v0.4.6

v0.4.6 (2024-03-17)

Ci

• ci: removed require hashes to allow no-deps to work (e634622)

• ci: added no deps and require hashes for pip audit (e5f110c)

Fix

• fix: Security enhancements and performance optimizations

• security: Removed exposed port in all workers
• security: Pinned docker platform in all dockerfile images
• security: Pinned docker images digest in all dockerfile images
• security: Pinned python packages by hash digest in all dockerfile images
• perf: Optimized workers and test image for smaller size and build times
• perf: Enabled github docker cache for all workflows
• docs: Updated readme with generate hash instructions for requirements (7b181af)

Unknown

• Merge pull request #188 from tattle-made/hotfix

Hotfix (f92ef82)

• Merge pull request #187 from duggalsu/opt_vid_worker

Opt vid worker (217d60d)

• • setup python version (2d1863c)

v0.4.5

v0.4.5 (2024-03-15)

Ci

• ci: removed explict checkout in docker build (2068476)

• ci: fix context in test workflow (201c900)

• ci: Fix issues with docker push vidvec benchmark test workflow (1d4a31e)

Fix

• fix: Fix workflows (c356dc9)

Unknown

• Merge pull request #186 from tattle-made/hotfix

Hotfix (2c19559)

• Merge pull request #185 from duggalsu/fix_docker_workflow

Fix docker workflow (acc4000)

• Merge pull request #184 from tattle-made/hotfix

Hotfix (3d6c84f)

• Merge pull request #183 from duggalsu/fix_vidvec_benchmark_test_workflow_2

Fix vidvec benchmark test workflow 2 (7d5cc01)

• Merge pull request #182 from tattle-made/hotfix

Hotfix (f6d87f8)

• Merge pull request #181 from duggalsu/fix_vidvec_benchmark_test_workflow

Fix vidvec benchmark test workflow (6f2a32a)

• Merge pull request #180 from tattle-made/hotfix

Hotfix (0b30a78)

• Merge pull request #179 from tattle-made/scorecard_workflow

Scorecard workflow (d1f468d)

• Create scorecard.yml (7bf1e20)

v0.4.4

v0.4.4 (2024-03-14)

What's Changed

• Fix tempfile issues by @duggalsu in #164
• Hotfix by @duggalsu in #178

Full Changelog: v0.4.3...v0.4.4

v0.4.3

v0.4.3 (2024-03-14)

Fix

• fix: flask issues

• Added config vars to env template
• Disabled flask production docker image
• Enabled flask dev server and debugpy to run on localhost
• Added debug cmd flag as recommended approach
• Modified flask app run to load host and debug values from env (cfc0601)

Unknown

• Merge pull request #177 from tattle-made/hotfix

Hotfix (f2a2b3d)

• Merge pull request #176 from duggalsu/fix_flask_issues

Fix flask issues (c68596f)

v0.4.2

v0.4.2 (2024-03-13)

Fix

• fix: wget issues (ff70726)

Unknown

• Merge pull request #175 from tattle-made/hotfix

Hotfix (fc508fa)

• Merge pull request #174 from duggalsu/fix_wget_issues

Fix wget issues (6b98b8f)

v0.4.1

v0.4.1 (2024-03-13)

Fix

• fix: Renamed hash worker graviton file
  ci: Added publishing media hash worker docker images
  ci: Added release hash worker dockerfiles (33fb2d8)

Unknown

• Merge pull request #173 from tattle-made/hotfix

Hotfix (ec7b922)

• Merge pull request #172 from duggalsu/add_hash_worker_workflow

Add hash worker workflow (b58c11f)

v0.4.0

v0.4.0 (2024-03-13)

Ci

• ci: updating hash worker github workflow (73e5634)

Unknown

• Merge pull request #165 from tattle-made/development

merge dev to main (55204f9)

• Merge pull request #166 from aatmanvaidya/temp-dev-2

resolving merge conflicts (1dea270)

• Merge remote-tracking branch 'upstream/main' into temp-dev-2 (3c28a9f)

v0.3.4

v0.3.4 (2024-03-13)

Fix

• fix: Fixed yaml load (0582882)

• fix: Fixed assert issues (33f5fd2)

• fix: linting issues (39d90be)

• fix: Removed secrets (11f4186)

Unknown

• Merge pull request #170 from tattle-made/hotfix

Hotfix (8f4e730)

