beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1594 commits 83 branches 177 tags 151 MiB
Commit graph

112 commits

Author SHA1 Message Date
Thibault "bui" Koechlin
6ca053ca67
fix #2720 #2719 (#2724) 
* fix order of display of parsers

* add a --no-clean opt
 2024-01-15 09:16:03 +01:00
blotus
58f91dc951
update coraza (#2705) 2024-01-08 19:44:24 +01:00
dependabot[bot]
e0e9e3ef16
Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2670) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 09:45:53 +01:00
mmetc
a79fcaf378
Add "taintedBy" and "--diff" flag to cscli... inspect (#2665) 
* "cscli inspect" reports tainted sub-items
* cscli... inspect --diff
* unified diff
* option --diff --rev
* tainted message
* correctly report multiple taint reasons
 2023-12-15 15:27:22 +01:00
Thibault "bui" Koechlin
51f70e47e3
Minor improvements to hubtest and appsec component (#2656) 2023-12-13 17:45:56 +01:00
mmetc
518c7f178a
update dependency on aws sdk (#2647) 2023-12-08 10:07:53 +01:00
Thibault "bui" Koechlin
8cca4346a5
Application Security Engine Support (#2273) 
Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-12-07 12:21:04 +01:00
mmetc
0f3ae64062
cscli config show: pretty print with package "litter" (#2633) 2023-12-05 10:38:21 +01:00
mmetc
b164373997
update dependencies: k8s apiserver, docker and related (#2476) 2023-11-24 16:20:39 +01:00
mmetc
ffcab0b2bc
Refactor hub management and cscli commands (#2545) 2023-11-24 15:57:32 +01:00
mmetc
32e9eb4be4
Minor dependency updates (#2505) 
* update AlecAivazis/survey
* update Masterminds/semver
* update Masterminds/sprig
* update alexliesenfeld/health
* update golang.org/x/net
 2023-11-24 15:30:54 +01:00
Thibault "bui" Koechlin
1dcf9d1ae1
Improved expr debugger (#2495) 
* new expr debugger

