Releases: step-security/dev-machine-guard
Releases · step-security/dev-machine-guard
v1.11.4
Immutable
release. Only release title and notes can be modified.
Changelog
- 3f3f74a Merge pull request #108 from shubham-stepsecurity/sm/test
- a5359b0 Merge branch 'main' into sm/test
- dcd8cc2 Merge pull request #109 from shubham-stepsecurity/sm/update
- a13a7ad Merge branch 'main' into sm/update
- bd071a1 fix(install-dir): reject empty --install-dir for install/uninstall
- 1580fa1 Merge pull request #111 from swarit-stepsecurity/swarit/chore/up-ver-1.11.4
- a0e3be1 Merge branch 'main' into swarit/chore/up-ver-1.11.4
- 9d0352d Merge pull request #112 from raysubham/subham/feat/msi-verify-script
- 7d487a3 scripts: add verify-msi.ps1 for client-side MSI integrity check
- e2a9209 chore(release): update to 1.11.4
- a719820 Merge pull request #97 from step-security/chore/GHA-212138-stepsecurity-remediation
- 40d782c chore(mdm): scope TCC skip to launchd, tighten prefix, dedupe helpers
- 839eb63 Merge branch 'main' into chore/GHA-212138-stepsecurity-remediation
- 392a3be fix(install-dir): make config field authoritative
- 8b0fdfe chore(mdm): log TCC skip hits encountered during walks
- 9351328 chore(mdm): skip macOS TCC-protected directories
- 1d3775e Merge pull request #107 from ashishkurmi/main
- 6a03fb4 ci: Authenticode-sign Windows binaries and MSIs via Azure Trusted Signing
- 8b92fa1 Merge pull request #106 from swarit-stepsecurity/swarit/chore/gate-features
- 11d6e9d Merge branch 'main' into swarit/chore/gate-features
- be0b7d3 chore: add feature gate to disable/enable features
- a518d6b Merge pull request #105 from ashishkurmi/main
- 81b876c ci: add workflow to build test binaries and MSIs on demand
- 85f35b8 Merge pull request #104 from ashishkurmi/swarit/fix/windows
- 94624db fix(windows): stop console window flashes during scheduled scans
- 0e007ef Merge pull request #99 from shubham-stepsecurity/sm/fix
- 11e2f91 Merge branch 'main' into sm/fix
- 567a4a3 Merge pull request #86 from shubham-stepsecurity/sm/update
- 7915016 Merge branch 'main' into sm/update
- 078df68 fix(telemetry): sandbox invocation test + make postPhase non-blocking
- 5a83651 fix(paths): canonicalise $HOME/~ expansion via filepath.Join
- dda8d0a fix(paths): add support for expanding $HOME
- 80526e0 chore(telemetry): track upload phase + per-phase sub-progress
- c666b5c [StepSecurity] Apply security best practices
- a24d4cf chore(info): Adding invocation_method and in-flight status_info
v1.11.3
Immutable
release. Only release title and notes can be modified.
