)]}' { "log": [ { "commit": "3735d9eb08685ef5a64f82042ad2107872386cf0", "tree": "687199417b0f0fb98a09ecb96b7e6159bebe2719", "parents": [ "04338034e3db95093b6ab1ebc69baa74eb784427" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon May 18 19:43:03 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 19:43:03 2026 -0400" }, "message": "security(file_svc): containment check on save_file to block agent-contact path traversal (#3380)\n\n* security(file_svc): containment check on save_file to block path traversal\n\nfile_svc.save_file builds its target path as os.path.join(target_dir, filename)\nand writes payload bytes there with no validation of the resulting location.\nIt is reached from the agent contact handlers with an attacker-controlled\nfilename:\n\n * app/contacts/contact_ftp.py:217 — FTP submit_uploaded_file\n * app/contacts/contact_dns.py:491 — DNS _submit_uploaded_file\n * app/contacts/contact_gist.py:212 — Gist contact upload\n * app/contacts/contact_slack.py:206 — Slack contact upload\n\nA filename of e.g. \u0027../../data/object_store\u0027 escapes the exfil tree and lets\nan attacker write arbitrary bytes to any path the server has permission to\nwrite. data_svc.restore_state pickle.loads(\u0027data/object_store\u0027) on the next\nrestart, which turns that write primitive into RCE on the team server. The\nfile is Fernet-encrypted with conf encryption_key, but with the documented\ndefault encryption_key\u003dADMIN123 a remote attacker can forge a valid blob.\n\nsave_file has two legitimate call modes:\n (1) target_dir + basename — sink mode used by data_svc, app_svc, c_operation,\n base_knowledge_svc, and the four agent contact handlers above.\n (2) \u0027\u0027 + relative-path — path mode used by ability_api_manager,\n base_api_manager, and rest_svc, which assemble paths from sanitised IDs.\n\nA simple \"filename must be a basename\" check breaks mode (2). Instead, resolve\nthe final path with realpath and require it to stay under its parent. This:\n\n * rejects \u0027..\u0027 / absolute-path escape in BOTH call modes, with one check;\n * leaves all in-tree callers\u0027 happy paths intact (object_store, contact\n reports, operation logs, ability/source YAML writes);\n * provides defense-in-depth for any future caller, not just the four contact\n handlers known to be vulnerable today.\n\nIncludes a regression test that exercises three traversal vectors and\nconfirms each is rejected before any bytes are written.\n\nReported externally on 2026-05-18 alongside the broader audit pass.\n\n* test(file_svc): fix path-traversal regression test guard\n\nThe post-condition assertion \u0027not os.path.exists(realpath(...))\u0027 used\n\u0027/etc/passwd\u0027 as one of the resolved-traversal targets. That file exists\non every Linux runner, so the guard would fail even when the production\ncode correctly raised ValueError before any I/O — what we saw in CI.\n\nThe security check (pytest.raises(ValueError, match\u003d\u0027escapes parent\u0027))\nis unchanged; it\u0027s the only assertion that proves the fix works. The\npost-condition guard is now scoped to canary basenames that cannot\npre-exist by accident, so it actually exercises \u0027rejected before write\u0027\nwithout depending on system-file absence.\n\n---------\n\nCo-authored-by: deacon-mp \u003cmperry@mitre.org\u003e" }, { "commit": "04338034e3db95093b6ab1ebc69baa74eb784427", "tree": "de32e4d638cbedc625e4dd8ae872790964be6735", "parents": [ "35563c63f5dbf237981ed8a91522a839e674298c" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon May 18 19:23:24 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 19:23:24 2026 -0400" }, "message": "security(ci): pin SonarSource/sonarqube-scan-action to a commit SHA (#3379)\n\nWe were referencing SonarSource/sonarqube-scan-action by mutable tag (@v6.0.0)\nin both .github/workflows/quality.yml and the new .github/workflows/sonar-fork-pr.yml.\nMutable tags can be force-pushed; if SonarSource were ever compromised, an\nattacker could rewrite v6.0.0 to point at a malicious commit and steal\nSONAR_TOKEN (and, in quality.yml\u0027s case, GITHUB_TOKEN as well) on the next\nCI run, with no commit hitting our tree.\n\nPin both call sites to the current v6.0.0 commit:\n\n SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602 # v6.0.0\n\nMatches the SHA-pinning style used for actions/checkout, actions/setup-python,\nactions/setup-node, actions/upload-artifact, actions/download-artifact, and\ngithub/codeql-action elsewhere in this repo. Dependabot\u0027s GitHub-Actions\necosystem will keep the SHA + tag-comment up to date going forward.\n\nReported externally on 2026-05-18 alongside the broader CI security pass.\n\nCo-authored-by: deacon-mp \u003cmperry@mitre.org\u003e" }, { "commit": "35563c63f5dbf237981ed8a91522a839e674298c", "tree": "291cc62eda5c470be7b1f0e94fc7e539dae75839", "parents": [ "3f5d4495d9f51e43f780b54c51df60bb215e0bb3" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon May 18 19:16:27 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 19:16:27 2026 -0400" }, "message": "ci: swap safety check for pip-audit (PyPA, no API key) (#3377)\n\nsafety check was deprecated 2024-06; safety scan requires a pyup.io API\nkey and an additional CI secret to manage. Dependabot, GitGuardian, and\nSonarCloud already cover supply-chain monitoring from multiple angles, so\nthe marginal value of integrating a new auth system is low.\n\npip-audit (PyPA\u0027s official tool) provides the same coverage as a\nzero-auth drop-in. Both requirements.txt and requirements-dev.txt come\nback clean: \u0027No known vulnerabilities found\u0027.\n\nLegacy pyup ignore IDs are no longer needed:\n - 39642 (reportlab) — superseded by reportlab\u003d\u003d4.0.4\n - 39659 (aiohttp) — superseded by aiohttp\u003d\u003d3.13.4\n\n[testenv:safety] env name kept intact so branch protection contexts\n(`build (3.13, safety)`) don\u0027t need a coordinated update. Rename to\n[testenv:audit] can be a small follow-up PR alongside an admin update\nof the required check name." }, { "commit": "3f5d4495d9f51e43f780b54c51df60bb215e0bb3", "tree": "d749692d76b349ffeb3337121f882d5e478c2467", "parents": [ "c12162e2e37b146445c54dc7c8ce72b21dee2e93" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon May 18 19:07:03 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 19:07:03 2026 -0400" }, "message": "security(ci): fix SONAR_TOKEN exfiltration via pull_request_target sonar_fork_pr (#3376)\n\nThe sonar_fork_pr job in .github/workflows/quality.yml (introduced in #3213)\nran under pull_request_target, checked out the fork\u0027s PR HEAD into pr/, then\ninvoked the Sonar scanner with projectBaseDir pointing at that fork-controlled\ndirectory while SONAR_TOKEN and GITHUB_TOKEN were in the environment.\n\nThe scanner resolves sonar-project.properties from projectBaseDir, so a fork\nPR could ship its own properties file overriding sonar.host.url and have the\nscanner authenticate to an attacker-controlled host — leaking SONAR_TOKEN in\nthe Authorization header. Reported externally on 2026-05-18.\n\nFix splits trusted and untrusted work along the GitHub-recommended pattern:\n\n * .github/workflows/quality.yml\n - drop the pull_request_target trigger entirely\n - drop the sonar_fork_pr job entirely\n - in the existing (secret-less) fork build, upload coverage.xml +\n PR metadata + a source tarball as a 3-day artifact\n - fork-controlled values pass through env vars + jq, never inline\n ${{ }} interpolation into a run: block\n\n * .github/workflows/sonar-fork-pr.yml (new)\n - workflow_run trigger (always uses the default-branch definition,\n cannot be replaced by a fork)\n - checks out master (trusted root sonar-project.properties)\n - downloads the fork artifact as DATA, validates pr-meta.json fields\n against strict regexes, cross-checks pr_number and head_sha with\n the GitHub-supplied workflow_run context\n - runs the scanner from the trusted base root with\n sonar.host.url / .organization / .projectKey pinned on the CLI\n (CLI overrides any properties file, belt + suspenders)\n - feeds PR source as -Dsonar.sources only — never as scanner config\n\nSONAR_TOKEN must be rotated in SonarCloud independently of this commit; the\njob has been exploitable on public master since 2025-10-06.\n\nRefs: #3213\n\nCo-authored-by: deacon-mp \u003cmperry@mitre.org\u003e" }, { "commit": "c12162e2e37b146445c54dc7c8ce72b21dee2e93", "tree": "8ea01ecbf4b8bbdd661d565e1db048674861b588", "parents": [ "fd515c8f9dcf65721ac8facb8edaa308215315cf" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon May 18 10:16:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 10:16:05 2026 -0400" }, "message": "ci: add .safety-policy.yml and use --policy-file in tox safety env (#3375)\n\nsafety 3.x CLI auto-looks for a .safety-policy.yml in cwd even when\nignores are passed inline. Without the file, `safety check` errors with\n\"Invalid value for \u0027--policy-file\u0027: Policy file YAML is not valid /\nNo such file or directory: \u0027.safety-policy.yml\u0027\".\n\nAdd an empty policy file and pass --policy-file explicitly to keep\nCI runs deterministic. The existing 39642 / 39659 ignores stay on the\nCLI so they remain visible in workflow output.