Skip to content

0.38.0

Compare
Choose a tag to compare
@LucaGuerra LucaGuerra released this 30 May 08:01
· 19 commits to release/0.38.x since this release

LIBS
DRIVER

Packages Download
rpm-x86_64 rpm
deb-x86_64 deb
tgz-x86_64 tgz
rpm-aarch64 rpm
deb-aarch64 deb
tgz-aarch64 tgz
Images
docker pull docker.io/falcosecurity/falco:0.38.0
docker pull public.ecr.aws/falcosecurity/falco:0.38.0
docker pull docker.io/falcosecurity/falco-driver-loader:0.38.0
docker pull docker.io/falcosecurity/falco-driver-loader-legacy:0.38.0
docker pull docker.io/falcosecurity/falco-no-driver:0.38.0
docker pull docker.io/falcosecurity/falco-distroless:0.38.0

v0.38.0

Released on 2024-05-30

Breaking Changes ⚠️

  • new(scripts,docker)!: enable automatic driver selection logic in packages and docker images. Modern eBPF is now also the default driver and the highest priority one in the new driver selection logic. [#3154] - @FedeDP
  • cleanup(falco.yaml)!: remove some deprecated configs [#3087] - @Andreagit97
  • cleanup(docker)!: remove unused builder dockerfile [#3088] - @Andreagit97

Major Changes

  • new(webserver): a metrics endpoint has been added providing prometheus metrics. It can be optionally enabled using the new metrics.prometheus_enabled configuration option. It will only be activated if the metrics.enabled is true as well. [#3140] - @sgaist
  • new(metrics): add rules_counters_enabled option [#3192] - @incertum
  • new(build): provide signatures for .tar.gz packages [#3201] - @LucaGuerra
  • new(engine): add print_enabled_rules_falco_logger when log_level debug [#3189] - @incertum
  • new(falco): allow selecting which rules to load from the configuration file or command line [#3178] - @LucaGuerra
  • new(metrics): add file sha256sum metrics for loaded config and rules files [#3187] - @incertum
  • new(engine): throw an error when an invalid macro/list name is used [#3116] - @mrgian
  • new(engine): raise warning instead of error on invalid macro/list name [#3167] - @mrgian
  • new(userspace): support split config files [#3024] - @FedeDP
  • new(engine): enforce unique exceptions names [#3134] - @mrgian
  • new(engine): add warning when appending an exception with no values [#3133] - @mrgian
  • feat(metrics): coherent metrics stats model including few metrics naming changes [#3129] - @incertum
  • new(config): add falco_libs.thread_table_size [#3071] - @incertum
  • new(proposals): introduce on host anomaly detection framework [#2655] - @incertum

Minor Changes

  • update(cmake): bump falcoctl to v0.8.0. [#3219] - @FedeDP
  • update(rules): update falco-rules to 3.1.0 [#3217] - @LucaGuerra
  • refactor(userspace): move falco logger under falco engine [#3208] - @jasondellaluce
  • chore(docs): apply features adoption and deprecation proposal to config file keys [#3206] - @FedeDP
  • cleanup(metrics): add original rule name as label [#3205] - @incertum
  • update(falco): deprecate options -T, -t and -D [#3193] - @LucaGuerra
  • refactor: bump libs and driver, support field modifiers [#3186] - @jasondellaluce
  • chore(userspace/falco): deprecated old 'rules_file' config key [#3162] - @FedeDP
  • chore(falco): update falco libs and driver to master (Apr 8th 2024) [#3158] - @LucaGuerra
  • update(build): update libs to 026ffe1d8f1b25c6ccdc09afa2c02afdd3e3f672 [#3151] - @LucaGuerra
  • cleanup: minor adjustments to readme, add new testing section [#3072] - @incertum
  • refactor(userspace/engine): reduce allocations during rules loading [#3065] - @jasondellaluce
  • update(CI): publish wasm package as dev-wasm [#3017] - @Rohith-Raju

Bug Fixes

  • fix(userspace/falco): fix state initialization avoid a crash during hot reload [#3190] - @FedeDP
  • fix(userspace/engine): make sure exception fields are not optional in replace mode [#3108] - @jasondellaluce
  • fix(docker): added zstd to driver loader images [#3203] - @FedeDP
  • fix(engine): raise warning instead of error on not-unique exceptions names [#3159] - @mrgian
  • fix(engine): apply output substitutions for all sources [#3135] - @mrgian
  • fix(userspace/configuration): make sure that folders that would trigger permission denied are not traversed [#3127] - @sgaist
  • fix(engine): logical issue in exceptions condition [#3115] - @mrgian
  • fix(cmake): properly let falcoctl cmake module create /usr/share/falco/plugins/ folder. [#3105] - @FedeDP

Non user-facing changes

Statistics

MERGED PRS NUMBER
Not user-facing 72
Release note 38
Total 110

Release Manager @LucaGuerra