This repository has been archived by the owner on Nov 1, 2023. It is now read-only.
Releases: microsoft/onefuzz
Releases · microsoft/onefuzz
8.9.0
8.9.0
Breaking change for SDK container automation ⚠
In this release we've published an update to the OneFuzz CLI SDK that could break automation.
We've added support for container retention periods and doing so required we add a new ContainerTemplate
object to the SDK.
If you're defining or managing OneFuzz containers using the OneFuzz SDK library please be aware that JobHelper.containers
objects were changed structurally from Dict[ContainerType, Container]
to Dict[ContainerType, ContainerTemplate]
.
Added
- Agent: Added fuzz tests for coverage recording #3322
- Agent: Added version checking in local tasks #3517
- Agent: Create directories from template specification in local task if they don't exist #3522
- CLI: Added a new command for template creation in the local task
onefuzz-task local create-template
#3531 - CLI/Deployment/Service: Support for retention policies on containers #3501
- Service: Add onefuzz service version to job created events #3504
- Service: Added a start time to job and task records #3440
Changed
- Agent: Improved handling of unexpected breakpoints #3493
- Agent: Updated windows interceptor list #3528, #3549
- Agent: Reporting coverage on task start up, ensuring
coverage_data
is emitted at the beginning of every task instead of whennew_coverage
is identified #3502 - CLI/Deployment: Updating onefuzz cli requirements.txt to accept
>= onefuzztypes
versions #3477, #3486 - Service: Improve area/iteration path validation in notifications #3489
- Service: Remove feature flag from heartbeat metrics #3505
Fixed
- Agent: Terminate process on timeout in Windows agents for the coverage task #3529
- Agent/Service: Bumped several C#, Python, and Rust dependencies #3425, #3424, #3411, #3437, #3436, #3435, #3478, #3484, #3414, #3474, #3434, #3488, #3503, #3520, #3521
- Agent: Fixed dependencies in
onefuzz-task
#3552 - Service: Removed unnecessary method argument in notifications processing #3473
- Service: Ignore regression work item updates when the work item is in some states #3532
8.8.0
8.8.0
Added
- Agent: Added Mariner Linux support for agent VMs #3306
- Service: Added support for custom ado fields that mark work items as duplicate #3467
- Service: Permanently store OneFuzz job result data - # crashing input, # regression crashing input, etc. - in Azure storage #3380, #3439
- Service: Added validation for Iteration/AreaPath on notifications when a job is submitted with a notification config and for
onefuzz debug notification test_template
#3386
Changed
- Agent: Updated libfuzzer-fuzz basic template to include required args and make it match cli #3429
- Agent: Downgraded some debug logs from warn to debug #3450
- CLI: Removed CLI commands from the local fuzzing tasks as they can now be described via yaml template #3428
- Service: AutoScale table entries are now deleted on VMSS shutdown #3455
Fixed
8.7.1
8.7.0
8.7.0
Added
- Agent: Added a snapshot-based test to coverage implementation #3368
- Agent/CLI/Service: Added ability to capture crash dumps from libfuzzer, when provided #2793 #3409
- CLI/Service: Implemented
--with_tasks
option foronefuzz jobs get
command to expand the task information #3343
Changed
- Agent: Migrated all the task types to the template model #3397
- Agent: Removed
srcview
code from OneFuzz since it is not currently utilized #3376 - Agent: Updated default windows VM image to windows 11 #3374
- Agent: Migrated
winapi
towindows-rs
, the newer Microsoft supported version of the Windows API bindings for Rust #3050 - Deployment: Updated the default deployment option for
EnableWorkItemCreation
feature flag to be enabled #3387
Fixed
- Agent: Deserialize the coverage files directly into the output files #3410
- Agent/Deployment/Service: Bumped several C#, Python, and Rust dependencies as well as the Rust edition across all Rust crates #3396, #3161, #3346, #3391, #2870, #3392, #3402
- Agent: Fixed a bug in agent
DirectoryMonitor
by adding error tolerance when attempting to fetch metadata forCreateKind::Any
orCreateKind::Other
events #3393 - Service: Fixed tag shadowing in logging by giving precedence to the tags produced by log messages over the tags added prior to the call, when the tag names clashed #3388
8.6.3
8.6.2
8.6.1
8.6.0
8.6.0
Added
- Agent: Implemented
debuginfo
caching #3280
Changed
- Agent: Limit azcopy copy buffer to 512MB of RAM as the default maximum #3293
- Agent: Define local fuzzing tasks relationships through new templating model #3117
- Deployment: Replaced
--upgrade
flag with--skip_aad_setup
flag in the deploy.py setup script #3345 - Service: Make
ServiceConfiguration
eagerly evaluated #3136 - Service: Improved
TimerRetention
performance through several UPN changes & fixes #3289
Fixed
- Agent: Fixed resolution of sibling .NET DLLs #3325