Changelog
- cb9abe5 Merge pull request #95 from ashishkurmi/ak/chore/up-ver-1.11.3
- 9ebba3a Merge branch 'main' into ak/chore/up-ver-1.11.3
- 3a190b3 chore(release): bump version constant to 1.11.3
- ab88e52 Merge pull request #94 from ashishkurmi/ak/chore/up-ver-1.11.3
- cb62715 Merge branch 'main' into ak/chore/up-ver-1.11.3
- 72e9083 chore(release): update to v1.11.3
- 91a1b2b Merge pull request #88 from shubham-stepsecurity/sm/feat/add-support
- a839a7b feat(mdm): configurable install dir + persistent stderr logs
- 6dec9e3 Merge pull request #93 from swarit-stepsecurity/swarit/chore/up-ver-1.11.2
- 4d6bc03 Merge branch 'main' into swarit/chore/up-ver-1.11.2
- 873641a Merge pull request #92 from swarit-stepsecurity/swarit/feat/msi-integration
- 4c368c9 chore(release): update to v1.11.2
- 785d6b8 address remaining Copilot review comments on PR #92
- 40ca150 docs: tighten MSI deployment + packaging guides
- 5e82728 ci(msi-smoke): explicit exit 0 after uninstall cleanup checks
- b334bb6 ci: add MSI build/install/verify/uninstall smoke test on every PR
- fe8f42c ci: go fmt
- 860c018 address PR #92 review comments from Copilot
- 16f869a feat(install): add --ignore-telemetry-error opt-in for MSI/SCCM
- 900e7af fix(msi): use WixQuietExec from WixToolset.Util.wixext
- c5143c8 fix(msi): switch to Property-attribute custom actions (MSI Type 50)
- ea55aae fix(msi): bake [INSTALLFOLDER] into ExeCommand literally
- 9a3a90b fix(msi): switch custom actions to deferred + SetProperty CustomActionData pattern
- 1235415 ci: build MSIs on windows-latest (WiX 4 has Linux path-parsing bug)
- 343faf0 chore: bump version for MSI release pipeline test on fork
- 3e119c3 feat(windows): integrate msi based releases
- 09dc2a2 Merge pull request #91 from swarit-stepsecurity/swarit/fix/windows-sys-schedule
- 10f2422 fix(windows): grant Users modify ACL on ProgramData log dir; correct comment
- bb6266e Merge branch 'main' into swarit/fix/windows-sys-schedule
- c8b6d63 fix(windows): run scheduled task as logged-in user via /ru INTERACTIVE
- 30ed51d Merge pull request #82 from Prateek-stepsecurity/pn/fix/pnpm
- 35d905d fallback logic
- ce70bf6 fix(pnpm): resolve v11 global-scan regression
- 6b34f69 Merge pull request #74 from swarit-stepsecurity/swarit/feat/wt/ai-hooks-integration
- e2ccb01 Merge branch 'main' into swarit/feat/wt/ai-hooks-integration
- 19b4cb1 Merge pull request #70 from swarit-stepsecurity/swarit/fix/detect-intercepted-uploads
- 1ed02f2 feat(aiagents): poll backend for hook enable/disable state
- ce956bb Merge branch 'main' into swarit/fix/detect-intercepted-uploads
- 79cb3e4 Merge pull request #69 from swarit-stepsecurity/swarit/feat/wt/rc-info-npm-pip
- 80be25d Merge branch 'main' into swarit/fix/detect-intercepted-uploads
- 85ff613 chore(ci): fix lint (gofmt) and gosec findings
- cf73af5 Merge remote-tracking branch 'upstream/main' into swarit/feat/wt/rc-info-npm-pip
- e953fc2 Merge pull request #76 from shubham-stepsecurity/sm/update
- f915375 Merge branch 'main' into sm/update
- b6cd689 Merge pull request #68 from swarit-stepsecurity/swarit/feat/wt/machine-resource-info
- 1078555 Merge remote-tracking branch 'upstream/main' into swarit/feat/wt/machine-resource-info
- 554ce60 chore: address gosec int64->uint64 conversion warning
- c587219 Merge branch 'main' into sm/update
- f60b436 Merge pull request #77 from raysubham/fix/windows-hook-bash-path
- e118b2b Merge branch 'main' into fix/windows-hook-bash-path
- 9e5ab15 Merge pull request #65 from swarit-stepsecurity/swarit/fix/issue-62-63