---------

Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
 2023-11-24 11:10:54 +01:00
blotus
ec53c672dc
Kafka acquisition: warn if no consumer group id and allow to read from a specific partition (#2612) 2023-11-23 10:02:53 +01:00
dependabot[bot]
a51bce8f8d
Bump google.golang.org/grpc from 1.56.1 to 1.56.3 (#2566) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.1 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.1...v1.56.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-20 11:55:29 +01:00
mmetc
61d4ccbfdd
use go 1.21.1 (#2418) 
* use go 1.21.1, require 1.21
* import "slices" from stdlib
* allow codeql to set version number from tags
* codeql: custom WASM build - the automated one can silently fail
 2023-10-04 13:01:57 +02:00
mmetc
7a4796d655
Support Postgres 16 (update entgo.io/ent to 0.12.4) (#2368) 2023-10-02 16:30:09 +02:00
mmetc
3cb9dbdb21
notification-email: configurable timeouts (#2465) 
* configurable timeouts
* parse email timeouts as duration string
* add helo_host to email.yaml
* move html and body tags outside of the loops
* added quotes to href=.., and formatting test
 2023-09-29 16:59:06 +02:00
mmetc
d45bec4047
minor log message improvements (#2455) 2023-09-12 11:04:56 +02:00
mmetc
2aa55e9444
move plugins/notifications/* to cmd/notification-* (#2429) 
This ensures keeping all dependencies in sync, and simplifies
packaging under freebsd/gentoo/etc because there is a single
vendor directory.
 2023-08-24 09:46:25 +02:00
mmetc
ffadd42779
update dependency on go-cs-lib; drop the pkg/ part (#2393) 2023-07-28 16:35:08 +02:00
mmetc
5e7c0e0f49
update google/winops dependency (#2366) 2023-07-26 10:14:29 +02:00
mmetc
fc78845a97
update gin-gonic/gin to 1.9.1 (#2230) 2023-07-25 13:32:32 +02:00
mmetc
46fff0b544
Update dependency: docker/docker (#2360) 2023-07-24 11:53:33 +02:00
mmetc
bb16552aca
Use same levenshtein package for cscli, ent, hcl (#2359) 
remove one dependency, slightly smaller binary
 2023-07-18 11:30:14 +02:00
mmetc
11b7b1bc88
Update dependencies: k8s, swag, jwt (#2357) 
this also removes dependencies on some deprecated packages
 2023-07-18 09:33:32 +02:00
mmetc
01d7c1a5c2
update dependency on goccy/go-yaml for arm32 fix (#2343) 2023-07-06 12:05:34 +02:00
mmetc
c10bca93df update dependencies on go-plugin and go-hclog (#2341) 
* update dependencies on go-plugin and go-hclog
* bump logrus (panic fix)
* implement HCLogAdapter.Getleve() to satisfy the new interface
 2023-07-06 12:01:07 +02:00
mmetc
59afb285f3
Update grpc dependency to latest stable version (#2339) 2023-07-06 10:15:17 +02:00
mmetc
8bcb4c2436
Update go-re2 dep to fix arm32 build (#2332) 2023-07-05 13:14:40 +02:00
mmetc
17cd792826
CI: update ansible tests for re2 (#2318) 2023-06-29 16:35:19 +02:00
mmetc
8bfeb7d90d
Update go dependencies (#2293) 
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
 2023-06-22 11:31:41 +02:00
mmetc
8da9d5eefd
don't log notification error if not running under systemd (#2274) 2023-06-08 15:04:48 +02:00
mmetc
12c32d507c
CI: refactoring pkg/csplugin tests (#2247) 2023-06-01 10:33:08 +02:00
mmetc
92a9d6c321
types.InSlice() -> slices.Contains() (#2246) 2023-05-31 12:39:22 +02:00
mmetc
534328ca30
decouple bouncer dependencies: use go-cs-lib/pkg/* (#2216) 
* decouple bouncer dependencies: use go-cs-lib/pkg/trace
* decouple bouncer dependencies: use go-cs-lib/pkg/version
* decouple bouncer dependencies: use go-cs-lib/pkg/yamlpatch
* decouple bouncer dependencies: use go-cs-lib/pkg/csstring
* unused import
 2023-05-23 10:52:47 +02:00
dependabot[bot]
abbc130844
Bump github.com/docker/distribution (#2194) 
Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.0+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.0...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-12 09:45:08 +02:00
dependabot[bot]
88587822c1
Bump github.com/docker/docker (#2159) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.2+incompatible to 20.10.24+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v20.10.2...v20.10.24)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
 2023-04-28 12:02:29 +02:00
mmetc
d286b044e7
Update go-sqlite3 dependency (fix LD_PRELOAD warnings) (#2174) 2023-04-19 12:05:24 +02:00
mmetc
6b744884b0
Update deps to latest stable: go-systemd, tail, cobra, lumberjack, testify (#2164) 2023-04-12 16:58:11 +02:00
mmetc
ea6401ce09
CI: Static builds by default; replace bincover with go -cover from 1.20 (#2150) 
* Makefile: build static binaries only
* Replace bincover with go -cover from 1.20
* CI: Fix timing issue between lapi and agent containers
 2023-03-30 15:05:09 +02:00
blotus
772d5b5c32
Add experimental support for re2 (#2138) 2023-03-28 16:26:47 +02:00
blotus
1095f6c875
use expr.Function for custom functions instead of passing them in the env (#2133) 2023-03-28 10:49:01 +02:00
blotus
dc38e5ac00
S3 acquisition datasource (#2130) 2023-03-21 13:54:52 +01:00
blotus
b1f2063a9a
Only support pgx driver for postgresql (#2118) 2023-03-16 11:02:31 +01:00
blotus
6aaf3cd50b
Update expr to 1.12.2 (#2110) 2023-03-09 16:56:11 +01:00
Thibault "bui" Koechlin
d95b7afe61
Distance support : Impossible travel (#2108) 
* add distance helpers
 2023-03-08 18:29:42 +01:00
dependabot[bot]
6888fa2133
Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 (#2089) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220722155237-a158d28d115b to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/commits/v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-02 14:46:58 +01:00
dependabot[bot]
9ae99964e6
Bump golang.org/x/text from 0.3.7 to 0.3.8 (#2072) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.7...v0.3.8)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 09:30:50 +01:00
dependabot[bot]
19a01d20dd
Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#2060) 2023-02-20 11:01:27 +01:00
dependabot[bot]
65fa2bf8c3
Bump github.com/docker/distribution (#1996) 2023-02-20 10:34:52 +01:00