Commit Graph

243 Commits

Author SHA1 Message Date
Luke Heath
8dbe690026
Prepare v4.40.0 (#14940) 2023-11-06 16:49:21 -06:00
dependabot[bot]
255ab88b8d
Bump golang.org/x/net from 0.10.0 to 0.17.0 in /infrastructure/sandbox/JITProvisioner/lambda (#14477) 2023-11-03 14:28:43 -05:00
dependabot[bot]
1fb08110e9
Bump golang.org/x/net from 0.7.0 to 0.17.0 in /infrastructure/sandbox/JITProvisioner/ingress_destroyer (#14475) 2023-11-03 14:27:52 -05:00
dependabot[bot]
b99ff2f464
Bump golang.org/x/net from 0.7.0 to 0.17.0 in /infrastructure/sandbox/PreProvisioner/lambda (#14476) 2023-11-03 14:27:16 -05:00
Robert Fairburn
7b31344988
Dogfood github actions and monitoring module fixes (#14875)
These items fix the github action for use with the updates to the
monitoring module.

Additionally there were some changes needed to the monitoring module to
make it behave inside the GH action.

Once this is approved/merged, the new tag for them monitoring module
will be created as `tf-mod-addon-monitoring-v1.1.1`
2023-11-01 16:34:13 -05:00
dependabot[bot]
f988ef8532
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.28.0 to 0.44.0 in /infrastructure/sandbox/JITProvisioner/lambda (#14586) 2023-11-01 13:25:47 -05:00
Robert Fairburn
b74f2c059c
initial fleet-cron monitoring script (#14579) 2023-11-01 12:01:02 -05:00
Lucas Manuel Rodriguez
3122d93ce4
loadtesting: Redirect osquery results and status logs to /dev/null (#14848)
This is to avoid firehose (rate limit) errors when load testing query
reports with thousands of hosts. (And may reduce cost by storing logs
nowhere.)

Thanks @rfairburn:
https://github.com/fleetdm/fleet/pull/14754#issuecomment-1788887575
2023-11-01 12:11:21 -03:00
dependabot[bot]
2d73d26bcf
Bump google.golang.org/grpc from 1.55.0 to 1.56.3 in /infrastructure/sandbox/JITProvisioner/lambda (#14744) 2023-10-31 14:26:05 -05:00
Robert Fairburn
dae94c3129
Fix ACL Errors (#14525) 2023-10-27 10:20:07 -05:00
Luke Heath
653aeceb06
Prepare v4.39.0 (#14647) 2023-10-26 15:07:58 -05:00
Roberto Dip
ad9e30f120
Update Go to v1.21.3 (#14634)
for #14633
2023-10-19 10:01:05 -03:00
Robert Fairburn
eb0babe51a
Sandbox-v4.38.1 (#14524) 2023-10-13 15:35:42 -05:00
Lucas Manuel Rodriguez
910e26b93e
Amend loadtesting terraform docs (#14549) 2023-10-13 17:05:00 -03:00
Roberto Dip
e46e83baf8
upgrade Go to 1.21.1 for infra (#13878)
related to #13715, this updates the infra dependencies for the general
go upgrade that's happening at
https://github.com/fleetdm/fleet/pull/13877

I'm thinking we probably want to merge this after we're sure that
everything works well, maybe even after we have a release with go 1.21.1
out, so I'm making a separate PR.

