Skip to content

1.6.0
Compare
Choose a tag to compare
@hansott hansott released this 03 Dec 15:59
· 299 commits to main since this release
1.6.0
4605019
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
  • Introduce a new require hooking system for instrumentation
  • Send server architecture information along with agent info
  • Improve SQL injection detection by using a library that parses queries like a real database for better accuracy
  • Improve fs instrumentation
  • Improve path instrumentation
  • Add support for the postgres package
  • Add support for the mariadb package
  • Expose a new API for accurate rate limiting based on IP and optional user ID, as well as user blocking.
  • Add support for the fastify package
  • Add support for the @graphql-tools/executor package
  • Add support for the koa package
  • Enable OpenAPI discovery by default
  • Add environment variable AIKIDO_MAX_API_DISCOVERY_SAMPLES to control the maximum number of API discovery samples per route.
  • Add support for the @clickhouse/client package
  • Detect string formats during API discovery
  • Discover GraphQL schemas
  • Fix false positives for applications making requests to themselves on localhost, previously flagged as SSRF attacks
  • Recognize ULID identifiers in route pattern
  • Expose externals as require("@aikidosec/firewall/bundlers") to use with bundlers like esbuild
  • Add compatibility with dd-trace
  • Add support for IP address blocking, allowing configuration of country-based request blocking via the dashboard
Assets 2
Loading