Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release CSEC Java Agent Version 1.3.0 #252

Merged
merged 186 commits into from
May 17, 2024
Merged

Release CSEC Java Agent Version 1.3.0 #252

merged 186 commits into from
May 17, 2024

Conversation

lovesh-ap
Copy link
Contributor

@lovesh-ap lovesh-ap commented May 16, 2024
edited by jira bot
Loading

Changes

  • PR-186 Feature to detect API Endpoint of the Application NR-222163
  • PR-132 JCache Support : The security agent now also supports jCache 1.0.0 and above NR-175383
  • PR-193 Spray HTTP Server Support : The security agent now also supports Spray HTTP Server version 1.3.1 and above (with scala 2.11 and above) NR-230246, NR-230248
  • PR-195 Spray Can Server Support : The security agent now also supports Spray Can Server version 1.3.1 and above (with scala 2.11 and above) NR-230246, NR-230248
  • PR-194 Spray Client Support : The security agent now also supports Spray Client version 1.3.1 and above (with scala 2.11 and above) NR-230243, NR-230245
  • PR-202 Netty Server support : The security agent now also supports Netty Server version 4.0.0.Final and above. NR-234864
  • PR-220 Netty Reactor Server support : The security agent now also supports Netty Reactor Server version 0.7.0.RELEASE and above. NR-249812
  • PR-239 Spring WebClient Support : The security agent now also supports Spring WebClient version 5.0.0.RELEASE and above. NR-258894, NR-258895
  • PR-219 Enable functionality to scan NewRelic applications using security.is_home_app config, default value is false
  • Resin Support : The security agent now also supports resin server NR-171577
  • Anorm Support : The security agent now also supports Anorm Datastore version 2.0 to 2.5 NR-171575

Fixes

  • PR-202 Extract Server Configuration to resolve IAST localhost connection with application for Netty server. NR-238324
  • PR-237 Fix for Correct User Class Detection in Sun-Net-HttpServer NR-254564
  • PR-243 Improvement in fallback mechanism for NR_CSEC_HOME NR-260723
  • PR-248 Fix for Regression in File Integrity Event Generation NR-267172
  • PR-249, PR-244 Improvements in IAST Replay NR-267169, NR-265208
  • PR-235 Fix for NullPointerException observed in JDBC-GENERIC NR-232657
  • PR-226 Fix for NoClassDefFoundError observed in JAVAX-JNDI Instrumentation NR-254566
  • PR-225 Fix for FileAlreadyExistException observed in IAST Replay NR-254565
  • PR-222 Exclude Milestone Release for Jax-RS, due to release of version 4.0.0-M2 on 9th March 2024 NR-256459
  • PR-232 Exclude Latest Release version 12.7.0 for mssql-jdbc released on 08th April 2024 NR-256461
  • PR-247 Exclude Latest Release version 1.7.14 for Rhino-JS-Engine released on 29th April 2024 NR-265206
  • PR-219 Fixed an issue where lambda functions were causing class circularity errors NR-239192
  • PR-219 Resolved a problem where multiple RXSS events were being generated unnecessarily, optimizing the system to only produce a single event as intended.

