Skip to content

3.4.0#1271

Merged
regulartim merged 22 commits intomainfrom
develop
Apr 22, 2026
Merged

3.4.0#1271
regulartim merged 22 commits intomainfrom
develop

Conversation

@regulartim
Copy link
Copy Markdown
Member

@regulartim regulartim commented Apr 22, 2026
edited
Loading

Checklist for creating a new release

  • Change version number in pyproject.toml and run uv lock
  • Verify CI Tests
  • Verify that the PR is named with a correct version number like x.x.x
  • Merge the PR to the main branch. The release will be done automatically by the CI

Note: Only use "Merge and commit" as the merge strategy and not "Squash and merge". Using "Squash and merge" makes history between branches misaligned.

rootp1 and others added 20 commits April 16, 2026 17:41
@rootp1
Adding Trending attackers feed. Progresses #1071 (#1103)
79f9399 
* implemented

* new

* copilot changes

* thorugh frontend for /trending

* formatting error

* FeedsThrottle

* copilot changes

* qualified format check

* different trending scope for throttle

* indentation

* adding new tests plus env boundaries

* migration  name fix

* migration name change

* remove frontend from pr

* model mismatch

* removing the block from pieline

* refactored validation from settings

* utils delocate

* duplicate test leftovers

* BucketRepo + SnapshotRepo style

* feed throttling for trending

* response Caching, no snapshots

* snapshots cleanup

* snapshot removed from models

* batch size of upsert changed to 10k(optimization)

* removing api files out of the pr

* validation updated

* task scheduled for cleanup of activity bucket

* excluding invalid ips in trending

* imprvements in trending cronjob

* review 2

* later fix, (keeping pr scope maintained)

* ruff formatted
@opbot-xd
feat: add ?reason=param to feeds_share and token list endpoint. Closes
ac37b63 
…#1224 (#1239)

* feat: add ?reason= param to feeds_share and token list endpoint

- Accept optional ?reason= query parameter on GET /api/feeds/share.
  The value is persisted in ShareToken.reason (truncated to 256 chars).
  Existing tokens are not overwritten (get_or_create semantics).

- Add GET /api/feeds/tokens/ (authenticated) — returns only the calling
  user's tokens with safe metadata: hash_prefix (12 hex chars), reason,
  created_at, revoked, revoked_at. The raw token is never exposed.

- Add comprehensive tests covering both features (13 test cases).

Closes #1224

* fix: ensure idempotent feed token generation and improve logging and query efficiency in share views
@regulartim
Fix bucket update logic. Closes #1246 (#1247)
a60c452 
* convert hit to dict in _bucket_key_from_hit and use correct type hint

* adapt tests
@chauhan-varun
Standardize country statistics using ISO codes. Closes #1181 (#1197)
c072541 
* feat: add ISO country code mapping utility and update statistics API to include country codes

* fix: make ISO code lookup case-insensitive in getStandardMapName and update test expectations

* feat: add Antarctica, N. Cyprus, Somaliland, and Kosovo to ISO mapping and tests

* test: update test data structures to include country codes and expected interaction fields

* refactor: reformat migration files for consistent style and readability

* test: add expected_interactions parameter to mock data in tests/__init__.py

* test: update country code filter test values to IT and FR

* refactor: replace custom country name normalization with ISO-3166-1 alpha-2 numeric lookups for map rendering and store aggregation
@Vipeen-Kumar
Fix include_similar returning invalid sessions (duration <= 0) and ad… (
2bfbbed 
#1209)

* Fix include_similar returning invalid sessions (duration <= 0) and add regression test

* Fix queryset union issue causing CI failure

* Format files with Ruff

* Keep only duration filter in related sessions
@manik3160
feat: harden Django security settings for HTTPS deployments. Closes #…
c2203be 
…1056 (#1244)

