aa3</code></a>
fix: Create a frozen DSC when calling ToBaggage (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/566">#566</a>)</li>
<li><a
href="fb7618028b"><code>fb76180</code></a>
release: Update .craft.yml to be ready for otel submodule release (<a
href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/565">#565</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-go/compare/v0.12.0...v0.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/getsentry/sentry-go&package-manager=go_modules&previous-version=0.12.0&new-version=0.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:24:03 -08:00
dependabot[bot]
9192d5ce91
Bump github.com/docker/docker from 20.10.17+incompatible to 23.0.1+incompatible (#9792)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
20.10.17+incompatible to 23.0.1+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v23.0.1</h2>
<h2>23.0.1</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/milestone/73?closed=1">docker/cli,
23.0.1 milestone</a></li>
<li><a
href="https://github.com/moby/moby/milestone/113?closed=1">moby/moby,
23.0.1 milestone</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Fix containers not starting if the kernel has AppArmor enabled, but
<code>apparmor_parser</code> is not available. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44942">moby/moby#44942</a></li>
<li>Fix BuildKit-enabled builds with inline caching causing the daemon
to crash. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44944">moby/moby#44944</a></li>
<li>Fix BuildKit improperly loading cached layers created by previous
versions. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44959">moby/moby#44959</a></li>
<li>Fix an issue where <code>ipvlan</code> networks created prior to
upgrading would prevent the daemon from starting. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44937">moby/moby#44937</a></li>
<li>Fix the <code>overlay2</code> storage driver failing early in
<code>metacopy</code> testing when initialized on an unsupported backing
filesystem. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44922">moby/moby#44922</a></li>
<li>Fix <code>exec</code> exit events being misinterpreted as container
exits under some runtimes, such as Kata Containers. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/44892">moby/moby#44892</a></li>
<li>Improve the error message returned by the CLI when recieving a
truncated JSON response caused by the API hanging up mid-request. <a
href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li>
<li>Fix an incorrect CLI exit code when attempting to execute a
directory with a <code>runc</code> compiled using Go 1.20. <a
href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li>
<li>Fix mishandling the size argument to <code>--device-write-bps</code>
as a path. <a
href="https://github-redirect.dependabot.com/docker/cli/pull/4004">docker/cli#4004</a></li>
</ul>
<h3>Packaging</h3>
<ul>
<li>Add <code>/etc/docker</code> to RPM and DEB packaging. <a
href="https://github-redirect.dependabot.com/docker/docker-ce-packaging/pull/842">docker/docker-ce-packaging#842</a>
<ul>
<li>Not all use cases will benefit; if you depend on this, you should
explicitly <code>mkdir -p /etc/docker</code>.</li>
</ul>
</li>
<li>Upgrade Compose to <code>v2.16.0</code>. <a
href="https://github-redirect.dependabot.com/docker/docker-ce-packaging/pull/844">docker/docker-ce-packaging#844</a></li>
</ul>
<h2>v23.0.0</h2>
<h2>23.0.0</h2>
<p>For more information about:</p>
<ul>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v23.0.0/docs/deprecated.md">Deprecated
Engine Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v23.0.0/docs/api/version-history.md">Engine
API version history</a>.</li>
</ul>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/milestone/51?closed=1">docker/cli,
23.0.0 milestone</a></li>
<li><a
href="https://github.com/moby/moby/milestone/91?closed=1">moby/moby,
23.0.0 milestone</a></li>
</ul>
<h3>New</h3>
<ul>
<li>Set Buildx and BuildKit as the default builder on Linux. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/43992">moby/moby#43992</a>
<ul>
<li>Alias <code>docker build</code> to <code>docker buildx build</code>.
<a
href="https://github-redirect.dependabot.com/docker/cli/pull/3314">docker/cli#3314</a></li>
<li>The legacy builder can still be used by explicitly setting
<code>DOCKER_BUILDKIT=0</code>.</li>
<li>There are differences in how BuildKit and the legacy builder handle
multi-stage builds. For more information, see
<a
href="https://github.com/docker/docker/build/building/multi-stage.md#differences-between-legacy-builder-and-buildkit">Multi-stage
builds</a>.</li>
</ul>
</li>
<li>Add support for pulling <code>zstd</code> compressed layers. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/41759">moby/moby#41759</a>,
<a
href="https://github-redirect.dependabot.com/moby/moby/pull/42862">moby/moby#42862</a></li>
<li>Add support for alternate OCI runtimes on Linux, compatible with the
containerd runtime v2 API. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/43887">moby/moby#43887</a>,
<a
href="https://github-redirect.dependabot.com/moby/moby/pull/43993">moby/moby#43993</a></li>
<li>Add support for the containerd <code>runhcs</code> shim on Windows
(off by default). <a
href="https://github-redirect.dependabot.com/moby/moby/pull/42089">moby/moby#42089</a></li>
<li>Add <code>dockerd --validate</code> to check the daemon JSON config
and exit. <a
href="https://github-redirect.dependabot.com/moby/moby/pull/42393">moby/moby#42393</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bc3805a0a0"><code>bc3805a</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/docker/issues/44959">#44959</a>
from tonistiigi/23.0-buildkit-update-0208</li>
<li><a
href="4002fa877b"><code>4002fa8</code></a>
vendor: update buildkit to latest v0.10</li>
<li><a
href="77f3d31ed6"><code>77f3d31</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/docker/issues/44944">#44944</a>
from thaJeztah/23.0_backport_worker_getremotes</li>
<li><a
href="e697c9365f"><code>e697c93</code></a>
builder: define GetRemotes for the worker</li>
<li><a
href="1141704bc9"><code>1141704</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/docker/issues/44952">#44952</a>
from thaJeztah/23.0_backport_ci_fix_workflows</li>
<li><a
href="4c544c3d5f"><code>4c544c3</code></a>
ci: fix branch filter pattern in buildkit workflow</li>
<li><a
href="f7e2cbaf1b"><code>f7e2cba</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/docker/issues/44948">#44948</a>
from crazy-max/23.0_backport_ci-itg-cli-split</li>
<li><a
href="06aca27cc1"><code>06aca27</code></a>
ci: enhance tests distribution</li>
<li><a
href="001b2e778a"><code>001b2e7</code></a>
ci: update gotestlist to 0.3.1</li>
<li><a
href="e664cc2239"><code>e664cc2</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/docker/issues/44942">#44942</a>
from vvoland/apparmor-check-binary-23</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v20.10.17...v23.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=20.10.17+incompatible&new-version=23.0.1+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 18:22:38 -08:00
gillespi314
e31fc889f1
Add MDM profiles to host detail in API responses (#10034)
Issue #9599 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-22 16:26:06 -06:00
Marcos Oviedo
97c06791dc
Adding new Windows MDM table to interact with the Windows MDM stack (#9448) 2023-01-30 11:29:29 -03:00
Roberto Dip
b4f46bf91c
run go mod tidy and fix incorrectly imported dependency (#9529)
Two minor things are happening here:

