github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 23:57:29 +00:00
Code Issues Projects Releases Wiki Activity
4,773 Commits 121 Branches 172 Tags 104 MiB
1e455f30a6
Commit Graph

4773 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
1882def2a6 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `fbf0a4e` to `88a40c8`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](fbf0a4e8ce...88a40c8d9c)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-25 19:06:06 +01:00
Luca Guerra
8421e4b122 fix(cmake): fix USE_BUNDLED_DEPS=ON and BUILD_FALCO_UNIT_TESTS=ON 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-03-25 16:47:06 +01:00
Paul Rey
12cd72a396 Remove --source-only option in driver loader docker-entrypoint.sh 
The option is supported anymore in falcoctl

Signed-off-by: Paul Rey <contact@paulrey.io>
 2024-03-22 13:45:53 +01:00
Paul Rey
858c82ffe0 Update driver-loader docker-entrypoint 
Remove debug log
Set default option ENABLE_COMPILE and ENABLE_DOWNLOAD

Signed-off-by: Paul Rey <contact@paulrey.io>
 2024-03-22 13:45:53 +01:00
Paul Rey
2f6fdfa972 Add kernelversion and kernelrelease options to falco driver loader entrypoint 
Signed-off-by: Paul Rey <contact@paulrey.io>
 2024-03-22 13:45:53 +01:00
dependabot[bot]
2dfac14cd1 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `44addef` to `fbf0a4e`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](44addef4f7...fbf0a4e8ce)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-15 09:41:27 +01:00
Federico Di Pierro
5fe9fc9d89 update(cmake): bumped libs and driver to 0.15.0-rc1. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-03-14 10:55:24 +01:00
Melissa Kilby
3b7b3439ec cleanup(metrics): fix build for non linux 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-03-14 10:55:24 +01:00
Melissa Kilby
7762d0cd84 chore: bump libs 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-03-14 10:55:24 +01:00
Melissa Kilby
09d813b22d feat(metrics): sync libs metrics collector refactor 
Includes a handful of naming changes. A notice to
https://falco.org/docs/metrics/falco-metrics/ will be added well
in advance of Falco 0.38.0

falco.hostname -> evt.hostname to be consistent with the newer evt.hostname filtercheck
cpu_usage_perc_total_host -> host_cpu_usage_perc
memory_used_host -> host_memory_used_kb (or host_memory_used_mb)
procs_running_host -> host_procs_running
open_fds_host -> host_open_fds

memory_rss -> memory_rss_kb (or memory_rss_mb)
memory_pss -> memory_pss_kb (or memory_pss_mb)
memory_vsz -> memory_vsz_kb (or memory_vsz_mb)
container_memory_used -> container_memory_used_bytes (or container_memory_used_mb)

