rel-26

What's Changed

• Re-enable file contents writing without fsync. by @calebbrown in #768
• add package downloader tool and add more error handling to download functions by @maxfisher-g in #766
• Save analyzed package by @dukecat0 in #739
• Fix commands in test/e2e/README.md by @dukecat0 in #774
• add Parse function to pkgecosystem, use in ResolvePackage by @maxfisher-g in #769
• node, pypi: execute package code during import phase by @maxfisher-g in #730
• Move worker-tmp onto ssds by @calebbrown in #776
• Fix PHP composer installation. by @calebbrown in #782
• Add a package for posting ModifyAckDeadline messages to GCP periodically by @calebbrown in #779
• Restructure of archive download and hashing functions by @maxfisher-g in #778
• Correct usage of path and filepath packages across the project by @maxfisher-g in #784
• Properly close archive after extraction by @maxfisher-g in #785
• Fix a deadline bug, add GCP tests and a feature flag. by @calebbrown in #786

Full Changelog: rel-25...rel-26

rel-25

What's Changed

• Bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #761
• Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in #762
• remove restriction on number of stdout and stderr lines recorded by @maxfisher-g in #756
• Switch the ephemeral emptyDir to a volumeClaimTemplate to use SSDs by @calebbrown in #765
• Remove an fsync to improve the performance of file writes. by @calebbrown in #767

Full Changelog: rel-24...rel-25

rel-24

What's Changed

• Bump github/codeql-action from 2.3.6 to 2.13.4 by @dependabot in #760
• Add feature flags to make it easier to enable/disable features - specifically File Contents Saving by @calebbrown in #763

Full Changelog: rel-23...rel-24

rel-23

What's Changed

• fix bug in dynamic analysis dockerfile workdir by @maxfisher-g in #758
• Attempt to fix production by using mounts that aren't the overlay fs. by @calebbrown in #759

Full Changelog: rel-22...rel-23

rel-22

What's Changed

• consolidate go.work and go.sum files by @maxfisher-g in #746
• improve execution log retrieval by @maxfisher-g in #752
• move bucket upload logic to worker package by @maxfisher-g in #749
• log stderr from command errors, if present by @maxfisher-g in #751
• Make workers more ephemeral to avoid space issues. by @calebbrown in #742
• Switch unsupported google/gopacket to gopacket/gopacket by @calebbrown in #757
• Support custom sandbox and analysis script path for dynamic analysis by @maxfisher-g in #744

Full Changelog: rel-21...rel-22

rel-21

What's Changed

• Rust packages are now imported thanks to @dukecat0! (#726)
• Removed the old per-ecosystem dynamic analysis sandboxes since now a single combined sandbox is used for all ecosystems
• Added functions to copy files between sandbox and host (thank you @elainechien!)

New Contributors

• @dukecat0 made their first contribution in #726

Full Changelog: rel-20...rel-21

Combine dynamic analysis sandboxes

What's Changed

• worker now uses a single sandbox for dynamic analysis in all ecosystems by @maxfisher-g in #717
• file contents zip filename now contains the package version to avoid overwriting data from previously analyzed versions by @elainechien in #718

Full Changelog: rel-19...rel-20

Save file writes to cloud storage

What's Changed (mainly)

• Save write buffer in separate files and create file identifiers by @elainechien in #581
• Remove suspicious files field from obfuscation results by @maxfisher-g in #682

The first change above records the contents of all writes to the filesystem during dynamic analysis. These are saved to a zip file which can be further analysed later on

Full Changelog: rel-18...rel-19

Deploy static analysis

What's Changed

• Static analysis is now enabled in the production cloud worker

Full Changelog: rel-17...rel-18

Improvements to static analysis and general refactoring

What's Changed

• Static analysis now runs much faster. It's available for local analysis and configured for production use but not enabled yet.
• Separated static analysis data processing into 'tasks' which define related groups of related data to be output
• Makefile now used for CI and building production images
• Add combined sandbox that can run dynamic analysis on all ecosystems using one image

Full Changelog: rel-16...rel-17