v1.6.7

What's Changed

General

• Update comment by @directionless in #1650
• Re-enable secure enclave keys by @James-Pickett in #1651
• Add upgradeable packages and patches tables for Zypper package manager by @Micah-Kolide in #1654
• skip secure enclave signing tests when SKIP_SECURE_ENCLAVE_TESTS is set by @zackattack01 in #1656
• Use unique pid file for osquery per launcher run by @RebeccaMahany in #1657
• abstract bbolt from osquery extension code by @zackattack01 in #1652
• add new meddlesome processes to quarantine checkup by @zackattack01 in #1660
• Refactor runAsUser into tablehelper package by @Micah-Kolide in #1653
• Add kolide_snap_upgradeable table and new data_table exec parser by @Micah-Kolide in #1636
• add menu json checkup to flare and doctor by @James-Pickett in #1661
• add menu update change detection logs by @zackattack01 in #1664
• Ensure desktop runner shuts down within rungroup interrupt timeout, and log shutdown completion by @RebeccaMahany in #1668
• run osq runtime tests on windows by @James-Pickett in #1665
• Don't autoupdate in modern standby by @RebeccaMahany in #1669
• Include stderr in enrollment details failures so we can capture additional information on Windows by @RebeccaMahany in #1671
• set RecoveryActionsOnNonCrashFailures flag in svc_config_windows by @zackattack01 in #1670
• set up windows event logger first in main by @James-Pickett in #1672
• Upgrade golang.org/x/net to address GO-2024-2687 by @RebeccaMahany in #1673
• Small improvements to logging and flares by @directionless in #1667
• Pass system multislogger through to all launcher subcommands by @RebeccaMahany in #1674
• Do not make additional control server fetch request during control server interval update by @RebeccaMahany in #1675
• Remove incorrect use of TryLock for initial delay state in TUF autoupdater by @RebeccaMahany in #1676
• [TUF] Prevent executable from being overwritten by @RebeccaMahany in #1678
• Remove most of legacy autoupdate package by @RebeccaMahany in #1677
• Ensure file permissions are set appropriately when untarring archives during autoupdate by @RebeccaMahany in #1680
• Fix command exec's WithUid (RunAsUser) when running as self by @Micah-Kolide in #1682
• Remove arg from flatpak command exec by @Micah-Kolide in #1684
• fix codeql allocation-size-overflow alert by @James-Pickett in #1686
• Fix panic in 1.6.4 by @directionless in #1689
• Bump go version in docker by @directionless in #1688
• Fix potential nil panics in ee/desktop/runner detected by nilaway by @RebeccaMahany in #1694
• auto load ATC config in interactive by @James-Pickett in #1685
• Wrap main and remove os.Exit calls so all deferred functions will execute by @RebeccaMahany in #1693
• Standardize how we log and handle panics by @RebeccaMahany in #1692
• dont interact with desktop client while in standby by @James-Pickett in #1700
• Skip tests legacy autoupdate tests in CI by @RebeccaMahany in #1701
• Forbid use of panic inside launcher by @RebeccaMahany in #1697
• Update TUF root.json metadata asset by @RebeccaMahany in #1704
• Bump to actions/checkout@v3 by @RebeccaMahany in #1714
• Add brew no auto update to brew execs by @Micah-Kolide in #1713
• Clear InModernStandby on startup by @RebeccaMahany in #1719
• package-builder: add --bin_root_dir flag by @tstromberg in #1721
• secure enclave - return nil when no console user found by @James-Pickett in #1723
• make kolide info table hw keys consistent on all platforms by @James-Pickett in #1724