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-03-14 10:55:24 +01:00
Andrea Terzolo
3395e604b6 ci: use ubuntu-22.04 with codeQL job 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-03-12 16:29:17 +01:00
Andrea Terzolo
0ce2b95b89 chore: bump falco engine version 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-03-12 16:29:17 +01:00
Andrea Terzolo
c5bb2b68e2 chore: bump to latest libs commit 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-03-12 16:29:17 +01:00
Federico Aponte
8dbec6c779 refactor: Use FetchContent for integrating bundled yaml-cpp lib 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-11 13:57:15 +01:00
Federico Aponte
c32b7c1246 refactor: Use FetchContent for integrating bundled cpp-httplib 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-11 13:57:15 +01:00
Federico Aponte
bc499e191d refactor: Use FetchContent for integrating bundled nlohman-json lib 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-11 13:57:15 +01:00
dependabot[bot]
ea187d3b45 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `dc7970d` to `44addef`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](dc7970d175...44addef4f7)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-11 09:38:14 +01:00
Gianmatteo Palmieri
517b79ee13 chore(engine): bump engine version 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Gianmatteo Palmieri
3d4be156cc new(tests): add unit test for invalid macro/list name 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Gianmatteo Palmieri
7265190e66 new(engine): don't expose details in error message 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Gianmatteo Palmieri
f00926b8af new(engine): error on invalid macro/list name 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
dependabot[bot]
a473ae5eb8 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `f88b991` to `dc7970d`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](f88b991a7f...dc7970d175)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-07 11:39:58 +01:00
Federico Aponte
3954ff233b refactor(ci): Avoid using command make directly 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-07 11:37:58 +01:00
Leonardo Grasso
a5297c4f29 docs(proposals/20231220-features-adoption-and-deprecation): general revision 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
eb35ea7dfe docs(proposals/20231220-features-adoption-and-deprecation): add Platform support area 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
63ccf872fd Update proposals/20231220-features-adoption-and-deprecation.md 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
3bdb98a46b Update proposals/20231220-features-adoption-and-deprecation.md 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
c68ef54bb2 docs(proposals/20231220-features-adoption-and-deprecation): remove feature gates, simplify policies and transition phases 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
865553dbe3 docs(proposals/20231220-features-adoption-and-deprecation): only stable features deprecation require a major bump 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Leonardo Grasso
10a9c1d774 docs(proposal): 20231220-features-adoption-and-deprecation.md 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-03-06 14:34:55 +01:00
Aldo Lacuku
185075bfd8 update(scrips/falcoctl): bump falco-rules version to 3 
Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>
 2024-03-06 07:35:54 +01:00
Melissa Kilby
5185f152c5 new(config): add falco_libs.thread_table_size 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-03-05 11:36:51 +01:00
Samuel Gaist
8f87b117c4 fix(userspace): correct directory iteration options 
The original code was using follow_directory_symlink twice, this patch
fixes that.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-03-05 10:29:51 +01:00
dependabot[bot]
5084a62dd1 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `b499a1d` to `f88b991`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](b499a1d0d0...f88b991a7f)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-01 12:05:36 +01:00
Leonardo Grasso
ca4db17e05 docs(README.md): Falco Graduates within the CNCF 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2024-02-29 16:41:33 +01:00
Samuel Gaist
f9b17b67f8 refactor(engine): fix variable / function shadowing 
Improve variable names in the code surrounding the changes.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-29 16:20:34 +01:00
Samuel Gaist
8a7361c8ab refactor(app): fix variable / function shadowing 
Improve variable names in the code surrounding the changes.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-29 16:20:34 +01:00
dependabot[bot]
2589bd0c0b build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `497e011` to `b499a1d`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](497e01189e...b499a1d0d0)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-28 11:16:27 +01:00
Gianmatteo Palmieri
928cb8bb8e new(tests): add unit test for exceptions condition 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-28 08:28:26 +01:00
Gianmatteo Palmieri
ea781477d6 fix(engine): logical issue in exceptions condition 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-28 08:28:26 +01:00
Federico Di Pierro
f6818902de fix(ci): properly enforce bundled deps off in build-dev, like it was before https://github.com/falcosecurity/falco/pull/3092. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-02-27 11:07:25 +01:00
Federico Di Pierro
5ebc7bbd7c chore(ci): bumped codeql actions. 
Moveover, to avoid spending too much time (and space) on the job, build without bundled deps.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-02-26 17:55:21 +01:00
Federico Aponte
f6af72fe76 cleanup: too many includes and useless defines 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
4d66a50d5b fix: pessimizing move warning 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
59c14f46a2 refactor: shared_ptr construction 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
557929a82a refactor: use object rather than unique_ptr 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
9a2b58c6f7 refactor: very minor improvement 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Gianmatteo Palmieri
1705fc2281 refactor(build): use find_package when possible 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-23 15:43:08 +01:00
Gianmatteo Palmieri
97806a98fb new(build): add options to use bundled yamlcpp and njson 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-23 15:43:08 +01:00
Gianmatteo Palmieri
736277d3d5 new(build): switch USE_BUNDLED_DEPS default value to ON 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-23 15:43:08 +01:00