Releases: kolide/launcher
Releases · kolide/launcher
v1.12.3
What's Changed
Table Changes
- Added restrictions for datatypes for systemprofiler by @cesarfda in #1914
- added new store for uptime history and uptime tracking with knapsack by @cesarfda in #1923
- [KATC] Add support for doubles to indexeddb parsing by @RebeccaMahany in #1963
Build and Package
- Move off deprecated codeql-action/init@v2 by @RebeccaMahany in #1932
- add numeric install version value to windows registry on install by @zackattack01 in #1953
Features and Improvements
- Report run ID to control server in startup message by @RebeccaMahany in #1947
- upgrade watchdog service to scheduled task by @zackattack01 in #1951
- Add remote restart consumer to handle remote restart actions by @RebeccaMahany in #1948
- Retry osquery instance launch until successful or shutdown requested by @RebeccaMahany in #1952
Bug Fixes
- Get launcher.flags from correct directory in checkup by @RebeccaMahany in #1918
- always generate desktop menu json by @James-Pickett in #1920
- Remove mixer/clock due to bug by @RebeccaMahany in #1926
- Set Access-Control-Allow-Credentials: true in localserver by @RebeccaMahany in #1955
- Give launcher interactive enough time to run during doctor by @RebeccaMahany in #1958
- Set SystemDrive env var on osquery command by @RebeccaMahany in #1960
- Set all env vars on osquery process by @RebeccaMahany in #1961
- deny default write permissions from windows root directory by @zackattack01 in #1962
- Set root dir permissions on Windows with SET instead of DENY, and overwrite existing DACL by @RebeccaMahany in #1965
General
- ADR for osquery extension, runner, and instance refactor by @RebeccaMahany in #1905
- Make jsonrpc the default for transport by @RebeccaMahany in #1919
- Remove and consolidate osquery instance options by @RebeccaMahany in #1909
- Move osquery instance creation and launch into osqueryinstance.go by @RebeccaMahany in #1921
- Update receiver vars for OsqueryInstance for consistency by @RebeccaMahany in #1922
- Move key creation to runLauncher by @RebeccaMahany in #1924
- Move plugin ownership to osqueryinstance by @RebeccaMahany in #1925
- Move osquery extension management into osquery instance by @RebeccaMahany in #1927
- [Tests] Capture osquery logs for troubleshooting flaky tests; use current stable osqueryd in tests by @RebeccaMahany in #1928
- Moved run ID management to knapsack by @cesarfda in #1929
- Separate osquery instance and runner further by @RebeccaMahany in #1931
- Update osquery refactor ADR status by @RebeccaMahany in #1933
- Unique filename for osquery.sock by @RebeccaMahany in #1935
- Unique osquery database per instance by @RebeccaMahany in #1942
- Support running multiple osquery instances by @RebeccaMahany in #1941
- Store expected registration IDs separately from running instances to avoid data race by @RebeccaMahany in #1945
- Test reorganization/backfill for osquery runner and instance by @RebeccaMahany in #1946
- ActionQueue retry on failure by @cesarfda in #1944
- Refactor log file handling to standardize zip creation and improve er… by @cesarfda in #1950
- add current version to windows registry on startup by @zackattack01 in #1956
- add windows installer-info from registry to flares by @zackattack01 in #1957
- choose presence detection reason based on GOOS, enable windows by @James-Pickett in #1959
- Don't perform remote restart yet by @RebeccaMahany in #1966
Full Changelog: v1.11.6...v1.12.3
v1.11.6
What's Changed
Build and Package
- Set osquery version in packaging context by @RebeccaMahany in #1901
- Trim osquery version correctly on Windows by @RebeccaMahany in #1903
Features and Improvements
- If we don't have any TUF metadata locally, return friendlier error message by @RebeccaMahany in #1907
- show desktop immediatly at launch if already enabled by @James-Pickett in #1911
- add resumedFromSleep event to power event watcher by @zackattack01 in #1913