New Contributors

• @tstromberg made their first contribution in #1721

Full Changelog: v1.6.2...v1.6.7

v1.6.2

What's Changed

General

• add small wait before performing time machine exclusion test assertions by @James-Pickett in #1595
• Use ctx in slogger.Log when available by @RebeccaMahany in #1598
• Make the osquery extension and runner separate rungroups by @RebeccaMahany in #1596
• Remove UseTufAutoupdater flag; always use new autoupdater by @RebeccaMahany in #1576
• Remove legacy autoupdater by @RebeccaMahany in #1600
• Update nix-env upgradeable to run as a user by @Micah-Kolide in #1593
• Deprecate notary_prefix and notary_url options by @RebeccaMahany in #1601
• Remove notary from packaging by @RebeccaMahany in #1602
• Autoupdate documentation cleanup by @RebeccaMahany in #1572
• SA4023 staticcheck fixes by @RebeccaMahany in #1604
• Remove TUF generated files from gitignore by @directionless in #1605
• Remove autoloaded extensions by @RebeccaMahany in #1603
• Update some exec calls to use tablehelpers.Exec by @directionless in #1606
• Allow launcher to run without enrollment secret by @RebeccaMahany in #1608
• [slogger] Move platform tables (some shared, some Darwin) to use slogger partially or fully by @RebeccaMahany in #1609
• [slogger] Move Windows platform tables to use slogger partially or fully by @RebeccaMahany in #1610
• [slogger] Move Linux platform tables to use slogger partially or fully by @RebeccaMahany in #1611
• Run govulncheck, using GitHub action, in separate job by @RebeccaMahany in #1614
• Move govulncheck into lint.yml by @directionless in #1615
• [slogger] Replace logger with slogger in dataflatten/exec by @RebeccaMahany in #1612
• Add env vars to Kolide processes in checkup by @RebeccaMahany in #1616
• Replace logger with slogger in library lookup and osquery instance by @RebeccaMahany in #1617
• Do not spin up desktop process for nobody user by @RebeccaMahany in #1620
• Increase sleep in time machine test by @RebeccaMahany in #1621
• More logger replacement by @RebeccaMahany in #1618
• Replace logger with slogger in log checkpointer by @RebeccaMahany in #1624
• Use backoff in time machine test to reduce flakiness (hopefully) by @RebeccaMahany in #1625
• Skip TestAddExclusions in CI because it is too flaky by @RebeccaMahany in #1626
• Use naIfError for getting process ENV by @RebeccaMahany in #1622
• Replace logger with slogger in agent keys and in storage by @RebeccaMahany in #1623
• Replace logger with slogger in powereventwatcher, debug server, compactdb, and keyidentifier by @RebeccaMahany in #1627
• Control server can set update channel for autoupdater by @RebeccaMahany in #1628
• Don't trigger TUF when running from build directory by @directionless in #1607
• Allow control server to pin version for osqueryd and launcher by @RebeccaMahany in #1629
• add dynamic buffer size for log publication by @zackattack01 in #1630
• Expose current enrollment status through knapsack; add to checkup by @RebeccaMahany in #1632
• add osquery restart history to checkups by @zackattack01 in #1633
• Add kolide_brew_upgradeable table by @Micah-Kolide in #1634
• Add status to /id response, and include enrollment status by @RebeccaMahany in #1637
• Replace New().Logger with NewNopLogger() by @RebeccaMahany in #1638
• Bump google.golang.org/protobuf version to address GO-2024-2611 by @RebeccaMahany in #1642
• Add support to restrict localserver response handling to specific origins by @directionless in #1641
• add database reset history to uninstall and add uninstall history checkup by @zackattack01 in #1639
• Discard "update now" requests during initial autoupdate delay by @RebeccaMahany in #1643
• serverDataCheckup requires datastore access and therefore should not run during doctor by @RebeccaMahany in #1645
• Correct expectations for testing flag change during delay by @RebeccaMahany in #1646
• add support for collecitng multiple user keys on via secure enclave by @James-Pickett in #1644
• Add kolide_flatpak_upgradeable table with exec parser by @Micah-Kolide in #1635
• Hardcode use_tuf_autoupdater in startup settings so that v1.5.3 can use it by @RebeccaMahany in #1648
• revert secure enclave key collection to keep out of 1.6.2 by @James-Pickett in #1649

Full Changelog: v1.5.3...v1.6.2

v1.5.3

What's Changed

General

• Add rfm history to allowed falconctl options by @iamharlie in #1582
• sloglint fixes by @RebeccaMahany in #1584
• Set WAYLAND_DISPLAY, XDG_RUNTIME_DIR by @RebeccaMahany in #1583
• Add update-now functionality to TUF autoupdater by @RebeccaMahany in #1579
• now using slogger in desktop and all its dependencies by @James-Pickett in #1580
• grab logs from var/logs/kolide-k2 on macos by @James-Pickett in #1586
• update windows data dir installation by @zackattack01 in #1510
• Update the kolide_spotlight table with a longer timeout by @directionless in #1587
• Add additional data to exec traces by @directionless in #1590
• Get DISPLAY from display server process's connection to display socket by @RebeccaMahany in #1589
• grab launcher windows events in flare by @James-Pickett in #1588
• Add Linux VMware Workspace One UEM util exec by @Micah-Kolide in #1591
• add journalctl launcher logs to flare by @James-Pickett in #1592

