Releases: chainguard-dev/malcontent
Releases · chainguard-dev/malcontent
v1.8.7
Tool Improvements
Rule Improvements
- Update third-party rules as of 2025-02-03 by @octo-sts in #786
- Update sonar_analyzer_override rule with new rule name by @egibs in #788
Full Changelog: v1.8.6...v1.8.7
Contributors
egibs and octo-sts
Assets 2
v1.8.6
v1.8.5
v1.8.4
Tool Improvements
- scan: Fix panic if renderer is not set. by @wlynch in #774
- Optimize memory usage in report.go and scan.go by @egibs in #772
Rule Improvements
Developer Improvements
New Contributors
Full Changelog: v1.8.3...v1.8.4
Contributors
wlynch, egibs, and octo-sts
Assets 2
v1.8.3
v1.8.2
Tool Improvements
Developer Improvements
- chore: remove
goversion in golangci config in favor of go version in go.mod by @chenrui333 in #763
Full Changelog: v1.8.1...v1.8.2
Contributors
chenrui333 and egibs
Assets 2
v1.8.1
v1.8.0
⚠️ As of v1.8.0, malcontent leverages yara-x rather than go-yara ⚠️
Reference this section of the README for more information.
Tool Improvements
- Add support for zstd RPM files by @egibs in #732
- Update diff output to delineate between changed and unchanged files by @egibs in #726
- Add support for UPX files by @egibs in #731
- Add statistics to JSON and YAML reports by @egibs in #730
- Address more extraction edge cases; improve naming and consistency by @egibs in #733
- Migrate from go-yara to yara-x; improve performance and readability by @egibs in #734
Rule Improvements
- Update third-party rules as of 2024-12-23 by @octo-sts in #736
- Update third-party rules as of 2024-12-24 by @octo-sts in #737
- Update third-party rules as of 2024-12-30 by @octo-sts in #740
- Update third-party rules as of 2025-01-09 by @octo-sts in #748
- Update third-party rules as of 2025-01-14 by @octo-sts in #756
- Address critical false positives for systemd, redpanda, various Python packages, and yarn by @egibs in #757
Developer Improvements
- Add malware disclaimer by @egibs in #728
- Add perl to third-party Workflow by @egibs in #752
- Trust
$GITHUB_WORKSPACEin third-party Workflow by @egibs in #753 - Specify bash for PR creation; quote more strings by @egibs in #755
- Specify -H for PR creations by @egibs in #758
Full Changelog: v1.7.1...v1.8.0
Contributors
egibs and octo-sts
Assets 2
v1.7.1
v1.7.0
Tool Improvements
- Fix non-tar bz2 extractions by @egibs in #702
- Improve handling of nonexistent symlinks for extractions + programkind by @egibs in #709
- Fix prefix validation edge-case when extracting by @egibs in #715
- Add zlib support to extractGzip by @egibs in #713
Rule Improvements
- Update third-party rules as of 2024-12-12 by @octo-sts in #699
- Improve FontOnLake rule targetting by @tstromberg in #700
- Update third-party rules as of 2024-12-13 by @octo-sts in #703
- Update third-party rules as of 2024-12-16 by @octo-sts in #706
- Add more specific SVG rule by @egibs in #704
- Leverage yr scan --profile to tune slowest rules by @egibs in #708
- ELF malware detection improvements based on Wolfsbane analysis by @tstromberg in #680
- Tune HIGH/CRITICAL findings + disallow "clean" samples from matching by @tstromberg in #712
- Reduce Python CRITICAL false positives (setuptools, keylogger) by @tstromberg in #717
- Address CRITICAL ELF false-positives in trino, rust, and eza by @tstromberg in #718
- Address Sonarqube SonarAnalyzer.CSharp.dll finding by @tstromberg in #719
- Fix false-positives in http_parser.rb-0.8.0/ext/ruby_http_parser/vendor/http-parser/test.c by @tstromberg in #720
Developer Improvements
- Demote additional logs from Info to Debug by @egibs in #701
- Allow find-missing-metadata to be run from other directories by @tstromberg in #710
- Improve extracted archive file clean up by @egibs in #714
- build: reduce binary size by adding -s -w to ldflags by @chenrui333 in #716
New Contributors
- @chenrui333 made their first contribution in #716
Full Changelog: v1.6.0...v1.7.0
Contributors
tstromberg, chenrui333, and 2 other contributors