\n\nThis unblocks the Security Checks workflow on master." }, { "commit": "fd515c8f9dcf65721ac8facb8edaa308215315cf", "tree": "86be44364455426ae899c8d7822e4dfaa2ed6cc0", "parents": [ "cc93a0ffc17b5efaae5f0b4d00ec1371b522f423" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 18 10:05:15 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 10:05:15 2026 -0400" }, "message": "build(deps): bump postcss from 8.4.31 to 8.5.10 (#3369)\n\nBumps [postcss](https://github.com/postcss/postcss) from 8.4.31 to 8.5.10.\n- [Release notes](https://github.com/postcss/postcss/releases)\n- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/postcss/postcss/compare/8.4.31...8.5.10)\n\n---\nupdated-dependencies:\n- dependency-name: postcss\n dependency-version: 8.5.10\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: uruwhy \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "cc93a0ffc17b5efaae5f0b4d00ec1371b522f423", "tree": "6fdab4ee002946749fa131285d976e57c757aa17", "parents": [ "c90d5531073e6bb3b8f87fb5730238f3ee4d68e9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 05 09:37:22 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 05 09:37:22 2026 -0400" }, "message": "build(deps): bump lxml from 6.0.2 to 6.1.0 (#3365)\n\nBumps [lxml](https://github.com/lxml/lxml) from 6.0.2 to 6.1.0.\n- [Release notes](https://github.com/lxml/lxml/releases)\n- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)\n- [Commits](https://github.com/lxml/lxml/compare/lxml-6.0.2...lxml-6.1.0)\n\n---\nupdated-dependencies:\n- dependency-name: lxml\n dependency-version: 6.1.0\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: uruwhy \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "c90d5531073e6bb3b8f87fb5730238f3ee4d68e9", "tree": "2edcf1406fb8a50674a4f3008966d96b8b44464f", "parents": [ "8ac92d1413ac2d3fe9d9cbd59addc6a0fe59704f" ], "author": { "name": "uruwhy", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Apr 29 15:34:46 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 29 11:34:46 2026 -0400" }, "message": "encode link commands in unit tests (#3371)" }, { "commit": "8ac92d1413ac2d3fe9d9cbd59addc6a0fe59704f", "tree": "382aaa56082bc38d3372541a441e717a8c1f3377", "parents": [ "17615acc53e547dd731aac2ab25aef206e2831b0" ], "author": { "name": "uruwhy", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Tue Apr 28 14:28:11 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 28 10:28:11 2026 -0400" }, "message": "remove update configuration functionality from rest API v1 (#3370)" }, { "commit": "17615acc53e547dd731aac2ab25aef206e2831b0", "tree": "d0f8b0952426c4432e3d818aff70d7d75dc5aff8", "parents": [ "ba8d473d7365904b6613398a1da03896fc9495af" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 14 10:38:26 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 10:38:26 2026 -0400" }, "message": "Bump picomatch from 2.3.1 to 2.3.2 (#3350)\n\nBumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2.\n- [Release notes](https://github.com/micromatch/picomatch/releases)\n- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2)\n\n---\nupdated-dependencies:\n- dependency-name: picomatch\n dependency-version: 2.3.2\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "ba8d473d7365904b6613398a1da03896fc9495af", "tree": "b93c3bd82b886c020376be00453b85d6a6ab2ecd", "parents": [ "3c38876c2dd102678a48892aafa72bb520836b4b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 14 10:25:28 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 10:25:28 2026 -0400" }, "message": "build(deps): bump cryptography from 46.0.5 to 46.0.7 (#3360)\n\nBumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.7.\n- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)\n- [Commits](https://github.com/pyca/cryptography/compare/46.0.5...46.0.7)\n\n---\nupdated-dependencies:\n- dependency-name: cryptography\n dependency-version: 46.0.7\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "3c38876c2dd102678a48892aafa72bb520836b4b", "tree": "12e7698df9dae1027e8ac76a8d085a8dc062324f", "parents": [ "0cd64e038de6b7216f61da48a0614696df4ce24d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 14 08:44:57 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 08:44:57 2026 -0400" }, "message": "Bump flatted from 3.2.9 to 3.4.2 (#3348)\n\nBumps [flatted](https://github.com/WebReflection/flatted) from 3.2.9 to 3.4.2.\n- [Commits](https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2)\n\n---\nupdated-dependencies:\n- dependency-name: flatted\n dependency-version: 3.4.2\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "0cd64e038de6b7216f61da48a0614696df4ce24d", "tree": "c1411c34b84de816f34892772a163c503200183c", "parents": [ "f630405d997a04ed578808da2161e45a7b44f37f" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Tue Apr 14 08:33:22 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 08:33:22 2026 -0400" }, "message": "fix: upgrade pyasn1 to address CVE-2026-30922 (#3346)\n\n* fix: upgrade pyasn1 to \u003e\u003d0.6.3 to address CVE-2026-30922\n\npyasn1 0.5.1 is affected by CVE-2026-30922. Upgrading the version\npin to \u003e\u003d0.6.3 which contains the fix.\n\nDetected by: pip-audit\n\n* Pin requirement to version 0.6.3\n\n---------\n\nCo-authored-by: Joshua Klosterman \u003c1268718+jlklos@users.noreply.github.com\u003e\nCo-authored-by: Joshua Klosterman \u003cjklosterman@mitre.org\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "f630405d997a04ed578808da2161e45a7b44f37f", "tree": "361860870b1bb93692e5d042c6e8c0f311ab79af", "parents": [ "28a9be4f6a7299eb3fe85414b0e8dacc34ccf935" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Tue Apr 14 08:18:42 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 08:18:42 2026 -0400" }, "message": "fix: --fresh fails to clean cookie_storage, auth_svc crashes on key mismatch (#3355)\n\n* fix: --fresh fails to clean cookie_storage, auth_svc crashes on key mismatch\n\n---------\n\nCo-authored-by: deacon-mp \u003cmperry@mitre.org\u003e\nCo-authored-by: Fiona McCrae \u003cfmccrae@mitre.org\u003e\nCo-authored-by: Fiona McCrae \u003c35509590+fionamccrae@users.noreply.github.com\u003e\nCo-authored-by: uruwhy \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "28a9be4f6a7299eb3fe85414b0e8dacc34ccf935", "tree": "5157a33544760c8383bd5cfbc8b3209cb8a13523", "parents": [ "c928eb213adc6760f990c510f01e8480ba67a1ce" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Wed Apr 08 15:42:43 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 08 15:42:43 2026 -0400" }, "message": "fix: sanitize object IDs to prevent path traversal in BaseApiManager (#3299)\n\n* fix(security): sanitize id field to prevent path traversal in objectives API\n\n* fix sanitization\n\n* Added warning log for when ID is sanitized, and corresponding test\n\n* style fix\n\n---------\n\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e\nCo-authored-by: Fiona McCrae \u003cfmccrae@mitre.org\u003e" }, { "commit": "c928eb213adc6760f990c510f01e8480ba67a1ce", "tree": "8cf3ea864b47ea8826f0f1d3bd00533a49efe298", "parents": [ "ab2adb7e503fbc6da1afe668b9925bfa451f5e79" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Apr 03 11:58:21 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 03 11:58:21 2026 -0400" }, "message": "Bump aiohttp from 3.13.3 to 3.13.4 (#3353)\n\n---\nupdated-dependencies:\n- dependency-name: aiohttp\n dependency-version: 3.13.4\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "ab2adb7e503fbc6da1afe668b9925bfa451f5e79", "tree": "10dc4f3f13b6939d13087a2cdae10f718dc8cab8", "parents": [ "e568f4af39ea44e52d68137b789550fa0b83a186" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Apr 02 19:48:48 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 02 19:48:48 2026 -0400" }, "message": "feat: add search filter to payload list API (#3288)\n\n* feat: add name filter query parameter to payload list API (#3055)\n\nAdd optional `?name\u003d` query parameter to `GET /api/v2/payloads` that\nperforms a case-insensitive substring match on payload filenames,\nenabling callers to search/filter the payload list without retrieving\nand filtering the full set client-side.\n\n* fix: address Copilot review feedback on payload name filter\n\n- Change name_filter annotation to Optional[str]\n- Filter only on PurePosixPath.name to avoid matching directory segments\n when add_path\u003dTrue (e.g. \u0027plugins/stockpile/payloads/file.txt\u0027 should\n only match on \u0027file.txt\u0027)\n- Strengthen filter tests to assert non-matching payloads are excluded\n\n* Fix flake8 E127: correct continuation line indentation in test_payloads_api.py\n\n* Address Copilot review: use PurePath for cross-platform compatibility\n\nReplace PurePosixPath with PurePath in both the payload handler and\ntests so basename extraction works correctly on Windows where paths\nmay use backslash separators. Move pathlib import to module scope.\n\n* Address Copilot review: schema fix, stronger tests, combination test\n\n- Add allow_none\u003dTrue to PayloadQuerySchema name field\n- Parametrize filter tests (matches + case-insensitive)\n- Strengthen assertions to verify no false positives\n- Add combination test with sort\u003dtrue and add_path\u003dtrue\n\n* Fix flake8 E127: continuation line indentation\n\n---------\n\nCo-authored-by: deacon-mp \u003cmperry@mitre.org\u003e" }, { "commit": "e568f4af39ea44e52d68137b789550fa0b83a186", "tree": "28d60d441e5da925a91f65e7f9a17ad485953d70", "parents": [ "29706f9c2f1a0987dac01c802a13d2888e3dcb12" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Apr 02 19:25:09 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 02 19:25:09 2026 -0400" }, "message": "fix(deps): upgrade aioftp from ~\u003d0.20.0 to \u003d\u003d0.27.2 (#3333)\n\n* fix(deps): upgrade aioftp from ~\u003d0.20.0 to \u003d\u003d0.27.2\n\naioftp ~\u003d0.20.0 is flagged by the safety vulnerability database.