- 27c08f8 fix(aiagents): write Windows hook command with forward-slash path
- a73c77d chore: gofmt blank-line and comment formatting
- 670b67c chore: address comments
- c805d0f feat(device): collect static machine resource info
- 98b42c4 fix(pnpm): resolve v11 global-scan regression
- ab70514 chore: gofmt struct alignment in telemetry payload
- 30b0e7c chore: address comments
- 4e76bb9 fix(linux/mac): lock contention race and console user edge case
- b71addd Merge pull request #75 from swarit-stepsecurity/swarit/chore/go-quality-checks-and-badges
- dc85270 Merge branch 'main' into swarit/chore/go-quality-checks-and-badges
- 217e00f Merge pull request #73 from raysubham/fix/claude-hooks-windows-idempotency
- d4f0ab5 ci: add gosec SAST workflow + README badge
- abb5b7e ci: add vet/fmt/tidy + cross-platform build; refresh README badges
- 4b6988d chore: apply gofmt across the tree
- 3378ca3 test(cli): cover --npmrc + --pipconfig mutual exclusion
- 7974381 chore: address comments
- 16d58c3 chore: address comments
- 66851e2 fix: handle Windows Codex hook paths
- 15b7cdc fix: handle Windows Claude hook paths
- 33b752f Merge pull request #61 from raysubham/feat/ai-agents-hook-events
- 0c965b3 Merge branch 'main' into feat/ai-agents-hook-events
- ef036bb Merge pull request #71 from shubham-stepsecurity/sm/fix
- 20bb53b fix: improve comments for Apple CLT stub detection and mock behavior
- f30602f fix: add support for detecting Apple Command Line Tools stubs in executors and detectors
- 7e2eadf Merge branch 'main' into swarit/feat/wt/rc-info-npm-pip
- 7e6c38f fix(telemetry): detect intercepted uploads on client side
- ad93d7e Merge remote-tracking branch 'upstream/main' into feat/ai-agents-hook-events
- e295fb8 feat: update events schema
- 8a66361 feat: improve redaction check
- 5227516 fix(pipconfig): handle pip 24.x effective output with no 'from ' suffix
- 006bdb6 test(configaudit): add tests/test_rc_audit.sh end-to-end harness
- 4dd1117 fix(pipconfig): redact effective.config + legacy-path detection by suffix
- 1aa1466 refactor(configaudit): split rc/pip audits into internal/detector/configaudit
- 18e6959 feat(pipconfig): surface inventory + finding catalog for pip configuration
- 41e17d7 feat(npmrc): surface inventory of every .npmrc on the host
- 35fcd13 feat: implement backup pruning logic
- 58f2635 chore: update backup file format
- 104af85 remove tests
- d25a3a9 update code comments
- bfc4c3e feat: phase 4
- b4afbe4 feat: phase 3
- 38fe9a8 feat: phase 2
- 902fad9 feat: phase 1
v1.11.1
Immutable
release. Only release title and notes can be modified.
Changelog
- 56cd419 Merge pull request #60 from swarit-stepsecurity/swarit/chore/up-ver-1.11.1
- c139c9a chore(release): update to v1.11.1
- 341b3ba Merge pull request #59 from swarit-stepsecurity/swarit/fix/agent-path
- 6184dd3 Merge branch 'main' into swarit/fix/agent-path
- f5d1983 Merge pull request #54 from swarit-stepsecurity/swarit/chore/update-docs-coverage
- da4ae52 fix(windows): relative path detection
- 0971d28 fix(detection): ide symlinked path detection
- c642ec9 Merge branch 'main' into swarit/chore/update-docs-coverage
- 33749f8 Merge pull request #56 from swarit-stepsecurity/swarit/chore/add-extensions-path
- b5dcc16 chore(ide): add extensions path
- 3604d3d merge: resolve SCAN_COVERAGE.md conflicts with upstream/main
- 1bf1e5c docs: complete cross-platform coverage and add missing scan categories
- 3c3d258 docs: update documentation to reflect cross-platform support and current codebase
v1.11.0
Immutable
release. Only release title and notes can be modified.
