Skip to content

v1.42.0 — Runbook Automator, Security Hardening & Performance Optimizations

Choose a tag to compare

View all tags
@sauravbhattacharya001 sauravbhattacharya001 released this 19 Apr 17:48
· 160 commits to master since this release
v1.42.0
9ce0e96

What's New

Features

  • Runbook Automator Dashboard — automated incident response playbooks with configurable triggers
  • Smart Alert Correlator — groups related alerts to reduce notification noise
  • Agent Behavior Profiler — drift detection for agent behavioral changes
  • Codecov integration for coverage tracking

Security

  • Patch 3 npm audit vulnerabilities (path-to-regexp ReDoS, brace-expansion hang, picomatch injection)
  • Sanitize agent_name inputs in SLA module, cap window_hours, bound snapshot storage
  • Validate input types in PUT update handlers
  • Add usedforsecurity=False to md5 calls in postmortem.py
  • Restrict file permissions on CLI config containing API key
  • Fix SQLite variable overflow, validate agent names in profiler
  • Harden severity classification and annotation input validation

Performance

  • Optimize event ID generation, cache eviction, and tag batch queries
  • Single-pass GroupStats initialization (7 passes → 1)
  • Cache model aggregates and eliminate redundant sorts in spending/budget
  • Single-pass baseline computation with sum-of-squares for anomalies
  • Consolidate 3 DB queries into single CTE for leaderboard
  • Cache extractServiceName results and optimize isFailure regex
  • Eliminate spread-copy in parseEventRow, reduce allocations in export
  • Fix LRU cache pollution in session search
  • Compute MTBF in SQL, wrap error queries in transaction
  • Optimize linearRegression to single-pass

Fixes

  • Correct daily session count aggregation in forecast
  • Fix ReferenceError in trend detection (hoisted regression variables)
  • Align SQL column names with sessions/events schema in profiler
  • Cap event buffer and alert history to prevent memory leak

Refactoring

  • Extract statement cache to shared lib, use createLazyStatements
  • Standardize CLI command signatures to args-only pattern
  • Extract dashboard and replay into separate modules
  • Migrate scorecards and pricing to createLazyStatements

CI/CD

  • Add Trivy vulnerability scanning and smoke test to Docker workflow

Dependencies

  • Bump better-sqlite3 11.10->12.9, httpx >=0.28.1, setuptools >=82.0.1, pydantic >=2.13, pytest >=8.4.2, upload-pages-artifact v4->v5

Full Changelog: v1.41.0...v1.42.0

Assets 2
Loading