v1.6.5

What's Changed

• fix: systemd release CI by @Aryan-sharma11 in #2228
• fix(monitor): fix system monitor compilation on rhel kernels by @rksharma95 in #2234
• fix ci systemd by @Aryan-sharma11 in #2237
• remove certificate field by @Aryan-sharma11 in #2239
• Update STABLE-RELEASE to v1.6.4 by @rksharma95 in #2251
• fix(feeder/ci): prevent resource leaks on NewFeeder failure and enable CI coverage metrics by @GAURAV-DEEP01 in #2159
• test(usb): Add tests for USB Device Handler by @AryanBakliwal in #2217
• fix(controller): AppArmor enforcement not working when KubeArmor is deployed in namespaces other than kubearmor by @AryanBakliwal in #2260
• Add Style Guide for doc.holiday by @HighnessAtharva in #2208
• fix(monitor): loading issue on kernel 5.4 unbounded min value in map_value pointer arithmetic by @rksharma95 in #2266
• Support for private registry by @Aryan-sharma11 in #2269

New Contributors

• @GAURAV-DEEP01 made their first contribution in #2159

Full Changelog: v1.6.4...v1.6.5

v1.6.4

What's Changed

• docs: fix test script paths in testing guide by @fromsaurav in #2144
• Update STABLE-RELEASE to v1.6.3 by @rksharma95 in #2160
• Update Helm Chart To v1.6.3 by @github-actions[bot] in #2161
• fix action missing in syscall logs by @Aryan-sharma11 in #2169
• support for unorchestrated rootfull and rootless Podman using OCI hook by @itsCheithanya in #1874
• chore(ci): update github runners to oci gh arc runners by @koksay in #2145
• feat(monitor): Add USB Device Observability support by @AryanBakliwal in #2172
• stub: add release notes by @HighnessAtharva in #2184
• helm: correct tolerations indentation in operator template by @fromsaurav in #2138
• feat(operator): add support for nodeselector and env configuration using kubearmorconfig by @rksharma95 in #2187
• fix(KubeArmorOperator): moved imagePullSecrets to .Values.kubearmorOperator.image.imagePullSecrets by @FernandoPazCavalcante in #2190
• fix(operator): panic on node selector updation for controller by @rksharma95 in #2193
• feature:File Integrity hash matching with KubeArmor by @itsCheithanya in #2170
• docs(faq): alternatively use grubby to enable bpf-lsm on rhel by @rksharma95 in #2174
• chore(dependency): bump cilium/ebpf to fix btf parsing issue by @rksharma95 in #2200
• fix ci-test-controllers by @AryanBakliwal in #2202
• fix missing labels by @Aryan-sharma11 in #2197
• Refactor core functions to return error instead of bool by @fromsaurav in #2154
• fix go vuln by @Aryan-sharma11 in #2211
• fix(presets): update action field with preset alerts by @rksharma95 in #2210
• fix(images): add docker.io prefix to repository for CRI-O 1.34 compatibility by @parisnakitakejser in #2201
• feat(enforcer): Add USB Device Enforcement support by @AryanBakliwal in #2194
• feat: add EventData field to KubeArmor telemetry by @Ishaanj18 in #2204

New Contributors

• @fromsaurav made their first contribution in #2144
• @koksay made their first contribution in #2145
• @AryanBakliwal made their first contribution in #2172
• @FernandoPazCavalcante made their first contribution in #2190
• @parisnakitakejser made their first contribution in #2201
• @Ishaanj18 made their first contribution in #2204

Full Changelog: v1.6.3...v1.6.4

v1.6.3

Changelog

• 5fa9f44 Merge pull request #2156 from rksharma95/remove-bpf-d-path-helper
• e5677fc create a helper function to handle code duplication
• 62d1c0c remove bpf-d-path helper
• 1876cb6 Merge pull request #2157 from rksharma95/fix-system-monitor-ns-syscalls
• 2e67ee1 remove BTF dependency for system monitor

v1.6.2

Changelog

• 2d237f6 Merge pull request #2148 from rksharma95/fix-snitch-volume-deletion
• 49e6991 fix snitch volume mount deletion handling
• 9ce743c Merge pull request #2152 from rksharma95/revert-pr-1869
• d726fb6 Revert "Merge pull request #1869 from Aryan-sharma11/arg-matching"

v1.6.1

Changelog

• 34f6812 Merge pull request #2133 from rksharma95/systemd-release-ci
• ec9f99b increase sleep time to handle flaky test
• 2d088d3 update cri-o deb repository
• 8f99fa6 Fix: Prevent CI failure if coverage file is missing
• f65b95a cross compile system monitor for systemd release
• b9566a2 Merge pull request #2134 from rksharma95/fix-ebpf-arm64
• f835321 fix system monitor loading issue on arm64
• 438cc70 Merge pull request #2128 from Aryan-sharma11/trivyscan
• 9d3285e fix systemd release CI
• bbd6cd7 add seperate trivy scanning
• 3981500 remove trivy scan from release CI