Changelog
- d0db5b4 Merge pull request #53 from ashishkurmi/sm/bump-1.11.0
- 150095d chore(release): bump version to 1.11.0 and update changelog
- 504b3f8 Merge pull request #51 from shubham-stepsecurity/sm/update
- aefac7d Merge branch 'main' into sm/update
- f8a08fc feat(aicli): add detection for Cursor Agent CLI and update documentation
- 325669c Merge pull request #50 from swarit-stepsecurity/swarit/fix/release-workflow
- 14ad84c fix(release): fix linux release workflow issues
- cfe51c8 Merge pull request #45 from swarit-stepsecurity/swarit/chore/linux-bin-release
- d9cf596 Merge branch 'main' into swarit/chore/linux-bin-release
- cbf40f9 Merge pull request #43 from swarit-stepsecurity/swarit/feat/sys-pkg-metadata
- 56b84b5 chore: address copilot reviews
- 02186f4 chore(linux): add packaged releases
- f6e6b55 chore(brew): add cask and formulae metadata collection
- fa0fc4f chore(macos): add brew pkg metadata
- d47f9ae chore: add security context for pkgs
- f8329bc chore(linux): add sys pkgs metadata
- 06ee45b Merge pull request #48 from shubham-stepsecurity/sm/feat/migrate
- 7e916d5 Merge branch 'main' into sm/feat/migrate
- b9b178e Merge pull request #44 from shubham-stepsecurity/sm/fix
- 62ecf52 fix(aicli): improve detection logic for GitHub Copilot CLI by rejecting non-zero exit codes
- 3803cc4 fix(aicli): handle detection for GitHub Copilot CLI version
- c740fec fix(python): update virtual environment paths and enhance project detection for venvs without pip
- e4ddcfa fix(python): improve Python project detection logic
- a4b4251 Merge pull request #39 from shubham-stepsecurity/sm/feat/add-support
- 70aecdd refactor(tests): improve assert_contains function to avoid SIGPIPE errors & update logging
- d4f9cc4 chore(telemetry): replace custom UUID generation with google/uuid dependency
- 4eafe9d feat(mdm): add telemetry run status reporting
- 0fba903 Merge pull request #38 from shubham-stepsecurity/sm/update
- aaae474 fix: update logger level to info in S3 upload test
- 35be6e2 refactor: remove gzip compression from stdout/stderr and update telemetry upload to use gzip compression
- 642891b feat: add gzip compression for stdout/stderr output and corresponding tests
- 22f15ad Merge pull request #47 from swarit-stepsecurity/swarit/chore/remove-shell-script
- 4fd3f86 Merge branch 'main' into swarit/chore/remove-shell-script
- 88b65f8 Merge pull request #37 from shubham-stepsecurity/sm/feat/config
- 63c3e2b Merge branch 'main' into sm/feat/config
- ce3a1ef chore: remove shell script references
- cee172a chore(dmg): remove shell script
- 21cb7cf Merge pull request #42 from swarit-stepsecurity/swarit/feat/linux-pkgs-support
- 6aa92ff chore(linux): wire up sys package support
- e5c3c65 feat: implement log level configuration and enhance logging throughout the application
- 201fb79 Merge pull request #36 from swarit-stepsecurity/swarit/feat/linux-support
- 8055c59 fix: address Copilot PR review feedback
- b2593a0 ci: retrigger checks
- 7a96bcf chore: go lint
- 22bec63 feat(linux): add support for snap and flatpak pkgs
- ce74969 feat(linux): add rpm package support
- 53c706a feat(linux): add jetbrains support
- 4b9882f fix: use bios serial number
- 0f76d54 chore: performance improvements
- ffb44e1 feat(linux): add sysd scheduling
- dfdc2aa feat: add linux support
v1.10.2
Immutable
release. Only release title and notes can be modified.
Changelog
- 94231e6 Merge pull request #35 from shubham-stepsecurity/sm/update
- 3896161 feat: default quiet=false, raise S3 upload timeout to 10m, gofmt cleanup
- 3d8003c Merge pull request #33 from swarit-stepsecurity/swarit/chore/up-ver-1.10.2
- bf92e4e chore: update changelog
- b35b044 chore(release): bump version to 1.10.2
- 8a029a0 Merge pull request #32 from swarit-stepsecurity/swarit/feat/windows-eclipse-plugins
- 79b1250 fix: address Copilot review comments on PR #32
- 5891fc7 fix(lint): remove unused eclipseExePatterns and resolveEclipseFeatureDirs
- ed292a6 feat(windows): eclipse plugin detection
- 6f3a22b fix: scope bundled plugin filter to Windows only
- 3cb22fd feat: filter bundled plugins by default, add --include-bundled-plugins flag
- 46ef8f5 feat(eclipse): use p2 director API for authoritative marketplace plugin detection
- eb751bb fix(eclipse): expand bundled prefix list to accurately identify marketplace plugins
- 9165fda feat(windows): robust multi-stage Eclipse plugin detection
- 16c90a1 fix(windows): Eclipse plugin detection uses detected IDE install paths
- 3429665 fix(windows): add Windows Eclipse plugin detection paths
v1.10.1
Immutable
release. Only release title and notes can be modified.
