tracecat

📦 Build system

• Remove elasticsearch (#215)

🛠️ Other improvements

• Fix flaky workflow_id parse in playbooks test (#213)

Thank you to all our contributors for making this release possible!
@daryllimyt and @topher-lo

Fix missing core-app volume in docker compose

Minor CI fixes.

• Add draft GH workflow to test all playbooks (#180)
• Add python tests suite (#177)
• Bump next from 14.1.0 to 14.1.1 in /frontend (#139)
• Alpha 2.0 (#129)
• Remove Tantivy (#115)
• Set shared env vars in conftest (#21)

💥 Breaking changes

• Categorize by tooling and register secrets (#195)

🧩 Integrations

• Shodan analyze URL / ip address (#207)
• censys IP search (#206)
• Categorize by tooling and register secrets (#195)
• Add database writer (#193)
• Add email and ipv4 extractors (#192)
• Migrate crowdstrike integrations to falconpy (#191)
• Much integrations so wow (#166)
• Implement AWS GuardDuty (#112)
• Add secrets for aws cloudtrail (#111)
• Get Project Discovery scan results (#104)
• Sublime Security (#101)
• Emailrep check reputation (#98)
• Add native AWS CloudTrail query integration (#88)
• Add analyze URL via URLScan Action (#83)
• VirusTotal file hash and URL reports (#79)
• Add Datadog security signals actions (#68)

✨ Enhancements

• CS-slack sync working (#211)
• Shodan analyze URL / ip address (#207)
• censys IP search (#206)
• Trigger context handling + webhook integration test (#204)
• Update AI action (#202)
• Add --commit flag in tracecat workflow create (#201)
• Implement runtime action tests (#194)
• Sentinel One distributed alerting in Slack (#198)
• Crowdstrike distributed alerting in Slack (#199)
• feat+docs: Generate udf integration docs (#196)
• Use TracecatDSLError in DSL validation (#197)
• Categorize by tooling and register secrets (#195)
• Add database writer (#193)
• Add email and ipv4 extractors (#192)
• Migrate crowdstrike integrations to falconpy (#191)
• Create default user in headless mode on db start (#189)
• Enable webhook trigger without ingress tunnel (#181)
• Tag Slack users in Datadog security signal (#170)
• Implement server-side UDF args validation on commit (#179)
• Dynamically register UDFs in DSLActivities (#176)
• feat+fix(engine): Implement resource identifiers module + fix Temporal clashing workflow ID (#174)
• Generate graph from headless mode (#173)
• Implement FN.func.map (#172)
• Implement for_each zip expression (#171)
• Update AWS GuardDuty + Slack playbook (#169)
• Implement action-local var context + iterable for_each clause (#168)
• Much integrations so wow (#166)
• Upgrade expression engine (#167)
• Add data transform forward action (#165)
• Webhook API changes (#160)
• Add OpenAPI API reference + CLI commands (#158)
• Add secrets management (#157)
• Implement JIT secrets for template secret expressions (#156)
• Implement run_if directive for workflow ActionStatement (#155)
• Implement template expression functions (#154)
• Run context propagation + revived case management (#153)
• Add and improve triggers UI (#151)
• Consolidate action catalog (#150)
• Implement commit changes to workflow (#149)
• Implement server side schema validation and JSON editor (#148)
• Temporal rewrite (#146)
• Minimalize action form (#145)
• Organize workflow form sections into accordions (#142)
• Minimalize onboarding and nav (#141)
• Implement AWS GuardDuty (#112)
• Upgrade logging (#134)
• Improve logger [1/N] (#124)
• Add clearer hierarchical style (#113)
• Replace Supabase with Postgres (#106)
• Get Project Discovery scan results (#104)
• Sublime Security (#101)
• Clerk migration (#100)
• Emailrep check reputation (#98)
• Add native AWS CloudTrail query integration (#88)
• Implement case activity timeline (#89)
• Add analyze URL via URLScan Action (#83)
• VirusTotal file hash and URL reports (#79)
• Add change case priority controls (#80)
• Implement change case status controls (#78)
• Add AI flair for autocompleted tags (#74)
• Add Datadog security signals actions (#68)
• AWS CloudTrail gzipped json reader (#63)
• Improve case management [2/N] (#66)
• Improve case management [1/N] (#64)
• feat+refactor(ui): Add autocomplete commit confirmation + move some state into the provider (#60)
• Add basic case autocomplete persistence (#57)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Add endpoint to ping API / runner from runner / API (#51)
• Improve docstring formatting (#45)
• Integrate secrets manager with integration functions (#38)
• Extend secrets manager (#36)
• Pass build flags into services.sh (#35)
• feat+fix: Patch macos local development build + update start script (#24)
• Implement integrations infra (#23)
• Add supabase service to docker compose (#22)
• Implement scheduled workflows (#17)
• Implement event streaming + console (#18)
• Add basic self hosting support (#11)
• Implement template field jsonpath substitution (#2)
• Implement basic runner (#1)

🐞 Bug fixes

• fix+test: Add integration test for AI action (#205)
• revert: Build ui image locally in docker compose (#190)
• Incorrect reference to all nodes instead of action nodes only (#178)
• Run context propagation + revived case management (#153)
• Remove multiprocessing for run integration action (#137)
• Split runner url into private/public env vars (#135)
• Suppress stack traces using catch-all handler (#126)
• Get Resource.updated_at working (#120)
• Add secrets for aws cloudtrail (#111)
• Update installation to include supabase cli (#94)
• Rename Case.title to case_title (#92)
• Missing change for integraitons (#84)
• Prevent checkbox from propagating click event (#81)
• Improve exception handling for auth callback new user flow (#53)
• Add endpoint to ping API / runner from runner / API (#51)
• Remove http2 from httpx (#46)
• Reference backend API domain dynamically for frontend client/server components (#34)
• feat+fix: Patch macos local development build + update start script (#24)

