grantseltzer/v0.8.2-notes.txt

## v0.8.2-notes.txt
# v0.8.2

This release continues the trend of more frequent smaller releases. It contains mostly bug fixes and performance optimizations.

# Highlights

## Breaking Changes

There should be no breaking changes

## Fixes

- Optimizations to syscall enter/exit hooks (#2080)
- Optimizations with likely/unlikely macros (#2131)
- Lowered the threshold to drop CAP_SYS_ADMIN for better consistency on various distributions (#2078)
- Resolved arm64 compilation problems (#2103)
- Use /proc/self/exe instead of Go os.Executable to resolve runtime errors (#2103)
- Add requirement of CAP_SYS_PTRACE to the capture_exec event (#1932)
- Remove symbols loaded errors that should be warnings (#2129)
- Added LIBBPFGO_OSRELEASE_FILE to falco sidekick k8s deployment (#2142)
- Resolved an issue with applying the context from triggering events (#2090)
- Style fixes (#2112)
- Updated postee in helm charts (#2111)
- Resolved an issue where a nil pointer dereference occurred when net interface wasn't specified (#2066)

## New Features
- New ability to bypass dropping of capabilities via `--caps allow-failed-drop` and --caps cancel-drop` options (#2008)
- Daily tests workflow and bad (#2064)

Thanks for your valuable contributions @cdelzotti!

### Full Changelog

1bca1524 - docs/tracing: fix typo (#2149) (P1nant0m)
afa63476 - deprecation: adjust deprecation warnings (Rafael David Tinoco)
9001dbc8 - capabilities: fix usage of kernel version interface (grantseltzer)
fdacd945 - parse_args: fix {get,set}sockopt new parse option (grantseltzer)
eb1fe11d - libbpfgo: update to latest (1.0.0+) (Rafael David Tinoco)
911d01b7 - libbpf: upgrade to v1.0.0 (grantseltzer)
1c8fef2b - docs/building: fix typo (grantseltzer)
d7ff24eb - makefile: remove clang-tidy as checker (Rafael David Tinoco)
49e75bca - makefile: get rid of dist/tracee.bpf bundle (Rafael David Tinoco)
d1c360ec - ebpf: add get_task_syscall_id helper (#2134) (Nadav Strahilevitz)
9e390794 - bug: add LIBBPFGO_OSRELEASE_FILE to falcosidekick (#2142) (Jose Donizetti)
8f1b398e - pkg/events/derive: silence symbols loaded errors (#2129) (Alon Zivony)
66ee9a71 - tracee.bpf.c: optimize with unlikely (#2131) (Nadav Strahilevitz)
fef38714 - tracee.bpf.c: optimize sys_enter and sys_exit (#2080) (Nadav Strahilevitz)
a038cc7d - refactor: remove not used return argument (Jose Donizetti)
913c2a72 - uprobes: adjust calling convention for uprobe handlers (Rafael David Tinoco)
2c041f61 - uprobes: open /proc/self/exe instead of os.Executable() (Rafael David Tinoco)
ba229396 - arm64: move comment for better indentation (Rafael David Tinoco)
0aa26f46 - tracee: do not tailcall undefined syscalls (Rafael David Tinoco)
2bc75195 - arm_kprobe: change hook point to satisfy arm64 missing symbol (Rafael David Tinoco)
cbd102b2 - tracee.bpf.c: fix arm64 compilation problems (Rafael David Tinoco)
509dc06d - events: change addr arguments to type pointer (#2128) (roikol)
b6dcf115 - pkg/ebpf: open files in output dir using FD (Alon Zivony)
da381170 - pkg/events: add missing capabilities to capture exec (Alon Zivony)
997cc379 - cmd/tracee-ebpf: divide capabilities dropping to stages (Alon Zivony)
c2bfd111 - containers/runtime: move autodiscover to package (#2081) (Nadav Strahilevitz)
c20afb46 - refactor: style fixes (#2112) (Jose Donizetti)
c631debe - feat(deps): Bump up Postee Helm chart version. (#2111) (simar7)
2af18f32 - README: remove badge for removed workflow (Rafael David Tinoco)
ea5fcc8e - workflows: remove redundant test being done to each PR (#2106) (Rafael David Tinoco)
5ebdfe72 - k8s: fix tracee version to latest release v0.8.1 (#2099) (Jose Donizetti)
bedba052 - k8s: fix kustomization.yaml (#2101) (Jose Donizetti)
edcaf819 - trigger: fix context apply (#2090) (Nadav Strahilevitz)
d4ad6124 - tracee-tester: spin-off tracee-tester related files (#2091) (Rafael David Tinoco)
a2fd2c49 - trigger: move event triggering logic out of derive (#2069) (Nadav Strahilevitz)
5f765aa8 - enrich: add queue cleaner goroutine (#2084) (Nadav Strahilevitz)
f396d916 - events: add security_inode_rename event (#2045) (Rafael David Tinoco)
70975338 - ebpf: parse events fd arguments to filenames (Geyslan Gregório)
df76fa10 - ebpf: standardize and reorder syscall names (Geyslan Gregório)
eef81b1f - tracee-ebpf: remove bufs_off map (#1866) (Yaniv Agman)
f6799198 - Lowering the thresold to drop CAP_SYS_ADMIN (#2078) (cdelzotti)
5a5762ed - cmd/tracee-ebpf: add capabilities dropping bypasses (#2008) (Alon Zivony)
3f8f4092 - Add daily tests workflow and respective badge (#2064) (G Gregório)
3f78d226 - parse_args: fix cases where arg type didn't change (#2072) (Nadav Strahilevitz)
0cc61667 - fix: capture net filter nil pointer error (#2067) (cdelzotti)
32748d6d - docs/integrating: fix docker run command (#2065) (Calvin Xiao)
	# v0.8.2

