Releases: kolide/launcher
Releases · kolide/launcher
v1.9.4
What's Changed
Features
Windows watchdog
- refactor power_event_watcher for configurable subscriber behavior by @zackattack01 in #1764
- windows restart service by @zackattack01 in #1681
- watchdog installation path updates by @zackattack01 in #1787
Kolide ATC
- Store configuration for Kolide custom ATC tables by @RebeccaMahany in #1761
- [KATC] Prepare ee/indexeddb for use in KATC tables by @RebeccaMahany in #1767
- [Kolide ATC] Construct KATC tables and add support for Firefox extension data by @RebeccaMahany in #1763
- [KATC] Add snake case row transform step by @RebeccaMahany in #1765
- [KATC] Backfill tests by @RebeccaMahany in #1766
- [KATC] Add support for .indexeddb.leveldb files by @RebeccaMahany in #1769
- [KATC] Update config schema, including overlays by @RebeccaMahany in #1772
- Handle booleans when deserializing firefox extension data by @RebeccaMahany in #1777
- [KATC] Set immutable option when opening sqlite db by @RebeccaMahany in #1781
- [KATC] Do not allow indexeddb row data to be overwritten by @RebeccaMahany in #1785
- [KATC/IndexedDB] Handle padding after property name by @RebeccaMahany in #1786
Action to force full control data fetch
- Add new action type force_full_control_data_fetch by @RebeccaMahany in #1779
Bug fixes
- Try both
--output=jsonand--json=shortwhen runningloginctl list-sessionsoutput by @RebeccaMahany in #1759 - check for dbus channel open and fix initialActorError logging by @zackattack01 in #1774
- Prevent osquery instance restarts while instance is still launching by @RebeccaMahany in #1778
- Don't store hashes for unknown subsystems by @RebeccaMahany in #1780
- Check for known subsystem against consumers and subscribers by @RebeccaMahany in #1782
- Add new values to
kolide_remotectlby @Micah-Kolide in #1783
Build/CI
- Remove soon-to-be deprecated macos-11 runner and add macos-14 by @RebeccaMahany in #1760
- Reenable sloglint now that golangci-lint includes sloglint 0.7.1 by @RebeccaMahany in #1733
- Upgrade actions to versions that run on node20 by @RebeccaMahany in #1771
General
- remove extra line by @James-Pickett in #1757
- Bump golang.org/x/image from 0.10.0 to 0.18.0 by @dependabot in #1762
Full Changelog: v1.8.1...v1.9.4
Contributors
RebeccaMahany, James-Pickett, and 3 other contributors
Assets 2
v1.8.1
What's Changed
General
- Update docs to indicate TUF rollout has completed by @RebeccaMahany in #1745
- [Documentation update] Specify usage for allowedcmd by @RebeccaMahany in #1747
- Remove universal link request forwarding by @RebeccaMahany in #1750
- Add package to query indexeddb database and parse results by @RebeccaMahany in #1715
- Continue in kolide_jwt when rawData is empty by @Micah-Kolide in #1751
- Take and use backups of the launcher database by @RebeccaMahany in #1755
- Take all backup dbs into account for checkup + remote uninstall by @RebeccaMahany in #1756
Full Changelog: v1.7.1...v1.8.1
Contributors
RebeccaMahany and Micah-Kolide
Assets 2
v1.7.1
What's Changed
General
- Remove the rest of pkg/autoupdate by @RebeccaMahany in #1679
- Disable sloglint until golangci-lint bumps to version with fix by @RebeccaMahany in #1725
- Add associated domains to entitlements by @RebeccaMahany in #1720
- tables use tablehelpers.run by @James-Pickett in #1696
- uninstall via extension / jsonrpc / grpc by @James-Pickett in #1712
- Universal link handler for launcher desktop by @RebeccaMahany in #1727
- Add data to startup message by @RebeccaMahany in #1728
- Register the desktop app path with launch services by @RebeccaMahany in #1731
- make sqlite migrations allow launcher downgrades by @zackattack01 in #1736
- update dataflatten tables to parse raw_data in query by @James-Pickett in #1732
- Accept referrer if origin is not available by @RebeccaMahany in #1739
- do not pre-create data files in wix for uninstall cleanup by @zackattack01 in #1738
- Add
initial_versionto launcher info table, update a log line by @directionless in #1741 - Add JWT signature validation to
kolide_jwtby @Micah-Kolide in #1730 - windows root directory fallback by @zackattack01 in #1742
- Add root directory override detection to autoupdate lookups by @zackattack01 in #1744
Full Changelog: v1.6.7...v1.7.1
Contributors
