All notable changes to this project will be documented in this file.
- upstream auto update issue (electron issue)
- Thrift connection pooling
- Support for AWS workstations
- Scan duration to UI
- Automated testing for builds
- Stop binding to 'localhost' for node server, now explicitly bound to 127.0.0.1 to prevent host override issues
- emit
scan:initevent on server, even if policy is not a string - updated react-dev-tools (vuln)
- fixed cache timing issue, now auto expire cache once it is not in use
- changed method of checking disk encryption on mac to using
fdestatusinstead of osquery - Removed unused Applescript import from MacSecurity resolver
- quiet down verbose debug logging in osquery
- optimize general queries that do not change between requests (run once)
- differentiate main app errors with specific handlers
- Added version to app title to minimize users having to hunt the info down.
- Added minimum rescan time
- Added version to error page
- Added error serialization to make logs less useless
2.0.5 - 2018-09-05
- Resolves Mojave instructions issue
- Support for querying Browser instructions documentation
2.0.3 - 2018-08-29
- Stethoscope is now a tray/menubar only application!
- Normalized practice names to camelCase between
yamlandjson - Closing window collapses app to menubar/tray instead of quitting
- Improved logging
- Automatic scanning (weekly scan by default) - controlled by
rescanIntervalSecondsin src/config.json - Basic support for internationalization (practices.{LANGUAGE_CODE}.yaml)
- Documentation around policies
- New Mac device versions
- Instructions now display dynamic content via handlebars preprocessing
- Production debugging capabilities
- Basic linux support (requires
root)
- Improved thrift connection stability and removed magic numbers/timing
- Windows not properly terminating osqueryd on close
1.2.0 - 2018-07-29
- Updated to use thrift socket via osqueryd rather than shelling out to osqueryi
- startup order of operations, now wait for osqueryd to spawn before bootstrapping browser window and express server
- request-level caching and timing data for powershell commands
cross-envdep to simplify env var handling
- issue with semver mishandling
- vulnerability from drag and drop links
1.0.2 - 2018-04-10
- Updated
electronandelectron-builderdependencies to mitigate CVE-2018-1000118
1.0.1 - 2018-04-09
nspdependency to check for vulnerabilities- standardjs formatting
- updated dependencies
- Stopped including osqueryi binaries for all platforms in build
1.0.0 - 2018-04-05
- Top level messaging on device status
- Added
SUGGESTEDto requirement options - Support for NUDGE status
- Bracketing on OS version requirements in Policy
- Added
osNameandosBuildattributes toDeviceschema
- Breaking Change Removed original
validateandvalidateWithDetailsqueries and moved newervalidateV2tovalidate - Minimum required Mac version in default policy (10.13.3 -> 10.13.4)
- Update flow copy
- Removed unused code/resolvers and branching that was required by supporting multiple validation queries and results
- Commented logic in policy evaluation, simplified policy processing
0.3.2 - 2018-03-22
policyFormatversion anversiontoinstructions.yaml- PASS/FAIL titles instead of single title to individual instructions
- Support for NUDGE state, instead of just PASS/FAIL
validateV2GraphQL endpoint that allows osVersion policy to be bracketed- schemas to support updated osVersion policy format
- "active" state to scan button when non-passing item instructions are expanded
- Aligned definitions and instructions with web Stethoscope
- osVerson now properly reports non-passing state
0.3.1 - 2018-03-16
- About screen for Windows
- Removed ability to maximize and fullscreen application windows
- Signing instructions (previous were incorrect)
- Made "View all devices" link gray to not draw action
- Added missing PASS/FAIL status in device information
- Bad path for changelog file in production
0.3.0 - 2018-03-16
- icon badge indicating number of policy violations (Mac/Windows)
- Changelog
- Force use of the npm registry
- Additional MAC address filtering
- Fixed issue with Tray icon showing up multiple times in some instances
- Close graphql server only when app is quitting or on uncaughtException
0.2.11 - 2018-03-15
- updated bundled osqueryi binaries from
2.9to2.11 - MAC address filtering, removed local and multicast interfaces from list
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.