Releases: slimtoolkit/slim
Improved xray and build, new Docker Engine version support
New Features
- New
build
command flags (--include-dir-bins
and--include-ssh-client
). - Simple
images
command to list container images.
Improvements
- OCI image format support in
xray
. - Improved
xray
command reports to include object type information.
Bug Fixes
- Fixes and dependency updates to support the new Docker Engine version (25.x).
Binaries
See the INSTALLATION
section in the README
: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation
Sensor artifact post-processing bug fix
Bug Fixes
- Sensor artifact (post-)processing bug fix for additional PT generated artifacts.
Binaries
See the INSTALLATION
section in the README
: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation
Enhanced Monitor Data Event Log (mondel)
Improvements
- Added command parameter information to process events in
mondel
. - Enhanced
mondel
event capture to prevent event data loss on sensor shutdown.
Binaries
See the INSTALLATION
section in the README
: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation
Simple container registry server and vulnerability EPSS lookup/query capabilities
New Features
- New
vulnerability
command and theepss
subcommand to lookup EPSS scores for vulnerabilities. - Simple
registry server
command to have a local OCI registry (thank you Sarvesh Raj, @sarveshraj, for your contribution!). - Simple
registry push
command to push local images to a registry. - Simple
images
command to list container images. - RPM packaging for the apps (thank you Rohan Jamadagni, @Rohansjamadagni, for your contribution!)
Improvements
- Enhanced
registry pull
command to pull images from authenticated registries. quiet
mode improvements (WIP) to hide the standard execution context output when it's enabled.quiet
mode for theimages
command.- Interactive prompt updates to include the
images
,registry
andvulnerability
commands and a couple of global flags. - Monitor Data Event Log (mondel) enhancement to improve the write path.
Binaries
See the INSTALLATION
section in the README
: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation
Multi-arch images, listing container images, improved minification
New Features
- Simple
registry image-index-create
command to create multi-architecture images. - Simple
images
command to list container images.
Improvements
- Improved ptmon syscall handling.
- Enhanced
mondel
events with timestamps and sequence numbers. - Extra docker socket validation checks.
- Version info on exit/failure.
- Temp container cleanup improvements.
- ARM image build scripts for the containerized distribution.
Bug Fixes
- Websocket http probe bug fix.
- Various ptmon bug fixes.
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim
Minor features and improvements for xray, build, profile and debug as well as minor new sensor features
New Features
- Sensor
control
commands to control sensor execution when running in the standalone mode (first command:stop-target-app
). xray
- detect system identities (users, groups) and their properties (--detect-identities
flag, enabled by default).build
- Keep the OS/libc zoneinfo data (--include-zoneinfo
flag, disabled by default).build
/profile
- Mon(itor) Data Event Log (akamondel
) - optional data event log for sensor monitors to log/stream monitor events (--enable-mondel
main app flag,--mondel
/-n
sensor flag(s)).
Improvements
target-app-running
sensor lifecycle hook.build
/profile
:--env-file
to load env vars from a file.build
/profile
: basic input validation to ignore malformed env var data for the--env
flag.build
: Using internal output image builder by default (--image-build-engine
flag)- Renamed the reverse engineered Dockerfile from
Dockerfile.fat
toDockerfile.reversed
(the reversed Dockerfile is also saved with the old name for backward compatibility
Bug Fixes
- Various bug fixes (see commits/PRs for details)
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim
Minor features and improvements for xray, build, profile and debug as well as minor new sensor features
New Features
- Sensor
control
commands to control sensor execution when running in the standalone mode (first command:stop-target-app
). xray
- detect system identities (users, groups) and their properties (--detect-identities
flag, enabled by default).build
- Keep the OS/libc zoneinfo data (--include-zoneinfo
flag, disabled by default).build
/profile
- Mon(itor) Data Event Log (akamondel
) - optional data event log for sensor monitors to log/stream monitor events (--enable-mondel
main app flag,--mondel
/-n
sensor flag(s)).
Improvements
target-app-running
sensor lifecycle hook.build
/profile
:--env-file
to load env vars from a file.build
/profile
: basic input validation to ignore malformed env var data for the--env
flag.build
: Using internal output image builder by default (--image-build-engine
flag)- Renamed the reverse engineered Dockerfile from
Dockerfile.fat
toDockerfile.reversed
Bug Fixes
- Various bug fixes (see commits/PRs for details)
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim
Improved `debug` command with new capabilities and enhanced UX
Improvements
- Auto-complete in the interactive
prompt
mode for the target, namespace, pod and session flags - Interactive
debug
command terminal that runs as if you are connected directly to the target image you are debugging (enabled by default) - Basic sessions for
debug
command - Ability to show logs for the existing
debug
command sessions - More
debug
command flags (see README) - README docs updates for the
debug
command
Bug Fixes
- Many
debug
command bug fixes
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim
Debug command refresh and kubernetes support, appbom command, bug fixes
New Features
- Kubernetes runtime support for the
debug
command appbom
command in the main app and--appbom
flag in the sensormerge
command to merge two container images (optimized to merge two minified images)
Improvements
- More
debug
command flags - README docs for the
debug
command - Ability to detect the Docker Desktop unix socket
- Code and logging cleanup
Bug Fixes
- Sensor volume fix for sensor symlinks (to address the Homebrew installed problems with sensor)
- Various dependency updates to get security fixes
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim
Bug fixes and the experimental obfuscate-metadata build command flag to confuse vulnerability scanners
Improvements
- New experimental
build
command flag to prevent the vulnerability scanners from discovering the metadata they need to identify the vulnerabilities (--obfuscate-metadata
) inspired by theMalicious Compliance
KubeCon EU 2023 talk
Bug Fixes
- HEALTHCHECK instruction decoding enhancements to handle the data generated by buildah
- fsutil format string bug fix
Binaries
Build them from source or download from a CDN location:
- Linux
- Linux ARM
- Linux ARM64
- Mac
- Mac M1
- Containerized:
docker pull dslim/slim