Onefuzz Versions Save

A self-hosted Fuzzing-As-A-Service platform

5.20.0

3 weeks ago

5.20.0

Added

  • Service: Added endpoint to download agent binaries to support the unmanaged node scenario. #2600
  • Service: Added additional error handling when updating VMSS nodes. #2607

Changed

  • Service: Added additional logging when using the decommission node policy. #2605
  • Agent/Supervisor/Proxy: Updated third-party Rust dependencies. #2608
  • Service: Added optional retry_limit when connecting to the repro machine. #2609

Fixed

  • Service: Fixed status top in C# implementation. #2604
  • Service: Only add "re-opened" comments to a bug if it was actually reopened. #2623

5.19.0

4 weeks ago

5.19.0

Changed

  • Service: Delete nodes once they're done with tasks instead of releasing scale-in protection. #2586
  • Service: Switch to using the package provided by Azure Functions to set up Application Insights and improve its reporting of OneFuzz transactions. #2597

Fixed

  • Service: Fix handling duplicate containers across accounts in C# functions. #2596
  • Service: Fix the notification GET request on C# endpoints. #2591

5.18.0

1 month ago

5.18.0

Added

  • Service: Use records to unpack the request parameters in AgentRegistration. #2570
  • Service: Convert ADO traces to customEvents and update notificationInfo. #2508
  • Agent: Include computer name in AgentRegistration & decode Instance ID from it. This will reduce the amount of calls to Azure minimizing throttling errors. #2557

Changed

  • Service: Improve webhook logging and accept more HTTP success codes. #2568
  • Service: Reduce fetches to VMSS #2577
  • CLI: Use the virtual env folder to store the config if it exists. #2561, #2567, #2583

Fixed

  • Service: Reduce number of ARM calls in ListVmss reducing calls to Azure to prevent throttling. #2539
  • Service: ETag updated in Update and Replace. #2562
  • Service: Don't log an error if we delete a Repro and it is already missing. #2563

5.17.0

1 month ago

5.17.0

Added

  • Service: Add a DeleteAll operation to ORM that speeds up the deletion of multiple entities. #2519

Changed

  • Documentation: Remove suggestion to reset IterationPath upon duplicate. #2533
  • Service: Ignoring the scanning log file when reporting an issue with azcopy. #2536

Fixed

  • CLI: Fixed failures in command $ onefuzz status pool <pool_name>. #2551
  • Deployment: Fix the OneFuzz web address that is used to generate the input_url for bug reporting. #2543
  • Service: Produce an error if coverage recording failed due to a timeout. #2529
  • Service: Increased the default timeout for coverage recording from 5 seconds to 120 to prevent premature errors while parsing symbols and executables. #2556
  • Service: Fixed errors in ADO notifications to reduce duplicate bug-filing. #2534
  • Service: Handle null values better in ScalesetOperations and VmssOperations when a scaleset is in shutdown state. #2538
  • Service: Fix exception message formatting in VmssOperations. #2546
  • Service: Downgrade instance not found exception. #2549
  • Service: Lower log level on symbol region overlap findings during coverage recording. #2559

5.16.0

1 month ago

5.16.0

Added

  • Documentation: Added OneFuzz logo to the README file. #2340
  • Agent: Added try_insert function when building code coverage maps. #2510

Changed

  • Documentation: Described the importance of using the right runtime identifier (RID) when building .NET binaries. #2490
  • Service: Downgraded logging statement from error to warn and also included the http result code. #2484
  • Service/CLI: Updated python dependencies. #2470
  • Service: Updated the verbosity of azcopy logging to assist in debugging copy failures. #2598
  • Agent/Supervisor/Proxy: Updated third-party Rust dependencies.#2500
  • Service: Update the logic for checking if a blob exists before uploading to reduce contention during uploads. #2503
  • Service: Changed the way we update the scaleInProtection on a scaleset node to minimize throttling. #2505

Fixed

  • Service: Only fetch InstanceView data when required. This will reduce throttling by Azure.#2506
  • Service: Fixed github notification queries in the C# implementation (currently not turned on). #2513, #2514

5.15.1

1 month ago

5.15.1

Added

  • Service: Added support for Jinja template migration to Scriban. #2486

Fixed

  • Service: Replaced missing tab that caused ADO queries to fail to find existing work items resulting in duplicate items being created. #2492
  • Tests: Fixed integration-tests-linux. #2487

5.15.0

2 months ago

5.15.0

Added

  • Service: Use InterpolatedStringHandler to move values to CustomDimensions Tags #2450
  • Service: C# Can create ADO notifications #2456, #2458
  • Service: C# Cache VMSS VM InstanceID lookups #2464
  • CLI: Retry on connection reset #2468
  • Agent: Enable backtraces for agent errors #2437

Changed

  • Service: Bump Dependencies #2446
  • Service: Temporarily disable Pool validation #2459

