-
Split "check queue" and "temporary failure" into two. Previously "there is stuff in the queue" caused snare to initiate "continually wake up if there's a temporary failure".
-
Simplify timeout checks and remove a race condition.
-
Ensure that temporary failures do not cause the queue to be viewed as empty.
-
Reset the timeout before running
errorcmd(if it exists). Previously, if the main command exceeded the timeout,errorcmdwould immediately be considered to have exceeded the timeout as well.
- Update dependencies.
- Handle both JSON and urlencoded requests.
-
Change logging approach.
-vvvvnow gives more helpful output. -
Unbreak
pingsupport. -
Allow
%xand%?to be used inerrorcmd. Whencmdfails, the only clue as to why can be its exit code. Previously, snare had no way of transmitting this information to the user: this commit allows using%xand%?(the latter borrowing the similarly named variable from the shell) inerrorcmdto access this information.
-
Remove hyper/tokio in favour of a simple internal HTTP server. This reduces the number of library dependencies by about 25%.
-
Improve logging: errors, warnings, and information are now differentiated. The
-vswitch increases the logging level. Defaults to "only report errors". -
Default to
/bin/shif$SHELLisn't set when running commands. -
Add a system test suite.
-
Respect
DESTDIR, and try to pick a more appropriate location for man pages, in installation.
- Update dependencies.
- Update dependencies, including moving from the unmaintained
jsoncrate toserde_json.
-
Update dependencies, including a security fix to the regex crate.
-
Remove mention of
reposdirfrom the documentation: it is deprecated and using it causes a warning.
- Update dependencies.
- Update dependencies.
- Update many dependencies.
- Update to tokio 1. Also update other dependencies, avoiding warnings over yanked (old) versions of pin-project-lite.
-
Documentation improvements, including more secure examples.
-
Updated dependencies, solving a long-standing slow error leak.
-
The
emailoption inmatchblocks has been replaced by the more genericerrorcmd. To obtain the previous behaviour:email = "someone@example.com";should be changed to something like:
errorcmd = "cat %s | mailx -s \"snare error: github.com/%o/%r\" someone@example.com";This assumes that the
mailxcommand is installed on your machine. As this example may suggest,errorcmdis much more flexible thanemail. The syntax oferrorcmdis the same ascmdwith the addition that%sis expanded to the path of the failed job's combined stderr / stdout.snareinforms users whose config containsemailhow to update toerrorcmdto obtain the previous behaviour.
-
After daemonisation, all errors are now sent to syslog (previously a few errors could still be sent to stderr).
-
Fix bug in parsing string escapes, where one character too many was consumed after
\". -
Use SIGCHLD to listen for child process exit, so that
snaredoes not have to be woken up as often.
-
snarenow only searches for a configuration file at/etc/snare/snare.conf; as before, you can specify an alternative location forsnare.confvia the-coption. -
snarealways changes its CWD to/(previously CWD was only altered if auserwas specified).
- When a command fails, the email sent now contains the owner and repository name in the subject.
-
The
github-block levelreposdiroption has been removed. The more flexiblematch-block levelcmdhas been introduced. In essence:github { reposdir = "/path/to/prps"; ... }should be changed to:
github { match ".*" { cmd = "/path/to/reposdir/%o/%r %e %j"; } }snareinforms users whose config containsrepodirhow to update it.
-
snarenow validates input derived from the webhook request so that it is safe to pass to the shell: GitHub owners, repositories, and events are all guaranteed to satisfy the regular expression[a-zA-Z0-9._-]+and not to be the strings.or... -
String escapes (e.g.
"\"") are now properly processed (previously they were ignored).
First release.