	This release continues the trend of more frequent smaller releases. It contains mostly bug fixes and performance optimizations.

	# Highlights

	## Breaking Changes

	There should be no breaking changes

	## Fixes

	- Optimizations to syscall enter/exit hooks (#2080)
	- Optimizations with likely/unlikely macros (#2131)
	- Lowered the threshold to drop CAP_SYS_ADMIN for better consistency on various distributions (#2078)
	- Resolved arm64 compilation problems (#2103)
	- Use /proc/self/exe instead of Go os.Executable to resolve runtime errors (#2103)
	- Add requirement of CAP_SYS_PTRACE to the capture_exec event (#1932)
	- Remove symbols loaded errors that should be warnings (#2129)
	- Added LIBBPFGO_OSRELEASE_FILE to falco sidekick k8s deployment (#2142)
	- Resolved an issue with applying the context from triggering events (#2090)
	- Style fixes (#2112)
	- Updated postee in helm charts (#2111)
	- Resolved an issue where a nil pointer dereference occurred when net interface wasn't specified (#2066)

	## New Features
	- New ability to bypass dropping of capabilities via `--caps allow-failed-drop` and --caps cancel-drop` options (#2008)
	- Daily tests workflow and bad (#2064)

	Thanks for your valuable contributions @cdelzotti!