• Merge pull request #169 from duggalsu/fix_yaml_load

fix: Fixed yaml load (ab3851f)

• Merge pull request #168 from duggalsu/fix_assert_issues

fix: Fixed assert issues (1290ef9)

• Merge pull request #167 from duggalsu/fix_secrets

Fix secrets (3670bc9)

v0.3.3

v0.3.3 (2024-03-12)

Chore

• chore: updated numpy version (a299171)

Ci

• ci: Add bandit cron workflow to trigger on push to main for resolved issues (90864bd)

• ci: Updated cron time to test trigger (170c313)

• ci: Enabled github token and modified cron UTC time (89c773f)

• ci: Updated path settings (b02ed5b)

• ci: Fix bandit cron workflow (faf897f)

• ci: Disabled bandit level (4802bea)

• ci: Added bandit SAST scanning (5ecd5da)

• ci: fixed scanners option (ae1ceb4)

• ci: Added exit code with limit sarif severities and always upload results (b105ac5)

• ci: Updated codeql-action version (03e48ea)

• ci: Removed failure condition for trivy scan to allow sarif upload (7b17253)

• ci: Added githbu codeql sarif upload permissions (1bcd94b)

• ci: Enabled trivy result upload to github codeql (e9afff0)

• ci: separate pip audit (e93e002)

• ci: add pip audit security workflow (b7a4db2)

Fix

• fix: (security) Added timeout to requests (f5c0645)

Unknown

• Merge pull request #162 from tattle-made/hotfix

Hotfix (9c7d06b)

• Merge pull request #161 from duggalsu/add_requests_timeout

Add requests timeout (805e426)

• Merge pull request #160 from tattle-made/hotfix

Hotfix (76d900e)

• Merge pull request #159 from duggalsu/add_on_push_bandit_cron_workflow

Add on push bandit cron workflow (bb97334)

• Merge pull request #158 from tattle-made/hotfix

Hotfix (7b29e51)

• Merge pull request #157 from duggalsu/test_bandit_cron_workflow_2

Test bandit cron workflow 2 (5ef5baf)

• Merge pull request #156 from tattle-made/hotfix

Hotfix (dc387bc)

• Merge pull request #155 from duggalsu/test_bandit_cron_workflow

Test bandit cron workflow (bba6af8)

• Merge pull request #154 from tattle-made/hotfix

Hotfix (9fca369)

• Merge pull request #153 from duggalsu/fix_bandit_cron_workflow

Fix bandit cron workflow (d4f7e01)

• Merge pull request #152 from tattle-made/hotfix

Hotfix (0605f12)

• Merge pull request #151 from tattle-made/bandit_cron_job

Bandit cron job (453093d)

• Create bandit.yml (f9f5e2b)

• Merge pull request #150 from tattle-made/hotfix

Hotfix (5355a37)

• Merge pull request #149 from duggalsu/add_ci_bandit

Add ci bandit (c899ab4)

• Merge pull request #148 from tattle-made/hotfix

Hotfix (1001e92)

• Merge pull request #147 from duggalsu/add_ci_trivy

Add ci trivy (0f7e440)

• ci (security): Added IaC scan with Trivy (ac487f9)

• fix (security): Renamed graviton dockerfiles for detection by trivy (bc2b01c)

• fix (security): Harden dockerfiles

• Added unprivileged python user
• Created venv for all pip install
• Added chown for all files and dirs
• Added --no-install-recommends to apt-get install cmd
• Fixed feluda core server.py import issue (a760d2e)

• Merge pull request #146 from tattle-made/hotfix

Hotfix (adf12d0)

• Merge pull request #145 from duggalsu/add_ci_pip_audit

Add ci pip audit (40f3ff6)

v0.3.2

v0.3.2 (2024-03-07)

Ci

• ci: github action to push md5hash worker to staging (b5df260)

• ci: add security checks on PR (ca7de73)

Fix

• fix: linter formatting (4758315)

• fix: linter issues (11f3683)

Unknown

• Merge pull request #144 from tattle-made/hotfix

Hotfix (dc64745)

• Merge pull request #143 from aatmanvaidya/md5-ci

ci: github action to push md5hash worker to staging (c896d29)

• Merge pull request #135 from duggalsu/test_official_docker_push_action

Test official docker push action (1dbe184)

• Merge pull request #141 from duggalsu/fix_linter_issues

Fix linter issues (7dd3979)