* add security hardening settings to settings.py

* add tests for security settings

* test: verify cookie security matches environment

* fix trailing whitespace in test file
@dependabot
build(deps): bump axios from 1.15.0 to 1.15.2 in /frontend (#1265)
4bb7a0c 
Bumps [axios](https://github.com/axios/axios) from 1.15.0 to 1.15.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.15.0...v1.15.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps-dev): bump ruff from 0.15.10 to 0.15.11 (#1267)
765d215 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.10 to 0.15.11.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.10...0.15.11)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump datasketch from 1.9.0 to 1.10.0 (#1268)
d76a174 
Bumps [datasketch](https://github.com/ekzhu/datasketch) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/ekzhu/datasketch/releases)
- [Commits](ekzhu/datasketch@v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: datasketch
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@rahulgunwanistudy-2005 @rahul-software-dev
feat: expose IoC-Sensor relationship in authenticated API responses. C…
81511be 
…loses #781 (#1188)

* feat: expose IoC-Sensor relationship in authenticated API responses. Closes #781

* apply ruff formatting and fix inline import

* fix: move Sensor import to top of test_enrichment_view.py

---------

Co-authored-by: rahul-software-dev <24f3003169@ds.study.iitm.ac.in>
@chauhan-varun
fix: Optimize Map Rendering Performance. Closes #1249 (#1259)
d63ebd0 
* refactor: extract MapPaths component and memoize country color calculations in AttackOriginMap

* refactor: add displayName and fix indentation formatting in MapPaths component
@regulartim
Bump 3.4.0
19b1c89
@regulartim
Fix country code extraction. Closes #1272 (#1273)
87f9fb1 
* Use correct filed for country code extraction

* Adapt tests
@regulartim
Update URLs and README with new GreedyBear-Project references (#1269)
2522b76 
* Update Contributing.md

* Remove funding.yml

* Update feed license URL

* Remove IntelOwl links from footer

* Update frontend tests

* Update RSS feed source

* Remove filter from RSS retrieval

* Update README

* Update shields in README

* Add GSoC logo

* Remove test case for filtering blog posts

* Replace URLs in README

* Add license paragraph

* Improve language

* Add contributor list

* Fix format

* Revert "Remove funding.yml"

This reverts commit 78af28c.
@regulartim
Add watchfiles command to qluster container for hot reloading in dev …
d6b3165 
…mode
@rootp1 @regulartim
Fixing Elasticsearch source filtering. Closes #1274 (#1255)
2ea082f 
* hardening changes

* add regression tests for elastic extraction hardening

* Rename constant containing required fields

* Sort and extend list of fields to extract

* Move hit to dict conversion early for easier handling

---------

Co-authored-by: tim <46972822+regulartim@users.noreply.github.com>
@manik3160
fix: remove host header cache poisoning vector. Closes #1104 (#1251)
039c9ed 
* remove dead cache.set for current_site in LoginView

* make HOST_URI configurable via environment variable

* add regression test for host header cache poisoning

* chore: fix import sorting in views.py

* docs: add HOST_URI to env_file_template
@regulartim
Bump uv dependencies
ccc5c8d
@regulartim
Bump npm dependencies
c88354d
@regulartim
Exclude disabled honeypots from activity buckets. Closes #1275 (#1276)
a034717 
* Add admin view for activity buckets

* Move bucket update to run after honeypot readiness check

* Add tests

* Adapt existing test cases

* Move bucket logic into extraction/bucket_updater.py and turning it into a stateful object

* Adapt tests

* Clear counter on failure
@regulartim regulartim requested a review from mlodic April 22, 2026 14:35
@regulartim regulartim marked this pull request as ready for review April 22, 2026 14:35
@regulartim regulartim merged commit 54cd62d into main Apr 22, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mlodic mlodic mlodic approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@regulartim @mlodic @rootp1 @opbot-xd @chauhan-varun @Vipeen-Kumar @manik3160 @rahulgunwanistudy-2005