{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":252686903,"defaultBranch":"main","name":"event-generator","ownerLogin":"falcosecurity","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2020-04-03T09:23:44.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/42391047?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1726847152.0","currentOid":""},"activityList":{"items":[{"before":"36042163b424d3855dcb9568d002a2de23e402a9","after":"f0a403cb8bb75b717da91c3aacc4f620044588e1","ref":"refs/heads/main","pushedAt":"2024-09-23T15:32:02.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"increase timeout for syscall.DisallowedSSHConnectionNonStandardPort\n\nSigned-off-by: Predrag Rogic <prezha@users.noreply.github.com>","shortMessageHtmlLink":"increase timeout for syscall.DisallowedSSHConnectionNonStandardPort"}},{"before":"58fcb704dc16261a22b3dc1e78b0746bb9eed27a","after":null,"ref":"refs/heads/fix/disable-not-stable-rules","pushedAt":"2024-09-20T15:45:52.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"}},{"before":"490b030b246588a9648293e162c8eed37e9f3f01","after":"36042163b424d3855dcb9568d002a2de23e402a9","ref":"refs/heads/main","pushedAt":"2024-09-20T15:45:51.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"update(events): disable PotentialLocalPrivilegeEscalationViaEnvironmentVariablesMisuse\n\nSince it is not in the stable ruleset:\nhttps://github.com/falcosecurity/rules/blob/b6ad37371923b28d4db399cf11bd4817f923c286/rules/falco-incubating_rules.yaml#L1263-L1276\n\nSigned-off-by: Leonardo Grasso <me@leonardograsso.com>","shortMessageHtmlLink":"update(events): disable PotentialLocalPrivilegeEscalationViaEnvironme…"}},{"before":null,"after":"58fcb704dc16261a22b3dc1e78b0746bb9eed27a","ref":"refs/heads/fix/disable-not-stable-rules","pushedAt":"2024-09-20T15:40:24.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"leogr","name":"Leonardo Grasso","path":"/leogr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3390997?s=80&v=4"},"commit":{"message":"update(events): disable PotentialLocalPrivilegeEscalationViaEnvironmentVariablesMisuse\n\nSince it is not in the stable ruleset:\nhttps://github.com/falcosecurity/rules/blob/b6ad37371923b28d4db399cf11bd4817f923c286/rules/falco-incubating_rules.yaml#L1263-L1276\n\nSigned-off-by: Leonardo Grasso <me@leonardograsso.com>","shortMessageHtmlLink":"update(events): disable PotentialLocalPrivilegeEscalationViaEnvironme…"}},{"before":"7b0dab5d35e270084e84f2ba2156ae385feea3b6","after":"490b030b246588a9648293e162c8eed37e9f3f01","ref":"refs/heads/main","pushedAt":"2024-09-20T15:14:51.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"use setup-go v3 gh action with go v1.23.1\n\nSigned-off-by: Predrag Rogic <prezha@users.noreply.github.com>","shortMessageHtmlLink":"use setup-go v3 gh action with go v1.23.1"}},{"before":"5a356c187bba840d8a7a928d4f22c035d764e018","after":"96c64fde266789de00d2d5e632ffee433ec85ebc","ref":"refs/heads/gsoc2024","pushedAt":"2024-08-22T06:01:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Added declarative subcommadn for test command\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Added declarative subcommadn for test command"}},{"before":"94493f2071c3ff9d925bd3d047f04ee0379b42a5","after":"5a356c187bba840d8a7a928d4f22c035d764e018","ref":"refs/heads/gsoc2024","pushedAt":"2024-08-19T07:58:58.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"LucaGuerra","name":"Luca Guerra","path":"/LucaGuerra","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/35580196?s=80&v=4"},"commit":{"message":"Added helpers for sup and ptrace syscalls\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Added helpers for sup and ptrace syscalls"}},{"before":"339f11a572a892debf99732fde2321ee5f45c5eb","after":"94493f2071c3ff9d925bd3d047f04ee0379b42a5","ref":"refs/heads/gsoc2024","pushedAt":"2024-08-05T08:07:27.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"LucaGuerra","name":"Luca Guerra","path":"/LucaGuerra","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/35580196?s=80&v=4"},"commit":{"message":"Implement ExecuteStep method for the container runner\nUpdated the file structure in declarative package\nAdded a helper function createTarReader which helps in copying files into the container\nCopied event-generator executable into the container\nRefactored setup and cleanup methods of the container runner\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Implement ExecuteStep method for the container runner"}},{"before":"8356c824ce8794864a8e159cd902c8db0e40ef58","after":"7b0dab5d35e270084e84f2ba2156ae385feea3b6","ref":"refs/heads/main","pushedAt":"2024-07-25T08:10:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Added an event for default stable rule Detect release_agent File Container Escapes\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Added an event for default stable rule Detect release_agent File Cont…"}},{"before":"298059d68236a7555f52d462b54c140868d29b34","after":"8356c824ce8794864a8e159cd902c8db0e40ef58","ref":"refs/heads/main","pushedAt":"2024-07-18T15:39:35.