Skip to content

v6.6.0#3608

Merged
mlodic merged 86 commits into
masterfrom
develop
Apr 5, 2026
Merged

v6.6.0#3608
mlodic merged 86 commits into
masterfrom
develop

Conversation

@mlodic

@mlodic mlodic commented Apr 1, 2026

Copy link
Copy Markdown
Member

Checklist for creating a new release

  • If we changed/added Docker Analyzers, we need to configure Docker Hub / Dependabot properly.
  • I have already checked if all Dependabot issues have been solved before creating this PR.
  • Update CHANGELOG.md for the new version. Tag another maintainer to review the Changelog and wait for their feedback.
  • Change version number in docker/.env and frontend/package.json.
  • Verify CI Tests. Solve all the issues (Dependencies, Django Doctor, CodeFactor, DeepSource, etc).
  • Create release for the branch develop and set it as a pre-release. Remember to prepend a v to the version number.
    Write the following statement there (change the version number):
please refer to the [Changelog](https://github.com/intelowlproject/IntelOwl/blob/develop/.github/CHANGELOG.md#v331)

WARNING: We are building the new version of the project! The release will be officially available within 2 hours!
  • Wait for dockerHub to finish the builds
  • Merge the PR to the master branch. Note: Only use "Merge and commit" as the merge strategy and not "Squash and merge". Using "Squash and merge" makes history between branches misaligned.
  • Remove the "wait" statement in the release description and change the version status from pre-release to latest release.
  • Publish new Post into official Twitter and LinkedIn accounts (change the version number):
published #IntelOwl vX.X.X! https://github.com/intelowlproject/IntelOwl/releases/tag/vX.X.X #ThreatIntelligence #CyberSecurity #OpenSource #OSINT #DFIR
  • If that was a major release or an important release, communicate the news to the marketing staff
  • This is a good time to check for old dangling issues and clean-up the inactive ones. Same for issues solved by this release.

lvb05 and others added 30 commits February 7, 2026 14:15
* Add update checker management command, settings, and docs

* Format update checker with black and branch update

* Fix linting issues and improve update checker command output

* Fix ruff linting issues

* Restore README.md (remove update checker documentation)

* Fix formatting in update checker management command

* Add persistent update check status model

* Fix trailing whitespace in UpdateCheckStatus docstring

* Use persistent state for update checks and add Celery task

* Add admin GUI notification for update availability and formatting

* Add IntelOwl update check system with model, migration, scheduler and unit tests

* style: fix import ordering per ruff

* fix: apply black formatting on tasks.py

* fix(update-checker): safe lazy imports and robust version handling

* fix(update-checker): prevent duplicate notifications and improve version handling

* Restore intel_owl/tasks.py to upstream version

* Add automated update check system with celery task, model, command and tests

* fix: use __latest__ for django_celery_beat migration dependency

* Fix migration 0072: use literal 'days' instead of IntervalSchedule.DAYS in historical model

* Fix update-check notifications to work correctly with transactions and tests

* Fix update checker tests to use UserEventQuerySet notifications and immediate execution in testing

* Apply Black formatting after rebase

* Fix ruff formatting issue in commons settings

* Fix ruff formatting

* .

* .

* Add system update panel and API endpoint

* Fix lint issues and adjust tests

* Add system update panel UI and fix lint/format issues

* Fix Prettier formatting for update checker components

* correct formatting and comments

* system update notification show up on Home

* style change in notification

---------

Co-authored-by: Daniele Rosetti <55402684+drosetti@users.noreply.github.com>
* feat: upgrade PostgreSQL to v18 for major release v7.0.0

* Upgrade Postgres to 18-alpine and fix volume mount. Closes #3272 (#3275)

* Upgrade Postgres to 17-alpine and fix volume mount (#3272)

* Upgrade Postgres to 18-alpine as requested
* feature/analyzer : machofile analyzer

* fix/added unit tests, freeToUse, test_files.zip

* fix/cicd and copilot recommendations

* fix: precommit using ruff

* fix: precommit using ruff(again)

* fix: precommit using ruff(again)

* fix/cicd

* fix/cicd

* fix/cicd

* fix/migration-conflicts

* fix/migration-conflicts

* fix/cicd migrations

* fix/cicd migrations due to zip

* fix/add macho_sample

* fix/copilot and maintainer recommendations

* fix/cicd

* fix/zip-pass

* fix/cicd

* minor fixes : copilot recommendations

* fix/maintainer-feedback

* fix/cicd failure due to BlintAnalyzer
…3283)

