Skip to content

Releases: AikidoSec/firewall-node

1.6.2

16 Dec 15:51
@hansott hansott
1.6.2
cbd7bcc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.2 Latest
Latest
  • Detect JS injections (eval / new Function(...))
  • Detect MongoDB JS injections ($where / ...)
  • Performance improvement
Assets 2
Loading

1.6.1

09 Dec 11:02
@hansott hansott
1.6.1
7c3c217
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.1
  • Add support for mongodb v6.10.0 and higher
  • Improve TypeScript types for Hono middleware
  • Keep all ports for outbound connections
Assets 2
Loading

1.6.0

03 Dec 15:59
@hansott hansott
1.6.0
4605019
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0
  • Introduce a new require hooking system for instrumentation
  • Send server architecture information along with agent info
  • Improve SQL injection detection by using a library that parses queries like a real database for better accuracy
  • Improve fs instrumentation
  • Improve path instrumentation
  • Add support for the postgres package
  • Add support for the mariadb package
  • Expose a new API for accurate rate limiting based on IP and optional user ID, as well as user blocking.
  • Add support for the fastify package
  • Add support for the @graphql-tools/executor package
  • Add support for the koa package
  • Enable OpenAPI discovery by default
  • Add environment variable AIKIDO_MAX_API_DISCOVERY_SAMPLES to control the maximum number of API discovery samples per route.
  • Add support for the @clickhouse/client package
  • Detect string formats during API discovery
  • Discover GraphQL schemas
  • Fix false positives for applications making requests to themselves on localhost, previously flagged as SSRF attacks
  • Recognize ULID identifiers in route pattern
  • Expose externals as require("@aikidosec/firewall/bundlers") to use with bundlers like esbuild
  • Add compatibility with dd-trace
  • Add support for IP address blocking, allowing configuration of country-based request blocking via the dashboard
Assets 2
Loading

1.6.0-beta.20

02 Dec 14:25
@hansott hansott
1.6.0-beta.20
65132df
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.20 Pre-release
Pre-release
  • Improve package.json (Add homepage etc)
  • Improve wrapping functions for compatibility with node-red
Assets 2
Loading

1.6.0-beta.19

28 Nov 15:35
@hansott hansott
1.6.0-beta.19
fef6373
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.19 Pre-release
Pre-release
  • Bugfix for Hono v4.6.9 and newer
  • Improve undici protection by setting global dispatcher sooner
  • Add support for undici v7
  • Expose externals function via @aikidosec/firewall/bundler, which is useful when your app is bundled using e.g. esbuild
Assets 2
Loading

1.6.0-beta.18

27 Nov 14:50
@hansott hansott
1.6.0-beta.18
77b0395
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.18 Pre-release
Pre-release
  • Add support for IP address blocklists (e.g. by country)
Assets 2
Loading

1.6.0-beta.16

19 Nov 12:07
@hansott hansott
1.6.0-beta.16
323f74d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.16 Pre-release
Pre-release
  • Upgrade to latest zen internals (fixes false positive for user input in SQL comments)
Assets 2
Loading

1.6.0-beta.15

18 Nov 14:42
@hansott hansott
1.6.0-beta.15
264b5c4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.15 Pre-release
Pre-release
  • Make Zen compatible with dd-trace
Assets 2
Loading

1.6.0-beta.14

18 Nov 09:04
@hansott hansott
1.6.0-beta.14
6a0920c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.6.0-beta.14 Pre-release
Pre-release
  • Ghost compatibility
Assets 2
Loading

1.6.0-beta.13

14 Nov 12:58
@hansott hansott
1.6.0-beta.13
f2255d0
Compare
Choose a tag to compare
1.6.0-beta.13 Pre-release
Pre-release
  • Bugfix for Ghost (Preserve original handler name)
Assets 2
Loading