
Features
- feat: sandbox clean action
- feat: integrate os.Root with fs handling with syscall hardening
Fixes
- fix: improve panic err optics
Refactors
- refactor: harden http and s3 post body handling
- refactor: sysd template engine
Tests
- test: remove local s3 when mocked
- test: skip s3 if no cfg
- test: uplift all tests for os.Root compatibility
CI
- ci: fix golangci third_party exclude
- ci: refactor gh workflows
Dependencies
- dep: go 1.25
Docs
- docs: bump download release
Today's release 1.5.0 is large at 10 000 line changes. It introduces powerful features, paired with rigid security hardening. Malware cleaning is now sandboxed and file handling is more secure with integration of os.Root. Users with our developer time have already had their integrations uplifted before this version, please contact us if we can help. Alerting now has slack added as an integration and the sysd install process has been converted to be template driven. Recent cPanel vulnerabilities have demonstrated our solutions. Everyone can be protected.
Further information is available at the GitHub release or project page.
