Skip to content

Release history

crowdsec releases

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Back to tool Latest release

All releases

4 shown

v1.7.8 New feature
Notable features
  • WAF: OpenAPI schema validation (#4097)
  • Decision stream defaults to chunked transfer encoding (#4413)
  • cscli enroll command gains `--quick` flag (#4350)
Full changelog

New Features

  • WAF: OpenAPI schema validation (#4097) @blotus

Improvements

  • WAF: enforce body size limitation (#4355) @blotus
  • Decision stream: move to chunked transfer by default (#4413) @blotus
  • cscli: add --quick flag to enroll command (#4350) @blotus
  • propose an alternative, cleaner configuration for appsec-config (#4397) @buixor

Bug Fixes

  • cscli metrics: don't attempt to create a DB client if there's no DB config (#4451) @blotus
  • papi: don't spam logs if chan is closed (#4439) @blotus
  • alerts: use single transaction when creating alert and all related items (#4438) @blotus
  • LAPI: enforce maximum body size for decompression

Chore / Deps

  • build(deps): bump the gomod group across 1 directory with 34 updates (#4453) @dependabot[bot]
  • build(deps): bump the github-actions group with 2 updates (#4447) @dependabot[bot]
  • build(deps): bump alpine from 3.21 to 3.23 in /build/docker in the docker group across 1 directory (#4441) @dependabot[bot]
  • build(deps): bump the github-actions group with 7 updates (#4443) @dependabot[bot]
  • build(deps): bump the uv group in /build/docker/test with 3 updates (#4442) @dependabot[bot]
  • db: add some missing indexes (#4435) @blotus
  • Dependencies update (#4412) @blotus
  • add PAPI metrics (#4411) @blotus
  • build(deps): bump github.com/aws/aws-lambda-go from 1.47.0 to 1.54.0 (#4402) @dependabot[bot]
  • build(deps): bump docker/login-action from 4.0.0 to 4.1.0 (#4403) @dependabot[bot]
  • build(deps): bump github.com/google/go-querystring from 1.1.0 to 1.2.0 (#4400) @dependabot[bot]
  • build(deps): bump actions/setup-go from 6.3.0 to 6.4.0 (#4404) @dependabot[bot]
  • build(deps): bump github.com/aws/aws-sdk-go-v2/service/sqs from 1.42.3 to 1.42.25 (#4405) @dependabot[bot]
  • build(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.1 (#4381) @dependabot[bot]
  • build(deps): bump codecov/codecov-action from 5.5.2 to 6.0.0 (#4388) @dependabot[bot]
  • build(deps): bump schneegans/dynamic-badges-action from 1.7.0 to 1.8.0 (#4393) @dependabot[bot]
  • build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (#4394) @dependabot[bot]
  • build(deps): bump github/codeql-action from 4.33.0 to 4.35.1 (#4395) @dependabot[bot]
  • update dependabot config (#4440) @blotus
  • build(deps): bump requests from 2.32.5 to 2.33.0 in /build/docker/test (#4389) @dependabot[bot]
  • build(deps): bump cryptography from 46.0.5 to 46.0.6 in /build/docker/test (#4391) @dependabot[bot]
  • build(deps): bump pygments from 2.19.2 to 2.20.0 in /build/docker/test (#4396) @dependabot[bot]

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

View release on GitHub
v1.7.7 New feature
Breaking changes
  • RE2 becomes default regex engine on Linux; fallback to Go regexp available via feature flag
Notable features
  • RE2 regex engine as default on Linux
  • Flexible AND/OR conditions in WAF rules
  • New alert kind attribute
View release on GitHub
v1.7.6 Bug fix

Single bug fix addressing integer overflow issue during parsing in command processing.

View release on GitHub
v1.7.5 Maintenance

Large internal refactoring improving code quality and maintainability. Reduced globals and closures, modernized dependencies, enhanced test coverage, and refactored multiple core modules without breaking changes.

View release on GitHub

Beta — feedback welcome: [email protected]