---------

Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2023-10-12 21:09:17 -05:00
Luke Heath
191348208e
Update contact instructions (#14333) 2023-10-05 15:09:09 -05:00
Roberto Dip
6702e3ddb8
prepare v4.38.1 (#14303) 2023-10-05 11:13:24 -05:00
Robert Fairburn
0f4e24a40a
Initial saml-auth-proxy code. (#14017) 2023-09-28 12:48:57 -05:00
Luke Heath
6807cfe897
Prepare v4.38.0 (#14123) 2023-09-25 16:43:52 -05:00
Martin Angers
1ce9eb5976
Fix invalid digest used in loadtest dockerfile (#13916) 2023-09-13 16:02:33 -04:00
Luke Heath
a745c3a8a8
Prepare Fleet v4.37.0 (#13821) 2023-09-08 13:35:44 -05:00
Zachary Winnerman
075ecf4a62
Add separate kms key for installers (#13786)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-09-07 07:21:24 -04:00
Robert Fairburn
595ccd376f
Update dogfood mdm module version (#13751) 2023-09-06 15:26:50 -05:00
Robert Fairburn
8a653c1b00
Enable windows mdm on dogfood (#13739) 2023-09-06 11:33:04 -05:00
Robert Fairburn
21b01605ae
Update nginx for redirect container in sandbox (#13509) 2023-09-06 11:16:27 -05:00
Roberto Dip
5ad734d617
upgrade go to v1.19.12 (#13617) 2023-08-31 13:49:24 -05:00
Lucas Manuel Rodriguez
22b879bcef
Add instructions to deploy server code changes to a loadtest env (#13563)
#12696
2023-08-29 11:06:32 -03:00
Luke Heath
1260db9360
Prepare v4.36.0 (#13364) 2023-08-17 16:11:19 -05:00
Luke Heath
21b21abd22
Prepare v4.35.2 (#13273) 2023-08-10 11:35:03 -07:00
Luke Heath
f3b9bcc02a
Prepare v4.35.1 (#13163) 2023-08-10 08:43:52 -07:00
Zachary Winnerman
b95c85be59
Revert "Do vuln scans only during peak hours (#12978)" (#13166)
This reverts commit bea7fa6dd0.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-08-05 00:17:34 -04:00
Zachary Winnerman
3fe9d56fcd
Add changes needed for EKS upgrade (#13135)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-08-03 16:43:27 -04:00
Luke Heath
648b25bf4d
Prepare v4.35.0 (#13077) 2023-08-01 09:22:01 -07:00
Luke Heath
c8dee16121
Prepare v4.34.1 (#13073) 2023-07-31 16:54:24 -07:00
Zachary Winnerman
b042a1a503
Disable windows mdm (#13042)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-28 19:07:25 -04:00
Zachary Winnerman
fc7c7544a9
Revert these PRs: (#13001)
https://github.com/fleetdm/fleet/pull/12763/files
https://github.com/fleetdm/fleet/pull/12854/files
https://github.com/fleetdm/fleet/pull/12764/files

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-27 14:57:11 -04:00
Zachary Winnerman
bea7fa6dd0
Do vuln scans only during peak hours (#12978)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-26 14:25:52 -04:00
Roberto Dip
d9de78e9fc
upgrade Go version to 1.19.11 (#12902) 2023-07-26 11:09:22 -07:00
Zachary Winnerman
0baf8441c6
see https://github.com/fleetdm/confidential/issues/3166#issuecomment-… (#12940)
…1648567704