1. A new direct dependency was added in #9489, this runs `go mod tidy`
to update `go.mod` and `go.sum`
2. `"go.uber.org/atomic"` was automatically imported instead of
`"sys/atomic"` in #9494
2023-01-27 14:51:27 -03:00
Sharon Katz
86c4c15d6b
Cis 5.2.x (#9489) 2023-01-25 15:53:24 -05:00
Martin Angers
6c3738a0d2
Fix a flaky integration test (#9382) 2023-01-17 15:33:27 -05:00
Lucas Manuel Rodriguez
cadcdbb992
Add table implementation to query SNTP servers (#9312)
This may be needed for CIS 2.3.2.2 check:

```
Correct date and time settings are required for authentication protocols, file creation,
modification dates and log entries. Ensure that time on the computer is within
acceptable limits. Truly accurate time is measured within milliseconds. For this audit, a
drift under four and a half minutes passes the control check. Since Kerberos is one of
the important features of macOS integration into Directory systems, the guidance here
is to warn you before there could be an impact to operations. From the perspective of
accurate time, this check is not strict, so it may be too great for your organization. Your
organization can adjust to a smaller offset value as needed.
```

#9239

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- ~[ ] Added/updated tests~
- [X] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-01-16 12:31:02 -03:00
Martin Angers
1abcb6e227
Add integration tests for setting apple BM default team (#9291) 2023-01-16 09:23:32 -05:00
Martin Angers
656e5bfc70
Flag when the Apple BM terms have expired (#9091)
#8862 

Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
2023-01-06 17:44:20 -03:00
Zach Wasserman
d5e4a9a66f
Signing tool for MDM Push CSRs (#8884)
This PR provides the tooling that fleetdm.com will use to sign MDM Push
CSRs.

