Releases: desbma/shh
Releases · desbma/shh
v2025.11.3
Changelog
v2025.11.3
💡 Features
- Use 'systemctl cat' to get unit config (2ed0c51 by desbma)
🐛 Bug fixes
- Type=oneshot units triggering strace named pipe collision (41bdaea by desbma)
- Fstat on unknown fd (f3c935e by desbma)
- CapabilityBoundingSet requires unprivileged_userns_clone for user instance (56380e8 by desbma)
- Fix possible panic when updating some effects (182a17a by desbma)
- MemoryDenyWriteExecute=true not compatible with mprotect adding exec bit (48fc222 by desbma)
🚜 Refactor
- Make use of anyhow::ensure (b9ca66e by desbma)
🧰 Miscellaneous tasks
- Add todo lint (ac17c5c by desbma)
- Remove redundant test prefixes (0a77b41 by desbma)
- Fix lint for Rust 1.91 (d4543de by desbma)
v2025.10.22
v2025.9.22
Changelog
v2025.9.22
💡 Features
- Add EWOULDBLOCK to "maybe successful" errnos (238b20b by desbma)
- Generic hardening mode (closes #15) (455336f by desbma)
- Initial CAP_KILL support (d2edd5b by desbma)
- CAP_IPC_LOCK support (343edb7 by desbma)
- Refresh existing hardening fragment (b991c28 by desbma)
- Initialize current working directory (d2cd3ce by desbma)
🐛 Bug fixes
- Minor comment typo (a6f5281 by desbma)
- Bit shift parsing error (b004891 by desbma)
- Msrv (2b6411c by desbma)
- Path resolution for special files (fe5f2e5 by desbma)
🏃 Performance
- Avoid sorting syscall names if we don't show them (4626c67 by desbma)
🧪 Testing
- Use snapshot testing for verbose unit tests (f737f55 by desbma)
🚜 Refactor
- Sort enum members (76f756d by desbma)
🤖 Continuous integration
- Add cargo audit workflow (3620abe by desbma)
🧰 Miscellaneous tasks
v2025.7.13
Changelog
v2025.7.13
💡 Features
- Try to use RUNTIME_DIRECTORY first for strace pipe location (8f3ce35 by desbma)
- Consider errored syscalls to catch cases like EINPROGRESS (3e8e4ad by desbma)
- Identify more successful sycalls returning -1 (1d971d4 by desbma)
📗 Documentation
- README: Mention nixpkgs repo (53f37ce by kuflierl)
🧰 Miscellaneous tasks
- Ignore verbose clippy lints (2e96cb3 by desbma)
- Update .gitignore (e741484 by desbma)
- Update dependencies (5a398fa by desbma)
- Update clippy template (ee68b02 by desbma)
v2025.6.5
v2025.6.4
Changelog
v2025.6.4
💡 Features
- Static strace path support at compile time (da62cee by kuflierl)
- Add support for shell auto-complete generation with clap_complete (74914dc by kuflierl)
- Initial experimental support for systemd user instances (8114943 by desbma)
- Improve timeout logic when waiting for profiling result (2b0e5ec by desbma)
- strace: Parse mac addresses (8da117a by desbma)
- strace: Handle in/out struct members (40354fa by desbma)
- strace: Array index substraction & comments (b66f934 by desbma)
- strace: Output macro expressions (b7b2d8b by desbma)
- Remove duplicate options (eb1b51b by desbma)
- strace: More debugging macros (cec9289 by desbma)
- Support jujutsu in release script (00a5f8e by desbma)
🐛 Bug fixes
- Use journalctl cursors and a retry loop to fix unreliability/fuzzyness (c91a967 by desbma)
- Improve journald cursor handling logic (ce02c5c by desbma)
- Only set NotifyAccess=all in profiling fragment for notify services (815d0cb by desbma)
🏃 Performance
- Box some large enum members (57c91bb by desbma)
🧪 Testing
- Update for user instance (06dacaf by desbma)
🚜 Refactor
- Man page generation command (849b9a6 by desbma)
- strace: Macro as integer expression (9bb8c28 by desbma)
- NamedConst -> NamedSymbol (4dcebed by desbma)
- strace: Remove unused buffer format handling (ad8866a by desbma)
🧰 Miscellaneous tasks
- Fix rust 1.87 clipp::unnecessary_debug_formatting spam (3ce85c4 by desbma)
v2025.4.12
Changelog
v2025.4.12
💡 Features
- Model disabled mount propagation to host (70637d4 by desbma)
- Support PrivateMounts systemd option (ca293da by desbma)
🐛 Bug fixes
- Handle namespace pseudo files (6f75bd9 by desbma)
🧪 Testing
- Add netns systemd-run test (7162280 by desbma)
- options: Remove checks of options that vary too much between environments (1f18b17 by desbma)
🏗 Build
- Generate systemd syscall classes at build time from systemd-analyze output (c52a860 by desbma)
🧰 Miscellaneous tasks
v2025.3.13
v2025.3.12
Changelog
v2025.3.12
💡 Features
- ProcSubset systemd option (365f76d by desbma)
🐛 Bug fixes
- Non leaf symlinks not being canonicalized (6e90c41 by desbma)
📗 Documentation
- README: Update shh run example output (7ba62e3 by desbma)
- README: Split crates.io installation instructions + minor tweaks (7312ae4 by desbma)
- FAQ: Minor typo fix (9176a6d by desbma)
🧪 Testing
- Add ProcSubset integration test (4ca7a12 by desbma)
🚜 Refactor
- Rename 'cl' integration tests to 'options' (b7e6478 by desbma)
v2025.2.7
Changelog
v2025.2.7
💡 Features
- Track IPv4 addresses (b4dc2c1 by desbma)
- IpAddressDeny (WIP) (8df9a0c by desbma)
- Improve network activity coverage (d8aa8b5 by desbma)
- Dynamic IpAddressAllow (4928a4c by desbma)
- Reorder options (2f94302 by desbma)
- Greatly simplify SocketBindDeny handling (25c9bf7 by desbma)
- IPv6 support for IPAddressAllow (9dc0376 by desbma)
- Make service reset block (d95f533 by desbma)
- Add option to edit fragment before applying it (a83c7ab by desbma)
📗 Documentation
- FAQ: Fix typos + mention --merge-paths-threshold option (9fc6412 by desbma)
🧪 Testing
🚜 Refactor
- Mark unreachable code paths as such (827e88c by desbma)
- Remove now unneeded CountableSetSpecifier (975a9af by desbma)
- Update panic macro usage (4cc7328 by desbma)