All notable changes to this project will be documented in this file.
- Broken semver on certain versions of Windows
Fix auto update issue, caused by undocumented changes in Electron
- stethoscope://update deep link now forces update without prompting
Bug fixes
- Config files are loaded directly by React app now, removing XHR requests.
- Ensure window is not destroyed before autoscanning
- Now supports notarization (thanks to @cfarvidson)
- Removed dark mode support, will add back when there is sufficient time to design the experience and/or demand for support.
- Advanced semver support (e.g. ">10.15 <=10.14.6 || 10.15.1"), allows policies to support multiple major versions
- Dark mode support
- Accessibility audit unit test
- Build issues with Catalina - updated electron-builder dependency
- Updated vulnerable dependencies (react-scripts, webpack-server)
- Code formatting issues
- Loader contrast issues (a11y)
- Moved to electron@7 and spectron@9
- Auto update settings were defaulting to fail when they should have been defaulting to pass. Auto update is on by default, and until the preferences are changed, the settings don't exist.
- Minor regression: DeviceID resolution for Windows and Linux
- Build fixes for MacOS Catalina
- Cross-platform support for applications schema
- Error on new macs >=10.14.6 where system update settings files do not exist until preferences are changed. This was causing the app to hang when the scan request failed.
- Support for SUGGESTED and IF_SUPPORTED application policies and appropriate UI messaging
- Better logging for CORS failures
- Doesn't kill the application when the main window is closed on Mac
- Copy Debug Info was crashing the app
- Loading the app with a non-english system language failed to load the english fallback instructions
- Clicking on the appstore link was crashing the app
- Linux build and stability improvements
- Allow auto-updates when the main window is closed
- Open WiFi network scanning
- Better language for auto update messaging
- Pre-release support and more configurable builds
- More debugger information
- Some compilation and stability issues for Windows
- Application query logic for Mac
- A number of unused dependencies
- Unused babel TS loader
- Added ES6 support for all JS files through babel compilation
- kmd disk script (moved to
tryExec
to prevent failures) - Crash when update is triggered after window is destroyed
- Screenlock regex on Windows
- Users can now copy debug info from Help menu
- kmd requiring node to be installed on user's machine
- Lack of proper error handling when scan fails
- Timing destructuring error
- Issue reading logs when files haven't been created
- Update Electron to 2.0.18 to fix security issue
- Semver parsing issue
- Debugger app link - stethoscope://debugger
- AWS Workspace support
- Auto-expand first failing item
- OSquery dependency, it's been a good run, but not a great fit for our use-case. We switched to
kmd
- upstream auto update issue (electron issue)
- Thrift connection pooling
- Support for AWS workstations
- Scan duration to UI
- Automated testing for builds
- Stop binding to 'localhost' for node server, now explicitly bound to 127.0.0.1 to prevent host override issues
- emit
scan:init
event on server, even if policy is not a string - updated react-dev-tools (vuln)
- fixed cache timing issue, now auto expire cache once it is not in use
- changed method of checking disk encryption on mac to using
fdestatus
instead of osquery - Removed unused Applescript import from MacSecurity resolver
- quiet down verbose debug logging in osquery
- optimize general queries that do not change between requests (run once)
- differentiate main app errors with specific handlers
- Added version to app title to minimize users having to hunt the info down.
- Added minimum rescan time
- Added version to error page
- Added error serialization to make logs less useless
2.0.5 - 2018-09-05
- Resolves Mojave instructions issue
- Support for querying Browser instructions documentation
2.0.3 - 2018-08-29
- Stethoscope is now a tray/menubar only application!
- Normalized practice names to camelCase between
yaml
andjson
- Closing window collapses app to menubar/tray instead of quitting
- Improved logging
- Automatic scanning (weekly scan by default) - controlled by
rescanIntervalSeconds
in src/config.json - Basic support for internationalization (practices.{LANGUAGE_CODE}.yaml)
- Documentation around policies
- New Mac device versions
- Instructions now display dynamic content via handlebars preprocessing
- Production debugging capabilities
- Basic linux support (requires
root
)
- Improved thrift connection stability and removed magic numbers/timing
- Windows not properly terminating osqueryd on close
1.2.0 - 2018-07-29
- Updated to use thrift socket via osqueryd rather than shelling out to osqueryi
- startup order of operations, now wait for osqueryd to spawn before bootstrapping browser window and express server
- request-level caching and timing data for powershell commands
cross-env
dep to simplify env var handling
- issue with semver mishandling
- vulnerability from drag and drop links
1.0.2 - 2018-04-10
- Updated
electron
andelectron-builder
dependencies to mitigate CVE-2018-1000118
1.0.1 - 2018-04-09
nsp
dependency to check for vulnerabilities- standardjs formatting
- updated dependencies
- Stopped including osqueryi binaries for all platforms in build
1.0.0 - 2018-04-05
- Top level messaging on device status
- Added
SUGGESTED
to requirement options - Support for NUDGE status
- Bracketing on OS version requirements in Policy
- Added
osName
andosBuild
attributes toDevice
schema
- Breaking Change Removed original
validate
andvalidateWithDetails
queries and moved newervalidateV2
tovalidate
- Minimum required Mac version in default policy (10.13.3 -> 10.13.4)
- Update flow copy
- Removed unused code/resolvers and branching that was required by supporting multiple validation queries and results
- Commented logic in policy evaluation, simplified policy processing
0.3.2 - 2018-03-22
policyFormat
version anversion
toinstructions.yaml
- PASS/FAIL titles instead of single title to individual instructions
- Support for NUDGE state, instead of just PASS/FAIL
validateV2
GraphQL endpoint that allows osVersion policy to be bracketed- schemas to support updated osVersion policy format
- "active" state to scan button when non-passing item instructions are expanded
- Aligned definitions and instructions with web Stethoscope
- osVerson now properly reports non-passing state
0.3.1 - 2018-03-16
- About screen for Windows
- Removed ability to maximize and fullscreen application windows
- Signing instructions (previous were incorrect)
- Made "View all devices" link gray to not draw action
- Added missing PASS/FAIL status in device information
- Bad path for changelog file in production
0.3.0 - 2018-03-16
- icon badge indicating number of policy violations (Mac/Windows)
- Changelog
- Force use of the npm registry
- Additional MAC address filtering
- Fixed issue with Tray icon showing up multiple times in some instances
- Close graphql server only when app is quitting or on uncaughtException
0.2.11 - 2018-03-15
- updated bundled osqueryi binaries from
2.9
to2.11
- MAC address filtering, removed local and multicast interfaces from list
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.