mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-10 20:05:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
2113 commits 88 branches 214 tags 262 MiB
Commit graph

131 commits

Author SHA1 Message Date
mmetc
9510146780
update expr to 1.17.2 (#3519) 
* update expr to 1.17.2

* add if test

---------

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2025-05-09 12:55:01 +02:00
mmetc
f8f0b2a211
improve support for parsing time durations with 'day' units (#3599) 
* custom duration type for "cscli decisions list", "cscli alerts list"
* custom duration type for "cscli allowlist add"
* custom duration type for "cscli machines prune"
* custom duration type for "cscli bouncers prune"
* replace old function ParseDuration
* use custom duration type in expr helpers
* update dependency
* lint
* test fix
* support days in 'metrics_max_age'
* DurationWithDays for 'max_age'
 2025-05-05 15:12:29 +02:00
mmetc
8689783ade
refact: pkg/exprhelpers/debugger, convert switch to function dispatch (#3587) 2025-04-24 11:27:45 +02:00
mmetc
418a27596e
lint/gocritic: enable importShadow, typeUnparen, unnecessaryDefer (#3583) 2025-04-24 11:12:38 +02:00
mmetc
34e306505c
refact pkg/database: dry decision count (#3586) 2025-04-24 10:25:48 +02:00
mmetc
a0fab0ac5a
fix: avoid possible race condition while compiling expressions (#3582) 2025-04-17 17:34:40 +02:00
Laurence Jones
bcce4afe5e
enhance: Flags now superceed all log levels (#3496) 
* enhance: Flags now superceed all log levels

* enhance: remove global var for local scope

* test

---------

Co-authored-by: marco <marco@crowdsec.net>
 2025-03-07 13:42:08 +00:00
mmetc
12a3c70860
lint: gocritic/httpNoBody (#3493) 
* lint: gocritic/httpNoBody
 2025-03-07 14:35:25 +01:00
Thibault "bui" Koechlin
f49e1e28d2
move ParseQuery to expr helpers, add ExtractQueryParam (#3491) 
* move ParseQuery to expr helpers, add ExtractQueryParam
 2025-03-04 10:41:11 +01:00
blotus
ce5b4b435b
add JA4H expr helper (#3401) 2025-02-24 15:20:33 +01:00
mmetc
45624c6fe5
tests: switch context.Background() -> t.Context() from go 1.24 (#3473) 2025-02-21 00:09:11 +01:00
mmetc
c4ff4228be
use go 1.24, enable unencrypted http2 (#3470) 2025-02-19 14:05:17 +01:00
mmetc
5136d928ed
lint: gocritic/typeDefFirst (ensure type definitions come before methods) (#3404) 
* lint: gocritic/typeDefFirst (ensure type definitions come before methods)

* lint
 2025-02-17 10:55:18 +01:00
mmetc
49fb24c3b1
lint: enable errcheck; add allowlist and explicit checks (#3403) 
* lint: enable errcheck with explicit allow list
* add explicit error checks
* windows tests
* windows nolint
 2025-01-16 16:13:10 +01:00
mmetc
fe931af5ca
lint: gocritic/captLocal (don't capitalize local variables) (#3402) 
* lint: gocritic/captLocal (don't capitalize local variables)

* lint (whitespace)
 2025-01-16 14:03:53 +01:00
mmetc
6529215775
CI: golangci-lint 1.63 (#3396) 2025-01-16 13:22:08 +01:00
mmetc
9ef5f58f88
test pkg/exprhelpers: explicit message if the tag "expr_debug" is missing (#3400) 
* test pkg/exprhelpers: explicit message if the tag "expr_debug" is missing

* typo

* lint: use build tag expr_debug while linting

* lint
 2025-01-15 12:13:54 +01:00
mmetc
7a1ad8376a
lint: style, autofix (#3354) 2024-12-05 10:40:48 +01:00
blotus
d8bc17b170
wineventlog: add support for replaying evtx files (#3278) 2024-10-16 16:55:32 +02:00
mmetc
1133afe58d
context propagation: pkg/database/{lock,decision} (#3251) 
* context propagation: pkg/database/lock

* QueryAllDecisionsWithFilters(ctx...), QueryExpiredDecisionsWithFilters(ctx...)

* more Query...Decision...(ctx..)