* feat: improve generic observable type detection in InQuest analyzer

* refactor: precompile regex patterns and improve test robustness

* refactored the XMPID_PATTERN regex and added a test for logging a warning
#3284)

* fix: add background color to TLP badges and include TLP in job API. Closes #3150

- Added backgroundColor property to TLP badge component styling
- Implemented accessible text color logic (black for CLEAR/GREEN/AMBER, white for RED)
- Added tlp field to JobSerializer to return TLP value in job details API response
- Fixed issue where TLP badges showed only borders without background colors on job report page

* test: add tlp field assertion in job retrieve test

* fix: use unique IDs for TLPTag badges and add unit tests

- Replace simple value-based IDs with counter-based unique IDs to prevent duplicate DOM IDs when multiple badges with same TLP value are rendered
- Add comprehensive Jest tests for TLPTag component covering:
  * Background and text color rendering for all TLP levels (CLEAR, RED, GREEN, AMBER)
  * Unique ID generation for multiple instances
- Addresses Copilot review feedback for duplicate ID issue and missing test coverage

* fix: resolve ESLint no-plusplus error in TLPTag unique ID generation

- Replace postfix increment (idCounter++) with prefix increment (idCounter += 1)
- Maintains unique ID generation for TLP badges without ESLint violations

* fix: resolve Prettier formatting issues in TLPTag tests
* Optimize tests

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update tests/test_crons.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Conditionally apply network related patches

---------

Co-authored-by: Matteo Lodi <30625432+mlodic@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…3285)

Add timeout=60 to requests.post() in Yeti connector so that slow or
unresponsive Yeti API does not block Celery workers indefinitely.

Fixes #3256
Co-authored-by: Abhishek <abhishekup082gmail.com@Abhisheks-MacBook-Air.local>
* implemented

* fixed linting issues

* new migrations

* formatting

* black linter check

* Apply ruff formatting

* Trigger CI re-run

* Rebased on develop

* rename
* optmized decay method

* added tests for the decay method

* added comments for better understanding
…on of a new one (#3336)

* fix(frontend): visualization refresh after new artifact addition (#3148)

* fix CI pipeline

* fix the frontend pipeline

* test(frontend): add Jest test for onEvaluationSuccess callback in Analyzables

---------

Co-authored-by: Abhishek <abhishekup082gmail.com@Abhisheks-MacBook-Air.local>
- Replace exists() + first() with single first() call (2→1 DB queries)
- Add select_related('python_module') to avoid lazy-load query
- Simplify redundant boolean condition
- Add 5 unit tests for read_configured_params

Co-authored-by: Berry <berry@intelowl.example.com>
* fallback to temp

* code refactor

* fixed tests

* Refactor tests for CapaInfo cache directory handling

* fixed linter errors
* frontend : reports ui fixed

* preetier-fixes
* fix(misp): improve error message for restSearch GET/POST issue

* fix(test): use AnalyzerRunException and fix import order in test_misp

* fix(test): fix analyzer instantiation in test_restsearch_get_post_error

* refactor(misp): extract error handling into helper method to reduce complexity

* Improve MISP restSearch GET/POST error handling and add unit test

* Fix MISP restSearch GET/POST mismatch handling and debug test

* Merge nested with statements per DeepSource suggestion
…#3345 (#3356)

* Fix: Add regex validation to ChangePasswordView

* Fix: resolve Ruff linting errors

* Fix: add missing blank lines for Ruff formatter

---------

Co-authored-by: Berry <berry@intelowl.example.com>
 (#3355)

* fix(frontend): update guide targets and add artifacts step

* fix(frontend): adjust tooltip zIndex and fix History route guide crash

* Fix(frontend): apply review suggestions and remove package-lock changes

* Fix(frontend): run prettier on GuideWrapper.jsx

---------

Co-authored-by: Berry <berry@intelowl.example.com>
* fix/401-on-build-restart

* fix/suggesitons

* fix/added-tests

* fix/prettier-failure

* fix/copilot-recommendations
* fix(frontend): add whitespace validation for observable inputs in ScanForm
)

* test(frontend): add whitespace validation tests for ScanForm observable inputs
* fix: improve PDNS extractor logic to handle varying API schemas and prevent crashes

* docs: restore module docstring in analyzer_extractor.py
* issue

* fix the ruff formatting

* fix: ruff formatting for phishing_analysis.py

* chore: trigger CI rebuild because of flaky timeout in Startup script launch

* fix: align migration number to 0042 to avoid conflict with upstream 0041_crawl_results

