Releases: DataDog/lemur
Releases · DataDog/lemur
1.0.0-dd.49
- Bump COA wheel to 0.1.33: fixes empty plugin dropdowns in Lemur UI
- Mark sync_all_sources success only after chain completes
- Rename clear_sync_chain_flag to complete_sync_chain
1.0.0-dd.48
- Fix retry_throttled in elb.py and iam.py to not retry SoftTimeLimitExceeded (from upstream Netflix/lemur 05fce21)
- Redis guard to prevent overlapping sync chains
- sync_source soft_time_limit lowered from 2h to 15min
- Catch-all exception handler so chain never breaks on a failed sync
1.0.0-dd.47
Chain source syncs sequentially to prevent celery queue flooding (#242)
1.0.0-dd.46
- Move dd-source packages to separate requirements-dd-source.in, fixes dd_internal_authentication 1.9.0 not being installed (#240)
- Fix API key expiration bugs (#241)
Full Changelog: 1.0.0-dd.45...1.0.0-dd.46
1.0.0-dd.45
- Fix destination validation to allow same account with different paths (#238)
- Bump COA wheel to 0.1.30 and dd_internal_authentication to 1.9.0 (#237)
- Add version pin comment for dd_internal_authentication (#235)
- Add break-glass role for certificate body and private key access (#234)
- Add runtime-dna as codeowner (#232)
Full Changelog: 1.0.0-dd.44...1.0.0-dd.45
1.0.0-dd.44
- Bump COA wheel to 0.1.28, install dd_internal_authentication separately (#231)
- Dockerfile now installs dd-source wheels from requirements-datadog.in (single source of truth for versions)
- Recompiled all requirements with pip-compile -U
Full Changelog: 1.0.0-dd.43...1.0.0-dd.44
1.0.0-dd.43
- Restructure requirements for easier upstream syncing (#222)
- Local lemur development setup improvements (#220)
- Only show full API key if user is admin (#218)
- Log when a destination is added to a certificate during source sync (#217)
- Source destination improvements (#215)
Full Changelog: 1.0.0-dd.42...1.0.0-dd.43
1.0.0-dd.42
1.0.0-dd.42
This tag was signed with the committer’s verified signature.
simnyc
Simon Morand
Security vulnerability fixes for SVBD-341
- CVE-2023-30797 (GHSA-5fqv-mpj8-h7gm): Fixed insecure random generation by replacing random module with secrets module for cryptographic operations
- Updated python-ldap to 3.4.5 (CVE-2025-61911, CVE-2025-61912)
- Updated jinja2 to 3.1.6 (CVE-2024-56201, CVE-2024-56326, CVE-2025-27516)
- Updated requests to 2.32.5 (CVE-2024-47081)
- Updated h11 to 0.16.0 (CVE-2025-43859)
- Updated Flask-Cors to 6.0.2 (CVE-2024-6839, CVE-2024-6844, CVE-2024-6866)
Frontend dependency updates:
- Updated Angular from 1.4.9 to 1.8.0
- Updated Chart.js from 1.0.2 to 2.9.4
- Updated angular-chart.js from 0.8.8 to 1.1.1
Full Changelog: 1.0.0-dd.41...1.0.0-dd.42
1.0.0-dd.41
1.0.0-dd.41
This tag was signed with the committer’s verified signature.
maperu
Maxime Perusse
- vuln fix (CVE-2025-50817) by @maperu
- run precommits and fix issues with getting images signed by @evan-datadog
Full Changelog: 1.0.0-dd.40...1.0.0-dd.41
Contributors
maperu and evan-datadog
Assets 2
1.0.0-dd.40
What's Changed
Full Changelog: 1.0.0-dd.39...1.0.0-dd.40
Contributors
maperu