General
- added metadata to server checkup by @cesarfda in #1902
- Remove unused subcommands by @RebeccaMahany in #1906
- add availablesleepstates output to windows flare power report by @zackattack01 in #1912
- collect power events for windows flares by @zackattack01 in #1916
Full Changelog: v1.11.5...v1.11.6
v1.11.5
What's Changed
Table Changes
- Custom error for homebrew table not found by @Dharma-09 in #1872
- Ensure Flatpak parser regex follows dbus bus name spec by @Micah-Kolide in #1875
- Patch
kolide_macos_software_update
for MacOS15 by @Micah-Kolide in #1891
Build and Package
- Remove macos-12 runner since it will be deprecated soon by @RebeccaMahany in #1895
Features and Improvements
- Add coredump checkup for flare/doctor using coredumpctl only by @RebeccaMahany in #1868
- macos presence detection by @James-Pickett in #1867
- added download info to flare by @cesarfda in #1878
- Perform presence detection on Windows using UserConsentVerifier interop by @RebeccaMahany in #1890
Bug Fixes
- james/remove wmi unneeded releases by @James-Pickett in #1863
- fix host checkup panic by @zackattack01 in #1866
- remote uninstall fixes for dual launcher installations by @zackattack01 in #1870
- Set slogger on rungroup after logshipping is set up, so that rungroup logs will be shipped by @RebeccaMahany in #1869
- batch tmutil call args to prevent argument list too long errors by @zackattack01 in #1873
- use latest systray to hide until ready by @James-Pickett in #1885
- allow update during initial delay when overridding initial delay by @James-Pickett in #1887
- add notifier and universal link handler to run group before menu init by @James-Pickett in #1894
- upgrade systray for windows delay by @James-Pickett in #1896
General
- Check windows service manager settings prior to setting them by @mlwood-dev in #1859
- add logging to invalid version detection by @zackattack01 in #1871
- include arch and os in local server headers by @James-Pickett in #1877
- use kolide go ole by @James-Pickett in #1881
- Update documentation for notifications and control server by @RebeccaMahany in #1882
- Exclude finding from govulncheck check by @RebeccaMahany in #1886
- Update library lookup docs to account for pinned versions by @RebeccaMahany in #1889
- dont build menu when not showing, update systray by @James-Pickett in #1897
- setup notifier after systray init by @James-Pickett in #1898
- Log osquery version by @cesarfda in #1893
- added install-info to checkup by @cesarfda in #1899
- darwin notifier listen after show desktop by @James-Pickett in #1900
New Contributors
- @mlwood-dev made their first contribution in #1859
- @Dharma-09 made their first contribution in #1872
- @cesarfda made their first contribution in #1878
Full Changelog: v1.10.3...v1.11.5
What's Changed
Table Changes
- Custom error for homebrew table not found by @Dharma-09 in #1872
- Ensure Flatpak parser regex follows dbus bus name spec by @Micah-Kolide in #1875
- Patch
kolide_macos_software_update
for MacOS15 by @Micah-Kolide in #1891
Build and Package
- Remove macos-12 runner since it will be deprecated soon by @RebeccaMahany in #1895
Features and Improvements
- Add coredump checkup for flare/doctor using coredumpctl only by @RebeccaMahany in #1868
- macos presence detection by @James-Pickett in #1867
- added download info to flare by @cesarfda in #1878
- Perform presence detection on Windows using UserConsentVerifier interop by @RebeccaMahany in #1890
- Log osquery version by @cesarfda in #1893
- added install-info to checkup by @cesarfda in #1899
Bug Fixes
- james/remove wmi unneeded releases by @James-Pickett in #1863
- fix host checkup panic by @zackattack01 in #1866
- remote uninstall fixes for dual launcher installations by @zackattack01 in #1870
- Set slogger on rungroup after logshipping is set up, so that rungroup logs will be shipped by @RebeccaMahany in #1869
