Releases: HXSecurity/DongTai-agent-java
Releases · HXSecurity/DongTai-agent-java
v1.9.0
What's Changed
- 1.9.0-beta1 by @lostsnow in #483
- feat: add beta、develop by @tscuite in #486
- feat: add beta、develop by @tscuite in #488
- fix fastjson class fetch by class loader by @lostsnow in #485
- fixes JSR/RET in old jar by @lostsnow in #489
- fixes ignore same propagator taint when taint range was changed by @lostsnow in #490
- change dast header key by @lostsnow in #491
- Fix/agent actual state update after uninstall by cli by @lostsnow in #492
- change dast mark header by @lostsnow in #493
- fixes character encoding error when collect form urlencoded post body by @lostsnow in #496
- add logger remote config by @lostsnow in #494
- add ignore internal and blacklist policy by @lostsnow in #495
- remove hook blacklist org/apache/catalina/core/ApplicationPart by @lostsnow in #498
- add taint normalize test cases by @lostsnow in #499
- set class version when visit class by @lostsnow in #500
- ignore the collection of propagators when the taint has not change by @lostsnow in #501
- release v1.9.2-beta2 by @lostsnow in #502
- better compatible for log error code by @lostsnow in #504
- bump version to 1.9.0 by @lostsnow in #506
Full Changelog: v1.8.2...v1.9.0
Contributors
lostsnow and tscuite
Assets 2
v1.9.0-beta2
What's Changed
- feat: add beta、develop by @tscuite in #486
- feat: add beta、develop by @tscuite in #488
- fix fastjson class fetch by class loader by @lostsnow in #485
- fixes JSR/RET in old jar by @lostsnow in #489
- fixes ignore same propagator taint when taint range was changed by @lostsnow in #490
- change dast header key by @lostsnow in #491
- Fix/agent actual state update after uninstall by cli by @lostsnow in #492
- change dast mark header by @lostsnow in #493
- fixes character encoding error when collect form urlencoded post body by @lostsnow in #496
- add logger remote config by @lostsnow in #494
- add ignore internal and blacklist policy by @lostsnow in #495
- remove hook blacklist org/apache/catalina/core/ApplicationPart by @lostsnow in #498
- add taint normalize test cases by @lostsnow in #499
- set class version when visit class by @lostsnow in #500
- ignore the collection of propagators when the taint has not change by @lostsnow in #501
- release v1.9.2-beta2 by @lostsnow in #502
Full Changelog: v1.9.0-beta1...v1.9.0-beta2
Contributors
lostsnow and tscuite
Assets 2
v1.9.0-beta1
Contributors
lostsnow
Assets 2
v1.8.2
What's Changed
- fixes spring api fetch exception cause by controller with scope by @lostsnow in #439
- feat: update action by @tscuite in #440
- feat: update action by @tscuite in #442
- feat: update action by @tscuite in #443
- add ziroom blacklist by @lostsnow in #441
- fixes engine running state check by @lostsnow in #444
- ignore invalid http request meta by @lostsnow in #445
- fixes engine running state by @lostsnow in #446
- ignore spring mvc api collect by @lostsnow in #447
- change catch Exception to Throwable by @lostsnow in #448
- Feature/multi servive trace by @lostsnow in #449
- bump version to 1.8.2-beta by @lostsnow in #450
- http service request: add traceId and url source to okhttp client by @lostsnow in #451
- fixes some uninstall issue by @lostsnow in #452
- add tracing java net url header for http service by @lostsnow in #453
- http service: add header and body tracing to okhttp by @lostsnow in #454
- Feature/http service apache http client by @lostsnow in #455
- fixes servlet response flush by @lostsnow in #456
- fixes http client post body charset by @lostsnow in #457
- fixes custom model track: servlet request/response implementation by @lostsnow in #458
- add app template property by @lostsnow in #459
- bypass interfaces when transform classes by @lostsnow in #460
- logging: add error codes by @lostsnow in #461
- bypass agent state change after uninstall by cli by @lostsnow in #462
- add agent version to manifest by @lostsnow in #463
- fixes replay request header and body by @lostsnow in #464
- bump version to 1.8.2-beta2 by @lostsnow in #466
- Feature/refactor http request response collection by @lostsnow in #467
- fixes unkonwn taing range calculate by @lostsnow in #468
- fixes ibm SRTServletRequest getParameterNames() track in source node by @lostsnow in #469
- fixes exception cause by @lostsnow in #470
- fixes request body fetch by @lostsnow in #471
- fixes xxe check reflect exception catch by @lostsnow in #472
- fixes taint range calculate for StringWriter.write() char array by @lostsnow in #473
- fixes HttpServletRequest.getParameter() xss taint tag by @lostsnow in #474
- Fix/request response body fetch by @lostsnow in #475
- add undertow servlet ServletPrintWriter response fetch by @lostsnow in #476
- bump version to 1.8.2-beta3 by @lostsnow in #477
- add parent agent id header for outgoing requests by @lostsnow in #480
- fixes scanner hook blacklist by @lostsnow in #481
- bump version to 1.8.2 by @lostsnow in #482