IshikaDawda and others added 30 commits January 4, 2024 15:41
@IshikaDawda
API-Endpoint support for sun-net-httpserver
25aebee
@IshikaDawda
added API-Endpoint unit tests for sun-net-httpserver
f886876
@IshikaDawda
added play framework API endpoint support
f28fbe8
@IshikaDawda
API endpoint support for CXF Jax-rs
491513e
@IshikaDawda
UTs for API endpoint support for CXF Jax-RS
1b9f53e
@IshikaDawda
enabled posting data to SE
9a624ef
@IshikaDawda
enabled API endpoint support
5b575c4
@IshikaDawda
Unit Tests for API endpoint support for play-2.6
746b63b
@IshikaDawda
Unit Tests for API endpoint support for play-2.13_2.7
6c0d9aa
@IshikaDawda
API endpoint support for jetty server
c9c7669
@IshikaDawda
Unit tests for jetty server API endpoint support
02b623f
@lovesh-ap
Spray Http incoming request interception
2f99ae6
@lovesh-ap
Spray Http request body interception &
15b91fb 
request header extraction
@lovesh-ap
Spray Http response body interception &
2b276ae 
rxss event generation
@IshikaDawda
Spray Http request header extraction
c51f67a
@lovesh-ap
Fix incorrect protocol
d25b90b
@IshikaDawda
add protocol from incoming request uri
e93efbe
@lovesh-ap
set tracing header into meta deta
da892ab
@IshikaDawda
updated locking attribute for spray response
f6795a8
@IshikaDawda
Added Logging message constants
4a07678
@IshikaDawda
code cleanup
0fb2089
@IshikaDawda
updated comment
e662a44
@lovesh-ap
Extract server port info for spray can
6d99381
@IshikaDawda
unit tests for spray-http support
af84562
@IshikaDawda
added applicationUUID to ApplicationURLMappings Json
da213dd
@lovesh-ap
Spray server request instrumentation
b3ca3a5
@IshikaDawda
Spray-Can response body interception &
a898d4b 
rxss event generation
@IshikaDawda
add critical logging for spray-can instrumentation
a4562e9
@IshikaDawda
removed Weaver callOriginal() from constructor
f47cd69
@IshikaDawda
Fix for NR-232224
a401e55 
Provided fix for API endpoint not detected, when http-method is empty
lovesh-ap and others added 20 commits May 14, 2024 09:58
@lovesh-ap
Merge branch 'develop' into NR-223811-websphere-8
54ea9f5
@lovesh-ap
Merge pull request #198 from newrelic/NR-223811-websphere-8
3de6420 
NR-223811 Extract server port from websphere applications
@lovesh-ap
Merge pull request #217 from newrelic/enhancments/revamp-234880
a8927a2 
Revamp user class detection technique, use server level endpoints
@lovesh-ap
Remove exception log on std err
4b4440b
@lovesh-ap
Merge pull request #243 from newrelic/Improvement/nr-csec-home-260723
97810b3 
Fallback mechanism for NR_CSEC_HOME
@lovesh-ap
Merge pull request #249 from newrelic/Improvement/NR-265527/refine-re…
edb3af7 
…play

Refine fuzzing endpoints before IAST Replay
@IshikaDawda
CSEC version bump to 2.0.0
769b1f2
@IshikaDawda
Merge pull request #248 from newrelic/fix/FILE_INTEGRITY/NR-265194
39608c4 
Fix Regression in File Integrity Event Generation
@IshikaDawda
Updated Changelogs, README for Release 2.0.0
3c85521
@IshikaDawda
Merge branch 'refs/heads/develop' into release/v2.0.0
754e369 
# Conflicts:
#	gradle.properties
#	newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestClient.java
@lovesh-ap
Schema update for ServerConnectionConfiguration
8d9b480 
Use head request only to identify connection to endpoint once per configuration
@lovesh-ap
Change release version to 1.3.0, following https://semver.org/#semant…
4687827 
…ic-versioning-200
@lovesh-ap
add NR_CSEC_JAVA_HEAD_REQUEST to security metadata
8b26550
@lovesh-ap
Merge pull request #250 from newrelic/fix/replay-refine
c8c87cc 
Fix NR-268741 :  IAST scanning taking forever due to HEAD request firing
@IshikaDawda
Fix for NPE occurring in AgentMetaData
75fdc95
@lovesh-ap
Fixed the null entry in case of HEAD request in endpoints list
e1c004c
@IshikaDawda
disabled spymemcache support
308ff71
@IshikaDawda
Support for instrumentation of setObject method in prepared statement
c94da8f
@IshikaDawda
Merge pull request #251 from newrelic/fix/NPE-NR-262449
9061edd 
[NR-262449] Fix for NPE occurring in AgentMetaData and PreparedStatement
@lovesh-ap
Update changelog and add the release date
15b507a
@lovesh-ap lovesh-ap self-assigned this May 16, 2024
@lovesh-ap lovesh-ap merged commit 132cf79 into main May 17, 2024
6 checks passed
@IshikaDawda IshikaDawda deleted the release/v1.3.0 branch September 26, 2024 09:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@IshikaDawda IshikaDawda IshikaDawda approved these changes

Assignees

@lovesh-ap lovesh-ap

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lovesh-ap @IshikaDawda @monu-k2io