New Contributors

• @iamharlie made their first contribution in #1582

Full Changelog: v1.5.2...v1.5.3

v1.5.2

What's Changed

General

• remote uninstall / disable by @James-Pickett in #1393
• A Much Smaller README by @directionless in #1562
• Ensure root directory checkup's file count is correct when directory has trailing slash by @RebeccaMahany in #1560
• Set up tracing as early as possible to capture initial traces by @RebeccaMahany in #1561
• Collect more timing info on launcher startup by @RebeccaMahany in #1563
• Some small fixes for staticcheck by @RebeccaMahany in #1565
• Add a little bit more tracing to enrollment by @RebeccaMahany in #1564
• Adjust paths in checkups to accommodate NixOS by @RebeccaMahany in #1558
• Don't run the initial runner, regardless of launcher flags by @RebeccaMahany in #1568
• control server sends message on start by @James-Pickett in #1557
• Ensure we have detailed traces when running checks by @RebeccaMahany in #1569
• Speed up launcher startup by @RebeccaMahany in #1567
• add nftables allowedCommand and exec table by @zackattack01 in #1570
• embed flags into knapsack by @James-Pickett in #1575
• More staticcheck + lint updates by @RebeccaMahany in #1574
• Use TUF metadata to determine version to download when packaging by @RebeccaMahany in #1573
• message menu item by @James-Pickett in #1571
• overwrite multislogger.Logger memory rather than reassigning pointer by @James-Pickett in #1578
• remove console users from local server request id by @James-Pickett in #1581

Full Changelog: v1.4.5...v1.5.2

v1.4.5

Most notably, this release adds the kolide_nix_upgradeable table, adjusts the gnome extension checkup for more accurate results, and includes some TUF autoupdater fixes and improvements.

What's Changed

General

• Document allowedcmd package by @RebeccaMahany in #1552
• add xdg_runtime_dir env var to gnome extension exec by @James-Pickett in #1553
• add job to make sure version match by @James-Pickett in #1551
• Lock to [email protected] temporarily to avoid dirty tags by @RebeccaMahany in #1554
• Remove Notary checkup by @RebeccaMahany in #1555
• Add NixOS packages upgradeable by @Micah-Kolide in #1361
• [TUF] Retry executable checks and directory renames on update download by @RebeccaMahany in #1556
• Don't select launcher version under v1.4.1 on stable by @RebeccaMahany in #1559

Full Changelog: v1.4.4...v1.4.5

v1.4.4

v1.4.4 is a small release with a couple improvements, fixes, and features -- most notably, fixing the gnome extensions checkup to avoid false negatives when running launcher doctor, excluding launcher data stores from time machine on macOS, and adding a new icon for the menu bar app.

What's Changed

General

• Don't use reserved version key in logs by @RebeccaMahany in #1542
• add func to exclude launcher db from time machine by @James-Pickett in #1531
• [TUF] Retry temp directory removals by @RebeccaMahany in #1546
• Add circle-dot icon by @RebeccaMahany in #1547
• Add circleDot capability by @RebeccaMahany in #1549
• If icon is unknown, use default icon by @RebeccaMahany in #1548
• fix gnome extensions check by @James-Pickett in #1545
• No-op comment update by @RebeccaMahany in #1550

Full Changelog: v1.4.2...v1.4.4

v1.4.2

This is a small release consisting of documentation updates and dead code cleanup.

What's Changed

General

• [TUF] Add dates for rollout to beta and stable by @RebeccaMahany in #1538
• Update version of golang in documentation by @RebeccaMahany in #1539
• [TUF] Update risk mitigation steps for TUF rollout by @RebeccaMahany in #1540
• Remove some unused code by @RebeccaMahany in #1541

Full Changelog: v1.4.1...v1.4.2

v1.4.1

1.4.1 is a small release to start getting the new autoupdate functionality out and into testing.

General

• Parse int instead of uint by @RebeccaMahany in #1521
• linux uninstall and docs updates by @zackattack01 in #1516
• [TUF] Add flag for TUF autoupdater rollout by @RebeccaMahany in #1524
• Detect hardware or enrollment change by @RebeccaMahany in #1492
• Add sqlite database for storing shared agent data; store and monitor startup data by @RebeccaMahany in #1515
• update desktop to use slogger by @James-Pickett in #1525
• Use slogger in new autoupdater by @RebeccaMahany in #1527
• [TUF] Use use_tuf_autoupdater in startupsettings to determine whether to use new autoupdater by @RebeccaMahany in #1526
• Update ee/control and sub-packages to use new slogger by @RebeccaMahany in #1528
• Update trace exporter to use slogger by @RebeccaMahany in #1529
• Move osquery extension and initial runner to use slogger by @RebeccaMahany in #1530
• Ensure kolide URL is set before doing DNS check by @RebeccaMahany in #1533
• Log stack trace for panic when possible by @RebeccaMahany in #1535
• Modify flags when needed to accommodate pflag by @RebeccaMahany in #1534
• use slogger for runLauncher logging by @James-Pickett in #1536

Full Changelog: v1.3.2...v1.4.1

v1.3.2

v1.3.2 shifts a lot of the Kolide Agent to being under our EE license. As this now includes the bulk of our tables, this should be considered a breaking change.

