1.0.0-beta.1 (2024-05-20)

Secutils.dev API

⚠ BREAKING CHANGES

• platform: migrate from SQLite to PostgreSQL as the main database (6c73226)
• platform, security: move identity management to Ory Kratos (2035135)
• platform, config: add support for the application TOML configuration file (3446290)

Features

• platform, security: introduce API to retrieve currently authenticated user (a3a4471)
• platform, security: introduce admin-only APIs to retrieve any users by ID and email (7c8ec97)
• platform, security: introduce API to terminate user account (8be73d4)
• webhooks: introduce API to enable/disable responders (35965fc)
• platform: add support for user subscriptions and tiers (281f80f)
• platform: introduce subscription tier config (72cfd03) and make subscription management and feature overview URLs configurable (70faae9)
• platform: switch to a structured logger (60e4a8e) and add support for more detailed structured logging (998bdd3)
• platform, security: add support for JWT credentials (6e6ca22)
• platform, security: add support for operator users and operator ephemeral service accounts (88e4cfc)

Bug Fixes

• platform: bump minimum Deno runtime heap size to 5mb for basic tier (7edef3a)
• platform: expose all user subscription fields to the clients (6c30e40)
• platform: make termination of the long-running user scripts more resilient (3cff6fb)
• platform: reset JsRuntime termination flag after termination (f9e88e6)
• platform: unify styles for account activation, password reset, and notifications emails (f62635c)
• webhooks, web-scraping: adjust subscription default values (9fe5780)

Performance Improvements

• platform: acquire single database connection for data streams (2fee287)

Full Changelog: v1.0.0-alpha.5...v1.0.0-beta.1

Secutils.dev Web UI

⚠ BREAKING CHANGES

• platform, security: migrate user authentication to Ory Kratos (b785d68)

Features

• platform: add Account UI to view and manage subscription details (3e09090)

• webhooks: allow enabling/disabling responders (1104922)

• platform: allow zooming script editor content with the mouse wheel (187fdfd)
• web-scraping: limit a number of tracker revisions and responder requests according to the user subscription (24da25e and 1d67a98) according to the user subscription

Bug Fixes

• platform: redirect user to /signin after signout and do not cache index.html (bb581f6)
• utils: increase width of the Actions column for certificates, private keys, and CSP (f8a48d9)

Full Changelog: secutils-dev/secutils-webui@v1.0.0-alpha.5...v1.0.0-beta.1

Secutils.dev Web Scraper

Features

• platform: support configurable userAgent header via SECUTILS_WEB_SCRAPER_USER_AGENT envvar (030c8d9)

Bug Fixes

• platform: set proper path to the main module in package.json (47aeda2)

Full Changelog: secutils-dev/secutils-web-scraper@v1.0.0-alpha.5...v1.0.0-beta.1

v1.0.0-alpha.5 (2024-01-10)

Secutils.dev API

⚠ BREAKING CHANGES

• webhooks: drop dedicated delay responder setting in favor of custom responder JavaScript extension (5fe5d8a)

Features

• platform: implement Deno-based JsRuntime to support user extensions and scripts (98a5d8a)
• webhooks: add support for custom responder JavaScript extensions (5fe5d8a)
• webhooks: capture full client socket address in responder and expose it to the script context (430a9f9)
• webhooks: capture responder request path and query string (67eb50a)

Full Changelog: v1.0.0-alpha.4...v1.0.0-alpha.5

Secutils.dev Web UI

⚠ BREAKING CHANGES

• webhooks: drop UI for the dedicated delay responder setting in favor of custom responder JavaScript extension (7727f82)

Features

• webhooks: add UI to support custom responder JavaScript extensions (7727f82)

• webhooks: display f icon next to the responder name if it is configured with a script (ecb3af7)

• webhooks: display full client socket address, responder request path and query string in captured requests grid (f78f5e2)

Full Changelog: secutils-dev/secutils-webui@v1.0.0-alpha.4...v1.0.0-alpha.5

Secutils.dev Web Scraper

Maintenance release (dependency upgrades and other chores).