	### Full Changelog

	1bca1524 - docs/tracing: fix typo (#2149) (P1nant0m)
	afa63476 - deprecation: adjust deprecation warnings (Rafael David Tinoco)
	9001dbc8 - capabilities: fix usage of kernel version interface (grantseltzer)
	fdacd945 - parse_args: fix {get,set}sockopt new parse option (grantseltzer)
	eb1fe11d - libbpfgo: update to latest (1.0.0+) (Rafael David Tinoco)
	911d01b7 - libbpf: upgrade to v1.0.0 (grantseltzer)
	1c8fef2b - docs/building: fix typo (grantseltzer)
	d7ff24eb - makefile: remove clang-tidy as checker (Rafael David Tinoco)
	49e75bca - makefile: get rid of dist/tracee.bpf bundle (Rafael David Tinoco)
	d1c360ec - ebpf: add get_task_syscall_id helper (#2134) (Nadav Strahilevitz)
	9e390794 - bug: add LIBBPFGO_OSRELEASE_FILE to falcosidekick (#2142) (Jose Donizetti)
	8f1b398e - pkg/events/derive: silence symbols loaded errors (#2129) (Alon Zivony)
	66ee9a71 - tracee.bpf.c: optimize with unlikely (#2131) (Nadav Strahilevitz)
	fef38714 - tracee.bpf.c: optimize sys_enter and sys_exit (#2080) (Nadav Strahilevitz)
	a038cc7d - refactor: remove not used return argument (Jose Donizetti)
	913c2a72 - uprobes: adjust calling convention for uprobe handlers (Rafael David Tinoco)
	2c041f61 - uprobes: open /proc/self/exe instead of os.Executable() (Rafael David Tinoco)
	ba229396 - arm64: move comment for better indentation (Rafael David Tinoco)
	0aa26f46 - tracee: do not tailcall undefined syscalls (Rafael David Tinoco)
	2bc75195 - arm_kprobe: change hook point to satisfy arm64 missing symbol (Rafael David Tinoco)
	cbd102b2 - tracee.bpf.c: fix arm64 compilation problems (Rafael David Tinoco)
	509dc06d - events: change addr arguments to type pointer (#2128) (roikol)
	b6dcf115 - pkg/ebpf: open files in output dir using FD (Alon Zivony)
	da381170 - pkg/events: add missing capabilities to capture exec (Alon Zivony)
	997cc379 - cmd/tracee-ebpf: divide capabilities dropping to stages (Alon Zivony)
	c2bfd111 - containers/runtime: move autodiscover to package (#2081) (Nadav Strahilevitz)
	c20afb46 - refactor: style fixes (#2112) (Jose Donizetti)
	c631debe - feat(deps): Bump up Postee Helm chart version. (#2111) (simar7)
	2af18f32 - README: remove badge for removed workflow (Rafael David Tinoco)
	ea5fcc8e - workflows: remove redundant test being done to each PR (#2106) (Rafael David Tinoco)
	5ebdfe72 - k8s: fix tracee version to latest release v0.8.1 (#2099) (Jose Donizetti)
	bedba052 - k8s: fix kustomization.yaml (#2101) (Jose Donizetti)
	edcaf819 - trigger: fix context apply (#2090) (Nadav Strahilevitz)
	d4ad6124 - tracee-tester: spin-off tracee-tester related files (#2091) (Rafael David Tinoco)
	a2fd2c49 - trigger: move event triggering logic out of derive (#2069) (Nadav Strahilevitz)
	5f765aa8 - enrich: add queue cleaner goroutine (#2084) (Nadav Strahilevitz)
	f396d916 - events: add security_inode_rename event (#2045) (Rafael David Tinoco)
	70975338 - ebpf: parse events fd arguments to filenames (Geyslan Gregório)
	df76fa10 - ebpf: standardize and reorder syscall names (Geyslan Gregório)
	eef81b1f - tracee-ebpf: remove bufs_off map (#1866) (Yaniv Agman)
	f6799198 - Lowering the thresold to drop CAP_SYS_ADMIN (#2078) (cdelzotti)
	5a5762ed - cmd/tracee-ebpf: add capabilities dropping bypasses (#2008) (Alon Zivony)
	3f8f4092 - Add daily tests workflow and respective badge (#2064) (G Gregório)
	3f78d226 - parse_args: fix cases where arg type didn't change (#2072) (Nadav Strahilevitz)
	0cc61667 - fix: capture net filter nil pointer error (#2067) (cdelzotti)
	32748d6d - docs/integrating: fix docker run command (#2065) (Calvin Xiao)