Merge pull request #117 from jinghao1/master

jinghao1 · web-flow · commit 6e39ab5c9c7d · 2022-02-23T20:17:20.000+08:00
release 1.3.1
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,71 @@
+
+name: "Code Scanning - Action"
+
+on:
+  push:
+    branches: [ master ]
+    paths-ignore:
+      - '.github/**'
+      - '**.md'
+      - '**.yml'
+      - '**.json'
+      - 'LICENSE'
+      - '.gitignore'
+    pull_request:
+      branches: [ master ]
+      paths-ignore:
+        - '.github/**'
+        - '**.md'
+        - '**.yml'
+        - '**.json'
+        - 'LICENSE'
+        - '.gitignore'
+    schedule:
+      #        ┌───────────── minute (0 - 59)
+      #        │  ┌───────────── hour (0 - 23)
+      #        │  │ ┌───────────── day of the month (1 - 31)
+      #        │  │ │ ┌───────────── month (1 - 12 or JAN-DEC)
+      #        │  │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
+      #        │  │ │ │ │
+      #        │  │ │ │ │
+      #        │  │ │ │ │
+      #        *  * * * *
+      - cron: '30 1 * * 0'
+
+jobs:
+  CodeQL-Build:
+    # If you're only analyzing JavaScript or Python, CodeQL runs on ubuntu-latest, windows-latest, and macos-latest.
+    # If you're analyzing C/C++, C#, Go, or Java, CodeQL runs on ubuntu-latest, windows-2019, and macos-latest.
+    runs-on: ubuntu-latest
+
+    permissions:
+      # required for all workflows
+      security-events: write
+
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        # Override language selection by uncommenting this and choosing your languages
+         with:
+           languages: python, c
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: "3.9"
+
+      - name: Package
+        run: |
+          cp dongtai_agent_python/config-example.json dongtai_agent_python/config.json
+          python setup.py sdist
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,21 @@
 # Changelog
 
-## Unreleased
+## [1.3.1](https://github.com/HXSecurity/DongTai-agent-python/releases/tag/v1.3.1)  - 2022-02-23
+* FEATURES
+  * Add crypto bad cipher detection  [#107](https://github.com/HXSecurity/DongTai-agent-python/pull/107)
+  * Add regular expression DOS attack detection  [#111](https://github.com/HXSecurity/DongTai-agent-python/pull/111)
+  * Compatible with v2 version taint data reporting API  [#116](https://github.com/HXSecurity/DongTai-agent-python/pull/116)
+* BUGFIXES
+  * Fix exception caused when using gevent patch [#105](https://github.com/HXSecurity/DongTai-agent-python/pull/105)
+  * Fix Django 3.1, 3.2 response header parsing error [#108](https://github.com/HXSecurity/DongTai-agent-python/pull/108)
+  * Added documentation of packages required for compiling under alpine linux [#115](https://github.com/HXSecurity/DongTai-agent-python/pull/115)
+* ENHANCEMENTS
+  * performance optimization [#116](https://github.com/HXSecurity/DongTai-agent-python/pull/116)
+  * code cleanup [#110](https://github.com/HXSecurity/DongTai-agent-python/pull/110)
+* Build
+  * When the github action runs, it automatically triggers openapi to pull the latest agent package  [#113](https://github.com/HXSecurity/DongTai-agent-python/pull/113)
+
+## [1.3.0](https://github.com/HXSecurity/DongTai-agent-python/releases/tag/v1.3.0)  - 2022-01-07
 
 * FEATURES
   * Add installed packages report for SCA [#100](https://github.com/HXSecurity/DongTai-agent-python/pull/100)
diff --git a/CHANGELOG_CN.md b/CHANGELOG_CN.md
@@ -1,6 +1,21 @@
 # 升级日志
 
-## 尚未发布
+## [1.3.1](https://github.com/HXSecurity/DongTai-agent-python/releases/tag/v1.3.1)  - 2022-02-23
+* 功能
+  * 增加弱加密算法漏洞检测 [#107](https://github.com/HXSecurity/DongTai-agent-python/pull/107)
+  * 增加正则表达式DOS攻击检测 [#111](https://github.com/HXSecurity/DongTai-agent-python/pull/111)
+  * 兼容 v2版本污点数据上报API [#116](https://github.com/HXSecurity/DongTai-agent-python/pull/116)
+* 修复
+  * 修复使用 gevent patch 时导致的异常 [#105](https://github.com/HXSecurity/DongTai-agent-python/pull/105)
+  * 修复 Django 3.1、3.2 响应头解析错误 [#108](https://github.com/HXSecurity/DongTai-agent-python/pull/108)
+  * 增加 alpine linux 下编译时需要的软件包文档说明 [#115](https://github.com/HXSecurity/DongTai-agent-python/pull/115)
+* 变更
+  * 性能优化 [#116](https://github.com/HXSecurity/DongTai-agent-python/pull/116)
+  * 代码清理 [#110](https://github.com/HXSecurity/DongTai-agent-python/pull/110)
+* 构建
+  * github action 运行时自动触发 openapi 拉取最新的 agent 包 [#113](https://github.com/HXSecurity/DongTai-agent-python/pull/113)
+
+## [1.3.0](https://github.com/HXSecurity/DongTai-agent-python/releases/tag/v1.3.0)  - 2022-01-07
 
 * 功能
   * 组件管理: 上报已安装的软件包 [#100](https://github.com/HXSecurity/DongTai-agent-python/pull/100)