v1.6.0

What's Changed

• feat(monitor): dns visibility at pod-level for egress traffic by @rksharma95 in #2039
• feat(preset): add protectProc preset by @rksharma95 in #2017
• Update STABLE-RELEASE to v1.5.7 by @rksharma95 in #2079
• Update Helm Chart To v1.5.7 by @github-actions[bot] in #2080
• scorecard fix by @Aryan-sharma11 in #2081
• feat: revise Hardening rule and Add preset rule by @harisudarsan1 in #2077
• add page: profiling kubearmor logs by @HighnessAtharva in #2084
• chore(enforcer): make command args part of alert resource by @rootxrishabh in #2019
• fix(monitor): check for absolute path only for process and file events by @rksharma95 in #2085
• feat(monitor): add an events channel to avoid event loss caused by delayed docker event processing by @slashexx in #2083
• Update multiubuntu.md by @noahabbott123 in #1871
• feat:update rbac for relay by @harisudarsan1 in #2092
• feat(bpflsm): add tty to enforcer alerts by @rootxrishabh in #2091
• feat(bpflsm): add kubearmor version to alerts by @rootxrishabh in #2095
• chore(chart): change tolerations value type to list by @rksharma95 in #2097
• Remove Karmor CLI binary from release package by @Aryan-sharma11 in #2098
• fix(csp): enforcement issue for pods created in newly created namespace by @rksharma95 in #2101
• USE AsserCommand instead of K8sExecInPod by @hellspawn679 in #1933
• feat : process arguments matching by @Aryan-sharma11 in #1869
• fix:(operator): Fix update functionality to recommend policies by @harisudarsan1 in #2093
• chore(manifest): remove matchArgs field by @rksharma95 in #2102
• feat(operator): add karmor.yaml into kubearmor configmap by @tesla59 in #1949
• fix(core): use informers to watch for pods by @rksharma95 in #2103
• docs(modelarmor): revamp landing page with use cases and flow diagrams by @HighnessAtharva in #2108
• docs/update-contributor-md by @harshitrwt in #2111
• feat(nodeID): add node_id from machine_id variable by @vishnusomank in #2110
• updated build file and workflow to scan image before pushing by @sanjay-ba in #2076
• fix: case-insensitive file name collision by @Aryan-sharma11 in #2115
• typo fix by @sanjay-ba in #2116
• fix for workflowdispatch by @Aryan-sharma11 in #2118
• fix for controller release CI by @Aryan-sharma11 in #2119
• feat(docs): add OCI hooks setup instructions by @rootxrishabh in #2120
• feat: Add support for containerd and crio hooks by @AbdelrahmanElawady in #1763
• fix by @Aryan-sharma11 in #2121
• ci workflow fix by @sanjay-ba in #2122
• chore(controller): upgrade controller dependencies to fix CVE-2025-22868 by @rksharma95 in #2124
• fix typo in operator ci by @sanjay-ba in #2127

New Contributors

• @harisudarsan1 made their first contribution in #2077
• @slashexx made their first contribution in #2083
• @noahabbott123 made their first contribution in #1871
• @hellspawn679 made their first contribution in #1933
• @harshitrwt made their first contribution in #2111
• @sanjay-ba made their first contribution in #2076

Full Changelog: v1.5.7...v1.6.0

v1.5.7

What's Changed

• stable release v1.5.6 by @Aryan-sharma11 in #2047
• Update Helm Chart To v1.5.6 by @github-actions in #2048
• chore: Fix controller-gen version in operator Makefile by @asharma0703 in #2043
• chore : update ubuntu version in CI by @Aryan-sharma11 in #2033
• fix(monitor): fix network event returned values by @rksharma95 in #2042
• feat(presets): identify container processes being part of external execution by @rksharma95 in #1991
• feat(workflow): add semvar check for systemd release by @rootxrishabh in #2026
• fix: context access for github script by @rootxrishabh in #2056
• add workflow dispatch by @Aryan-sharma11 in #2054
• fix: latest ci by @Aryan-sharma11 in #2059
• Remove default value from configuration option by @THE-BRAHMA in #2058
• Add ModelArmor Docs by @HighnessAtharva in #2052
• Add ModelArmor PDFs and Video by @HighnessAtharva in #2065
• feat: adding support for excluding labels in csp and ksp for endpoint matching by @Prateeknandle in #1999
• chore(deps): upgrade dependencies and go version by @rksharma95 in #2068
• chore(deps): pin net pkg to fixed version by @rksharma95 in #2071
• docs(contrib): add onboarding wiki for new KubeArmor contributors by @HighnessAtharva in #2075

New Contributors

• @THE-BRAHMA made their first contribution in #2058
• @HighnessAtharva made their first contribution in #2052

Full Changelog: v1.5.6...v1.5.7

v1.5.6

What's Changed

• chore: upgrade ci-systemd-release to 22.04 by @daemon1024 in #2041
• fix(feeder): remove default severity value assignment by @rksharma95 in #2040
• make kubearmor controller port configurable by @Aryan-sharma11 in #2046

Full Changelog: v1.5.5...v1.5.6

v1.5.5

What's Changed

• chore: conditional deployment of pod refresh controller by @Aryan-sharma11 in #2007
• improved the dev docs by @Manik2708 in #1824
• [bug] Fixed the panic for uninitialized docker daemon by @Manik2708 in #1958
• chore: Update STABLE-RELEASE to v1.5.4 by @rksharma95 in #2012
• chore: remove skip ci from ci-stable-release workflow by @Aryan-sharma11 in #2014
• fix: os.readlink memory overhead by @Aryan-sharma11 in #1996
• fix(deploy/helm): annotateExisting flag in helm chart by @daemon1024 in #2020
• chore: Upgrade dependencies by @Aryan-sharma11 in #2028

Full Changelog: v1.5.4...v1.5.5

v1.5.4

What's Changed

• chore: Update STABLE-RELEASE to v1.5.3 by @rksharma95 in #1977
• fix(helm): remove kube-rbac-proxy container annotation from Helm template by @asharma0703 in #1979
• [skip ci] Update Helm Chart To v1.5.3 by @github-actions[bot] in #1978
• docs/maintainer: changed maintainership affiliation by @nyrahul in #1990
• docs/support-matrix: AWS EKS auto mode by @nyrahul in #1993
• fix(operator): recommended policies deletion logic by @rootxrishabh in #1980
• feat(presets): add protectEnv preset and update presets api specification by @rksharma95 in #1995

Full Changelog: v1.5.3...v1.5.4