- batch tmutil call args to prevent argument list too long errors by @zackattack01 in #1873
- use latest systray to hide until ready by @James-Pickett in #1885
- allow update during initial delay when overridding initial delay by @James-Pickett in #1887
- add notifier and universal link handler to run group before menu init by @James-Pickett in #1894
- upgrade systray for windows delay by @James-Pickett in #1896
- dont build menu when not showing, update systray by @James-Pickett in #1897
- setup notifier after systray init by @James-Pickett in #1898
- darwin notifier listen after show desktop by @James-Pickett in #1900
General
- Check windows service manager settings prior to setting them by @mlwood-dev in #1859
- add logging to invalid version detection by @zackattack01 in #1871
- include arch and os in local server headers by @James-Pickett in #1877
- use kolide go ole by @James-Pickett in #1881
- Update documentation for notifications and control server by @RebeccaMahany in #1882
- Exclude finding from govulncheck check by @RebeccaMahany in #1886
- Update library lookup docs to account for pinned versions by @RebeccaMahany in #1889
New Contributors
- @mlwood-dev made their first contribution in #1859
- @Dharma-09 made their first contribution in #1872
- @cesarfda made their first contribution in #1878
Full Changelog: v1.10.3...v1.11.5
What's Changed
Table Changes
- Custom error for homebrew table not found by @Dharma-09 in #1872
- Ensure Flatpak parser regex follows dbus bus name spec by @Micah-Kolide in #1875
- Patch
kolide_macos_software_update
for MacOS15 by @Micah-Kolide in #1891
Build and Package
- Remove macos-12 runner since it will be deprecated soon by @RebeccaMahany in #1895
Features and Improvements
- Add coredump checkup for flare/doctor using coredumpctl only by @RebeccaMahany in #1868
- macos presence detection by @James-Pickett in #1867
- added download info to flare by @cesarfda in #1878
- Perform presence detection on Windows using UserConsentVerifier interop by @RebeccaMahany in #1890
- Log osquery version by @cesarfda in #1893
Bug Fixes
- james/remove wmi unneeded releases by @James-Pickett in #1863
- fix host checkup panic by @zackattack01 in #1866
- remote uninstall fixes for dual launcher installations by @zackattack01 in #1870
- Set slogger on rungroup after logshipping is set up, so that rungroup logs will be shipped by @RebeccaMahany in #1869
- batch tmutil call args to prevent argument list too long errors by @zackattack01 in #1873
- use latest systray to hide until ready by @James-Pickett in #1885
- allow update during initial delay when overridding initial delay by @James-Pickett in #1887
- add notifier and universal link handler to run group before menu init by @James-Pickett...
v1.10.3
What's Changed
Table Changes
- Fix
autoupdate_managed
table value for MacOS 15 by @Micah-Kolide in #1862
Bug Fixes
- Check for systray error: unable to init instance: Unspecified error by @RebeccaMahany in #1855
General
- Log error when we can't initialize a read-only TUF metadata client by @RebeccaMahany in #1856
- windows arm64 fixes, upgrade winio and thrift by @James-Pickett in #1858
Full Changelog: v1.10.2...v1.10.3
v1.10.2
What's Changed
Table Changes
- [LevelDB IndexedDB] Return empty rows instead of error when db or object store doesn't exist by @RebeccaMahany in #1830
- Add additional global state return value to socketfilterfw parser by @Micah-Kolide in #1842
- Update Homebrew upgradeable table implementation by @Micah-Kolide in #1847
Build and Package
- build windows msi for arm and amd by @James-Pickett in #1796
- support preprod dual install by @zackattack01 in #1834
- Use new timestamp server by @RebeccaMahany in #1843
- Update provisioning profile by @RebeccaMahany in #1846
- Only set arch on bin dir when we are building for Windows by @RebeccaMahany in #1851
Features and Improvements
- Ship a final batch of logs before shutdown by @RebeccaMahany in #1822