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Fix: Updated function name to the correct rule name\n\nSigned-off-by: GLVSKiriti <116095646+GLVSKiriti@users.noreply.github.com>","shortMessageHtmlLink":"Fix: Updated function name to the correct rule name"}},{"before":"5bd71c8d26d40275dab6f2dacbef78eee5809a2e","after":"339f11a572a892debf99732fde2321ee5f45c5eb","ref":"refs/heads/gsoc2024","pushedAt":"2024-07-18T07:00:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Add container runner support\n\nAdded setup and cleanup methods for container runner\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Add container runner support"}},{"before":"7b4101438d6be9c76afc65e74b80452c66ed4641","after":"298059d68236a7555f52d462b54c140868d29b34","ref":"refs/heads/main","pushedAt":"2024-06-20T08:32:12.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Added an event for default rule sudo potential privilege escalation\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Added an event for default rule sudo potential privilege escalation"}},{"before":"883cdf369aaa04d2cb2ba46bcc5a791bbcb01111","after":"5bd71c8d26d40275dab6f2dacbef78eee5809a2e","ref":"refs/heads/gsoc2024","pushedAt":"2024-06-18T07:45:03.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"feat(declarative): add support for declarative testing using YAML\n\n- Added a new subcommand declarative for run command\n- Implemented parsing of YAML test files\n- Added HostRunner for executing tests on the host\n- Setup and Cleanup scripts execution\n- Steps execution for write syscall\n- Added detailed error handling and logging\n- Ensure continuation of test even if one fails\n- Added required helpers to test rule Write Below Root and Write Below Etc\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"feat(declarative): add support for declarative testing using YAML"}},{"before":"883cdf369aaa04d2cb2ba46bcc5a791bbcb01111","after":"7b4101438d6be9c76afc65e74b80452c66ed4641","ref":"refs/heads/main","pushedAt":"2024-06-17T09:55:00.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"docs(OWNERS): add alacuku (Aldo Lacuku) to approvers\n\nSigned-off-by: Aldo Lacuku <aldo@lacuku.eu>","shortMessageHtmlLink":"docs(OWNERS): add alacuku (Aldo Lacuku) to approvers"}},{"before":null,"after":"883cdf369aaa04d2cb2ba46bcc5a791bbcb01111","ref":"refs/heads/gsoc2024","pushedAt":"2024-06-07T10:46:14.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"leogr","name":"Leonardo Grasso","path":"/leogr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3390997?s=80&v=4"},"commit":{"message":"Update events/syscall/mount_launched_in_privileged_container.go\n\nCo-authored-by: Federico Di Pierro <nierro92@gmail.com>\nSigned-off-by: Kapil Sharma <ks3913688@gmail.com>","shortMessageHtmlLink":"Update events/syscall/mount_launched_in_privileged_container.go"}},{"before":"c2adca2b6158b3f14db44eedee461fa5b4445b32","after":"883cdf369aaa04d2cb2ba46bcc5a791bbcb01111","ref":"refs/heads/main","pushedAt":"2024-05-20T07:19:10.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Update events/syscall/mount_launched_in_privileged_container.go\n\nCo-authored-by: Federico Di Pierro <nierro92@gmail.com>\nSigned-off-by: Kapil Sharma <ks3913688@gmail.com>","shortMessageHtmlLink":"Update events/syscall/mount_launched_in_privileged_container.go"}},{"before":"ebc6f6ceaf2f3c8278d1461509bd5b40b7c0e88a","after":"c2adca2b6158b3f14db44eedee461fa5b4445b32","ref":"refs/heads/main","pushedAt":"2024-05-14T08:23:46.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on interpreted procs inbound network activity\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nadding an event on interpreted procs inbound network activity\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\ncommits squashed\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nsqaushing commits\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on interpreted procs inbound network activity"}},{"before":"9a20da3eb327fb51613aa2774baf5709c650c674","after":"ebc6f6ceaf2f3c8278d1461509bd5b40b7c0e88a","ref":"refs/heads/main","pushedAt":"2024-05-10T07:48:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on modify container entrypoint\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nsquashed commits\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on modify container entrypoint"}},{"before":"7b0b5b97d8546f8fbbc799b2383c6b5020acba41","after":"9a20da3eb327fb51613aa2774baf5709c650c674","ref":"refs/heads/main","pushedAt":"2024-05-08T12:24:54.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on triggering rule\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nfinal\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on triggering rule"}},{"before":"7a5a8b8f1f5dfccab96f3bfba41daac56f121ab7","after":"7b0b5b97d8546f8fbbc799b2383c6b5020acba41","ref":"refs/heads/main","pushedAt":"2024-05-02T13:13:57.