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-24 16:53:29 -04:00
Zachary Winnerman
e7f4441f7b
fixup (#12939)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-24 16:11:03 -04:00
Zachary Winnerman
7eecb4ac90
Add Windows MDM variables to the MDM terraform mdoule and update dogfood (#12938)
https://github.com/fleetdm/confidential/issues/3166
2023-07-24 15:49:30 -04:00
Zachary Winnerman
d6f51f893c
fix bug in deprovisioner (#12854)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-19 19:59:02 -04:00
Zachary Winnerman
bd3a37ea5c
Update sandbox to latest fleet (#12845)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-19 19:30:22 -04:00
Lucas Manuel Rodriguez
b803bbe5bf
osquery-perf changes needed for load testing with simulated Windows hosts (#12754)
Changes in osquery-perf to allow for testing of Windows hosts in
loadtest environments.
2023-07-14 13:06:34 -03:00
Zachary Winnerman
ce57fa2c84
Scale down and delete cronjob for expired instances (#12764)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-13 20:57:00 -04:00
Zachary Winnerman
0c864613ab
Fix for sandbox vuln processing (#12763)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-13 20:43:20 -04:00
Luke Heath
a001fbf3ec
Prepare v4.34.0 (#12706) 2023-07-11 14:38:57 -07:00
Robert Fairburn
c14752e7ce
Increase log retention for dogfood cloudwatch logs (#12664) 2023-07-06 11:53:33 -05:00
Luke Heath
cc8a2d0605
Prepare v4.33.1 (#12417) 2023-06-30 09:49:50 -07:00
dependabot[bot]
dd0f5f81e8
Bump github.com/gin-gonic/gin from 1.8.1 to 1.9.1 in /infrastructure/sandbox/JITProvisioner/lambda (#12098)
Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from
1.8.1 to 1.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gin-gonic/gin/releases">github.com/gin-gonic/gin's
releases</a>.</em></p>
<blockquote>
<h2>v1.9.1</h2>
<h2>Changelog</h2>
<h3>BUG FIXES</h3>
<ul>
<li>fix Request.Context() checks <a
href="https://redirect.github.com/gin-gonic/gin/pull/3512">#3512</a></li>
</ul>
<h3>SECURITY</h3>
<ul>
<li>fix lack of escaping of filename in Content-Disposition <a
href="https://redirect.github.com/gin-gonic/gin/pull/3556">#3556</a></li>
</ul>
<h3>ENHANCEMENTS</h3>
<ul>
<li>refactor: use bytes.ReplaceAll directly <a
href="https://redirect.github.com/gin-gonic/gin/pull/3455">#3455</a></li>
<li>convert strings and slices using the officially recommended way <a
href="https://redirect.github.com/gin-gonic/gin/pull/3344">#3344</a></li>
<li>improve render code coverage <a
href="https://redirect.github.com/gin-gonic/gin/pull/3525">#3525</a></li>
</ul>
<h3>DOCS</h3>
<ul>
<li>docs: changed documentation link for trusted proxies <a
href="https://redirect.github.com/gin-gonic/gin/pull/3575">#3575</a></li>
<li>chore: improve linting, testing, and GitHub Actions setup <a
href="https://redirect.github.com/gin-gonic/gin/pull/3583">#3583</a></li>
</ul>
<h2>v1.9.0</h2>
<h2>Changelog</h2>
<h3>BREAK CHANGES</h3>
<ul>
<li>Stop useless panicking in context and render <a
href="https://redirect.github.com/gin-gonic/gin/pull/2150">#2150</a></li>
</ul>
<h3>BUG FIXES</h3>
<ul>
<li>fix(router): tree bug where loop index is not decremented. <a
href="https://redirect.github.com/gin-gonic/gin/pull/3460">#3460</a></li>
<li>fix(context): panic on NegotiateFormat - index out of range <a
href="https://redirect.github.com/gin-gonic/gin/pull/3397">#3397</a></li>
<li>Add escape logic for header <a
href="https://redirect.github.com/gin-gonic/gin/pull/3500">#3500</a> and
<a
href="https://redirect.github.com/gin-gonic/gin/pull/3503">#3503</a></li>
</ul>
<h3>SECURITY</h3>
<ul>
<li>Fix the GO-2022-0969 and GO-2022-0288 vulnerabilities <a
href="https://redirect.github.com/gin-gonic/gin/pull/3333">#3333</a></li>
<li>fix(security): vulnerability GO-2023-1571 <a
href="https://redirect.github.com/gin-gonic/gin/pull/3505">#3505</a></li>
</ul>
<h3>ENHANCEMENTS</h3>
<ul>
<li>feat: add sonic json support <a
href="https://redirect.github.com/gin-gonic/gin/pull/3184">#3184</a></li>
<li>chore(file): Creates a directory named path <a
href="https://redirect.github.com/gin-gonic/gin/pull/3316">#3316</a></li>
<li>fix: modify interface check way <a
href="https://redirect.github.com/gin-gonic/gin/pull/3327">#3327</a></li>
<li>remove deprecated of package io/ioutil <a
href="https://redirect.github.com/gin-gonic/gin/pull/3395">#3395</a></li>
<li>refactor: avoid calling strings.ToLower twice <a
href="https://redirect.github.com/gin-gonic/gin/pull/3433">#3343</a></li>
<li>console logger HTTP status code bug fixed <a
href="https://redirect.github.com/gin-gonic/gin/pull/3453">#3453</a></li>
<li>chore(yaml): upgrade dependency to v3 version <a
href="https://redirect.github.com/gin-gonic/gin/pull/3456">#3456</a></li>
<li>chore(router): match method added to routergroup for multiple HTTP
methods supporting <a
href="https://redirect.github.com/gin-gonic/gin/pull/3464">#3464</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md">github.com/gin-gonic/gin's
changelog</a>.</em></p>
<blockquote>
<h2>Gin v1.9.1</h2>
<h3>BUG FIXES</h3>
<ul>
<li>fix Request.Context() checks <a
href="https://redirect.github.com/gin-gonic/gin/pull/3512">#3512</a></li>