directionless, RebeccaMahany, and 3 other contributors
Assets 2
v1.6.7
What's Changed
General
- Update comment by @directionless in #1650
- Re-enable secure enclave keys by @James-Pickett in #1651
- Add upgradeable packages and patches tables for Zypper package manager by @Micah-Kolide in #1654
- skip secure enclave signing tests when
SKIP_SECURE_ENCLAVE_TESTSis set by @zackattack01 in #1656 - Use unique pid file for osquery per launcher run by @RebeccaMahany in #1657
- abstract bbolt from osquery extension code by @zackattack01 in #1652
- add new meddlesome processes to quarantine checkup by @zackattack01 in #1660
- Refactor runAsUser into tablehelper package by @Micah-Kolide in #1653
- Add
kolide_snap_upgradeabletable and newdata_tableexec parser by @Micah-Kolide in #1636 - add menu json checkup to flare and doctor by @James-Pickett in #1661
- add menu update change detection logs by @zackattack01 in #1664
- Ensure desktop runner shuts down within rungroup interrupt timeout, and log shutdown completion by @RebeccaMahany in #1668
- run osq runtime tests on windows by @James-Pickett in #1665
- Don't autoupdate in modern standby by @RebeccaMahany in #1669
- Include stderr in enrollment details failures so we can capture additional information on Windows by @RebeccaMahany in #1671
- set RecoveryActionsOnNonCrashFailures flag in svc_config_windows by @zackattack01 in #1670
- set up windows event logger first in main by @James-Pickett in #1672
- Upgrade golang.org/x/net to address GO-2024-2687 by @RebeccaMahany in #1673
- Small improvements to logging and flares by @directionless in #1667
- Pass system multislogger through to all launcher subcommands by @RebeccaMahany in #1674
- Do not make additional control server fetch request during control server interval update by @RebeccaMahany in #1675
- Remove incorrect use of TryLock for initial delay state in TUF autoupdater by @RebeccaMahany in #1676
- [TUF] Prevent executable from being overwritten by @RebeccaMahany in #1678
- Remove most of legacy autoupdate package by @RebeccaMahany in #1677
- Ensure file permissions are set appropriately when untarring archives during autoupdate by @RebeccaMahany in #1680
- Fix command exec's
WithUid(RunAsUser) when running as self by @Micah-Kolide in #1682 - Remove arg from flatpak command exec by @Micah-Kolide in #1684
- fix codeql allocation-size-overflow alert by @James-Pickett in #1686
- Fix panic in 1.6.4 by @directionless in #1689
- Bump go version in docker by @directionless in #1688
- Fix potential nil panics in ee/desktop/runner detected by nilaway by @RebeccaMahany in #1694
- auto load ATC config in interactive by @James-Pickett in #1685
- Wrap main and remove os.Exit calls so all deferred functions will execute by @RebeccaMahany in #1693
- Standardize how we log and handle panics by @RebeccaMahany in #1692
- dont interact with desktop client while in standby by @James-Pickett in #1700
- Skip tests legacy autoupdate tests in CI by @RebeccaMahany in #1701
- Forbid use of panic inside launcher by @RebeccaMahany in #1697
- Update TUF root.json metadata asset by @RebeccaMahany in #1704
- Bump to actions/checkout@v3 by @RebeccaMahany in #1714
- Add brew no auto update to brew execs by @Micah-Kolide in #1713
- Clear InModernStandby on startup by @RebeccaMahany in #1719
- package-builder: add
--bin_root_dirflag by @tstromberg in #1721 - secure enclave - return nil when no console user found by @James-Pickett in #1723
- make kolide info table hw keys consistent on all platforms by @James-Pickett in #1724
New Contributors
- @tstromberg made their first contribution in #1721
Full Changelog: v1.6.2...v1.6.7
Contributors
tstromberg, directionless, and 4 other contributors
Assets 2
v1.6.2
What's Changed
General
- add small wait before performing time machine exclusion test assertions by @James-Pickett in #1595
- Use ctx in slogger.Log when available by @RebeccaMahany in #1598
- Make the osquery extension and runner separate rungroups by @RebeccaMahany in #1596
- Remove UseTufAutoupdater flag; always use new autoupdater by @RebeccaMahany in #1576
- Remove legacy autoupdater by @RebeccaMahany in #1600
- Update nix-env upgradeable to run as a user by @Micah-Kolide in #1593
- Deprecate notary_prefix and notary_url options by @RebeccaMahany in #1601
