Conversation
- fix SSE auth using wrong localStorage key (session_token -> getAuthToken) - fix incidentsTotal never updated in siem store - fix authStore.subscribe memory leaks (20+ components missing onDestroy cleanup) - fix offset=0 dropped in API calls (falsy check on 0) - fix search debounce timer not cleared on destroy - fix escapeHtml using DOM nodes instead of pure string replace - fix SSE stream re-emitting duplicate logs on same timestamp - fix verifyProjectAccess called twice for array projectId - fix getInvitationByToken returning expired invitations - fix time_bucket missing ::interval cast in siem dashboard - fix login creating session for disabled users - fix severity ordering using alphabetical MAX instead of severity rank - fix updateIncident silently skipping falsy title/severity/status - rebuild shared package to fix stale dist types
- scope linkDetectionEventsToIncident to organization_id - scope getIncidentDetections to organization_id - add missing organization_id and project_id to sigma notification payload - guard markAsNotified from null historyId (sigma rules have no history entry)
- add SSRF protection to legacy webhook notification path - fix Math.max(...[]) crash when no orgs exist in retention job - fix empty webhook error messages for HTTP/2 responses - validate webhook custom headers JSON before saving channel
verify org membership before allowing pattern updates and deletes, same as GET/POST handlers already do
- add NODE_ENV: production to backend in docker-compose.yml - sync docker-compose.build.yml with main compose (add TRUST_PROXY, FRONTEND_URL, INTERNAL_DSN, DOCKER_CONTAINER, MongoDB vars, MongoDB service, fluent-bit-metrics service, frontend DSN vars) - add storage engine, clickhouse, mongodb sections to docker/.env.example
…de optional profiles for Docker
- picomatch 4.0.3 -> 4.0.4 (fix ReDoS + method injection) - brace-expansion 5.0.2 -> 5.0.5 (fix zero-step sequence DoS) - fast-xml-parser 5.5.6 -> 5.5.9 (fix entity expansion bypass)
- pattern PUT/DELETE: keep 400 for missing organizationId, add org membership check after - revert expires_at filter on getInvitationByToken (intentional: frontend shows expiry message to user)
ensureInitialAdmin now creates a system@logtide.internal admin when no env vars are set, test was still expecting 0 users
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request releases version 0.8.5, bringing significant security fixes, bug fixes, Docker deployment improvements, and dependency updates to the LogTide platform. The update also introduces enhanced environment configuration options, improved documentation for Docker setups (including lightweight and optional service profiles), and a more robust initial admin bootstrap process.
Security and Bug Fixes
Docker and Deployment Improvements
docker-compose.build.yml,.env.example) were updated to support MongoDB and Fluent Bit metrics as optional profiles, added missing environment variables for backend and worker services, and improved compatibility with lightweight and multi-engine setups. A new lightweight Docker Compose option is documented for resource-constrained environments. [1] [2] [3] [4] [5] [6] [7] [8]Documentation and Version Updates
README.mdandCHANGELOG.mdwere updated for v0.8.5, reflecting new features, Docker usage instructions, and highlighting the new lightweight and profile-based deployment options. Version numbers were incremented across relevant files. [1] [2] [3] [4] [5]Initial Admin Bootstrap Enhancement
Dependency Updates
picomatch,brace-expansion, andfast-xml-parserwere made, along with other package updates. [1] [2]References:
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]