Full Changelog: secutils-dev/secutils-web-scraper@v1.0.0-alpha.4...v1.0.0-alpha.5

v1.0.0-alpha.4 (2023-12-26)

Secutils.dev API

⚠ BREAKING CHANGES

• platform: switch to a new database migration naming schema and dedicated tables for user data
• platform: use proper REST URLs for all utilities APIs

Features

• platform: add support for job retries (constant, linear, and exponential) (f3decab)
• platform: allow cross-origin requests to the utilities APIs (c1b0dde)
• certificates: introduce support for a new Certificates -> Private keys utility API (ae8a581, secutils#8)
• certificates: allow sharing certificate templates (1d57188)
• web-scraping: introduce Web Scraping -> Content trackers utility API (b879bf1)
• web-scraping: add diff support for the Web Scraping -> Resources trackers preview (a647e79)
• web-scraping: add support for custom HTTP request headers in Web Scraping -> Resources trackers utility API (83f48c0)
• web-scraping: notify users about failed attempts to check changes in resources or content (473191e)
• web-security: implement an API for importing content security policies (CSP) (2db6c0a)
• webhooks: add support for "subdomain"-based webhook URLs (eada924)

Fixes

• platform: use secutils/{version} as the User-Agent HTTP header for all outbound HTTP requests (0a2d7e2)
• web-scraping: surface web page content and resources tracker errors in the API responses (888c8ac)
• webhooks: properly handle webhook request for root path (/) (a5c3dcd)

Full Changelog: v1.0.0-alpha.3...v1.0.0-alpha.4

Secutils.dev Web UI

Features

• platform: add support for job retries in all web page tracker UIs (only constant strategy) (b44fd2d)

• certificates: introduce UI for a new Certificates -> Private keys utility (a9462dd, check out the guides to learn more)

• certificates: allow sharing certificate templates (dc3a269, check out the guides to learn more)

• web-scraping: add UI for custom HTTP headers for web page trackers (5ec9b00)

• web-scraping: introduce UI for a new Web Scraping -> Content utility (dcde972, check out the guides to learn more)

• web-scraping: redesign web page tracker previews (22bea69)

• web-security: implement UI for importing content security policies (CSP) (de60ab7, check out the guides and this blog post to learn more)

• webhooks: add support for "subdomain"-based webhook URLs (edc77c3, check out the guides to learn more)

• webhooks: support responders with the same path, but different HTTP methods (ec43221)

Fixes

• platform: make sure grid items are rendered consistently (6213cc6)
• certificates: properly handle name change in certificate template editor (5134646)
• certificates: fix docs links for certificate templates and private keys (87d1759)
• web-scraping: use tracker ID as a unique identifier instead of name (6ead9be)
• web-security: remove X-User-Share-Id from URL if it is invalid to avoid infinite reload loop (64ea260)

Enhancements

• web-scraping: render web page tracker name with indicators for scheduled checks and notifications (7fca493)

Full Changelog: secutils-dev/secutils-webui@v1.0.0-alpha.3...v1.0.0-alpha.4

Secutils.dev Web Scraper

Features

• web-page: add support for custom request HTTP headers (6a743ea)
• web-page: disable browser cache and selectively proxy requests to bypass CSP/CORS restrictions (6825861)
• web-page: disable CORS with --disable-web-security Chromium launch flag (f9507eb)
• web-page: introduce new Web Content scraper API (a7d9de0)

Fixes

• web-page: bump web page load timeout from 5000ms to 10000ms (a9ee6ad)
• web-page: serialize content state even if it has exceeded allowed size (7df4534)
• web-page: use only web page URL, headers, and user scripts to calculate cache key (bc163f5)
• web-page: use proper cryptographic hash for the response cache key (bec0919)

Enhancements

• web-page: use more stable Chrome DevTools Protocol to capture external resources (129ca5a)
  ...

v1.0.0-alpha.3 (2023-10-03)

Secutils.dev API

Features

• [Web Scraping] Added support for automatic scheduled checks for changes in tracked web page resources: hourly, daily, weekly, monthly. Refer to the documentation & guides to learn more. (#20)
• [Web Scraping] Added support for email notifications when changes in tracked web page resources are detected. Refer to the documentation & guides to learn more. (7595eb9)
• [Web Scraping] Added support for custom web resources trackers scripts (JavaScript) to assist with resource filtering and mapping. Refer to the documentation & guides to learn more. (#19)
• [Web Security] Added support for shareable user resources to improve collaboration (only for CSP in this release). Refer to the documentation & guides to learn more. (#21)
• [Digital Certificates] Made key size (RSA, DSA) and curve name (EC) configurable in certificate templates. (#8)