📖 Documentation

• feat+docs: Generate udf integration docs (#196)
• Update docs for single docker compose file (#187)
• update README.md (#185)
• Finish expressions draft (#163)
• Update docs concepts [1/N] (#162)
• Updated VT quickstart (#161)
• Update installation section (#159)
• Add OpenAPI API reference + CLI commands (#158)
• Spelling in installation (#121)
• Add linux docker networking fix (#117)
• Update installation (#107)
• Update installation to include supabase cli (#94)
• Missing change for integraitons (#84)
• Update integrations docs (#39)
• Fix self host .env examples and documentation (#13)

📦 Build system

• Add Temporal to docker-compose.yml and fix host.docker.internal (#184)
• Make docker compose prod and add dev extension (#175)
• Split runner url into private/public env vars (#135)
• Add passing username and password to rabbitmq uri (#125)
• Replace Supabase with Postgres (#106)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Split dev and prod into separate run options (#52)

🛠️ Other improvements

• wip(playbook): Fix playbook tests in GH workflows (#203)
• Configure logger verbosity (#200)
• revert: Build ui image locally in docker compose (#190)
• Move Role class to types (#188)
• [Broken] image build updates (#186)
• Enable webhook trigger without ingress tunnel (#181)

Thank you to all our contributors for making this release possible!
@LuedTek, @aboutphilippe, @daryllimyt, @dependabot, @dependabot[bot], @eltociear and @topher-lo

✨ Enhancements

• Improve logger [1/N] (#124)
• Replace Supabase with Postgres (#106)
• Clerk migration (#100)
• Add native AWS CloudTrail query integration (#88)
• Implement case activity timeline (#89)
• Implement change case status controls (#78)
• Add AI flair for autocompleted tags (#74)
• Add Datadog security signals actions (#68)
• AWS CloudTrail gzipped json reader (#63)
• Improve case management [2/N] (#66)
• Improve case management [1/N] (#64)
• Add basic case autocomplete persistence (#57)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Add endpoint to ping API / runner from runner / API (#51)
• Integrate secrets manager with integration functions (#38)
• Extend secrets manager (#36)
• Pass build flags into services.sh (#35)
• feat+fix: Patch macos local development build + update start script (#24)
• Implement integrations infra (#23)
• Add supabase service to docker compose (#22)
• Implement scheduled workflows (#17)
• Implement event streaming + console (#18)
• Add basic self hosting support (#11)
• Implement template field jsonpath substitution (#2)
• Implement basic runner (#1)

🐞 Bug fixes

• Get Resource.updated_at working (#120)
• Update installation to include supabase cli (#94)
• Rename Case.title to case_title (#92)
• Improve exception handling for auth callback new user flow (#53)
• Add endpoint to ping API / runner from runner / API (#51)
• Remove http2 from httpx (#46)
• Reference backend API domain dynamically for frontend client/server components (#34)
• feat+fix: Patch macos local development build + update start script (#24)

📖 Documentation

• Spelling in installation (#121)
• Add linux docker networking fix (#117)
• Update installation (#107)
• Update installation to include supabase cli (#94)
• Update integrations docs (#39)

📦 Build system

• Replace Supabase with Postgres (#106)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Split dev and prod into separate run options (#52)

🛠️ Other improvements

• Replace Supabase with Postgres (#106)
• Clerk migration (#100)
• Add supabase service to docker compose (#22)
• Set shared env vars in conftest (#21)

Thank you to all our contributors for making this release possible!
@aboutphilippe, @daryllimyt, @eltociear and @topher-lo

✨ Enhancements

• Add clearer hierarchical style (#113)
• Replace Supabase with Postgres (#106)
• Clerk migration (#100)
• Add native AWS CloudTrail query integration (#88)
• Implement case activity timeline (#89)
• Add change case priority controls (#80)
• Implement change case status controls (#78)
• Add AI flair for autocompleted tags (#74)
• Add Datadog security signals actions (#68)
• Improve case management [2/N] (#66)
• Improve case management [1/N] (#64)
• feat+refactor(ui): Add autocomplete commit confirmation + move some state into the provider (#60)
• Add basic case autocomplete persistence (#57)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Add endpoint to ping API / runner from runner / API (#51)
• Improve docstring formatting (#45)
• Extend secrets manager (#36)
• Pass build flags into services.sh (#35)
• feat+fix: Patch macos local development build + update start script (#24)
• Implement integrations infra (#23)
• Add supabase service to docker compose (#22)
• Implement event streaming + console (#18)
• Add basic self hosting support (#11)
• Implement basic runner (#1)

🐞 Bug fixes

• Update installation to include supabase cli (#94)
• Rename Case.title to case_title (#92)
• Prevent checkbox from propagating click event (#81)
• Improve exception handling for auth callback new user flow (#53)
• Add endpoint to ping API / runner from runner / API (#51)
• Reference backend API domain dynamically for frontend client/server components (#34)
• feat+fix: Patch macos local development build + update start script (#24)

📖 Documentation

• Spelling in installation (#121)
• Add linux docker networking fix (#117)
• Update installation (#107)
• Update installation to include supabase cli (#94)
• Update integrations docs (#39)

📦 Build system

• Replace Supabase with Postgres (#106)
• Generate Fernet key using ephemeral Docker container during installation (#54)
• Split dev and prod into separate run options (#52)

🛠️ Other improvements

• Replace Supabase with Postgres (#106)
• Clerk migration (#100)
• Add supabase service to docker compose (#22)
• Set shared env vars in conftest (#21)

Thank you to all our contributors for making this release possible!
@aboutphilippe, @daryllimyt, @eltociear and @topher-lo