This was tested against the output of #8812, and the resulting requests
were validated to be accepted by Apple.

Co-authored-by: Roberto Dip <me@roperzh.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-01-06 08:25:54 -08:00
gillespi314
94dd1c3745
Ingest pending MDM hosts (#9065)
Co-authored-by @roperzh
2022-12-26 15:32:39 -06:00
Marcos Oviedo
53b74e576c
Adding fallback mechanism to retrive UUID on Windows (#8993)
* Adding fallback mechanism to retrive UUID on Windows

* Fixing erroneous code comments

* Addressing code review findings
2022-12-13 18:04:49 -03:00
Michal Nicpon
10b3179b63
Add fleetctl generate mdm-apple (#8812) 2022-12-07 18:24:42 +01:00
Martin Angers
a1252b74df
Add a static check for misuse of ds.writer/ds.reader when inside a transaction (#8621) 2022-11-15 08:29:54 -05:00
gillespi314
881194b3b4
Add orbit version and osquery version usage statistics (#8229) 2022-10-24 11:12:56 -05:00
Roberto Dip
f1453b213f
upgrade go packages with security fixes (#8368)
this upgrades the following packages by running:

```
go get golang.org/x/text@v0.3.8
go get golang.org/x/net@v0.0.0-20220906165146-f3363e06e74c
go get github.com/docker/distribution@v2.8.0
```

`golang.org/x/text` and `golang.org/x/net` are safe to upgrade as they
only contain the security fix.

`github.com/docker/distribution` is only used by `test/upgrade` and I
have verified that everything works properly by running a test.
2022-10-24 10:00:21 -03:00
Martin Angers
323620bf39
Deep-clone the appconfig when getting from cache (#8194) 2022-10-17 15:03:49 -04:00
Lucas Manuel Rodriguez
28744bf57e
Consistently log migrations (#8154)
* Consistently log migrations

* Fix name and update goose version
2022-10-11 15:20:12 -03:00
dependabot[bot]
c307800718
Bump github.com/oschwald/geoip2-golang from 1.6.1 to 1.8.0 (#7767)
Bumps [github.com/oschwald/geoip2-golang](https://github.com/oschwald/geoip2-golang) from 1.6.1 to 1.8.0.
- [Release notes](https://github.com/oschwald/geoip2-golang/releases)
- [Commits](https://github.com/oschwald/geoip2-golang/compare/v1.6.1...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/oschwald/geoip2-golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-10 18:53:19 -03:00
dependabot[bot]
52b298ff69
Bump gopkg.in/guregu/null.v3 from 3.4.0 to 3.5.0 (#7768)
Bumps [gopkg.in/guregu/null.v3](https://github.com/guregu/null) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/guregu/null/releases)
- [Commits](https://github.com/guregu/null/compare/v3.4.0...v3.5.0)

---
updated-dependencies:
- dependency-name: gopkg.in/guregu/null.v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-10 18:52:07 -03:00
Lucas Manuel Rodriguez
832b29f8c7
Update go-tuf to v0.5.0 (bis) (#8112)
* Update go-tuf to v0.5.0

This was triggered by the security advisory
[GHSA-3633-5h82-39pq](https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-3633-5h82-39pq).
Fleet's use of go-tuf is not vulnerable to this issue due to not using
key thresholds greater than 1.

There were some API changes that necessitate changing the initialization
code for the TUF client. See
https://github.com/theupdateframework/go-tuf/issues/379 for further
discussion.