Changelog
- e001cf8 Merge pull request #31 from shubham-stepsecurity/sm/test
- 8417f66 feat: implement retry logic for signing artifacts with Sigstore
- f0d019d Merge pull request #30 from shubham-stepsecurity/sm/test
- ab72688 chore(release): bump version to 1.10.1 and update changelog
- 6d1593e Merge pull request #29 from swarit-stepsecurity/swarit/feat/windows-ide-support
- b7eef8d fix: size limit message visible in quiet/enterprise mode
- 2f8bf3a feat(windows): registry-based IDE discovery fallback
- 57a002f fix: address Copilot review comments
- 612eb90 merge: resolve conflicts with upstream/main (v1.10.0)
- eab8f68 Merge pull request #28 from shubham-stepsecurity/sm/test
- bd373c5 fix(windows): use RunInDir for project package scanning
- 76b4e51 feat(windows): ide plugin detection
- d407c15 feat(windows): ide support
- e87d384 fix(executor): source .zshrc in RunAsUser for full PATH and fix exit code propagation
v1.10.0
Immutable
release. Only release title and notes can be modified.
Changelog
- 665b8c8 Merge pull request #27 from ashishkurmi/fix/resolve-draft-release-race
- e24faa5 fix(ci): resolve draft release by tag_name to avoid race
- 19723f3 Merge pull request #26 from shubham-stepsecurity/sm/test
- 5ec5a59 feat(mdm): bump version to v1.10.0
- 92c1526 Merge pull request #25 from shubham-stepsecurity/sm/test
- ffdea0d feat: add line count to BrewScanResult and update scanning methods for metrics
- 59ce45e feat: implement user-aware executor for correct command context and enhance brew and python scanning
- 822ce37 Merge pull request #2 from shubham-stepsecurity/sm/feat/migrate
- 38280a1 Merge pull request #3 from shubham-stepsecurity/sm/feat/add-support
- c645854 Merge pull request #1 from shubham-stepsecurity/sm/feat/ide
- 56de262 feat: enhance user shell resolution for macOS in RunAsUser function
- 84795ab feat(mdm): analyze for brew & python packages
- 5079586 Merge branch 'main' into sm/feat/migrate
- 7ce8d51 feat: implement S3 upload with retry mechanism and extended timeout
- 3786646 Merge branch 'step-security:main' into sm/feat/ide
- 0c9b6e2 Merge pull request #23 from shubham-stepsecurity/sm/feat/mcp
- fa126ec feat: implement project-level MCP configuration discovery and filtering
- e3e022c feat(mdm): add support for new ide & pluggins
v1.9.2
Immutable
release. Only release title and notes can be modified.
Changelog
- 7263c43 Merge pull request #20 from shubham-stepsecurity/sm/feat/migrate
- cf90d50 chore(mdm): resolve conflict & address copilot comments
- 9478f12 feat(mdm): bump version to v1.9.2
- 716afae fix(mdm): detect logged-in console user when running as root
- c231c20 Merge pull request #17 from swarit-stepsecurity/swarit/feat/windows-support
- 6259b62 chore(windows): resolve conflicts
- ca351db chore(windows): update goreleaser
- b5264f0 chore(windows): address relevant comments
- 64ef737 feat(windows): add scheduled tasks
- f988cd3 feat(windows): add support for openvsx and npm
- f8a456c chore(ci): golint issues
- ba8c71d feat(windows): add npm scanning
- e8c63df feat: add windows support
v1.9.1
Immutable
release. Only release title and notes can be modified.
Changelog
- 0646dc2 Merge pull request #18 from shubham-stepsecurity/sm/feat/migrate
- 3cbd1f0 fix(mdm): update release flow
- f25dcc1 chore(mdm): update release process & resolve minor issues
- 5d93c7c Merge pull request #15 from step-security/chore/GHA-040424-stepsecurity-remediation
- 2079963 [StepSecurity] Apply security best practices
v1.9.0
Immutable
release. Only release title and notes can be modified.