v0.26.1

• Update time crate to fix build issue with Rust 1.80.0 (thanks @chenrui333!)
• Update container base image to Alpine 3.20

Thanks

We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.

v0.26.0

• Port to clap 4 (this solves a bug in zsh completions too)
• Fix compile issue on Rust 1.72.0 by updating the geo dependency (thanks @ZhongRuoyu, #249)
• Change the workspace size calculation from bytesize and 1 KB -> 1000 bytes, to humansize and 1 KiB -> 1024 bytes.

This is a very small release but marked as semver-minor due to the output change.

Thanks

We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.

v0.25.0

• Fix compile issue on rust 1.67.0 by updating dependencies (thanks @ZhongRuoyu)
• Refactor mqtt to do keep-alive automatically and by default. Some mqtt brokers started rejecting a keep-alive value of 0 as invalid, refusing the connection.

Thanks

We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.

v0.24.3

• Add missing seccomp syscall (clone3)
• Sandbox crash error message has been changed from EOF while parsing a value at line 1 column 0 to Sandbox child has crashed
• Support compiling for RISC-V 64-bit (#234, @SpriteOvO)
• Fixes related to path handling (#227, @stoeckmann)
• Reduce some heap allocation

Thanks

We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.

v0.24.2

• Add missing seccomp syscalls (rt_sigaction, rseq)
• Update Dockerfile to alpine 3.15 and buildkit (you might need to export DOCKER_BUILDKIT=1)
• Fix some clippy warnings
• Fix a typo in an example module (#224, @ysf)

Thanks

We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.

v0.24.1

• Fix seccomp issue with fstat

Thanks

We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.

v0.24.0

sn0int rescope -i

There've been commands for {scope,noscope,autoscope,autonoscope} for a while, scope/noscope sets entities to out-of-scope which automatically excludes them from further investigations, and autoscope/autonoscope is a system to automatically set things out-of-scope with a hierarchical rule set.

In the past there was no way to re-apply these rules to existing entities. This is now possible with the rescope command that's available both from the interactive cli and the commandline.

It defaults to non-interactive mode that shows a diff when applying the rules and asks for confirmation. -n is a dry-run to always reject the change, -y to automatically apply it and -i to interactively decide for each entity.

Besides the obvious y and n there's also:

• d (done) - apply the changes confirmed so far, skip the rest
• a (always) - apply all other changes matching this specific rule: if example.com matched noscope .com and you select a, example.com would be set out-of-scope and the next-up foobar.com would be automatically set out-of-scope without asking again
• x (never) - skip this change and all future changes matched by this rule

Thanks

We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.

v0.23.0

• Allow using run <module> interactively
• Allow setting a proxy with run -X <proxy>
• Add functions for perceptual image hashing
• Allow setting a different default user agent

Thanks

We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.

v0.22.0

• Support invoking shell commands with ! from readline
• The workspace can be selected with the SN0INT_WORKSPACE environment variable. Running shell commands with the new ! feature autoamtically sets this variable to the current workspace
• Bump dependencies

Thanks

We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.

v0.21.2

• Fix seccomp segfault with open on x86_64 musl
• Update dependencies
• Update dockerfile baseimage

Thanks

We'd like to thank @repi for their support on github sponsors.