* Add changes file

* Update default root metadata

* Add review changes to update-go-tuf branch

* Update tests

* Add more checks to roots output

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-10-07 17:03:39 -03:00
Lucas Manuel Rodriguez
9191f4ce66
Add Apple MDM functionality (#7940)
* WIP

* Adding DEP functionality to Fleet

* Better organize additional MDM code

* Add cmdr.py and amend API paths

* Fix lint

* Add demo file

* Fix demo.md

* go mod tidy

* Add munki setup to Fleet

* Add diagram to demo.md

* Add fixes

* Update TODOs and demo.md

* Fix cmdr.py and add TODO

* Add endpoints to demo.md

* Add more Munki PoC/demo stuff

* WIP

* Remove proposals from PoC

* Replace prepare commands with fleetctl commands

* Update demo.md with current state

* Remove config field

* Amend demo

* Remove Munki setup from MVP-Dogfood

* Update demo.md

* Add apple mdm commands (#7769)

* fleetctl enqueue mdm command

* fix deps

* Fix build

Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>

* Add command to upload installers

* go mod tidy

* fix subcommands help

There is a bug in urfave/cli where help text is not generated properly when subcommands
are nested too deep.

* Add support for installing apps

* Add a way to list enrolled devices

* Add dep listing

* Rearrange endpoints

* Move DEP routine to schedule

* Define paths globally

* Add a way to list enrollments and installers

* Parse device-ids as comma-separated string

* Remove unused types

* Add simple commands and nest under enqueue-command

* Fix simple commands

* Add help to enqueue-command

* merge apple_mdm database

* Fix commands

* update nanomdm

* Split nanomdm and nanodep schemas

* Set 512 MB in memory for upload

* Remove empty file

* Amend profile

* Add sample commands

* Add delete installers and fix bug in DEP profile assigning

* Add dogfood.md deployment guide

* Update schema.sql

* Dump schema with MySQL 5

* Set default value for authenticate_at

* add tokens to enrollment profiles

When a device downloads an MDM enrollment profile, verify the token passed
as a query parameter. This ensures untrusted devices don't enroll with
our MDM server.

- Rename enrollments to enrollment profiles. Enrollments is used by nano
  to refer to devices that are enrolled with MDM
- Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles
- Generate a token for authentication when creating an enrollment profile
- Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token=

* remove mdm apple server url

* update docs

* make dump-test-schema

* Update nanomdm with missing prefix table

* Add docs and simplify changes

* Add changes file

* Add method docs

* Fix compile and revert prepare.go changes

* Revert migration status check change

* Amend comments

* Add more docs

* Clarify storage of installers

* Remove TODO

* Remove unused

* update dogfood.md

* remove cmdr.py

* Add authorization tests

* Add TODO comment

* use kitlog for nano logging

* Add yaml tags

* Remove unused flag

* Remove changes file

* Only run DEP routine if MDM is enabled

* Add docs to all new exported types

* Add docs

* more nano logging changes

* Fix unintentional removal

* more nano logging changes

* Fix compile test

* Use string for configs and fix config test

* Add docs and amend changes

* revert changes to basicAuthHandler

* remove exported BasicAuthHandler

* rename rego authz type

* Add more information to dep list

* add db tag

* update deps

* Fix schema

* Remove unimplemented

Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 19:53:54 -03:00
Martin Angers
db24cf32fa
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) (#7853) 2022-09-21 15:16:31 -04:00
dependabot[bot]
46a8049ed7
Bump github.com/elazarl/go-bindata-assetfs from 1.0.0 to 1.0.1 (#7742)
Bumps [github.com/elazarl/go-bindata-assetfs](https://github.com/elazarl/go-bindata-assetfs) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/elazarl/go-bindata-assetfs/releases)
- [Changelog](https://github.com/elazarl/go-bindata-assetfs/blob/master/.goreleaser.yml)
- [Commits](https://github.com/elazarl/go-bindata-assetfs/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: github.com/elazarl/go-bindata-assetfs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-14 07:47:34 -03:00
dependabot[bot]
e658199e98
Bump github.com/cenkalti/backoff (#7722)
Bumps [github.com/cenkalti/backoff](https://github.com/cenkalti/backoff) from 2.1.1+incompatible to 2.2.1+incompatible.
- [Release notes](https://github.com/cenkalti/backoff/releases)
- [Commits](https://github.com/cenkalti/backoff/compare/v2.1.1...v2.2.1)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 20:29:15 -03:00
dependabot[bot]
b3643bc92a
Bump github.com/russellhaering/goxmldsig from 1.1.0 to 1.2.0 (#7741)
Bumps [github.com/russellhaering/goxmldsig](https://github.com/russellhaering/goxmldsig) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/russellhaering/goxmldsig/releases)
- [Commits](https://github.com/russellhaering/goxmldsig/compare/v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/russellhaering/goxmldsig
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 20:27:34 -03:00
dependabot[bot]
f3de19bc11
Bump github.com/andygrunwald/go-jira from 1.15.1 to 1.16.0 (#7736)
Bumps [github.com/andygrunwald/go-jira](https://github.com/andygrunwald/go-jira) from 1.15.1 to 1.16.0.
- [Release notes](https://github.com/andygrunwald/go-jira/releases)
- [Changelog](https://github.com/andygrunwald/go-jira/blob/main/CHANGELOG.md)
- [Commits](https://github.com/andygrunwald/go-jira/compare/v1.15.1...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/andygrunwald/go-jira
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 18:22:20 -03:00
dependabot[bot]
b2ef50f640
Bump github.com/go-kit/kit from 0.9.0 to 0.12.0 (#7735)
Bumps [github.com/go-kit/kit](https://github.com/go-kit/kit) from 0.9.0 to 0.12.0.
- [Release notes](https://github.com/go-kit/kit/releases)
- [Commits](https://github.com/go-kit/kit/compare/v0.9.0...v0.12.0)