* split visualizer into tabs, improve fallbacks, make HTTP traffic downloadable

* fix ruff formatting

---------

Co-authored-by: Abhishek <abhishekup082gmail.com@Abhisheks-MacBook-Air.local>
…3388)

* Fix: prevent params mutation and handle elasticsearch not configured error in report queries

* Linters error fix
lakshita10341 and others added 13 commits March 30, 2026 15:50
#3498)

* fix: Enhance password change security by invalidating API tokens and sessions

* optimize session hash updates

* fix: integrate session_key guard and comprehensive security tests

* refactor: wrap password updates in transaction

* feat: Navigate to home after successful password change
* feat: add gosu for user switching in gunicorn containers

* chore: update gosu installation, fix bugs

* fix: suppress wget output in pcap_analyzers Dockerfile during gosu download
…loses #3541 (#3568)

* feat: Implement database storage for JA4 entries using a new model and enhance the analyzer to support various JA4 fingerprint types.

* test: ensure Ja4DBEntry table is empty before testing initial update failure.

* refactor: update JA4DB analyzer to return consistent result structure and register model in admin panel
…verage (#3587)

Add 5 regression tests covering the isinstance() type guards introduced in PR #3384 that currently have zero test coverage:

- TestRobtex.test_dict_report_not_list: bare dict report guard

- TestRobtex.test_mixed_items_skips_non_dicts: mixed-type list filtering

- TestRobtex.test_production_crash_scenario: exact production crash [dict, []]

- TestMnemonicPDNS.test_dict_report_with_data_key: dict-format API response

- TestCIRCLPassiveDNS.test_string_report_returns_empty: string error response
…3585)

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to 25.3.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@25.0.1...25.3.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rs (#3584)

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to 25.3.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@25.0.1...25.3.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…3582)

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 23.0.0 to 25.3.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@23.0.0...25.3.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…3583)

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to 25.3.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@25.0.1...25.3.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…3581)

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to 25.3.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@25.0.1...25.3.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.34.1 to 4.35.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](github/codeql-action@v4.34.1...v4.35.1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* updated PR automation Slow run to avoid executing all the optional containers

* fix: typo 'Missmatch' to 'Mismatch' in PluginConfig (#3392)

---------

Co-authored-by: Daniele Rosetti <55402684+drosetti@users.noreply.github.com>
Co-authored-by: Matteo Lodi <30625432+mlodic@users.noreply.github.com>
…ms. Closes #3429 (#3565)

* fix(analyzers): handle False boolean for MISP published/metadata params. Closes #3429

* style: fix Ruff linter formatting issues

* fix(analyzers): use isinstance for bools instead of None to prevent PluginConfig TypeError
@mlodic mlodic changed the title 6.5.2 v6.5.2 Apr 1, 2026

@code-review-doctor code-review-doctor Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Worth considering though. View full project report here.

Comment thread api_app/analyzers_manager/file_analyzers/macho_info.py Outdated
Comment thread api_app/analyzers_manager/observable_analyzers/inquest.py Outdated
Comment thread tests/test_crons.py Outdated
Comment thread api_app/analyzers_manager/models.py
Comment thread api_app/models.py
@mlodic mlodic changed the title v6.5.2 v6.6.0 Apr 1, 2026
mlodic and others added 8 commits April 1, 2026 20:26
Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com>
Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com>
Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com>
@mlodic

mlodic commented Apr 1, 2026

Copy link
Copy Markdown
Member Author

this can't be merged until the reported bugs have been addressed

sanjib2006 and others added 4 commits April 2, 2026 13:57
* fix: replace CRLF split with splitlines() in Robtex analyzer

* fix: update robtex test to use lf instead of crlf
* fix/capa-timeout

* fix/copilot suggesitons

* fix/codeql failure

* fix

* rebase

* fix/copilot suggesitons

* fix/remove malware + rename migrations

* Update api_app/analyzers_manager/migrations/0189_update_capa_timeout.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update api_app/analyzers_manager/migrations/0189_update_capa_timeout.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* fix/cicd failure+copilot suggestions

* fstrings

* reverted test change

---------

Co-authored-by: Matteo Lodi <30625432+mlodic@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…olve #3617 (#3618)

* Fix #3617: Handle Werkzeug 3.x multipart constraints and JSONDecodeError

* fix: resolve ruff formatting and overlapping exception lint errors

* fix: apply Werkzeug 3.x multipart constraints logic across all Flask containers
@mlodic mlodic merged commit 4abcb35 into master Apr 5, 2026
15 of 23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.