- add invoking user permissions metadata for flares by @zackattack01 in #1824
- remove watchdog service on remote uninstall by @zackattack01 in #1825
- get runtime enrollment details before osq details by @James-Pickett in #1833
Bug Fixes
- Do not echo debug logs to stderr on Windows by @RebeccaMahany in #1828
- Do not override root directory to point to another tenant by @RebeccaMahany in #1844
- Restart desktop process on systray errors by @RebeccaMahany in #1835
General
- use new version of context option for sloglint by @zackattack01 in #1821
- Log slow-running queries by @RebeccaMahany in #1823
- Remove unnecessary fmt.Sprintf by @RebeccaMahany in #1836
Full Changelog: v1.9.6...v1.10.2
v1.9.6
What's Changed
Table Changes
- Add socketfilterfw parser table by @Micah-Kolide in #1812
Features and Improvements
- Add osqueryd file presence check to autoupdate running version check by @zackattack01 in #1818
Bug Fixes
- [Chrome IndexedDB] Fix header processing by @RebeccaMahany in #1814
- [Chrome IndexedDB] Fix EOF while reading header by @RebeccaMahany in #1819
- [Chrome IndexedDB] Do not require tokenObjectBegin to occur immediately after version by @RebeccaMahany in #1820
General
- [KATC] Add documentation for troubleshooting deserialization by @RebeccaMahany in #1813
- Add new changelog categories, reorder categories so general is at the bottom by @RebeccaMahany in #1815
- Update osquery checkup by @directionless in #1817
Full Changelog: v1.9.5...v1.9.6
v1.9.5
What's Changed
Features
- Add snap installed table by @Micah-Kolide in #1809
Improvements and fixes
Handle occasional missing osqueryd binary
- download osqueryd when missing on startup by @zackattack01 in #1788
- add on-demand osquery download startup span events by @zackattack01 in #1811
Watchdog
- prevent watchdog installation for dev environments by @zackattack01 in #1802
Reduce launcher startup time on Windows
- optimize windows service startup by @zackattack01 in #1806
Improvements to pkg/osquery/runtime, mostly related to improving test flakiness and observability
- pkg/osquery/runtime improvements, largely around improving test flakiness by @RebeccaMahany in #1798
- Log when osquery instance has completed setup; improve interactive tests by @RebeccaMahany in #1804
Fixes, troubleshooting improvements, and expanded capability for KATC tables
- Log table_type correctly in KATC logs by @RebeccaMahany in #1792
- [Chrome IndexedDB] Support deserializing string arrays by @RebeccaMahany in #1793
- [IndexedDB] Generate test data; support dense arrays by @RebeccaMahany in #1794
- [IndexedDB/KATC] Firefox array deserialization improvements and more tests by @RebeccaMahany in #1795
- [KATC] Improve logging by @RebeccaMahany in #1799
- [KATC/IndexedDB] Adjust strict mode for opening leveldb-backed indexeddb by @RebeccaMahany in #1800
- [LevelDB IndexedDB] Check object property name type, and read dense arrays until end token by @RebeccaMahany in #1801
- [sqlite IndexedDB] When appropriate, reinterpret pair as double by @RebeccaMahany in #1803
- [LevelDB IndexedDB] Discard padding bytes before reading object property start by @RebeccaMahany in #1805
- [LevelDB/IndexedDB] Fetch more data and log when we encounter an unexpected header version tag by @RebeccaMahany in #1807
- [LevelDB/IndexedDB] Ensure we process utf-16 object property strings appropriately, update logging by @RebeccaMahany in #1808
- [LevelDB+IndexedDB] Add more information to log when we hit object property name with unexpected non-string type by @RebeccaMahany in #1810
Tests and CI
- Add .Maybe() to some unimportant assertions in runtime tests by @RebeccaMahany in #1797
General
- Remove unused parameter by @RebeccaMahany in #1790
Full Changelog: v1.9.4...v1.9.5
v1.9.4
What's Changed
Features
Windows watchdog
- refactor power_event_watcher for configurable subscriber behavior by @zackattack01 in #1764