---
updated-dependencies:
- dependency-name: github.com/go-kit/kit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 18:21:23 -03:00
dependabot[bot]
9f79b13eb0
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#7713)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.7.0 to 1.10.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.7.0...v1.10.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 12:02:16 -03:00
dependabot[bot]
ea586c11b4
Bump github.com/shirou/gopsutil/v3 from 3.22.2 to 3.22.8 (#7719)
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.22.2 to 3.22.8.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.22.2...v3.22.8)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 12:01:32 -03:00
dependabot[bot]
510ff2aa64
Bump github.com/gomodule/redigo from 1.8.5 to 1.8.9 (#7721)
Bumps [github.com/gomodule/redigo](https://github.com/gomodule/redigo) from 1.8.5 to 1.8.9.
- [Release notes](https://github.com/gomodule/redigo/releases)
- [Commits](https://github.com/gomodule/redigo/compare/v1.8.5...v1.8.9)

---
updated-dependencies:
- dependency-name: github.com/gomodule/redigo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 11:23:24 -03:00
dependabot[bot]
3c4ea7b790
Bump github.com/nukosuke/go-zendesk from 0.12.0 to 0.13.1 (#7504)
Bumps [github.com/nukosuke/go-zendesk](https://github.com/nukosuke/go-zendesk) from 0.12.0 to 0.13.1.
- [Release notes](https://github.com/nukosuke/go-zendesk/releases)
- [Commits](https://github.com/nukosuke/go-zendesk/compare/v0.12.0...v0.13.1)

---
updated-dependencies:
- dependency-name: github.com/nukosuke/go-zendesk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 10:49:51 -03:00
dependabot[bot]
e48541ec89
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace (#7714)
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.7.0 to 1.10.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.7.0...v1.10.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 10:40:15 -03:00
dependabot[bot]
2ad0aa0c57
Bump github.com/open-policy-agent/opa from 0.42.0 to 0.44.0 (#7652)
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.42.0 to 0.44.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.42.0...v0.44.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-13 08:34:39 -03:00
Zachary Winnerman
2103de275a
improve error handling in vulnerabilities cron (#7276)
* improve error handling in vulnerabilities cron

* fix tests

* Use errHandler and go mod tidy

* Add dep that got removed by mod tidy

* add dsl to tools

* Add changes file

Co-authored-by: Michal Nicpon <michal@fleetdm.com>
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-08-18 16:53:58 -03:00
gillespi314
3a88afaf98
Add new database tables and queries for host operating systems (#6920) 2022-08-09 13:34:41 -05:00
Michal Nicpon
d4be5ad2a1
add upgrade tests (#6596)
* add upgrade tests

* fix lint issues

go.mod

* remove req.cnf

* revert unrelated changes

* make version configurable in test

* fix golangci-lint ruleguard issue

Related to https://github.com/go-critic/go-critic/issues/1152
Need to have github.com/quasilyte/go-ruleguard/dsl