- Remove notary from packaging by @RebeccaMahany in #1602
- Autoupdate documentation cleanup by @RebeccaMahany in #1572
- SA4023 staticcheck fixes by @RebeccaMahany in #1604
- Remove TUF generated files from gitignore by @directionless in #1605
- Remove autoloaded extensions by @RebeccaMahany in #1603
- Update some exec calls to use
tablehelpers.Execby @directionless in #1606 - Allow launcher to run without enrollment secret by @RebeccaMahany in #1608
- [slogger] Move platform tables (some shared, some Darwin) to use slogger partially or fully by @RebeccaMahany in #1609
- [slogger] Move Windows platform tables to use slogger partially or fully by @RebeccaMahany in #1610
- [slogger] Move Linux platform tables to use slogger partially or fully by @RebeccaMahany in #1611
- Run govulncheck, using GitHub action, in separate job by @RebeccaMahany in #1614
- Move
govulncheckintolint.ymlby @directionless in #1615 - [slogger] Replace logger with slogger in dataflatten/exec by @RebeccaMahany in #1612
- Add env vars to Kolide processes in checkup by @RebeccaMahany in #1616
- Replace logger with slogger in library lookup and osquery instance by @RebeccaMahany in #1617
- Do not spin up desktop process for nobody user by @RebeccaMahany in #1620
- Increase sleep in time machine test by @RebeccaMahany in #1621
- More logger replacement by @RebeccaMahany in #1618
- Replace logger with slogger in log checkpointer by @RebeccaMahany in #1624
- Use backoff in time machine test to reduce flakiness (hopefully) by @RebeccaMahany in #1625
- Skip TestAddExclusions in CI because it is too flaky by @RebeccaMahany in #1626
- Use naIfError for getting process ENV by @RebeccaMahany in #1622
- Replace logger with slogger in agent keys and in storage by @RebeccaMahany in #1623
- Replace logger with slogger in powereventwatcher, debug server, compactdb, and keyidentifier by @RebeccaMahany in #1627
- Control server can set update channel for autoupdater by @RebeccaMahany in #1628
- Don't trigger TUF when running from build directory by @directionless in #1607
- Allow control server to pin version for osqueryd and launcher by @RebeccaMahany in #1629
- add dynamic buffer size for log publication by @zackattack01 in #1630
- Expose current enrollment status through knapsack; add to checkup by @RebeccaMahany in #1632
- add osquery restart history to checkups by @zackattack01 in #1633
- Add
kolide_brew_upgradeabletable by @Micah-Kolide in #1634 - Add status to /id response, and include enrollment status by @RebeccaMahany in #1637
- Replace New().Logger with NewNopLogger() by @RebeccaMahany in #1638
- Bump google.golang.org/protobuf version to address GO-2024-2611 by @RebeccaMahany in #1642
- Add support to restrict localserver response handling to specific origins by @directionless in #1641
- add database reset history to uninstall and add uninstall history checkup by @zackattack01 in #1639
- Discard "update now" requests during initial autoupdate delay by @RebeccaMahany in #1643
- serverDataCheckup requires datastore access and therefore should not run during doctor by @RebeccaMahany in #1645
- Correct expectations for testing flag change during delay by @RebeccaMahany in #1646
- add support for collecitng multiple user keys on via secure enclave by @James-Pickett in #1644
- Add
kolide_flatpak_upgradeabletable with exec parser by @Micah-Kolide in #1635 - Hardcode use_tuf_autoupdater in startup settings so that v1.5.3 can use it by @RebeccaMahany in #1648
- revert secure enclave key collection to keep out of 1.6.2 by @James-Pickett in #1649
Full Changelog: v1.5.3...v1.6.2
Contributors
directionless, RebeccaMahany, and 3 other contributors
Assets 2
v1.5.3
What's Changed
General
- Add rfm history to allowed falconctl options by @iamharlie in #1582
- sloglint fixes by @RebeccaMahany in #1584
- Set WAYLAND_DISPLAY, XDG_RUNTIME_DIR by @RebeccaMahany in #1583
- Add update-now functionality to TUF autoupdater by @RebeccaMahany in #1579
- now using slogger in desktop and all its dependencies by @James-Pickett in #1580
- grab logs from var/logs/kolide-k2 on macos by @James-Pickett in #1586
- update windows data dir installation by @zackattack01 in #1510
- Update the
kolide_spotlighttable with a longer timeout by @directionless in #1587 - Add additional data to exec traces by @directionless in #1590