Enhancements

• [Search] Upgraded to Tantivy v0.21.0 (2a5c833) and switched to lenient query parser for the keywords search to make search more error-tolerant. (2f6c10b)
• [Misc] Updated OpenSSL libs in a Docker image. (e98a31a)
• [Misc] Switched Docker image to use non-root user for better security. (36555c9)
• [Misc] Dependency upgrades

Full Changelog: v1.0.0-alpha.2...v1.0.0-alpha.3

Secutils.dev Web UI

Features

• [Web Scraping] Added UIs to support web page resources tracking enhancements provided by the latest Secutils.dev API. (secutils-dev/secutils-webui@d2a1026, secutils-dev/secutils-webui@f485ff1, secutils-dev/secutils-webui@683b5bf)

• [Digital Certificates] Added UIs to support certificate templates enhancements provided by the latest Secutils.dev API. (secutils-dev/secutils-webui@f83328b, secutils-dev/secutils-webui@5698837, secutils-dev/secutils-webui@de81c85)

• [Web Security] Added UIs to support shareable user resources to improve collaboration (only for CSP in this release). Refer to the documentation & guides to learn more. (#21)

Enhancements

• [Misc] Switched main Docker image to nginxinc/nginx-unprivileged:alpine3.18-slim for better security and lighter size. (secutils-dev/secutils-webui@b316922)
• [Misc] Dependency upgrades

Full Changelog: secutils-dev/secutils-webui@v1.0.0-alpha.2...v1.0.0-alpha.3

Secutils.dev Web Scraper

Features

• [Web Scraping] Extended Resources API to support custom JavaScript scripts for resources filtering and mapping. (secutils-dev/secutils-web-scraper@ba5406b)

POST /api/resources
Accept: application/json
Content-Type: application/json

{
  "url": "https://secutils.dev",
  "scripts": {
    "resourceFilterMap": "return resource.type === 'script' ? resource : null;"
  }
}

Enhancements

• [Misc] Enabled sandbox for the headless Chromium used to extract web page resources and switched Docker image to use non-root user for better security. (secutils-dev/secutils-web-scraper@4717f74)
• [Misc] Dependency upgrades

Full Changelog: secutils-dev/secutils-web-scraper@v1.0.0-alpha.2...v1.0.0-alpha.3

v1.0.0-alpha.2 (2023-07-23)

This is the first feature update release of Secutils.dev since the initial release.

Secutils.dev API

Features

• [Web Scraping] Added support for web page resources tracking functionality (#14).

Enhancements

• [Digital Certificates] Fall back to the latest version of the X.509 certificate defined by the spec if not specified by the client (#1)
• [Search] Switch to Tantivy v0.20.0 and change data folder naming scheme to include search index version to support auto-reindexing (ef9dbf2)
• [Misc] Bump Docker image to Alpine 3.18 (9653ac9)
• [Misc] Add parameter validation for the utils actions APIs (a02a01a).
• [Misc] Dependency upgrades

Full Changelog: v1.0.0-alpha.1...v1.0.0-alpha.2

Secutils.dev Web UI

Features

• [Web Scraping] Added UIs to support web page resources tracking functionality (#14).

Enhancements

• [Docs] Update footer to include links to Blog and Documentation (secutils-dev/secutils-webui@8ce447e)
• [Misc] Bump Docker "builder" image to node:20-alpine3.18 (secutils-dev/secutils-webui@48a5051)
• [Misc] Dependency upgrades

Fixes

• [Security] Recover original URL after signin (#9)
• [Misc] Switch local watch port to 7171 (secutils-dev/secutils-webui@9adb128)

Full Changelog: secutils-dev/secutils-webui@v1.0.0-alpha.1...v1.0.0-alpha.2

Secutils.dev Web Scraper

Features

• [Web Scraping] Initial release of Secutils.dev Web Scraper component 🎉

Full Changelog: https://github.com/secutils-dev/secutils/commits/main

v1.0.0-alpha.1 (2023-05-16)

This is the first public (alpha) release of Secutils.dev 🎉

Features

• Added support for basic webhooks functionality.
• Added support for generation of the digital certificates.
• Added support for generation of the Content Security Policies (CSP).

Refer to https://github.com/secutils-dev/secutils-webui/releases for the Secutils.dev Web UI release notes.