\nPin to 0.27.2 (latest stable) which resolves the advisory while\nmaintaining full API compatibility with the existing FTP contact code\n(User, Permission, Server, ConnectionConditions, PathPermissions and\nworker are all present in the new release).\n\nAdd tests/contacts/test_aioftp_version.py to assert the installed\nversion meets the minimum threshold and that the server-side API\nsurface expected by contact_ftp.py remains intact.\n\n* fix: address Copilot review feedback\n\n- Use packaging.version.Version for robust PEP 440 version comparison\n instead of manual split/int logic (avoids ValueError on pre/post suffixes)\n- Strengthen test_aioftp_server_api_intact to assert attributes are classes\n (not just present) and document that worker may be a function\n\n* Add callable() check for aioftp.worker and remove unused imports\n\nThe hasattr check alone could produce false positives if worker\nexists but is non-callable. Also removes unused inspect and pytest\nimports.\n\n* Update test to use expected_type\n\n---------\n\nCo-authored-by: Joshua Klosterman \u003c1268718+jlklos@users.noreply.github.com\u003e\nCo-authored-by: Joshua Klosterman \u003cjklosterman@mitre.org\u003e" }, { "commit": "29706f9c2f1a0987dac01c802a13d2888e3dcb12", "tree": "b053bba4cbdd611d7e4abd359524f77c710aaaa3", "parents": [ "a29906d0df877e760f59ab772f6c9d8f50f1de10" ], "author": { "name": "David Clute", "email": "clutester@gmail.com", "time": "Tue Mar 24 10:40:38 2026 -0600" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Mar 24 12:40:38 2026 -0400" }, "message": "Feature/persistent sessions (#3264)\n\n* feat: add configurable session persistence across server reboots\n\n* fix: restore accidentally deleted configuration fields in default.yml\n\n* update unit tests, remove unused imports from auth_svc, update gitignore\n\n---------\n\nCo-authored-by: uruwhy \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "a29906d0df877e760f59ab772f6c9d8f50f1de10", "tree": "c83f5aaae1edeb39c00b19443a98872a03e0d5b3", "parents": [ "973ed61fd4f541aaa4e9bd96275d0c03b1f30e5c" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:36:08 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:36:08 2026 -0400" }, "message": "fix: register SIGTERM handler in run_tasks() to save state on service shutdown (#3018) (#3277)\n\n* fix: register SIGTERM handler in run_tasks() to ensure teardown on service shutdown\n\nWhen Caldera runs as a systemd service (or backgrounded via \u0026 / nohup),\nshutdown sends SIGTERM rather than SIGINT/KeyboardInterrupt. Without a handler,\nthe existing \u0027except KeyboardInterrupt\u0027 teardown block is never reached,\nso operations and other in-memory state are not saved to disk (issue #3018).\n\nRegister a SIGTERM handler at the start of run_tasks() that converts the signal\ninto KeyboardInterrupt, reusing the established teardown path without duplicating logic.\nTests added to verify structure (AST) and runtime behaviour.\n\n* style: remove unused imports in test_server_sigterm.py\n\n* fix: wrap full startup in try/except so teardown runs on SIGTERM during startup; add AST test" }, { "commit": "973ed61fd4f541aaa4e9bd96275d0c03b1f30e5c", "tree": "42d18aaeda85d325297d104e4365246cdb251b5a", "parents": [ "e53400409d90671e9cad7c16e3c613b9719f8b5c" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:36:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:36:05 2026 -0400" }, "message": "fix: validate upload filename character set in file_svc (#3267)\n\n* fix: validate upload filename character set in file_svc\n\nReject filenames with path traversal, null bytes, or special characters.\n\n* fix: validate field.filename before os.path.split() to prevent traversal bypass; precompile regex; convert tests to pytest\n\n* fix: flake8 style fixes\n\n* fix: reject \u0027.\u0027 as a filename and add test coverage for dot-only names\n\nA single \u0027.\u0027 passes the safe-character regex but is not a valid upload\nfilename. Add an explicit check and a parametrized test case.\n\n* fix: consume rejected multipart part before continue to prevent reader stall\n\n* fix: return 400 Bad Request on invalid upload filename instead of silently skipping\n\n* fix: re-raise HTTPException so HTTPBadRequest propagates; add HTTP-level test for invalid filename" }, { "commit": "e53400409d90671e9cad7c16e3c613b9719f8b5c", "tree": "3cf00699b02d52e927c07efd1ad6f31f5031e176", "parents": [ "b6ee9ca08c09927e5315c02aa6c88697f534ae10" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:35:48 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:35:48 2026 -0400" }, "message": "fix: correct exfil operation filter and patch path traversal bypass (#3280)\n\n* fix: correct exfil operation filter and patch path traversal bypass in download_exfil\n\n- _get_operation_exfil_folders now returns paw-only keys matching\n the directory naming convention used at exfil upload time\n- download_exfil path containment check appends os.sep to prevent\n startswith bypass via sibling directories (e.g. /tmp/caldera2/)\n\nFixes #3155\n\n* style: fix E306 blank line + remove unused imports in test_rest_svc.py\n\n* test: exercise production download_exfil_file to catch regressions in is_in_exfil_dir" }, { "commit": "b6ee9ca08c09927e5315c02aa6c88697f534ae10", "tree": "503a95bd05e6bf5cf27d562c06656cd97786dc72", "parents": [ "981ab924399fdfd5a24b4b5217b809bc0b37a2e1" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:35:45 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:35:45 2026 -0400" }, "message": "fix: prevent operation report from returning null when link paw absent (#3048) (#3279)\n\n* fix: prevent operation report from returning null when a link paw is absent (#3048)\n\nThree related KeyErrors in c_operation.py could cause Operation.report()\nto silently return None, which the API then serialised as JSON null and\nthe UI rendered as \"Null\":\n\n1. `agents_steps[step.paw]` in report() raised KeyError when a link\u0027s\n paw was not in the set of operation agents built at call time (e.g.\n the agent was removed between operation run and report download).\n Fixed with `agents_steps.setdefault(step.paw, {\u0027steps\u0027: []})`.\n\n2. `abilities_by_agent[link.paw]` in _get_all_possible_abilities_by_agent()\n had the same pattern — orphan paw not guarded. Fixed with an\n explicit membership check before the extend.\n\n3. The `except Exception` block in report() logged the error but fell\n off the end of the function, returning None implicitly. The caller\n then returned None to web.json_response(), producing the \"Null\"\n download. Fixed by re-raising so the framework returns a proper 500\n with an error body instead of a silent null payload.\n\nAdds a regression test that constructs an operation with a chain link\nwhose paw is not present in operation.agents and asserts report()\nreturns a non-None dict that includes the orphan paw\u0027s steps.\n\n* style: fix E303 too many blank lines in test_operation.py\n\n* refactor: simplify double dict lookup using abilities_by_agent.get()" }, { "commit": "981ab924399fdfd5a24b4b5217b809bc0b37a2e1", "tree": "17246fc2b3155a4095c7b764dd6a88e837e41223", "parents": [ "c7be7b114c5f84a63153a471132487bb78fb2eb9" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:35:43 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:35:43 2026 -0400" }, "message": "fix: resolve trait-only relationship facts from source fact list on operation init (#3278)\n\n* fix: resolve trait-only relationship facts from source fact list on operation init\n\nWhen a fact source defines relationships where the source/target facts\nreference only a trait (no value) -- as happens when relationships are\ncreated via the Caldera UI -- _init_source() was seeding those\nrelationships into the knowledge service with null fact values. This\nmade the relationships functionally useless because they could never\nmatch any real seeded facts during planning.\n\nThe fix introduces Operation._resolve_fact(), which replaces a\ntrait-only fact stub with the first matching fact (by trait) found in\nthe source\u0027s fact list before the relationship is added to the knowledge\nservice. If the fact already carries a value, or no match exists, the\noriginal fact is returned unchanged.\n\nFixes #2988.\n\n* fix: remove always-truthy if r.target guard; Relationship.target is never None" }, { "commit": "c7be7b114c5f84a63153a471132487bb78fb2eb9", "tree": "81f030cac219692a8842481f7d64ec18d7c01b88", "parents": [ "bc39c0267a285aef373b561eabc7e09104c52f99" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:32:16 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:32:16 2026 -0400" }, "message": "fix: guard against None agent in operations summary endpoint (#3181) (#3276)\n\n* fix: guard against missing/None agent in operations summary endpoint (#3181)\n\n`get_agents()` and `get_hosts()` in OperationApiManager would raise\nKeyError when a link had a falsy paw, and AttributeError when\n`find_object()` returned None for an agent that no longer exists in RAM\n(e.g. after deletion). Both conditions caused the /operations/summary\nendpoint to return HTTP 500.