- Get DISPLAY from display server process's connection to display socket by @RebeccaMahany in #1589
- grab launcher windows events in flare by @James-Pickett in #1588
- Add Linux VMware Workspace One UEM util exec by @Micah-Kolide in #1591
- add journalctl launcher logs to flare by @James-Pickett in #1592
New Contributors
- @iamharlie made their first contribution in #1582
Full Changelog: v1.5.2...v1.5.3
Contributors
directionless, RebeccaMahany, and 4 other contributors
Assets 2
v1.5.2
What's Changed
General
- remote uninstall / disable by @James-Pickett in #1393
- A Much Smaller README by @directionless in #1562
- Ensure root directory checkup's file count is correct when directory has trailing slash by @RebeccaMahany in #1560
- Set up tracing as early as possible to capture initial traces by @RebeccaMahany in #1561
- Collect more timing info on launcher startup by @RebeccaMahany in #1563
- Some small fixes for staticcheck by @RebeccaMahany in #1565
- Add a little bit more tracing to enrollment by @RebeccaMahany in #1564
- Adjust paths in checkups to accommodate NixOS by @RebeccaMahany in #1558
- Don't run the initial runner, regardless of launcher flags by @RebeccaMahany in #1568
- control server sends message on start by @James-Pickett in #1557
- Ensure we have detailed traces when running checks by @RebeccaMahany in #1569
- Speed up launcher startup by @RebeccaMahany in #1567
- add nftables allowedCommand and exec table by @zackattack01 in #1570
- embed flags into knapsack by @James-Pickett in #1575
- More staticcheck + lint updates by @RebeccaMahany in #1574
- Use TUF metadata to determine version to download when packaging by @RebeccaMahany in #1573
- message menu item by @James-Pickett in #1571
- overwrite multislogger.Logger memory rather than reassigning pointer by @James-Pickett in #1578
- remove console users from local server request id by @James-Pickett in #1581
Full Changelog: v1.4.5...v1.5.2
Contributors
directionless, RebeccaMahany, and 2 other contributors
Assets 2
v1.4.5
Most notably, this release adds the kolide_nix_upgradeable table, adjusts the gnome extension checkup for more accurate results, and includes some TUF autoupdater fixes and improvements.
What's Changed
General
- Document allowedcmd package by @RebeccaMahany in #1552
- add xdg_runtime_dir env var to gnome extension exec by @James-Pickett in #1553
- add job to make sure version match by @James-Pickett in #1551
- Lock to govulncheck@v1.0.1 temporarily to avoid dirty tags by @RebeccaMahany in #1554
- Remove Notary checkup by @RebeccaMahany in #1555
- Add NixOS packages upgradeable by @Micah-Kolide in #1361
- [TUF] Retry executable checks and directory renames on update download by @RebeccaMahany in #1556
- Don't select launcher version under v1.4.1 on stable by @RebeccaMahany in #1559
Full Changelog: v1.4.4...v1.4.5
Contributors
RebeccaMahany, James-Pickett, and Micah-Kolide
Assets 2
v1.4.4
v1.4.4 is a small release with a couple improvements, fixes, and features -- most notably, fixing the gnome extensions checkup to avoid false negatives when running launcher doctor, excluding launcher data stores from time machine on macOS, and adding a new icon for the menu bar app.
What's Changed
General
- Don't use reserved version key in logs by @RebeccaMahany in #1542
- add func to exclude launcher db from time machine by @James-Pickett in #1531
- [TUF] Retry temp directory removals by @RebeccaMahany in #1546
- Add circle-dot icon by @RebeccaMahany in #1547
- Add circleDot capability by @RebeccaMahany in #1549
- If icon is unknown, use default icon by @RebeccaMahany in #1548
- fix gnome extensions check by @James-Pickett in #1545
- No-op comment update by @RebeccaMahany in #1550
Full Changelog: v1.4.2...v1.4.4
Contributors
RebeccaMahany and James-Pickett
Assets 2
v1.4.2
This is a small release consisting of documentation updates and dead code cleanup.
What's Changed
General
- [TUF] Add dates for rollout to beta and stable by @RebeccaMahany in #1538
- Update version of golang in documentation by @RebeccaMahany in #1539
- [TUF] Update risk mitigation steps for TUF rollout by @RebeccaMahany in #1540
- Remove some unused code by @RebeccaMahany in #1541
Full Changelog: v1.4.1...v1.4.2
Contributors
RebeccaMahany