Releases: AikidoSec/firewall-node
Releases · AikidoSec/firewall-node
1.6.0-beta.4
- Improve type definitions for setUser(...)
- Add support for Fastify
1.6.0-beta.3
Merge pull request #424 from AikidoSec/patch-set-user Log warning only once
1.6.0-beta.2
Merge pull request #417 from AikidoSec/patch-path Avoid double wrapping path
1.6.0-beta.1
Merge pull request #324 from AikidoSec/new-hooks-system Implement new hook system
1.6.0-beta.0
- Includes a new SQL injection detection that understands SQL queries with different dialects (See https://github.com/AikidoSec/zen-internals)
1.5.70
- Improve metadata and stack traces for SSRF attacks
- Improve route discovery
- Improve path traversal detection (for absolute paths)
- Improve file system functions coverage
- Improve NoSQL detection
- Introduce
AIKIDO_DISABLE=1to force disable firewall - Improve cookie parsing performance
- Improve route matching
1.5.69
1.5.68
1.5.67
- Report node.js version to Aikido
- Add support for Express.js v5
- Discover schema of API routes (behind feature flag)
- Rename Firewall to Zen by Aikido (Learn more)
- Extend list of dangerous shell commands
- Fix SSRF bypass using IPv6 hostname
- Add port in metadata for SSRF attacks
1.5.66
What's Changed
- Fix various edge cases and extend test coverage