- windows restart service by @zackattack01 in #1681
- watchdog installation path updates by @zackattack01 in #1787
Kolide ATC
- Store configuration for Kolide custom ATC tables by @RebeccaMahany in #1761
- [KATC] Prepare ee/indexeddb for use in KATC tables by @RebeccaMahany in #1767
- [Kolide ATC] Construct KATC tables and add support for Firefox extension data by @RebeccaMahany in #1763
- [KATC] Add snake case row transform step by @RebeccaMahany in #1765
- [KATC] Backfill tests by @RebeccaMahany in #1766
- [KATC] Add support for .indexeddb.leveldb files by @RebeccaMahany in #1769
- [KATC] Update config schema, including overlays by @RebeccaMahany in #1772
- Handle booleans when deserializing firefox extension data by @RebeccaMahany in #1777
- [KATC] Set immutable option when opening sqlite db by @RebeccaMahany in #1781
- [KATC] Do not allow indexeddb row data to be overwritten by @RebeccaMahany in #1785
- [KATC/IndexedDB] Handle padding after property name by @RebeccaMahany in #1786
Action to force full control data fetch
- Add new action type force_full_control_data_fetch by @RebeccaMahany in #1779
Bug fixes
- Try both
--output=json
and--json=short
when runningloginctl list-sessions
output by @RebeccaMahany in #1759 - check for dbus channel open and fix initialActorError logging by @zackattack01 in #1774
- Prevent osquery instance restarts while instance is still launching by @RebeccaMahany in #1778
- Don't store hashes for unknown subsystems by @RebeccaMahany in #1780
- Check for known subsystem against consumers and subscribers by @RebeccaMahany in #1782
- Add new values to
kolide_remotectl
by @Micah-Kolide in #1783
Build/CI
- Remove soon-to-be deprecated macos-11 runner and add macos-14 by @RebeccaMahany in #1760
- Reenable sloglint now that golangci-lint includes sloglint 0.7.1 by @RebeccaMahany in #1733
- Upgrade actions to versions that run on node20 by @RebeccaMahany in #1771
General
- remove extra line by @James-Pickett in #1757
- Bump golang.org/x/image from 0.10.0 to 0.18.0 by @dependabot in #1762
Full Changelog: v1.8.1...v1.9.4
v1.8.1
What's Changed
General
- Update docs to indicate TUF rollout has completed by @RebeccaMahany in #1745
- [Documentation update] Specify usage for allowedcmd by @RebeccaMahany in #1747
- Remove universal link request forwarding by @RebeccaMahany in #1750
- Add package to query indexeddb database and parse results by @RebeccaMahany in #1715
- Continue in kolide_jwt when rawData is empty by @Micah-Kolide in #1751
- Take and use backups of the launcher database by @RebeccaMahany in #1755
- Take all backup dbs into account for checkup + remote uninstall by @RebeccaMahany in #1756
Full Changelog: v1.7.1...v1.8.1
v1.7.1
What's Changed
General
- Remove the rest of pkg/autoupdate by @RebeccaMahany in #1679
- Disable sloglint until golangci-lint bumps to version with fix by @RebeccaMahany in #1725
- Add associated domains to entitlements by @RebeccaMahany in #1720
- tables use tablehelpers.run by @James-Pickett in #1696
- uninstall via extension / jsonrpc / grpc by @James-Pickett in #1712
- Universal link handler for launcher desktop by @RebeccaMahany in #1727
- Add data to startup message by @RebeccaMahany in #1728
- Register the desktop app path with launch services by @RebeccaMahany in #1731
- make sqlite migrations allow launcher downgrades by @zackattack01 in #1736
- update dataflatten tables to parse raw_data in query by @James-Pickett in #1732
- Accept referrer if origin is not available by @RebeccaMahany in #1739
- do not pre-create data files in wix for uninstall cleanup by @zackattack01 in #1738
- Add
initial_version
to launcher info table, update a log line by @directionless in #1741 - Add JWT signature validation to
kolide_jwt
by @Micah-Kolide in #1730 - windows root directory fallback by @zackattack01 in #1742
- Add root directory override detection to autoupdate lookups by @zackattack01 in #1744
Full Changelog: v1.6.7...v1.7.1