This also includes a lot of great changes. Too many to summarize, you'll have to dig through the notes. 🚀

Breaking Changes

• Relicense pkg/agent to ee/agent by @RebeccaMahany in #1494
• Relicense pkg/allowedcmd by @RebeccaMahany in #1495
• Relicense the bulk of our tables to ee by @directionless in #1464
• Relicense debug/checkups and debug/shipper to ee by @RebeccaMahany in #1478
• Relicense the TUF autoupdater by @RebeccaMahany in #1466
• Remove tables.ext by @directionless in #1496
• Update package-builder for EE license by @directionless in #1497

Table Changes

• Add filesystem and full path data to lsblk table by @Micah-Kolide in #1502

General

• make info default shipping level by @James-Pickett in #1451
• Include logs in test failure when TUF autoupdater doesn't shut down/restart within 5 seconds by @RebeccaMahany in #1452
• Enable watchdog for all channels by @RebeccaMahany in #1460
• [NixOS support] Run patchelf after autoupdate download by @RebeccaMahany in #1468
• Move code around. (Re-license and cleanup) by @directionless in #1483
• add console users when remote is false instead of looking at seat by @James-Pickett in #1453
• [TUF] Roll out tuf autoupdater to beta channel by @RebeccaMahany in #1430
• Check correct error to see if it's ETXTBSY by @RebeccaMahany in #1455
• Add package to perform path lookups and validations for commands by @RebeccaMahany in #1443
• remove old logger from local server, use slog and span http, add span_id and trace_sampled attrs to log by @James-Pickett in #1457
• [Flare] flare consumer always logs errors and returns nil by @James-Pickett in #1462
• don't delete logs until after successful send by @James-Pickett in #1463
• override log shipping level on start up by @James-Pickett in #1467
• [Desktop] Fall back to finding DISPLAY from display server process by @RebeccaMahany in #1471
• populate device id attributes to buffered logs before turning on shipping by @James-Pickett in #1472
• preserve ctx when dialing unix socket for desktop by @James-Pickett in #1475
• [Desktop] update desktop runner to include WINDIR as env var by @James-Pickett in #1480
• [Rungroups] Remove os.Exit in favor of more graceful shutdown when osquery instance can't be restarted by @RebeccaMahany in #1479
• [Rungroups] Add logs to track osquery errgroup shutdowns by @RebeccaMahany in #1485
• Increase the default osquery wait time by @directionless in #1484
• use slogger for kolide log adaptor by @James-Pickett in #1488
• [Rungroups] Add log when the rungroup has completed shutdown by @directionless in #1486
• [Rungroups] Add a timeout for killing osquery process group by @RebeccaMahany in #1487
• [Rungroups] Fix killProcessGroup by @directionless in #1489
• [Rungroups] Add timeout to rungroup shutdown by @RebeccaMahany in #1481
• [Rungroups] Ensure localserver's runAsyncdWorkers shuts down on rungroup shutdown by @RebeccaMahany in #1493
• buffer initial otel spans, update enrollment logging by @James-Pickett in #1491
• Use latest osqueryd path when performing version check by @RebeccaMahany in #1498
• dont use array for log with, set os as log attribute by @James-Pickett in #1500
• Fully log CheckExecutable failures by @RebeccaMahany in #1504
• Add control server flags for watchdog options by @RebeccaMahany in #1505
• Rename EnableWatchdog to WatchdogEnabled by @RebeccaMahany in #1508
• Use knapsack to set watchdog values; restart osquery on watchdog flag changes by @RebeccaMahany in #1506
• [TUF] Pull autoupdate config values from config file OR command-line args by @RebeccaMahany in #1512
• [Desktop] Don't set invalid DISPLAY by @RebeccaMahany in #1518

Build & Package

• Add revive linter and enable superfluous-else rule by @RebeccaMahany in #1448
• Add sloglint by @RebeccaMahany in #1445
• Configure GitHub's release notes autogeneration by @directionless in #1450
• Prevent "text file busy" errors in tests by @RebeccaMahany in #1454
• Update test with more realistic behavior by @RebeccaMahany in #1456
• Enable more revive lint rules by @RebeccaMahany in #1511
• Upgrade golang.org/x/crypto (and krypto) by @directionless in #1520

Full Changelog: v1.2.5...v1.3.2

v1.2.5

Version 1.2.5 is a small patch release to 1.2.1. It adds some additional logging and sets a few more timeouts.

General

• Add logs to track osquery errgroup shutdowns (#1485)
• Increase the default osquery socket wait time (#1484)
• Log when the rungroup has completed shutdown (#1486)
• Add a timeout for killing osquery process group (#1487)
• Fix merge from #1497 (c5c7bd9)

Full Changelog: v1.2.1...v1.2.5