Full Changelog: v1.8.1...v1.8.2
Contributors
lostsnow and tscuite
Assets 2
v1.8.2-beta3
What's Changed
- Feature/refactor http request response collection by @lostsnow in #467
- fixes unkonwn taing range calculate by @lostsnow in #468
- fixes ibm SRTServletRequest getParameterNames() track in source node by @lostsnow in #469
- fixes exception cause by @lostsnow in #470
- fixes request body fetch by @lostsnow in #471
- fixes xxe check reflect exception catch by @lostsnow in #472
- fixes taint range calculate for StringWriter.write() char array by @lostsnow in #473
- fixes HttpServletRequest.getParameter() xss taint tag by @lostsnow in #474
- Fix/request response body fetch by @lostsnow in #475
- add undertow servlet ServletPrintWriter response fetch by @lostsnow in #476
- bump version to 1.8.2-beta3 by @lostsnow in #477
Full Changelog: v1.8.2-beta2...v1.8.2-beta3
Contributors
lostsnow
Assets 2
v1.8.2-beta2
What's Changed
- http service request: add traceId and url source to okhttp client by @lostsnow in #451
- fixes some uninstall issue by @lostsnow in #452
- add tracing java net url header for http service by @lostsnow in #453
- http service: add header and body tracing to okhttp by @lostsnow in #454
- Feature/http service apache http client by @lostsnow in #455
- fixes servlet response flush by @lostsnow in #456
- fixes http client post body charset by @lostsnow in #457
- fixes custom model track: servlet request/response implementation by @lostsnow in #458
- add app template property by @lostsnow in #459
- bypass interfaces when transform classes by @lostsnow in #460
- logging: add error codes by @lostsnow in #461
- bypass agent state change after uninstall by cli by @lostsnow in #462
- add agent version to manifest by @lostsnow in #463
- fixes replay request header and body by @lostsnow in #464
- bump version to 1.8.2-beta2 by @lostsnow in #466
Full Changelog: v1.8.2-beta...v1.8.2-beta2
Contributors
lostsnow
Assets 2
v1.8.2-beta
What's Changed
- fixes spring api fetch exception cause by controller with scope by @lostsnow in #439
- feat: update action by @tscuite in #440
- feat: update action by @tscuite in #442
- feat: update action by @tscuite in #443
- add ziroom blacklist by @lostsnow in #441
- fixes engine running state check by @lostsnow in #444
- ignore invalid http request meta by @lostsnow in #445
- fixes engine running state by @lostsnow in #446
- ignore spring mvc api collect by @lostsnow in #447
- change catch Exception to Throwable by @lostsnow in #448
- Feature/multi servive trace by @lostsnow in #449
- bump version to 1.8.2-beta by @lostsnow in #450
Full Changelog: v1.8.1...v1.8.2-beta
Contributors
lostsnow and tscuite
Assets 2
v1.8.1
What's Changed
- fix class retransform after attach by @lostsnow in #423
- fixes crypto weak randomness scan for SecureRandom by @lostsnow in #424
- add stack deny list for sink node by @lostsnow in #425
- fixes math random check by @lostsnow in #427
- Feature/taint tag by @lostsnow in #428
- fixes parse source custom model IllegalAccessException by @lostsnow in #429
- add agent uuid by @lostsnow in #430
- Fix fallback and agent state by @lostsnow in #431
- change method pool size over capacity log level to warn by @lostsnow in #432
- add version header key config by @lostsnow in #433
- add fluent-arm, fixes fluent extract when another process in use by @lostsnow in #434
- fixes agent register server env by @lostsnow in #435
- bump version to 1.8.1 by @lostsnow in #436
Full Changelog: v1.8.0...v1.8.1
Contributors
lostsnow
Assets 2
v1.8.0
What's Changed
- refactor policy model and class transform by @lostsnow in #404
- fixes fluent config variable parse, split fluent config and log file by agent id by @lostsnow in #405
- Fix(Close #403): system env string shouldn't use default charsets, us utf-8 by @a1576471428 in #406
- fixes policy node map key by @lostsnow in #407
- Feature/refactor method pool fields by @lostsnow in #408
- add new config by @lostsnow in #409
- Feature/method pool size limit config by @lostsnow in #410
- add dynamic configuration of response body collection by @lostsnow in #411
- fixes replay request post body by @lostsnow in #412
- skip http request collect if in deny list by @lostsnow in #413
- fixes org.slf4j package shade by @lostsnow in #414
- fixes normal vul stacks and crypto-weak-randomness policy source by @lostsnow in #415
- fixes obj2string exception by @lostsnow in #416
- add config builder testcases by @lostsnow in #417
- fixes some sink methods source value capture by @lostsnow in #418
- update blacklist.txt by @Nizernizer in #419
- bump version to 1.8.0 by @lostsnow in #420
New Contributors
- @a1576471428 made their first contribution in #406
Full Changelog: v1.7.9...v1.8.0
Contributors
lostsnow, a1576471428, and Nizernizer
Assets 2
v1.7.9
What's Changed
- Fix/parse custom model exception by @Nizernizer in #400
- bump version to 1.7.9 by @lostsnow in #401
Full Changelog: v1.7.8...v1.7.9
Contributors
lostsnow and Nizernizer