Fixed

  • Service: Fix logic to retrieve partitionKey and rowKey #2447
  • Service: Permit periods in Pool names #2452
  • Service: Node state getting reset to init #2454
  • Service: Fix null ref exception in C# logging #2460
  • Service: Correct pool transitions #2462
  • Service: Fix UpdateConfigs #2463
  • Service: Allow worker loops to continue after errors #2469
  • Service: Lowercase webhooks digest header value #2471
  • Service: Fix C# Node state machine. #2476
  • Service: Adding missing caching from python code #2467

5.14.1

2 months ago

5.14.1

Fixed

  • Service: Handle 404 messages without throwing an exception when a queue does not exist. #2451

5.14.0

2 months ago

5.14.0

Added

  • Service: Implement not-implemented GetInputContainerQueues #2380
  • Service: Adding new default image config value to instance config 2434

Changed

  • Service: Port SyncAutoscaleSettings from Python to C# #2407

Fixed

  • Deployment: Updating error and fixing default value for auto_create_cli_app #2378
  • Service: Do not discard proxy objects when setting state #2441
  • Service: Do not fail task on notification failure #2435
  • Service: Cleanup queues for non-existent pools and non-existent tasks #2433
  • Service: Delete pool queue when pool is deleted #2431
  • Service: Minor fixes to service logging and error handling #2420
  • Service: Fixed linux repro extensions #2415
  • Service: Mark tasks as failed if a work unit cannot be created for the task #2409
  • Service: Fixed several bugs in C# ports for TimerProxy, TimerRetention, AgentEvents, Node, Tasks and Jobs #2406, #2392, #2379
  • Service: Fixed Azure linux instance proxy extensions provisioning failures #2401
  • Service: Fixed C# scheduling bugs #2390
  • Service: Fixed MarkDependantsFailed error checking #2389
  • Service: Fixed SearchStates querying in TaskOperations #2383
  • Service: Fixed Scaleset response Auth inclusion #2382
  • Service: Fix custom type interpolation in queries #2376
  • Service: Fixed error in C# port for DoNotRunExtensionsOnOverprovisionedVms must be false if Overprovision is false #2375

5.13.0

2 months ago

5.13.0

Note

We do not recommend deploying the C# functions in this release. Subsequent to creating the release we discovered a bug in the C# code and will be releasing 5.14 shortly which will address the issue.

Added

  • Deployment: Added optional flags --onefuzz_app_id & --auto_create_cli_app for deploy.py to allow for custom app registrations. #2305
  • Deployment: Added optional flag --host_dotnet_on_windows for deploy.py that enables running dotnet functions on Windows based hosts to allow for attaching a remote debugger #2344
  • Deployment: Added optional flag --enable_profiler for deploy.py to enable memory and cpu profilers in dotnet Azure functions #2345
  • Service: Enabled AppInsights dependency tracking to enable better analysis of Azure Storage usage on OneFuzz deployments#2315
  • Service: Added Scriban templating library as a dependency stand-in for Jinja on C# ported services #2330
  • Service: Use 64-bit worker for dotnet functions #2349
  • Agent: Add Cobertura XML output to src-cov example binary #2334
  • CLI: Add onefuzz debug task download_files <task_id> <output> command to download a task’s containers #2359

Changed

  • Service: Removed some response-only properties from the Task model #2335
  • Service: Create storage tables on startup #2309
  • Service: Switched to using Graph SDK instead of manually constructing queries #2324
  • Service: Cache InstanceConfig for improved read performance #2329
  • Deployment: Updated deploy.py to set all function settings at once for faster deployment and upgrades #2325
  • Devcontainer: Move global tool installs into another script so they can be cached #2365
  • Bumped several dependencies in multiple files #2321, #2322, #2360, #2361, #2364, #2355

Fixed

  • Service: Fix az_copy syncing issues by removing the max_elapsed_time limit and relying on RETRY_COUNT instead #2332
  • Service: Implement not implemented bits in Scaleset/VMSS Operations for RemiageNodes & DeleteNodes#2341
  • Service: Fixed bugs in C# port of Proxy and TimerProxy functions #2317, #2333
  • Service: Enforce that there are no extra properties in request JSON, and that non-null properties are [Required] #2328
  • Service: Remove IDisposable from Creds #2327
  • Service: Removed required field in Requests to match python behavior #2367
  • Service: Fixed bug in Azure DevOps notification information #2368
  • Service: Fixed memory leaks in AgentEvents and several supporting libraries #2356
  • Service: Fixed inconsistencies in VMSS creation between C#/Python functions #2358
  • Service: Fixed dotnet Info function to correctly get version number from assembly attributes instead of the config #2316
  • Service: Fixed bug in python types #2319
  • Service: Fixed bugs in timer_workers to allow it to run properly #2343
  • CLI: Coverage task should have access to readonly_inputs containers #2352
  • Devcontainer: Ensure that python virtual environment is installed #2372