Releases: DataDog/guarddog
Releases · DataDog/guarddog
v2.0.6
Bug fixes and improvements
- Enhance exfiltrate-sensitive-data rule by @ikretz in #475
- Enhance shady links rule by @sobregosodd in #476
- Fix os usage case in npm-exfiltrate-sensitive-data by @sobregosodd in #477
Chores
- Bump setuptools from 75.1.0 to 75.2.0 by @dependabot in #474
- Bump mypy from 1.11.2 to 1.12.1 by @dependabot in #473
- Bump coverage from 7.6.1 to 7.6.4 by @dependabot in #472
- Bump pygit2 from 1.15.1 to 1.16.0 by @dependabot in #469
- Bump termcolor from 2.4.0 to 2.5.0 by @dependabot in #467
Full Changelog: v2.0.5...v2.0.6
Contributors
dependabot, ikretz, and sobregosodd
Assets 2
v2.0.5
Bug fixes and improvements
- Improve code execution and shady links rules by @ikretz in #463
- Updating npm and pypi top pkgs by @sobregosodd in #466
- Compute SHA-256 in bundled_binary by @ikretz in #471
Chores
- Bump disposable-email-domains from 0.0.104 to 0.0.107 by @dependabot in #465
- Bump pytest from 8.3.2 to 8.3.3 by @dependabot in #459
- Bump setuptools from 74.1.2 to 75.1.0 by @dependabot in #460
- Bump sarif-tools from 2.0.0 to 3.0.3 by @dependabot in #464
- Bump urllib3 from 2.2.2 to 2.2.3 by @dependabot in #461
Full Changelog: v2.0.4...v2.0.5
Contributors
dependabot, ikretz, and sobregosodd
Assets 2
v2.0.4
Bug fixes and improvements
- Fix RST syntax by @miketheman in #453
- FP npm-install-script - exclude case by @sobregosodd in #452
- FN: Adding a new detection case to npm-exec-base64 by @sobregosodd in #456
Chores
- Updating top packages list for typosquatting by @sobregosodd in #451
- Bump setuptools from 73.0.1 to 74.1.2 by @dependabot in #455
- Bump pyyaml from 6.0.1 to 6.0.2 by @dependabot in #450
- Bump configparser from 7.0.0 to 7.1.0 by @dependabot in #449
New Contributors
- @miketheman made their first contribution in #453
Full Changelog: v2.0.3...v2.0.4
Contributors
miketheman, dependabot, and sobregosodd
Assets 2
v2.0.3
Bug fixes and improvements
- Bugfix: obfuscation False Positive by @sobregosodd in #445
- Fix YARA execution bugs by @sobregosodd in #444
Chores
- Bump setuptools from 70.3.0 to 73.0.1 by @dependabot in #447
- Bump mypy from 1.11.0 to 1.11.2 by @dependabot in #446
- Bump flake8 from 7.1.0 to 7.1.1 by @dependabot in #438
- Bump coverage from 7.6.0 to 7.6.1 by @dependabot in #436
- Bump prettytable from 3.10.2 to 3.11.0 by @dependabot in #441
Full Changelog: v2.0.2...v2.0.3
Contributors
dependabot and sobregosodd
Assets 2
v2.0.2
Bug fixes and improvements
- Adding new patterns to detect obfuscation by @sobregosodd in #435
- Adding new link domains to shady-links by @sobregosodd in #434
Chores
- Bump pytest from 8.2.2 to 8.3.2 by @dependabot in #428
- Bump mypy from 1.10.1 to 1.11.0 by @dependabot in #424
- Bump prettytable from 3.10.0 to 3.10.2 by @dependabot in #417
- Bump coverage from 7.5.4 to 7.6.0 by @dependabot in #418
- Bump pygit2 from 1.15.0 to 1.15.1 by @dependabot in #410
- Update top pkgs resources for NPM and PYPI by @sobregosodd in #433
Full Changelog: v2.0.1...v2.0.2
Contributors
dependabot and sobregosodd
Assets 2
v2.0.1
Bug fixes and improvements
- Standardize local scanning behavior by @ikretz in #426
- Eliminate Package class by @ikretz in #422
- Bugfix: Adding permissions to traverse extracted files and folders by @sobregosodd in #421
- Removing npm-install-script False Positives by @sobregosodd in #429
- Expand allowed tar archive compression algorithms by @ikretz in #430
- Improve shady-links rule by @sobregosodd in #431
Contributors
ikretz and sobregosodd
Assets 2
v2.0.0
What's Changed
New features:
- Adding support for running YARA and private rules by @sobregosodd in #401
- Support Go ecosystem by @juliendoutre in #413
Improvements and bugfixes:
- Improve DLL hijacking rule coverage by @ikretz in #414
- Add detection for Python sqlite3 data exfiltration by @ikretz in #420
- Remove duplicated sourcode findings by @sobregosodd in #407
- Simplify local target checks by @ikretz in #419
Chores:
- add setuptools to dependencies by @xopham in #412
- Bump disposable-email-domains from 0.0.103 to 0.0.104 by @dependabot in #409
- Bump certifi from 2023.7.22 to 2024.7.4 by @dependabot in #408
New Contributors
Full Changelog: v1.11.2...v2.0.0
Contributors
dependabot, juliendoutre, and 3 other contributors
Assets 2
v1.11.2
What's Changed
- Hotfix: No rules are ran by default by @sobregosodd in #406
Full Changelog: v1.11.1...v1.11.2
Contributors
sobregosodd
Assets 2
v1.11.1
Contributors
sobregosodd
Assets 2
v1.11.0
What's Changed
Bug fixes and improvements
- Add steganography for NPM by @sobregosodd in #396
- Add exceptions to shady-links by @sobregosodd in #395
- Improve detection to avoid memory over-usage by @sobregosodd in #400
- Bugfix: Input rules are not correctly set in analyzers by @sobregosodd in #399
Chores
- Bump mypy from 1.10.0 to 1.10.1 by @dependabot in #402
- Bump setuptools from 70.0.0 to 70.2.0 by @dependabot in #403
- Bump coverage from 7.5.3 to 7.5.4 by @dependabot in #398
Full Changelog: v1.10.1...v1.11.0
Contributors
dependabot and sobregosodd