Skip to content

Releases: ossf/package-analysis

Record file write metadata and notify on analysis completion

14 Dec 01:12
4da9a86
Compare
Choose a tag to compare

What's Changed

  • Metadata on file writes is new recorded during dynamic analysis of packages. This includes the number of writes to each file as well as how many bytes were written during each write. More data collection (including the actual bytes written) is planned for future releases
  • A new pub/sub topic was added which notifies subscribers when dynamic analysis of a package completes successfully
  • Improvements to dev tools

New Contributors

  • @elainechien implemented the file write data collection enhancements
  • @adaluong implemented the notification mechanism for analysis completion

Full Changelog: rel-14...rel-16

Rust crates.io support.

21 Sep 02:03
251f08e
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: rel-13...rel-14

Bug fixes: unlinkat parsing and docker push tags

08 Sep 04:08
ebd1345
Compare
Choose a tag to compare

What's Changed

Other contributions

New Contributors

Full Changelog: rel-12...rel-13

Unlink parsing, remove apt-key, update scorecard with v2 beta

06 Sep 00:21
c2656ee
Compare
Choose a tag to compare

Changes to Analysis:

  • remove deprecated apt-key command from Dockerfile (#339)
  • add unlink/unlinkat strace parsing (#338)
  • don't push manually built images by default and bump Ubuntu to 22.04 in Dockerfile (#336)

Other changes

  • updated scorecard with the v2 beta (#340)

Bump cloudbuild timeout

05 Jul 02:37
6622b3c
Compare
Choose a tag to compare

What's Changed

Full Changelog: rel-10...rel-11

Packagist Support

05 Jul 02:03
415cecb
Compare
Choose a tag to compare

Enable Packagist/PHP support

What's Changed

New Contributors

  • @case made their first contribution in #295

Full Changelog: rel-9...rel-10

Separate host traffic from sandbox traffic; fix blocking pcap.

09 May 22:32
53c2ae6
Compare
Choose a tag to compare

What's Changed

  • Separate sandbox traffic to avoid capturing host packets during analysis. by @calebbrown in #275

Full Changelog: rel-8...rel-9

Capture DNS Query, Bump GVisor version

05 May 01:36
bdeda74
Compare
Choose a tag to compare

What's Changed

Full Changelog: rel-7...rel-8

rel-7: Better sandboxing

01 Apr 00:51
1a2574f
Compare
Choose a tag to compare

Key Changes

  • Block access from the Sandbox to any Private IP address space. by @calebbrown in #248
  • Add curl to the sandboxes to make them more representative. by @calebbrown in #251
  • Remove the fixed box name to make it harder for sandbox detection. by @calebbrown in #253
  • Add a case studies document by @calebbrown in #254

Full Changelog: rel-6...rel-7

Improve security and strace parsing

11 Mar 00:28
d092561
Compare
Choose a tag to compare

What's Changed