Skip to content

Sync to prepare for 0.74.2 #4182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Apr 17, 2025
Merged

Sync to prepare for 0.74.2 #4182

merged 22 commits into from
Apr 17, 2025

Conversation

scudette
Copy link
Contributor

No description provided.

dependabot bot and others added 22 commits April 17, 2025 00:53
@dependabot @scudette
Bump vite from 4.5.9 to 4.5.10 in /gui/velociraptor (#4144)
93a7394
@scudette
Allow client monitoring to implement CPU limits (#4145)
f5e0e53
@scudette
[Snyk] Security upgrade axios from 1.8.2 to 1.8.3 (#4137)
8f29a16
@scudette
Bugfix: Fix deadlock in profile artifact. (#4146)
fb1b298 
This would deadlock a client's profile flow.
@scudette
Bugfix: UpdateNotebookCell raced periodic update (#4151)
9ba544c 
In rare situations the periodic update mechanism. This resulted in
notebook cell state going backwards preventing proper updates.
@scudette
Bugfix: Fix RPM building scripts (#4153)
97625d1
@dependabot @scudette
Bump vite from 4.5.10 to 4.5.11 in /gui/velociraptor (#4152)
baf1dcb
@scudette
Refactor progress writer to use the export service (#4154)
a531302
@predictiple @scudette
Minor config wizard fixes (#4157)
93fd56b
@scudette
Bugfix: Detect result set replay and drop it (#4159)
4b079e3 
In some situations it is possible for result sets to be retransmitted
(for example when there is a load balancer in front). This PR detects
when a result set upload is replayed and ignores it. Without this
detection, the result set will append a repeated set of data which may
corrupt the uploaded query results.
@scudette
Rate limit client event updates on artifact modification. (#4162)
0ae8fbb 
When artifacts are modified we need to recompile the client event tables
- this takes time. If the user modifies a lot of artifacts very quickly
(e.g. with a VQL query) this can overwhelm the server as it will try to
recompile the event table for each artifact.

This PR adds debouncing via the notification service to limit the rate
of event table compilation.
@dependabot @scudette
Bump vite from 4.5.11 to 4.5.12 in /gui/velociraptor (#4161)
58a6bf3
@scudette
Bugfix: Memcache filestore lockup (#4164)
d78722d 
This happened when the file store memory limit exceeded and it tried to
flush aggresively.
@scudette
Bugfix: memcache file store potential deadlock. (#4167)
b5bcc16
@seqre @scudette
feat: enable option to enable SAML IdP-initiated flow (#4165)
4cdc1b9 
I'm using Velociraptor with SSO, and the lack of the IdP-initiated SAML
flow was annoying me, so I decided to contribute it! It's fairly simple
change as we only need to pass that option to `samlsp.Options` and
`samlsp` takes care of everything afterwards.
@scudette
[Snyk] Upgrade @babel/runtime from 7.26.9 to 7.26.10 (#4163)
ce63253
@scudette
Add access masks to handles() plugin. (#4168)
3e6a884
@scudette
Added a Sigma enrichment field. (#4170)
d40f354 
This field can add additional enrichment to events only after they
already matched. This removes the need to calculate expensive operations
for all events, instead we only do this for some events.
@scudette
Fix build for armf linux. (#4172)
57e78a9 
Pst parser introduced a dependency that does not build on this platform.
@scudette
Added DNS trackr for ebpf ip -> name resolution (#4178)
f98247c
@dependabot @scudette
Bump github.com/gorilla/csrf from 1.6.2 to 1.7.3 (#4176)
b6c2790
@scudette
Set the user avatar in the datastore (#4180)
ee85d4d 
Previously we added the token in the cookie which would make the cookie
too large. This PR sets the user avatar in the datastore during the
oauth step so it can be retrieved from there instead of the cookie each
time. This keeps the cookie smaller.

Fixes: #4177
@CLAassistant
Copy link

CLAassistant commented Apr 16, 2025
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
3 out of 4 committers have signed the CLA.

✅ predictiple
✅ seqre
✅ scudette
❌ dependabot[bot]
You have signed the CLA already but the status is still pending? Let us recheck it.

@scudette scudette merged commit 107e07b into v0.74-release Apr 17, 2025
2 of 3 checks passed
@scudette scudette deleted the 0.74-2-sync branch April 17, 2025 00:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@scudette @CLAassistant @predictiple @seqre