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on interpreted procs outbound network activity\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\ngit squashed\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on interpreted procs outbound network activity"}},{"before":"f032e36fba00d71e9196ac5d63afb518f7d081f2","after":"7a5a8b8f1f5dfccab96f3bfba41daac56f121ab7","ref":"refs/heads/main","pushedAt":"2024-04-30T16:07:51.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding event on triggering this rule\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\ncommits squashed\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding event on triggering this rule"}},{"before":"430966010670ca640d5d59de822419c3b1666e66","after":"f032e36fba00d71e9196ac5d63afb518f7d081f2","ref":"refs/heads/main","pushedAt":"2024-04-30T16:03:51.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on packet_socket_created_in_container\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nrebased\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on packet_socket_created_in_container"}},{"before":"dc15f1fa5f8e683d7951f7d98404b4af81727502","after":"430966010670ca640d5d59de822419c3b1666e66","ref":"refs/heads/main","pushedAt":"2024-04-24T14:24:25.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event"}},{"before":"d2d4264c9a173750b56c461f45e4399a4c294744","after":"dc15f1fa5f8e683d7951f7d98404b4af81727502","ref":"refs/heads/main","pushedAt":"2024-04-23T14:13:20.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Fix: os.Mkdir(\"/dev\") instead if os.Mkdir(\"/dev/shm\")\n\nAs os.Mkdir(\"/dev/shm\") returns error as /dev not exists so instead we should just create /dev and /dev/shm created in the next lines of code\n\nSigned-off-by: GLVSKiriti <116095646+GLVSKiriti@users.noreply.github.com>","shortMessageHtmlLink":"Fix: os.Mkdir(\"/dev\") instead if os.Mkdir(\"/dev/shm\")"}},{"before":"c2b6f3cb816c774ce310bc95bb6d99a551346375","after":"d2d4264c9a173750b56c461f45e4399a4c294744","ref":"refs/heads/main","pushedAt":"2024-04-23T14:11:20.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event for disallowed_ssh_connection_non_standard_port\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nfinal update\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event for disallowed_ssh_connection_non_standard_port"}},{"before":"40ac2b5bf5dbd17047c2604c4ad90bf339a6e436","after":"c2b6f3cb816c774ce310bc95bb6d99a551346375","ref":"refs/heads/main","pushedAt":"2024-04-23T14:10:21.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"adding an event on reading environment variable from /proc files\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>\n\nfinal\n\nSigned-off-by: h4l0gen <ks3913688@gmail.com>","shortMessageHtmlLink":"adding an event on reading environment variable from /proc files"}},{"before":"5f70ab6295d37a8e4068495af21e206c8eb11bc6","after":"40ac2b5bf5dbd17047c2604c4ad90bf339a6e436","ref":"refs/heads/main","pushedAt":"2024-04-12T07:15:31.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Fix: Ptrace call is detached after a ptrace call with traceme argument from child process\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Fix: Ptrace call is detached after a ptrace call with traceme argumen…"}},{"before":"939b3e05a3e7806101031d82866ad0d11c43ed83","after":"5f70ab6295d37a8e4068495af21e206c8eb11bc6","ref":"refs/heads/main","pushedAt":"2024-04-11T10:10:26.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Added documentation for the skipping actions due non-supported context\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Added documentation for the skipping actions due non-supported context"}},{"before":"b09fc0faa619c3805d306ce5c7d301473d046679","after":"939b3e05a3e7806101031d82866ad0d11c43ed83","ref":"refs/heads/main","pushedAt":"2024-04-09T10:03:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"update(pkg/runner/helper): SpawnAsWithSymlink and SpawnAs to copy the binary\n\nThis can be used to trigger rules that are based on proc.exepath rather than proc.name\nfor better detection purposes.\n\nSigned-off-by: Lorenzo Susini <susinilorenzo1@gmail.com>","shortMessageHtmlLink":"update(pkg/runner/helper): SpawnAsWithSymlink and SpawnAs to copy the…"}},{"before":"7bc50fb3b1993a69fce8e074c3bc702c77aa977b","after":"b09fc0faa619c3805d306ce5c7d301473d046679","ref":"refs/heads/main","pushedAt":"2024-04-09T09:05:15.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"poiana","name":"poiana","path":"/poiana","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/51138685?s=80&v=4"},"commit":{"message":"Create a new binary by copying it form existing binary instead of creating a new binary\n\nSigned-off-by: GLVS Kiriti <glvskiriti2003369@gmail.com>","shortMessageHtmlLink":"Create a new binary by copying it form existing binary instead of cre…"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0yM1QxNTozMjowMi4wMDAwMDBazwAAAAS-Jo-y","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNC0wOVQwOTowNToxNS4wMDAwMDBazwAAAAQryPjS"}},"title":"Activity · falcosecurity/event-generator"}