* fix lint issues

* fix

* clean up docker-compose.yml

* fix http request

* add readme

* fix lint issues

* address feedback

* fix

* add platform

* address feedback

* run go fmt
2022-07-19 15:11:51 -06:00
Tomas Touceda
7f8099db57
Add sandbox fleet serve config (#6619)
* Add sandbox fleet serve config

* Update docs

* Maybe fix lint issues

* Add lint dep
2022-07-12 18:21:15 -03:00
dependabot[bot]
b26a5cdb4e
Bump github.com/open-policy-agent/opa from 0.40.0 to 0.42.0 (#6537)
* Bump github.com/open-policy-agent/opa from 0.40.0 to 0.42.0

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.40.0 to 0.42.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.40.0...v0.42.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Include go.* files in tests

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-07-11 14:58:27 -03:00
Ahmed Elshaer
a9f48ff561
Create Bulk Users from CSV (#3372)
* Create Bulk Users

* WIP: Adding a test for bulk user import

* adding a user bulk create test

* Fixing description, removing password required, and adding more test cases

* Fixing description, removing password required, and adding more test cases

* Fixed all comments and added Random Password Generator

* returning an error in generateRandomPassword

* Using 2 loops to create user list and then create the actual users

* Adding a bulk user delete

* fixing a mistake in temp csv

* fixed lints and removed yamlFlag
2022-06-22 13:34:58 -03:00
Lucas Manuel Rodriguez
4cfeaa1580
Do not use golangci action for better reproducibility (use make lint-go) (#6175)
* Do not use golangci action for better reproducibility

* Add fix to trigger build

* Fix all reported issues

* fix more lint errors

* Add missing import

* Remove unused method

* Remove change not necessary
2022-06-10 18:52:24 -03:00
Juan Fernandez
ef73039559
Improve vulnerability detection for Ubuntu (#6102)
Feature: Improve our capability to detect vulnerable software on Ubuntu hosts

To improve the capability of detecting vulnerable software on Ubuntu, we are now using OVAL definitions to detect vulnerable software on Ubuntu hosts. If data sync is enabled (disable_data_sync=false) OVAL definitions are automatically kept up to date (they are 'refreshed' once per day) - there's also the option to manually download the OVAL definitions using the 'fleetctl vulnerability-data-stream' command. Downloaded definitions are then parsed into an intermediary format and then used to identify vulnerable software on Ubuntu hosts. Finally, any 'recent' detected vulnerabilities are sent to any third-party integrations.
2022-06-07 21:09:47 -04:00
Roberto Dip
5f5095de2c
bump go version in go.mod to 1.17 (#6129) 2022-06-07 16:05:55 -03:00
Michal Nicpon
30a864c8d2
Sync CVE scores periodically (#5838) 2022-06-01 10:06:57 -06:00
dependabot[bot]
092940b862
Bump github.com/theupdateframework/go-tuf from 0.2.0 to 0.3.0 (#5894)
* Bump github.com/theupdateframework/go-tuf from 0.2.0 to 0.3.0

Bumps [github.com/theupdateframework/go-tuf](https://github.com/theupdateframework/go-tuf) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/theupdateframework/go-tuf/releases)
- [Commits](https://github.com/theupdateframework/go-tuf/compare/v0.2.0...v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/theupdateframework/go-tuf
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Remove err check for client.IsLatestSnapshot

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-05-26 16:13:19 -07:00
dependabot[bot]
0b92604c92
Bump github.com/open-policy-agent/opa from 0.24.0 to 0.40.0 (#5906)
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.24.0 to 0.40.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.24.0...v0.40.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 12:15:40 -03:00
Roberto Dip
894fa22c71
implement a thin wrapper around stdlib errors (#5733)
This solves #5679 , and also implements #5515, #5509 and lays the ground for #5516

With the introduction of Wrap, Is and As in the standard library, we've now got built-in support for wrapping.

On top of that, a common pattern in the community is to define errors tailored to the context of each project while still conforming to the error and Unwrap interfaces (see Upspin, Chromium)

The output now includes stack traces and additional info
2022-05-18 11:47:55 -03:00
gillespi314
1dabf52834
Add Zendesk external service integration for vulnerability automations (#5372) 2022-05-02 15:58:34 -05:00