</ul>
<h3>SECURITY</h3>
<ul>
<li>fix lack of escaping of filename in Content-Disposition <a
href="https://redirect.github.com/gin-gonic/gin/pull/3556">#3556</a></li>
</ul>
<h3>ENHANCEMENTS</h3>
<ul>
<li>refactor: use bytes.ReplaceAll directly <a
href="https://redirect.github.com/gin-gonic/gin/pull/3455">#3455</a></li>
<li>convert strings and slices using the officially recommended way <a
href="https://redirect.github.com/gin-gonic/gin/pull/3344">#3344</a></li>
<li>improve render code coverage <a
href="https://redirect.github.com/gin-gonic/gin/pull/3525">#3525</a></li>
</ul>
<h3>DOCS</h3>
<ul>
<li>docs: changed documentation link for trusted proxies <a
href="https://redirect.github.com/gin-gonic/gin/pull/3575">#3575</a></li>
<li>chore: improve linting, testing, and GitHub Actions setup <a
href="https://redirect.github.com/gin-gonic/gin/pull/3583">#3583</a></li>
</ul>
<h2>Gin v1.9.0</h2>
<h3>BREAK CHANGES</h3>
<ul>
<li>Stop useless panicking in context and render <a
href="https://redirect.github.com/gin-gonic/gin/pull/2150">#2150</a></li>
</ul>
<h3>BUG FIXES</h3>
<ul>
<li>fix(router): tree bug where loop index is not decremented. <a
href="https://redirect.github.com/gin-gonic/gin/pull/3460">#3460</a></li>
<li>fix(context): panic on NegotiateFormat - index out of range <a
href="https://redirect.github.com/gin-gonic/gin/pull/3397">#3397</a></li>
<li>Add escape logic for header <a
href="https://redirect.github.com/gin-gonic/gin/pull/3500">#3500</a> and
<a
href="https://redirect.github.com/gin-gonic/gin/pull/3503">#3503</a></li>
</ul>
<h3>SECURITY</h3>
<ul>
<li>Fix the GO-2022-0969 and GO-2022-0288 vulnerabilities <a
href="https://redirect.github.com/gin-gonic/gin/pull/3333">#3333</a></li>
<li>fix(security): vulnerability GO-2023-1571 <a
href="https://redirect.github.com/gin-gonic/gin/pull/3505">#3505</a></li>
</ul>
<h3>ENHANCEMENTS</h3>
<ul>
<li>feat: add sonic json support <a
href="https://redirect.github.com/gin-gonic/gin/pull/3184">#3184</a></li>
<li>chore(file): Creates a directory named path <a
href="https://redirect.github.com/gin-gonic/gin/pull/3316">#3316</a></li>
<li>fix: modify interface check way <a
href="https://redirect.github.com/gin-gonic/gin/pull/3327">#3327</a></li>
<li>remove deprecated of package io/ioutil <a
href="https://redirect.github.com/gin-gonic/gin/pull/3395">#3395</a></li>
<li>refactor: avoid calling strings.ToLower twice <a
href="https://redirect.github.com/gin-gonic/gin/pull/3433">#3343</a></li>
<li>console logger HTTP status code bug fixed <a
href="https://redirect.github.com/gin-gonic/gin/pull/3453">#3453</a></li>
<li>chore(yaml): upgrade dependency to v3 version <a
href="https://redirect.github.com/gin-gonic/gin/pull/3456">#3456</a></li>
<li>chore(router): match method added to routergroup for multiple HTTP
methods supporting <a
href="https://redirect.github.com/gin-gonic/gin/pull/3464">#3464</a></li>
<li>chore(http): add support for go1.20 http.rwUnwrapper to
gin.responseWriter <a
href="https://redirect.github.com/gin-gonic/gin/pull/3489">#3489</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ea0e648e3"><code>4ea0e64</code></a>
Ready release gin 1.9.1 (by: thinkerou) (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3630">#3630</a>)</li>
<li><a
href="bb1fc2e0fe"><code>bb1fc2e</code></a>
fix Request.Context() checks (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3512">#3512</a>)</li>
<li><a
href="2d4bbec941"><code>2d4bbec</code></a>
fix lack of escaping of filename in Content-Disposition (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3556">#3556</a>)</li>
<li><a
href="9f5ecd4be4"><code>9f5ecd4</code></a>
chore(deps): bump actions/setup-go from 3 to 4 (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3543">#3543</a>)</li>
<li><a
href="20cd6bcfc4"><code>20cd6bc</code></a>
chore(deps): bump github.com/go-playground/validator/v10 (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3610">#3610</a>)</li>
<li><a
href="6bdc725c8d"><code>6bdc725</code></a>
Fix typos in ISSUE_TEMPLATE.md (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3616">#3616</a>)</li>
<li><a
href="1ab268989d"><code>1ab2689</code></a>
chore(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3599">#3599</a>)</li>
<li><a
href="6a0556ed5a"><code>6a0556e</code></a>
improve render code coverage (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3525">#3525</a>)</li>
<li><a
href="eac2daac64"><code>eac2daa</code></a>
chore: update dependencies for various packages and libraries (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3585">#3585</a>)</li>
<li><a
href="757a638b7b"><code>757a638</code></a>
chore: improve linting, testing, and GitHub Actions setup (<a
href="https://redirect.github.com/gin-gonic/gin/issues/3583">#3583</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/gin-gonic/gin/compare/v1.8.1...v1.9.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gin-gonic/gin&package-manager=go_modules&previous-version=1.8.1&new-version=1.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/fleetdm/fleet/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 11:03:23 -04:00