Skip to content

3.0.1 Release#3271

Draft
liquidsec wants to merge 109 commits into
stablefrom
dev
Draft

3.0.1 Release#3271
liquidsec wants to merge 109 commits into
stablefrom
dev

Conversation

@liquidsec

Copy link
Copy Markdown
Collaborator

No description provided.

dependabot Bot and others added 15 commits July 8, 2026 14:02
Bumps [griffe](https://github.com/mkdocstrings/griffe) from 1.15.0 to 2.1.0.
- [Release notes](https://github.com/mkdocstrings/griffe/releases)
- [Changelog](https://github.com/mkdocstrings/griffe/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/griffe@1.15.0...2.1.0)

---
updated-dependencies:
- dependency-name: griffe
  dependency-version: 2.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [websockets](https://github.com/python-websockets/websockets) from 15.0.1 to 16.0.
- [Release notes](https://github.com/python-websockets/websockets/releases)
- [Commits](python-websockets/websockets@15.0.1...16.0)

---
updated-dependencies:
- dependency-name: websockets
  dependency-version: '16.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 4.5.1 to 4.6.0.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.5.1...v4.6.0)

---
updated-dependencies:
- dependency-name: pre-commit
  dependency-version: 4.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pip](https://github.com/pypa/pip) from 26.0.1 to 26.1.2.
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@26.0.1...26.1.2)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: 26.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 7.0.0 to 7.1.0.
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

---
updated-dependencies:
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [mike](https://github.com/jimporter/mike) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/jimporter/mike/releases)
- [Changelog](https://github.com/jimporter/mike/blob/master/CHANGES.md)
- [Commits](jimporter/mike@v2.1.3...v2.2.0)

---
updated-dependencies:
- dependency-name: mike
  dependency-version: 2.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [idna](https://github.com/kjd/idna) from 3.11 to 3.18.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md)
- [Commits](kjd/idna@v3.11...v3.18)

---
updated-dependencies:
- dependency-name: idna
  dependency-version: '3.18'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…griffe-2.1.0

Bump griffe from 1.15.0 to 2.1.0
…websockets-16.0

Bump websockets from 15.0.1 to 16.0
…pre-commit-4.6.0

Bump pre-commit from 4.5.1 to 4.6.0
Bumps [pytest-rerunfailures](https://github.com/pytest-dev/pytest-rerunfailures) from 16.1 to 16.4.
- [Changelog](https://github.com/pytest-dev/pytest-rerunfailures/blob/master/CHANGES.rst)
- [Commits](pytest-dev/pytest-rerunfailures@16.1...16.4)

---
updated-dependencies:
- dependency-name: pytest-rerunfailures
  dependency-version: '16.4'
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [maturin](https://github.com/pyo3/maturin) from 1.13.3 to 1.14.1.
- [Release notes](https://github.com/pyo3/maturin/releases)
- [Changelog](https://github.com/PyO3/maturin/blob/main/Changelog.md)
- [Commits](PyO3/maturin@v1.13.3...v1.14.1)

---
updated-dependencies:
- dependency-name: maturin
  dependency-version: 1.14.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…maturin-1.14.1

Bump maturin from 1.13.3 to 1.14.1
@liquidsec
liquidsec marked this pull request as draft July 8, 2026 17:33
liquidsec added 2 commits July 8, 2026 13:34
…pytest-rerunfailures-16.4

Bump pytest-rerunfailures from 16.1 to 16.4
…pytest-cov-7.1.0

Bump pytest-cov from 7.0.0 to 7.1.0
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

📊 Performance Benchmark Report

Comparing stable (baseline) vs dev (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.28ms 4.24ms -1.0%
Bloom Filter Large Scale Dns Brute Force 18.30ms 18.29ms -0.0%
Large Closest Match Lookup 364.20ms 362.50ms -0.5%
Realistic Closest Match Workload 191.37ms 190.28ms -0.6%
Event Memory Medium Scan 1402 B/event 1402 B/event +0.0%
Event Memory Large Scan 1527 B/event 1527 B/event +0.0%
Event Validation Full Scan Startup Small Batch 406.21ms 424.97ms +4.6%
Event Validation Full Scan Startup Large Batch 543.32ms 544.75ms +0.3%
Make Event Autodetection Small 25.44ms 26.07ms +2.5%
Make Event Autodetection Large 260.65ms 266.78ms +2.4%
Make Event Explicit Types 11.38ms 11.62ms +2.2%
Excavate Single Thread Small 4.362s 4.168s -4.5%
Excavate Single Thread Large 10.092s 9.965s -1.3%
Excavate Parallel Tasks Small 4.542s 4.344s -4.4%
Excavate Parallel Tasks Large 6.687s 6.526s -2.4%
Intercept Throughput Small 882.87ms 872.80ms -1.1%
Intercept Throughput Medium 881.42ms 930.44ms +5.6%
Dns Throughput Quiet 2.762s 2.741s -0.8%
Dns Throughput Loaded 1.810s 1.969s +8.8%
Dns Throughput Inherited 2.465s 2.511s +1.9%
Is Ip Performance 2.35ms 2.34ms -0.2%
Make Ip Type Performance 230.18µs 242.45µs +5.3%
Mixed Ip Operations 2.40ms 2.47ms +3.0%
Memory Use Web Crawl 1.0 MB 1.0 MB +0.0%
Memory Use Subdomain Enum 28.3 MB 28.3 MB +0.0%
Memory Use Deep Chain 5.0 MB 5.0 MB +0.0%
Memory Use Parallel Chains 11.0 MB 13.7 MB +24.5% 🔴🔴🔴 ⚠️
Scan Throughput 100 2.844s 2.934s +3.2%
Scan Throughput 1000 20.807s 21.519s +3.4%
Typical Queue Shuffle 5.38µs 5.44µs +1.0%
Priority Queue Shuffle 26.25µs 26.10µs -0.6%

🎯 Performance Summary

! 1 regression ⚠️
  30 unchanged ✅

🔍 Significant Changes (>10%)

  • Memory Use Parallel Chains: 24.5% 🐌 more memory

🐍 Python Version 3.11.15

@codecov

codecov Bot commented Jul 8, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 97.44898% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 90%. Comparing base (5355bd1) to head (efa5adc).