\n\nFix: skip links with no paw; guard `find_object()` return value with an\nexplicit None check before calling `.display`.\n\nAdds regression tests for the summary endpoint.\n\n* style: fix E127 continuation line indentation in test_operations_api.py\n\n* test: inject null-paw link into operation to exercise issue #3181 fix" }, { "commit": "bc39c0267a285aef373b561eabc7e09104c52f99", "tree": "f88c2d9d8a0b8f404690ca47459fa3dd7a9cb2f2", "parents": [ "bca138a3fd331e48c73b2139fa94905979fc83da" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:32:14 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:32:14 2026 -0400" }, "message": "fix: degrade gracefully when magma plugin dist is absent (#3275)\n\n* fix: degrade gracefully when plugins/magma/dist is absent (#3227)\n\nPreviously, AppService.load_plugins() unconditionally appended\n\u0027plugins/magma/dist\u0027 to the jinja2 template search path. When the\nMagma plugin\u0027s built assets are absent (e.g. cloned without\n--recursive, or --build not yet run), any request reaching\nRestApi.landing() or handle_catch() would raise a TemplateNotFound\nexception instead of starting cleanly.\n\n- Guard the \u0027plugins/magma/dist\u0027 template-path append behind an\n os.path.exists() check; emit a WARNING log when the path is missing\n so the operator knows the web UI will be unavailable.\n- Apply the same guard in tests/conftest.py so the test suite can run\n without a built Magma dist.\n- Add tests/services/test_magma_graceful_degradation.py with four\n tests that verify: no crash on load_plugins, no /assets static route\n registered, dist excluded from templates when absent, and included\n when present.\n\n* style: remove unused pytest import in test_magma_graceful_degradation.py\n\n* test: create event loop before RestApi.__init__ to avoid RuntimeError on Python 3.11+" }, { "commit": "bca138a3fd331e48c73b2139fa94905979fc83da", "tree": "284c835747cb66ced09cedd6c9421fa5aea1514e", "parents": [ "5c63df56bcb7243ff3af7e5972c8a5e4636fff80" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:32:11 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:32:11 2026 -0400" }, "message": "fix: reduce global client_max_size and add configurable setting (#3268)\n\n* fix: reduce global client_max_size and add configurable setting\n\nReduce default from ~26MB to 1MB with configurable client_max_size_mb key.\n\n* fix: add separate upload size limit for authenticated API routes\n\nGlobal client_max_size stays at 1MB for unauthenticated surfaces.\nIntroduces api_upload_max_size_mb (default 100MB) applied to the\n/api/v2 sub-app, which is entirely behind authentication, allowing\nlarge payload uploads and exfil files without exposing the DoS vector\nto unauthenticated routes.\n\n* fix: restore default plugins list and remove mcp\n\nRestores atomic, compass, fieldmanual, and response which were\naccidentally dropped. Removes automation and mcp which should not\nbe in the default plugin set.\n\n* fix: coerce client_max_size config to int; remove unused rate_limit config; test actual runtime behavior\n\n* fix: flake8 style fixes\n\n* test: rewrite client_max_size tests to call real make_app with mock services\n\nReplace the patched duplicate of make_app with calls to the real function\nusing MagicMock services. The last two constant-comparison tests now also\nassert against the actual configured app value.\n\n* test: fix misleading variable name and add root/subapp limit integration test\n\n* style: remove unused patch import in test_client_max_size.py\n\n* test: actually mount v2 as subapp in root_app to validate real runtime behavior" }, { "commit": "5c63df56bcb7243ff3af7e5972c8a5e4636fff80", "tree": "c6314fb458efa27b8f4a00da2dce990af5e7ba33", "parents": [ "d748c6b40f21f24d525a0dda9743831cab79fcbb" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:32:01 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:32:01 2026 -0400" }, "message": "fix: replace deprecated asyncio.get_event_loop() with new_event_loop() (#3266)\n\n* fix: replace deprecated asyncio.get_event_loop() with new_event_loop()\n\nUse asyncio.new_event_loop() in run_tasks() and --fresh block.\n\n* fix: close event loop in finally block; use try/finally in fresh block; fix tests to use ast+pytest\n\n* fix: remove unused variable in asyncio test (flake8 F841)\n\n* test: rewrite asyncio event loop tests to use pure AST inspection\n\n- Replace brittle substring matching with AST Call node inspection\n via a shared _is_asyncio_call() helper\n- Remove incorrect startswith(\u0027#\u0027) guard (AST never includes comments)\n- Eliminate ast.get_source_segment() to avoid potential None return\n\n* fix: ensure event loop is always closed and cleared on all exit paths\n\n* fix: cancel pending tasks before closing event loop in run_tasks\n\n* test: relax event loop assertion to allow non-new_event_loop refactors\n\n* test: use explicit utf-8 encoding in read_text()" }, { "commit": "d748c6b40f21f24d525a0dda9743831cab79fcbb", "tree": "b1e274d3c8566686ed89a7523a33160b1fa660f0", "parents": [ "b6156b960c4c3a2432168421c3f11a19a6e017d7" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 21:31:59 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:31:59 2026 -0400" }, "message": "fix: replace create_subprocess_shell (#3265)\n\n* fix: replace create_subprocess_shell with safe exec in start_vue_dev_server\n\nAvoid shell injection risk by using create_subprocess_exec instead.\n\n* fix: address Copilot review feedback on subprocess PR\n\n- Capture proc from create_subprocess_exec, log PID, schedule proc.wait()\n to avoid zombie processes on Vue dev server exit\n- Rewrite test to use pytest style, ast-based function extraction,\n and Path-relative server.py resolution\n\nCo-Authored-By: Claude Sonnet 4.6 \u003cnoreply@anthropic.com\u003e\n\n* test: guard against None return from ast.get_source_segment\n\nast.get_source_segment() returns None when source offsets are\nunavailable; assert it is not None before using it in string checks.\n\n* fix: remove untracked create_task in start_vue_dev_server to avoid zombie subprocess\n\n* test: accept FunctionDef and AsyncFunctionDef in start_vue_dev_server check\n\n* test: use explicit utf-8 encoding in read_text()\n\n---------\n\nCo-authored-by: Claude Sonnet 4.6 \u003cnoreply@anthropic.com\u003e" }, { "commit": "b6156b960c4c3a2432168421c3f11a19a6e017d7", "tree": "84c211e04e5475c4553610d90df9595da3d5f21b", "parents": [ "8373f7c7f78de7bb3e5009a275fdf910e77f58e9" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Mon Mar 16 01:31:12 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 21:31:12 2026 -0400" }, "message": "hash passwords and API keys in main config (#3257)\n\n* hash passwords and API keys in main config\n\n* style fixes\n\n* remove superfluous line\n\n* move hash checks to utility function\n\n* simplify code\n\n* add unit tests for config util\n\n* fix: guard _is_hashed against non-string config values\n\n* test: verify make_secure_config logs plaintext once then returns hashes\n\n* style: remove unused logging import from test_config_util.py (F401)\n\n* fix: guard verify_hash against None inputs; use yaml.safe_dump for config overwrite\n\n- verify_hash() now returns False for non-string inputs instead of raising TypeError\n (prevents 500 errors when API key header is absent and None is passed to verify)\n- base_world.py overwrite now uses yaml.safe_dump for safe, consistent output\n- test: rename \u0027hash\u0027 variable to \u0027hash_val\u0027 to avoid shadowing built-in\n- test: add None-input assertions to test_verify_hash\n- test: use side_effect\u003ddeepcopy to prevent SENSITIVE_CONF module-level mutation\n\n---------\n\nCo-authored-by: deacon \u003cmarksoccerman1@aol.com\u003e" }, { "commit": "8373f7c7f78de7bb3e5009a275fdf910e77f58e9", "tree": "5c4c5b8d2f6e5ca70071effe175cfe9f36d53bca", "parents": [ "688e17df7864cb16696a36b61606676ca0480a83" ], "author": { "name": "Chris Lenk", "email": "clenk@users.noreply.github.com", "time": "Mon Mar 16 00:11:42 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 20:11:42 2026 -0400" }, "message": "Add architecture field to agent deployment commands (#3260)\n\n* Add architecture field to agent deployment cmds\n\n* fix: add architecture field to AgentConfigUpdateSchema; add happy-path test\n\n- architecture field was missing from AgentConfigUpdateSchema, causing\n API requests with architecture to fail marshmallow validation\n- adds test asserting architecture value is stored in agents config\n\n---------\n\nCo-authored-by: Chris Lenk \u003c402940+clenk@users.noreply.github.com\u003e\nCo-authored-by: deacon \u003cmarksoccerman1@aol.com\u003e" }, { "commit": "688e17df7864cb16696a36b61606676ca0480a83", "tree": "4080c749b1ee5672e4dcefa3759e3532e628a471", "parents": [ "899528e366024564cfb93e066b5c1e3861935f84" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Sun Mar 15 19:50:41 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 19:50:41 2026 -0400" }, "message": "Bump minimatch from 3.1.2 to 3.1.5 (#3258)\n\nBumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5.\n- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)\n- [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5)\n\n---\nupdated-dependencies:\n- dependency-name: minimatch\n dependency-version: 3.1.5\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "899528e366024564cfb93e066b5c1e3861935f84", "tree": "d1f17f42d394d8d315fd67473c4a6b16c3666e8e", "parents": [ "94f99bf83997065066a6125c43c324d910ad942f" ], "author": { "name": "ChenFryd", "email": "93209122+ChenFryd@users.noreply.github.com", "time": "Mon Mar 16 01:00:58 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 19:00:58 2026 -0400" }, "message": "fix: reuse existing fact source on operation close (#3261)" }, { "commit": "94f99bf83997065066a6125c43c324d910ad942f", "tree": "411a5e09fe4658f12e3a996341b82ae2a3bdfefa", "parents": [ "62a41f8ab384d1dfff96a89e3b33af9de3101611" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Sun Mar 15 18:59:46 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 15 18:59:46 2026 -0400" }, "message": "fix: bump cryptography to 46.0.5 and expand CI security coverage\n\n- Bump cryptography 44.0.1 → 46.0.5 (CVE-2026-26007)\n- Bump Markdown 3.4.4 → 3.8.1 (CVE-2025-69534)\n- Add Python 3.13 to quality and security CI matrices\n- Add bandit static analysis to security workflow and tox\n- Run security checks on pull_request events (not just push)\n- Fix SonarQube condition: only run on push or non-fork pull_request\n- Remove untrusted fork code execution from sonar_fork_pr job\n- Prevent duplicate CI runs via pull_request_target\n- Fix stale bot messages and align bandit args with pre-commit" }, { "commit": "62a41f8ab384d1dfff96a89e3b33af9de3101611", "tree": "47381cbd6767095a44102f88df25326b90730e9f", "parents": [ "4bf7465e624cbe03bacf614edcf71fb719e13cc9" ], "author": { "name": "Kara Pepper", "email": "78662790+kmpepper@users.noreply.github.com", "time": "Thu Feb 26 12:00:21 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 26 12:00:21 2026 -0500" }, "message": "Update server to launch without magma plugin (#3255)\n\n* Updating caldera server to launch without magma plugin\n\n* Updating warning messages and fixing directory check for build flag\n\n* Updating logic to account for rebuilds of server without build flag\n\n---------\n\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "4bf7465e624cbe03bacf614edcf71fb719e13cc9", "tree": "133dbf2ada9e99641dbd8677ee12a19d52bbef77", "parents": [ "4ed31821a0891a6dc67a5e69d61fa5f7d4195fe8" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Feb 25 19:49:07 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 25 14:49:07 2026 -0500" }, "message": "improve DNS contact unit test coverage (#3251)\n\n" }, { "commit": "4ed31821a0891a6dc67a5e69d61fa5f7d4195fe8", "tree": "ac36306b1378ab2f6cd15deab77d5b978b1f9218", "parents": [ "fc70ba98bc85b95ce067895a8e8974b773a7c7fc" ], "author": { "name": "nblair2", "email": "134428428+nblair2@users.noreply.github.com", "time": "Fri Feb 13 14:09:47 2026 -0700" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Feb 13 16:09:47 2026 -0500" }, "message": "fix: docker-compose, volumes don\u0027t overwrite UI (#3205)\n\n* fix: docker-compose, volumes don\u0027t overwrite UI\n\ncurrently, mounting all of the working directory to the app dir in\nthe container means that the UI built in the container at\n`/usr/src/app/plugins/magma` is overwritten by what is on the host.\nIf the UI is not built on the host, the container and docker-compose\nwill not work as expected.\n\nThis change adds a volume to protect the contents of the built UI in\nthe container from being overwritten by the host\u0027s content in\n`/usr/src/app/plugins/magma`\n\n* Update docker-compose.yml\n\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e\n\n---------\n\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "fc70ba98bc85b95ce067895a8e8974b773a7c7fc", "tree": "e14c2bb2daeac1bf2acebbca43aa151c5b0a6941", "parents": [ "b272e090e8a6f840b9adc16cf92bf9e8667dfe8b" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Thu Feb 12 20:35:19 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 15:35:19 2026 -0500" }, "message": "calculate agent alive/dead status server-side (#3249)\n\n* add agent status and agent kill via API\n\n* agent status unit test, style fixes\n\n* change pending kill status wording\n\n* change sleep time for killing agent\n\n* update unit tests with new sleep times\n\n* undo unintended edit" }, { "commit": "b272e090e8a6f840b9adc16cf92bf9e8667dfe8b", "tree": "031e4d389cb0a5ab461cf1e365fdc220155e5b45", "parents": [ "473bebe430b06165ce0ff44b962421de7a0ba8a2" ], "author": { "name": "Kara Pepper", "email": "78662790+kmpepper@users.noreply.github.com", "time": "Tue Feb 10 10:32:36 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 10 10:32:36 2026 -0500" }, "message": "Edit core code to launch / run unit tests when magma plugin is not present (#3250)\n\n" }, { "commit": "473bebe430b06165ce0ff44b962421de7a0ba8a2", "tree": "83d081686c504752e0e5430b2ae9272290552f9e", "parents": [ "a9371d49df9eb4458b3817e00d7785194abe6ce9" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Fri Feb 06 19:53:59 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Feb 06 14:53:59 2026 -0500" }, "message": "decouple manx from core (#3242)\n\n* decouple manx from core\n\n* iteration fallback\n\n* fix unit test\n\n* style fix\n\n* update tcp tests\n\n---------\n\nCo-authored-by: Joshua Klosterman \u003cjklosterman@mitre.org\u003e\nCo-authored-by: Joshua Klosterman \u003c1268718+jlklos@users.noreply.github.com\u003e" }, { "commit": "a9371d49df9eb4458b3817e00d7785194abe6ce9", "tree": "8db21fde2993c539cecbbbb79aea334bd2b437ce", "parents": [ "20bfc018bb1a87beb4fc1ed48b5b9d000ab0260f" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Thu Jan 29 21:35:20 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 29 16:35:20 2026 -0500" }, "message": "create placeholder facts if they\u0027re None when creating relationships (#3248)\n\n* create placeholder facts if they\u0027re None when creating relationships\n\n* use relationship constructor to set default facts\n\nFixes #3247" }, { "commit": "20bfc018bb1a87beb4fc1ed48b5b9d000ab0260f", "tree": "07ea8dc96dcb438b3146ebb7fc0a087868e5d104", "parents": [ "222b42a6fc36a47f026a7a2f57b127645a3bd4f4" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Thu Jan 29 14:40:05 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 29 14:40:05 2026 -0500" }, "message": "make data_svc load_ability_file function more resilient (#3244)\n\n* error handling for load_ability_file, update _get_plugin_name\n\n* unit tests for _get_plugin_name\n\n* style fix\n\n* ensure ability id is string\n\n* add unit test for load_ability_file\n\n* compare executors\n\n* proper none comparison\n\n* simplify eq method\n\n* test additional lines\n\n* address sonarcloud concerns\n\n---------\n\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "222b42a6fc36a47f026a7a2f57b127645a3bd4f4", "tree": "6d4c4af5d5c6f4643c567c1fd7e1058b36f94255", "parents": [ "9ecebcc474841e92bb89dd916dff8d3a48d45a43" ], "author": { "name": "Kara Pepper", "email": "78662790+kmpepper@users.noreply.github.com", "time": "Wed Jan 28 11:22:08 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 28 11:22:08 2026 -0500" }, "message": "Eliminate Caldera Core Dependencies on Plugins: stockpile (#3243)\n\n* Moving plain text and base64 obfuscators to Caldera core to remove Stockpile dependencies\n\n* Moving plain text and base64 obfuscators to Caldera core to remove Stockpile dependencies, bug fix\n\n* Updating tests with correct path and style fixes\n\n* Adding unit tests for plain text and b64 basic obfuscators\n\n---------\n\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "9ecebcc474841e92bb89dd916dff8d3a48d45a43", "tree": "5ba2d8dac9da87dd59c92c2a220b6e6fb17be4ad", "parents": [ "1a19420b2b856bf0875b80a7bb5fa7ad8c41713d" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Jan 21 11:47:39 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 21 11:47:39 2026 -0500" }, "message": "Clean up generated YML files from unit tests (#3237)\n\n* remove ability files created from unit test\n\n* remove planner file after using fixture\n\n* fix comment\n\n* cleanup adversary files\n\n* style fix\n\n* add path exists checks to cleanup" }, { "commit": "1a19420b2b856bf0875b80a7bb5fa7ad8c41713d", "tree": "4fc10d2ef8cfda7b88f38a484008ee39babb9255", "parents": [ "0f2fca52c1a391a5465be808e5bc417db0a0a8e8" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Tue Jan 20 11:48:53 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Jan 20 11:48:53 2026 -0500" }, "message": "Addressing some unit test warnings (#3222)\n\n* fix asyncmock and atomic planner test\n\n* adjust TCP contact\n\n* address some warnings\n\n* rework ftp contact\n\n* remove unused imports\n\n* switch to start method to fix error in unit tests\n\n* use non-breaking pyasn1 version to address unit test warning\n\n* handle task cancelation\n\n* different method of suppressing exception\n\n* more logging\n\n* use testing dir for ftp contact unit tests\n\n* close TCP sessions during contact close\n\n* style fix\n\n* refactor\n\n* handle possible null server/tasks\n\n* address marshmallow deprecated meta.ordered message\n\n---------\n\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "0f2fca52c1a391a5465be808e5bc417db0a0a8e8", "tree": "44ebef7a33de1ca508b0326b90ef78c3dd10bb00", "parents": [ "c3b8bbcc51ba15a5f6a2d3d532048be374876db6" ], "author": { "name": "Tim Brigham OC", "email": "75033503+timbrigham-oc@users.noreply.github.com", "time": "Fri Jan 09 14:10:38 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jan 09 14:10:38 2026 -0500" }, "message": "Update app_svc.py (#3198)\n\nUpdate logic to exclude all non yml files\n\n* support both yaml file extensions\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "c3b8bbcc51ba15a5f6a2d3d532048be374876db6", "tree": "ac1273e9f5a56505d29f5d9ebcef6f738b92e3e4", "parents": [ "6e15b84c534dd651a06ae2fa5cf2b718fb34f6cf" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jan 08 20:58:46 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 08 20:58:46 2026 -0500" }, "message": "Bump postcss from 8.4.30 to 8.4.31 (#2830)\n\nBumps [postcss](https://github.com/postcss/postcss) from 8.4.30 to 8.4.31.\n- [Release notes](https://github.com/postcss/postcss/releases)\n- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/postcss/postcss/compare/8.4.30...8.4.31)\n\n---\nupdated-dependencies:\n- dependency-name: postcss\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "6e15b84c534dd651a06ae2fa5cf2b718fb34f6cf", "tree": "316c85d2c4fa601ff3909e0f4b973240be4e4068", "parents": [ "e28b4c22ec1edf18012ee24c27cf257442b9b50b" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Thu Jan 08 13:13:40 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 08 13:13:40 2026 -0500" }, "message": "ignore fact creation timestamp comparison in test_update_schedule (#3241)\n\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "e28b4c22ec1edf18012ee24c27cf257442b9b50b", "tree": "a6b5c011de4778483cb56363537dd82476108240", "parents": [ "72a0317a5d7c35527e4d23fe3c1bac4d9f6d421e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jan 08 08:38:54 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 08 08:38:54 2026 -0500" }, "message": "Bump js-yaml from 4.1.0 to 4.1.1 (#3229)\n\nBumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.\n- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)\n\n---\nupdated-dependencies:\n- dependency-name: js-yaml\n dependency-version: 4.1.1\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "72a0317a5d7c35527e4d23fe3c1bac4d9f6d421e", "tree": "68e727cd897c7f3ae172457b9d6d2293e002f2da", "parents": [ "cf7c441b4a50815c0e622252bb540ed36968640b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jan 08 08:24:19 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 08 08:24:19 2026 -0500" }, "message": "Bump braces from 3.0.2 to 3.0.3 (#3003)\n\nBumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.\n- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)\n\n---\nupdated-dependencies:\n- dependency-name: braces\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "cf7c441b4a50815c0e622252bb540ed36968640b", "tree": "cac40db8c36bf2674a464d5fcb3b58b7e328d675", "parents": [ "b0cf23cd7771a6f9176633ea91b1676b1cf7854e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Jan 07 10:36:32 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 07 10:36:32 2026 -0500" }, "message": "Bump aiohttp from 3.12.14 to 3.13.3 (#3239)\n\n---\nupdated-dependencies:\n- dependency-name: aiohttp\n dependency-version: 3.13.3\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e" }, { "commit": "b0cf23cd7771a6f9176633ea91b1676b1cf7854e", "tree": "5a026f91675973f27ee8210864136d2042bfaa1a", "parents": [ "950a52b595641073875b42d3a9445cb6e4148d7f" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Jan 07 10:26:07 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 07 10:26:07 2026 -0500" }, "message": "update lxml requirement to match svglib dependency (#3238)\n\nCo-authored-by: Chris Lenk \u003cclenk@users.noreply.github.com\u003e" }, { "commit": "950a52b595641073875b42d3a9445cb6e4148d7f", "tree": "6abdc07ddc3c0b1b236419eec9690b0b75b62321", "parents": [ "258d1412310ded212ae37abac958229414973da4" ], "author": { "name": "Chris Lenk", "email": "clenk@users.noreply.github.com", "time": "Wed Jan 07 08:41:49 2026 -0600" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 07 09:41:49 2026 -0500" }, "message": "Fix typo in feature request template (#3240)\n\n" }, { "commit": "258d1412310ded212ae37abac958229414973da4", "tree": "50eada97281d67edacc25569388bd591ce7089dd", "parents": [ "7c2936eb5e6169e6fedfc099f1959d84e16b8b85" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Jan 02 10:15:57 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jan 02 10:15:57 2026 -0500" }, "message": "Bump marshmallow from 3.20.1 to 3.26.2 (#3236)\n\nBumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 3.20.1 to 3.26.2.\n- [Changelog](https://github.com/marshmallow-code/marshmallow/blob/3.26.2/CHANGELOG.rst)\n- [Commits](https://github.com/marshmallow-code/marshmallow/compare/3.20.1...3.26.2)\n\n---\nupdated-dependencies:\n- dependency-name: marshmallow\n dependency-version: 3.26.2\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7c2936eb5e6169e6fedfc099f1959d84e16b8b85", "tree": "4e91f057d78f79514956019118e362dc1af49171", "parents": [ "806d63a1bc11ff00e12a50105e07db883d8795bc" ], "author": { "name": "Louis", "email": "l.hacklaender@web.de", "time": "Wed Dec 17 20:40:56 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 17 14:40:56 2025 -0500" }, "message": "Fix empty Everything Bagel adversary (replace !\u003d\u0027training\u0027 with \u003d\u003d\u0027training\u0027) (#3234)\n\n" }, { "commit": "806d63a1bc11ff00e12a50105e07db883d8795bc", "tree": "2f49c05a41cbf445725dac9560c023b85865c325", "parents": [ "c2fbedb0c3fa6f80f510b529f778fd32723f802f" ], "author": { "name": "Chris Lenk", "email": "clenk@users.noreply.github.com", "time": "Fri Dec 12 15:33:30 2025 -0600" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 12 16:33:30 2025 -0500" }, "message": "Remove auto assigned responders (#3231)\n\nCo-authored-by: Chris Lenk \u003c402940+clenk@users.noreply.github.com\u003e" }, { "commit": "c2fbedb0c3fa6f80f510b529f778fd32723f802f", "tree": "7573b76d7c3e4514e98ce8e18ec34909c496fae5", "parents": [ "fa8a44c88b7f12a34d9e9f5b6fccbdd4f599ebc8" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Fri Dec 05 12:16:04 2025 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 05 12:16:04 2025 -0500" }, "message": "fix asyncmock and atomic planner test (#3219)\n\n" }, { "commit": "fa8a44c88b7f12a34d9e9f5b6fccbdd4f599ebc8", "tree": "3338398e591a45c828d59363ae8f7b507ff62deb", "parents": [ "54dd2648746eefc0bb12469b5150d228717b05d0" ], "author": { "name": "Ricky Chen", "email": "124005584+HackedRico@users.noreply.github.com", "time": "Wed Nov 12 15:57:07 2025 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Nov 12 15:57:07 2025 -0500" }, "message": "Update Magma Submodule (#3225)\n\n* fix: update magma submodule to latest\n\n* Update magma\n\n* Update Magma Sub Module" }, { "commit": "54dd2648746eefc0bb12469b5150d228717b05d0", "tree": "b12dad3a18b3e840ed9ee4ebac8c937dab2d5f9f", "parents": [ "0ff0bff990a1044709661500fef202aa87a346ae" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Tue Oct 14 12:50:27 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Oct 14 12:50:27 2025 -0400" }, "message": "set finished and cleanup state properly for operations (#3214)\n\n* set finished and cleanup state properly for operations\n\n* remove unnecessary lines\n\n* include operation ID in cleanup log msg\n\n* simplify condition\n\n* add unit tests for cleanup status\n\n* Update tox.ini\n\n* Update quality.yml" }, { "commit": "0ff0bff990a1044709661500fef202aa87a346ae", "tree": "795f3ddc4d8577312e7becb4ad049f09ed7f0000", "parents": [ "38bc3d4af053e8be10db6004b3cf608e46c976c9" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Tue Oct 14 11:46:48 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Oct 14 11:46:48 2025 -0400" }, "message": "don\u0027t override coverage path for sonar (#3216)\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "38bc3d4af053e8be10db6004b3cf608e46c976c9", "tree": "5d47af597426faa9196ffd83d344a5eb2dc32ba8", "parents": [ "5eb0f293d738fe51100539e188ae97bd0cabbd7b" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Tue Oct 14 11:38:19 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Oct 14 11:38:19 2025 -0400" }, "message": "ignore fact creation timestamp comparison in scheduling unit test (#3215)\n\n* ignore fact creation timestamp comparison in scheduling unit test\n\n* fix syntax" }, { "commit": "5eb0f293d738fe51100539e188ae97bd0cabbd7b", "tree": "d2fef2dbc25ad072f4745acfa5105ebaf420189e", "parents": [ "802589ffc89c7b9c7e4e6b9598449589b1b5126c" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Mon Oct 13 18:59:14 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 13 18:59:14 2025 -0400" }, "message": "remove python 3.9 from tox (#3210)\n\n* remove python 3.9\n\n* check verbose output\n\n* increase verbosity\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "802589ffc89c7b9c7e4e6b9598449589b1b5126c", "tree": "8a8ba3778e1db02c0db949d8aa4c64b2ca4e8352", "parents": [ "e626e3e7b11ebcb3f5864250f40750960680feed" ], "author": { "name": "Devon Colmer", "email": "935806+d3vco@users.noreply.github.com", "time": "Tue Oct 07 11:15:09 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Oct 07 11:15:09 2025 -0400" }, "message": "Fix Data Loading Issue (#3207)\n\n* fix: reduce try-except block\n\n* fix: add exception handling\n\n* fix: extensions config as dict type\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "e626e3e7b11ebcb3f5864250f40750960680feed", "tree": "6ab2ab8d481ba7c400b79b786c53d04d4649c03b", "parents": [ "5849e3c032c7674177b617aec922b0da6c539854" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Mon Oct 06 18:39:06 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:39:06 2025 -0400" }, "message": "update installation info (#3199)\n\nupdate minimum dependency versions, add note about python virtual environment\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "5849e3c032c7674177b617aec922b0da6c539854", "tree": "74804099d2a53e8261a69534e67ec0c618e4c78d", "parents": [ "18529aafa3f00c69ae4b3ca476c0913404af4916" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Mon Oct 06 18:31:38 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:31:38 2025 -0400" }, "message": "Use updated golang version in dockerfile (#3202)\n\n* Use updated golang version in dockerfile\n\n* fix update-agents script tr\n\n* uncomment\n\n* Update Dockerfile\n\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e" }, { "commit": "18529aafa3f00c69ae4b3ca476c0913404af4916", "tree": "40313a0bac5ff7edf5441d489b95c416893c75f5", "parents": [ "a12cab9ed4ef12dea8efa53c47cceb591d2d3b14" ], "author": { "name": "Ricky Chen", "email": "124005584+HackedRico@users.noreply.github.com", "time": "Mon Oct 06 18:19:20 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:19:20 2025 -0400" }, "message": "fix(3078, 3079): Resolve issues in Operations API Manager and Plugin Hooks (#3187)\n\n* Pull from PR#3101\n\n*\n\n* fix!: Typo\n\n* fix!: Conditional to Catch None Attribute Error Running Operations\n\n* Planning Services attempts to fcall() and assume all abilities utilizes Builder Plugin and attempts to build payload.\n\n* fix!: Caldera Operations Api Manager creates Builder Payloads during Runtime\n\n* Conditional required to validate that only abilities utilizing builder plugin is used.\n\n* Required encoded_command before building of ability and executor\n\n* Update planning_svc.py\n\nAdded EOF new line to fix linting issue\n\n* Update conftest.py\n\nno longer able to use event_loop replaced all instances of event_loop with loop\n\n* Fixes Flake8 Linter Run Errors\n\n* fix: Direct Executer Function Call from Map\n\n* Revert \"Update conftest.py\"\n\nThis reverts commit 3ecb69c9f0ec8da7906255102e44e02b049e758b.\n\n* fix: additional executor checks\n\n* Python Linting\n\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e\n\n* fix: flake8 linting error due to conditionals\n\n* Pull Workflow from Upstream\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e\nCo-authored-by: Copilot \u003c175728472+Copilot@users.noreply.github.com\u003e" }, { "commit": "a12cab9ed4ef12dea8efa53c47cceb591d2d3b14", "tree": "24dcd339f971c8f11a13b7c67f74ce4866f6ef0a", "parents": [ "29a83a596a8a32d7c3b90bf827537e97e3977ca1" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 18:13:25 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:13:25 2025 -0400" }, "message": "Refactor SonarQube scan for forked PRs" }, { "commit": "29a83a596a8a32d7c3b90bf827537e97e3977ca1", "tree": "77764afa0612afac22c89730ef089242b2169d34", "parents": [ "29f7170604a953cc3787d66983a3482f4485bd93" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 18:11:43 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:11:43 2025 -0400" }, "message": "Enable SonarQube scan for forked PRs" }, { "commit": "29f7170604a953cc3787d66983a3482f4485bd93", "tree": "892e0c274f2c065b6c7f72d3d4f9924e4ed3752a", "parents": [ "74fb323d049dec5bde5ad9234cc4cb82ef83f86f" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 18:11:00 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:11:00 2025 -0400" }, "message": "Disable SonarQube scan for forked pull requests\n\nComment out SonarQube scan steps for forked PRs." }, { "commit": "74fb323d049dec5bde5ad9234cc4cb82ef83f86f", "tree": "7082084e7296f38fc976162179f6933d7296d780", "parents": [ "1bd1815f833761102c8ca6e47089c673da4550d3" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 18:04:11 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:04:11 2025 -0400" }, "message": "Delete .github/workflows/sonar-fork-pr.yml" }, { "commit": "1bd1815f833761102c8ca6e47089c673da4550d3", "tree": "0f88b2496b0b47282fdf1aa5c2597750023c57b6", "parents": [ "e394b0351effc7a0d5b95ccdcef21fb8e8d850fb" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 17:54:38 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 17:54:38 2025 -0400" }, "message": "Deacon mp patch SonarC (#3213)\n\n* Enhance quality.yml for SonarQube integration\n\nUpdated GitHub Actions workflow to enable SonarQube scans for forked pull requests and adjusted job conditions.\n\n* Refactor GitHub Actions workflow for code quality\n\n* Refactor SonarQube scan action arguments\n\nUpdated SonarQube scan action configuration for better project structure.\n\n* Update quality.yml" }, { "commit": "e394b0351effc7a0d5b95ccdcef21fb8e8d850fb", "tree": "02e5a3f8b9aca1e6a917f65c92b0f68cae8596f4", "parents": [ "4f7432bd2db1bffdb6fb311a4e007e1d2851a82a" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Oct 06 17:17:26 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 17:17:26 2025 -0400" }, "message": "Add SonarQube workflow for forked pull requests" }, { "commit": "4f7432bd2db1bffdb6fb311a4e007e1d2851a82a", "tree": "da47fcd1e1ce0c849ba81c2e2cce1a29ebaf5ee0", "parents": [ "f1bb6c3dfec771d6729fa85a8ea81c5df8dfa77e" ], "author": { "name": "Ricky Chen", "email": "124005584+HackedRico@users.noreply.github.com", "time": "Fri Sep 26 13:52:25 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 26 13:52:25 2025 -0400" }, "message": "Enhance DELETE Payload Sanitization in API Handler (#3188)\n\n* fix!: Addition Filename Sanitization for Delete Payload\n\n* satisfy flake8\n\n* Merge remote-tracking branch \u0027upstream/master\u0027 into fix-payloadapi\n\n---------\n\nCo-authored-by: Daniel Matthews \u003c58484522+uruwhy@users.noreply.github.com\u003e\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "f1bb6c3dfec771d6729fa85a8ea81c5df8dfa77e", "tree": "c784d04863e8131ff8fded3ac1afd1218379de3c", "parents": [ "b4d8c37e3d3db47aedc1fdf349c700435a35176c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Sep 26 12:54:50 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 26 12:54:50 2025 -0400" }, "message": "Bump SonarSource/sonarqube-scan-action in /.github/workflows (#3209)\n\nBumps [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 5.3.0 to 6.0.0.\n- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)\n- [Commits](https://github.com/sonarsource/sonarqube-scan-action/compare/v5.3.0...v6.0.0)\n\n---\nupdated-dependencies:\n- dependency-name: SonarSource/sonarqube-scan-action\n dependency-version: 6.0.0\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b4d8c37e3d3db47aedc1fdf349c700435a35176c", "tree": "6a319942e399d2dc67907571959ba023dbcde47b", "parents": [ "3b796f3e7969da51ab7d563680738babc482e793" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Fri Sep 26 12:29:33 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 26 12:29:33 2025 -0400" }, "message": "Switch to SonarQube (#3201)\n\n* Switch to SonarQube\n\n* update python versions in sonar properties\n\n* explicitly set sonar.host.url\n\n---------\n\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "3b796f3e7969da51ab7d563680738babc482e793", "tree": "df903c472441c4696b9a7fc9d18e5820cdd65fff", "parents": [ "4935b8ae738726df28d72a2893316a5f73cfdde0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Sep 04 10:37:02 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Sep 04 10:37:02 2025 -0400" }, "message": "Bump aiohttp from 3.10.11 to 3.12.14 (#3189)\n\n---\nupdated-dependencies:\n- dependency-name: aiohttp\n dependency-version: 3.12.14\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: deacon-mp \u003c61169193+deacon-mp@users.noreply.github.com\u003e" }, { "commit": "4935b8ae738726df28d72a2893316a5f73cfdde0", "tree": "a504325913247fee147c058d36fcab8d97c22c84", "parents": [ "3917b8017d11194ecc468de90f5ce085a801bee9", "cffbedd00a3b7cd397ba7cef750a5536aaaccbbe" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Thu Aug 28 13:30:00 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Aug 28 13:30:00 2025 -0400" }, "message": "Merge pull request #3197 from HackedRico/fix-docker-workflow\n\nfix: Docker Workflow indentation" }, { "commit": "cffbedd00a3b7cd397ba7cef750a5536aaaccbbe", "tree": "a504325913247fee147c058d36fcab8d97c22c84", "parents": [ "3917b8017d11194ecc468de90f5ce085a801bee9" ], "author": { "name": "Ricky", "email": "124005584+HackedRico@users.noreply.github.com", "time": "Fri Aug 22 16:10:55 2025 -0400" }, "committer": { "name": "Ricky", "email": "124005584+HackedRico@users.noreply.github.com", "time": "Fri Aug 22 16:10:55 2025 -0400" }, "message": "fix!: Docker Workflow indentation\n" }, { "commit": "3917b8017d11194ecc468de90f5ce085a801bee9", "tree": "21236dae0fb75e6003736679f3dca2a8aa0f4b2e", "parents": [ "032ec16c60d650245e81ba0c7a9b1a000dbefb22" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Tue Aug 12 13:27:40 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Aug 12 13:27:40 2025 -0400" }, "message": "Update tox.ini\n\nReverting to a working pytest asycio until we have a fix in place." }, { "commit": "032ec16c60d650245e81ba0c7a9b1a000dbefb22", "tree": "1d07252ce3f4ff0b7247c73692337e4a6d5b6d19", "parents": [ "48447d2a08efbdf4b43574e1df5c02acbbc2728f", "82cf69202063d5a7778da5aca49324d4450fba6f" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Mon Jul 07 10:10:25 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jul 07 10:10:25 2025 -0400" }, "message": "Merge pull request #3178 from mitre/dependabot/pip/setuptools-78.1.1\n\nBump setuptools from 75.6.0 to 78.1.1" }, { "commit": "48447d2a08efbdf4b43574e1df5c02acbbc2728f", "tree": "fc69fa8e5f830d33a1634d7a89cd421915126500", "parents": [ "d41eb4793e97281f79c33964cfa25e80ce0982d1" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Jul 03 15:20:49 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jul 03 15:20:49 2025 -0400" }, "message": "Update security.yml\n\nRemoved python 3.9 for pytest" }, { "commit": "d41eb4793e97281f79c33964cfa25e80ce0982d1", "tree": "80526f4356f3512b4a08f5a90d61f8372ceb1b06", "parents": [ "5e9ad93a46e5113abfc18163e7aee5463088bcf2" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Jul 03 15:20:17 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jul 03 15:20:17 2025 -0400" }, "message": "Update quality.yml\n\nremoved python 3.9 pytest" }, { "commit": "5e9ad93a46e5113abfc18163e7aee5463088bcf2", "tree": "01817b7960c9866af9efc19f3fc0e24a4fb06589", "parents": [ "83127328b28236e6b6ab9dd6fa0b98cdc09f3509" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Jul 03 15:14:15 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jul 03 15:14:15 2025 -0400" }, "message": "Update payload_api.py\n\nFixed Linting Flak8 trailing whitespace" }, { "commit": "83127328b28236e6b6ab9dd6fa0b98cdc09f3509", "tree": "298a5946c3f9c06787168fe15de43570ddf85901", "parents": [ "b24f6e7a99cab19cbf417009bda9b9c6c81abc31", "14c356261ced92a86371cdb74331f46a0d7e98d3" ], "author": { "name": "deacon-mp", "email": "61169193+deacon-mp@users.noreply.github.com", "time": "Thu Jul 03 15:12:57 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jul 03 15:12:57 2025 -0400" }, "message": "Merge pull request #3186 from RachHavoc/rcm/cwe-22-fix\n\nFix CWE 22 in Payload API" }, { "commit": "14c356261ced92a86371cdb74331f46a0d7e98d3", "tree": "298a5946c3f9c06787168fe15de43570ddf85901", "parents": [ "cd28656d3c0fbd798714cbdabadacbb42b826665" ], "author": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jul 01 17:20:14 2025 +0000" }, "committer": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jul 01 17:20:14 2025 +0000" }, "message": "adding some extra file sanitization\n" }, { "commit": "cd28656d3c0fbd798714cbdabadacbb42b826665", "tree": "e5c713a633f99de2c83da6fff89a1328a0d1340c", "parents": [ "7afe8080e7485ddeac997404eb7e490d7d99507f" ], "author": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jun 24 16:18:12 2025 +0000" }, "committer": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jun 24 16:18:12 2025 +0000" }, "message": "remove unnecessary comments\n" }, { "commit": "7afe8080e7485ddeac997404eb7e490d7d99507f", "tree": "b8fe606e1e34abda3e5b6766bab8a9ee77316060", "parents": [ "b24f6e7a99cab19cbf417009bda9b9c6c81abc31" ], "author": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jun 24 16:08:24 2025 +0000" }, "committer": { "name": "RachHavoc", "email": "rachelcamurphy@gmail.com", "time": "Tue Jun 24 16:08:24 2025 +0000" }, "message": "fix cwe 22\n" }, { "commit": "82cf69202063d5a7778da5aca49324d4450fba6f", "tree": "eb9f499473cc064a86db5628ea97c9a2e544533e", "parents": [ "b24f6e7a99cab19cbf417009bda9b9c6c81abc31" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 19 21:26:01 2025 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 19 21:26:01 2025 +0000" }, "message": "Bump setuptools from 75.6.0 to 78.1.1\n\nBumps [setuptools](https://github.com/pypa/setuptools) from 75.6.0 to 78.1.1.\n- [Release notes](https://github.com/pypa/setuptools/releases)\n- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)\n- [Commits](https://github.com/pypa/setuptools/compare/v75.6.0...v78.1.1)\n\n---\nupdated-dependencies:\n- dependency-name: setuptools\n dependency-version: 78.1.1\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e" }, { "commit": "b24f6e7a99cab19cbf417009bda9b9c6c81abc31", "tree": "b79cf0aaae578acc5e53ce11ee322dba10824fdf", "parents": [ "f48a078526cf51e8dd87110b8815c1c364ea7d6f" ], "author": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Thu Apr 24 13:39:59 2025 -0400" }, "committer": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Thu Apr 24 13:39:59 2025 -0400" }, "message": "app version tag\n" }, { "commit": "f48a078526cf51e8dd87110b8815c1c364ea7d6f", "tree": "bd90d64bc77583477bc33ba48d9898f5425b6694", "parents": [ "0a2547dead6b6b4ea8c36cfc1c3c9e48aa5576d7", "70fc3fb72f0fd7bb28dddce39bd30ee38289472b" ], "author": { "name": "Michael Kouremetis", "email": "mkouremetis16@gmail.com", "time": "Thu Apr 24 12:51:42 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 24 12:51:42 2025 -0400" }, "message": "Merge pull request #3171 from mitre/repin/04242025\n\nupdate magma and stockpile" }, { "commit": "70fc3fb72f0fd7bb28dddce39bd30ee38289472b", "tree": "bd90d64bc77583477bc33ba48d9898f5425b6694", "parents": [ "0a2547dead6b6b4ea8c36cfc1c3c9e48aa5576d7" ], "author": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Thu Apr 24 12:50:17 2025 -0400" }, "committer": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Thu Apr 24 12:50:17 2025 -0400" }, "message": "update magma and stockpile\n" }, { "commit": "0a2547dead6b6b4ea8c36cfc1c3c9e48aa5576d7", "tree": "0c0b479d3f4f347965536cac25b220cd3d64ec73", "parents": [ "24f849dcf95dbc81d77feb54e07f87781153b172", "db9187af78d2b4208e1da462d51253384d0eca2d" ], "author": { "name": "Michael Kouremetis", "email": "mkouremetis16@gmail.com", "time": "Mon Apr 21 16:19:41 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 21 16:19:41 2025 -0400" }, "message": "Merge pull request #3168 from mitre/fix-tox-20250416\n\nFix requirements packages for tox security" }, { "commit": "db9187af78d2b4208e1da462d51253384d0eca2d", "tree": "0c0b479d3f4f347965536cac25b220cd3d64ec73", "parents": [ "c796e7ed75b8d0fcf241d2567f50b1694e2704a4", "24f849dcf95dbc81d77feb54e07f87781153b172" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Mon Apr 21 12:07:13 2025 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 21 12:07:13 2025 +0000" }, "message": "Merge branch \u0027master\u0027 into fix-tox-20250416" }, { "commit": "24f849dcf95dbc81d77feb54e07f87781153b172", "tree": "3b189f861875714ffd6d14a01a4df1fc06a9bd82", "parents": [ "2c69e217e0db984b702b22f24d37610706cf0954", "4b83917e441c40b75e1c17087ef74288b2c2d214" ], "author": { "name": "Michael Kouremetis", "email": "mkouremetis16@gmail.com", "time": "Fri Apr 18 11:11:03 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 18 11:11:03 2025 -0400" }, "message": "Merge pull request #3170 from mitre/repin/04182025\n\nrepin" }, { "commit": "4b83917e441c40b75e1c17087ef74288b2c2d214", "tree": "3b189f861875714ffd6d14a01a4df1fc06a9bd82", "parents": [ "2c69e217e0db984b702b22f24d37610706cf0954" ], "author": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Fri Apr 18 11:10:23 2025 -0400" }, "committer": { "name": "elegantmoose", "email": "mkouremetis16@gmail.com", "time": "Fri Apr 18 11:10:23 2025 -0400" }, "message": "repin\n" }, { "commit": "2c69e217e0db984b702b22f24d37610706cf0954", "tree": "aa8c94a23f13e77aac8e79a94283a8f614c8d4c3", "parents": [ "33975f3fc726452119a28975a3138c7824c3ba40", "b723aaca99589df1515badd40bd81732f93ce118" ], "author": { "name": "Michael Kouremetis", "email": "mkouremetis16@gmail.com", "time": "Fri Apr 18 11:07:27 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 18 11:07:27 2025 -0400" }, "message": "Merge pull request #3167 from mitre/issue-3132\n\nfilter 0-score facts from operation source" }, { "commit": "c796e7ed75b8d0fcf241d2567f50b1694e2704a4", "tree": "eef579340c0f37d216ff3db63fcad9da348ecc37", "parents": [ "75346b9d746006845d9a9667ed3c4082d6617e4a" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Apr 16 13:16:16 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 16 13:16:16 2025 -0400" }, "message": "reverting scan command to check due to account requirement" }, { "commit": "75346b9d746006845d9a9667ed3c4082d6617e4a", "tree": "7c4612813c999fd5e57858544e014f2ff43a1485", "parents": [ "e6a500cf8bf0b301b758c48fc460c8d4d79942c5" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Apr 16 12:54:16 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 16 12:54:16 2025 -0400" }, "message": "Update requirements.txt\n\nupdate asyncssh and dnspython to address security issues" }, { "commit": "e6a500cf8bf0b301b758c48fc460c8d4d79942c5", "tree": "2c7292d3c64d7e8d98b98d33fa4dca1f69fc3e37", "parents": [ "33975f3fc726452119a28975a3138c7824c3ba40" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Apr 16 12:47:50 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 16 12:47:50 2025 -0400" }, "message": "swap out deprecated check command" }, { "commit": "b723aaca99589df1515badd40bd81732f93ce118", "tree": "aa8c94a23f13e77aac8e79a94283a8f614c8d4c3", "parents": [ "ffda35c5cc3fd06c1f1a95db042e9c2bef5605ef" ], "author": { "name": "Daniel Matthews", "email": "58484522+uruwhy@users.noreply.github.com", "time": "Wed Apr 16 12:39:02 2025 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 16 12:39:02 2025 -0400" }, "message": "add 0-score fact to unit test" } ], "next": "ffda35c5cc3fd06c1f1a95db042e9c2bef5605ef" }