* rest of decisions

* lint
 2024-09-23 17:33:46 +02:00
mmetc
b93b240bd4
lint: enable (some) gocritic checks (#3238) 
* lint: gocritic configuration
* lint: octal literals
* lint: gocritic (filepath.Join)
* ling: gocritic (badRegexp, regexpSimplify)
* lint: gocritic (preferStringWriter)
* lint: gocritic (emtpyStringTest)
* filepath.Clean(a+b) -> filepath.Join(a, b)
* gofumpt
 2024-09-17 17:07:30 +02:00
mmetc
5a50fd06bb
refact: reduce code nesting (acquisition/file, tests) (#3200) 
* reduce if nesting

* lint: gocritic (nestingReduce)

* lint
 2024-09-03 12:25:30 +02:00
mmetc
136dba61d9
reduce log verbosity, minor CI fixes, lint (#3157) 
* pkg/cwhub: redundant log messages

* CI: fixture output and elapsed time

* CI: preload only essential hub items

* report full version (including -rc2 etc.) with cscli hub update --debug

* lint
 2024-08-01 10:55:04 +02:00
blotus
a3d7900b5f
update expr (#3144) 2024-07-22 12:14:46 +02:00
mmetc
91463836ff
tests: increase delta for flaky float comparison (#3122) 
* tests: increase delta for flaky float comparison

* remove leading 0 from non-octal number
 2024-07-15 10:51:45 +02:00
mmetc
206211ce53
lint: import statement order (#3085) 
* lint: import statement order

* lint
 2024-06-26 12:16:17 +02:00
mmetc
0e93f98cad
lint: github.com/pkg/errors -> errors (#3091) 2024-06-21 14:31:45 +02:00
mmetc
4b988701ed
lint (intrange) (#2970) 2024-06-21 13:47:26 +02:00
mmetc
8a259fd25b
lint (copyloopvar) (#2971) 2024-06-20 22:13:26 +02:00
mmetc
659774fd3d
refactor: prefer logrus.WithField over WithFields with a single param (#3087) 2024-06-20 10:38:23 +02:00
mmetc
a529e66cd8
Typos (#3084) 
* comment fix

* redundancy

* typo nill -> nil

* remove extra newline from log
 2024-06-13 11:07:44 +02:00
mmetc
bd4540b1bf
refactor context (cscli, pkg/database) (#3071) 
* cscli: helper require.DBClient()

* refactor pkg/database: explicit context to dbclient constructor

* lint
 2024-06-11 12:13:18 +02:00
mmetc
ae58b158a5
enable linter: revive (var-declaration) (#3069) 2024-06-11 09:26:50 +02:00
mmetc
7fd01ae3fc
CI: update golangci-lint to 1.59; enforce canonical HTTP headers (#3074) 2024-06-10 16:13:49 +02:00
mmetc
72b6da9925
enable linter: revive (early-return) (#3051) 
* enable linter: revive (early-return)

* lint
 2024-06-07 16:53:23 +02:00
mmetc
b38b959f71
enable linter "stylecheck" (#3060) 
* enable linter "stylecheck"

* stylecheck: omit redundant types
 2024-06-06 14:51:49 +02:00
mmetc
73e03ef556
lint: enable revive/if-return, revive/error-strings (#3057) 
* lint: enable revive/if-return, revive/error-strings

* lint
 2024-06-05 11:37:57 +02:00
mmetc
3dd17b9081
tests: log.Fatal -> return err (#3056) 
* tests: log.Fatal -> return err

* lint
 2024-06-05 11:04:54 +02:00
blotus
f3341c1382
Appsec: properly populate event (#2943) 2024-05-27 10:15:38 +02:00
blotus
1b894a292b
GetActiveDecisionsCount()and GetActiveDecisionsTimeLeft()expr helpers (#3013) 2024-05-15 15:33:43 +02:00
blotus
52f86c2d10
add libinjection expr helpers (#2914) 2024-03-21 11:39:37 +01:00
mmetc
dd71f0a866
CI: bump lint version and update configuration (#2901) 
* bump golangci-lint to 1.56

* lint (testifylint)

* update lint configuration

* windows test: remove stale code
 2024-03-19 10:48:49 +01:00
mmetc
e976614645
cscli metrics: rename buckets -> scenarios (#2848) 
* cscli metrics: rename buckets -> scenarios
* update lint configuration
* lint
 2024-02-15 14:34:12 +01:00
mmetc
5622ac8338
CI: enable testifylint (#2696) 
- reverse actual and expected values
 - use assert.False, assert.True
 - use assert.Len, assert.Emtpy
 - use require.Error, require.NoError
 - use assert.InDelta
 2024-01-05 15:26:13 +01:00
mmetc
08694adf1b
lint (errorlint) (#2644) 2023-12-18 09:35:28 +01:00
Thibault "bui" Koechlin
8cca4346a5
Application Security Engine Support (#2273) 
Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-12-07 12:21:04 +01:00
Thibault "bui" Koechlin
1dcf9d1ae1
Improved expr debugger (#2495) 
* new expr debugger

---------

Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
 2023-11-24 11:10:54 +01:00
Thibault "bui" Koechlin
a4dc5053d2
fix null deref in cti calls if key is empty (#2540) 
* fix null deref in cti calls if key is empty

* avoid hardcoded error check
 2023-10-17 09:34:53 +01:00
Laurence Jones
f0cda0406b
Load file only once if specified twice, and bail earlier if type is unknown (#2419) 2023-10-13 22:34:57 +01:00
Laurence Jones
28238cb01f
reverse nil statement instead of else (#2530) 2023-10-09 11:36:05 +01:00