- Agent/Service: Bumped several C# and Rust dependencies #3319, #3320, #3317, #3297, #3301, #3291, #3195, #3328
- CLI: Look for azcopy.exe in environment variable
AZCOPY
and determine if it's actually referencing a directory #3344 - CLI: Updated
repro get_files
to handle regression reports #3340 - CLI: Fixed missing
target_timeout
setting in the Libfuzzer basic template #3334 - CLI: Fixed false 'missing' dependency warning #3331
- CLI: Fixed the
debug notification test_template
command expecting atask_id
#3308 - Deployment: Update App Registration redirect URIs if deployment uses a custom domain #3341
- Service: Fixed links in bugs filed from regression reports by populating
InputBlob
when possible #3342 - Service: Fixed several storage issues to improve platform performance and reduce spurious
404
s #3313 - Service: Added extra logging when
System.Title
is too long #3332 - Service: Render
System.Title
before trying to trim it to the max allowed size #3329 - Service: Differentiate
INVALID_JOB
andINVALID_TASK
error codes #3318
8.5.0
8.5.0
Added
- Agent: Added tool to check source allowlists #3246
- Agent: Precache
debuginfo
analysis for target exe in coverage example #3225 - Agent/CLI/Service: Allow tasks environment variables to be set #3294
- CLI/Service: Correlate cli to service to facilitate event lookups in AppInsights #3137
- CLI: Added
--target_timeout
flag for qemu_user template command #3277 - Documentation: Updated Threat Model #3215
- Service: Added optional
Unless
condition when updating/re-opening Work Items #3227 - Service: Include the task ID in the prerequisite task failure message #3219
- Service: Added events retention policy passed-integration-tests #3186
Changed
- Agent: Shrink published Rust debug info #3247, #3252
- Agent: Get rid of yanked hermit-abi versions #3270
- Documentation: Updated coverage docs to use correct quotes #3279
- Service: Better errors from Download: Make
GetFileSasUrl
nullable #3229 - Service: Changed template rendering from async to synchronous #3241
- Service: Log webhook exception as an "error" since we are retrying anyways #3238
- Service: Make
WebhookMessageEventGrid
compatible with the event grid format #3286
Fixed
- Agent: Improved .dll redirection by setting up .local file before invoking LibFuzzer #3269
- Agent/Service: Bumped several C#, Rust dependencies, and Rust version to 1.71 #3278, #3281, #3221, #3230, #3231, #3203, #3240, #3239, #3199, #3254, #3257, #3273, #3258, #3271, #3292
- CLI/Service: Fixed regression bugs, file bugs on
regression_report
and properly reset state on duplicates #3263 - Service: Improve Azure DevOps validation problem reporting and resiliency #3222
- Service: Updated KeyVault access policy for Azure WebSites service account access #3109
- Service: Switched to default
HttpCompletion
, which isResponseRead
to attempt to prevent webhooks occasionally failing to send #3259 - Service: Fixed
Timestamp
response from API #3237 - Service: Trim
System.Title
if length is longer than 128 characters #3284
8.4.0
8.4.0
Added
- Agent: Include debug info in the release binaries to improve backtraces and debuggability #3194
- Agent: Added a timeout when closing the app insight channels #3181
- Agent: Require input marker in arguments when given an input corpus directory #3205
- Agent/CLI/Service: Added
extra_output
container, renameextra
container #3064 - Agent: Creating
CustomMetrics
for RustCustomEvents
#3188 - Agent: Added prereqs for implementing caching for coverage locations and debuginfo in
coverage
task #3218 - CLI: Added command
onefuzz repro get_files
for downloading files to locally reproduce a crash #3160 - CLI: Added command
onefuzz debug notification test_template <template> [--task_id <task_id>] [--report <report>]
to allow a report to be sent when debugging #3206 - Documentation: Added documentation on how to use the validation tools #3212
Changed
- Agent: Removed agent traces from AppInsights #3143
- Agent: Include debug info in the release binaries to improve backtraces and debuggability #3194
- Agent: Make coverage-recording errors non-fatal #3166
- Deployment/Service: Enable custom metrics app config value #3190
- Documentation: Renamed example
coverage.rs
torecord.rs
to match documentation #3204 - Service: Moved authentication into middleware #3133
- Service: Store authentication information in KeyVault #3127, #3223
- Service: Port current logging implementation to ILogger #3173
- Service: Added improved error reporting from scale-in protection modification #3184
- Service: Downgraded queue error to warning when retrying because the message is too large #3224
Fixed
- Agent: Skip entire function if entry offset excluded #3172
- Agent: Try to kill debuggee if Linux recording times out #3177
- Agent: Apply allowlist to source conversion in coverage task #3208
- Service: Bumped C# and Rust dependencies #3200, #3165, #3168, #3153, #3169, #3185, #3191, #3163, #3209, #3146, #3198