Files with missing lines Patch % Lines
...est_step_2/module_tests/test_module_virtualhost.py 96% 3 Missing ⚠️
bbot/modules/waf_bypass.py 89% 1 Missing ⚠️
bbot/test/test_step_1/test_validate_preset.py 91% 1 Missing ⚠️
Additional details and impacted files
@@           Coverage Diff           @@
##           stable   #3271    +/-   ##
=======================================
+ Coverage      90%     90%    +1%     
=======================================
  Files         450     450            
  Lines       46100   46285   +185     
=======================================
+ Hits        41347   41547   +200     
+ Misses       4753    4738    -15     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

liquidsec and others added 10 commits July 8, 2026 16:26
…mike-2.2.0

Bump mike from 2.1.3 to 2.2.0
…pip-26.1.2

Bump pip from 26.0.1 to 26.1.2
Raw control bytes (e.g. 0x0e Shift Out) in scan data could flip the
terminal into its line-drawing charset, garbling all later output.
Sanitize scan-derived text at the console boundaries (stderr log
formatter, stdout module, log_to_stderr) via a shared make_printable().
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.6.3...2.7.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
liquidsec and others added 30 commits July 12, 2026 17:57
…werkzeug-3.1.8

Bump werkzeug from 3.1.5 to 3.1.8
…ansible-runner-2.4.3

Bump ansible-runner from 2.4.2 to 2.4.3
…xxhash-3.8.1

Bump xxhash from 3.6.0 to 3.8.1
…ruff-0.15.21

Bump ruff from 0.15.20 to 0.15.21
…dnspython-2.8.0

Bump dnspython from 2.7.0 to 2.8.0
…deepdiff-9.1.0

Bump deepdiff from 8.6.2 to 9.1.0
…regex-2026.7.10

Bump regex from 2026.1.15 to 2026.7.10
…mkdocstrings-python-2.0.5

Bump mkdocstrings-python from 2.0.2 to 2.0.5
…mkdocs-material-9.7.6

Bump mkdocs-material from 9.7.1 to 9.7.6
`_minimize()` wiped `_resolved_hosts` on the parent DNS_NAME once its consumers
finished, which starved `dnsresolve` line 156 when child URL / OPEN_TCP_PORT
events later reached it. Without the parent's IPs on the child, cloudcheck's
per-host inheritance filter had nothing to match against and the cloud tags
never propagated. Stop wiping `_resolved_hosts` in `_minimize()`: it is a
small frozenset that the memory optimization was not really targeting.

Also updates the modules still checking the pre-f561bda1e composed tags
(`cdn-cloudflare`, `waf-cloudflare`, `cdn-imperva`, `cdn-akamai`,
`cdn-cloudfront`) to key off the flat provider name that cloudcheck now emits.

Regression tests cover both sides: cloudcheck asserts `_minimize()` preserves
resolved_hosts and that URL / OPEN_TCP_PORT children inherit cloud tags;
waf_bypass asserts both cloudflare and imperva tags trigger protection
detection; virtualhost asserts each of the four flat provider names causes
filter_event to skip the URL.
…ag-fixes

restore cloudcheck tag propagation to URL/OPEN_TCP_PORT children
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.21 to 0.15.22.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.21...0.15.22)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.22
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pytest-env](https://github.com/pytest-dev/pytest-env) from 1.1.5 to 1.6.0.
- [Release notes](https://github.com/pytest-dev/pytest-env/releases)
- [Commits](pytest-dev/pytest-env@1.1.5...1.6.0)

---
updated-dependencies:
- dependency-name: pytest-env
  dependency-version: 1.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.7.6 to 9.7.7.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.7.6...9.7.7)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [beautifulsoup4](https://www.crummy.com/software/BeautifulSoup/bs4/) from 4.14.3 to 4.15.0.

---
updated-dependencies:
- dependency-name: beautifulsoup4
  dependency-version: 4.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) from 0.30.1 to 1.0.6.
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/mkdocstrings@0.30.1...1.0.6)

---
updated-dependencies:
- dependency-name: mkdocstrings
  dependency-version: 1.0.6
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.5 to 2.13.4.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.12.5...v2.13.4)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.13.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [cachetools](https://github.com/tkem/cachetools) from 6.2.6 to 7.1.4.
- [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst)
- [Commits](tkem/cachetools@v6.2.6...v7.1.4)

---
updated-dependencies:
- dependency-name: cachetools
  dependency-version: 7.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
…cachetools-7.1.4

Bump cachetools from 6.2.6 to 7.1.4
…ruff-0.15.22

Bump ruff from 0.15.21 to 0.15.22
…pydantic-2.13.4

Bump pydantic from 2.12.5 to 2.13.4
…mkdocstrings-1.0.6

Bump mkdocstrings from 0.30.1 to 1.0.6
…mkdocs-material-9.7.7

Bump mkdocs-material from 9.7.6 to 9.7.7
…pytest-env-1.6.0

Bump pytest-env from 1.1.5 to 1.6.0
…beautifulsoup4-4.15.0

Bump beautifulsoup4 from 4.14.3 to 4.15.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants