Assemblyline

Malware Archive - Frontend

- Updated the TagSection;
- Added memo to all GridTable components;
- Created the TabContainer to handle the tab navigation for the ArchiveDetail and FileViewer page.
- Created the SectionContainer to handle the section actions for all File Sections components.

- Added API to check for tag/signatures in safelist and badlist
- Have the action menu check if tags are in the safe/bad list

- Fix safelist API tests

- Added manual adding/editing of safelist items

Malware Archive - Frontend

- Added the GridTable components;
- Added the TagSection component that shows the tags in a table format;
- Added the image tab to the detail page;
- Fixed some issue with the tab routing;
- Modified the Verdict component to have the verdict string in its props.

Refang URL during submission via ingest and submit APIs

v4.4.0.stable91
Malware Archive (beta)
New Malware Archive view for files that have been sent to the archive.
- File centric view
- Support for labeling files
- Support for adding comments to file
- Allow for quick tag pivoting
- Easily find files that are related (parent, children, similar hashes and having the same vectors)

OpenAI LLM Support
Added preliminary support for LLM integration with Assemblyline, this allows the user to:

- Create hybrid reports where a summary and detailled analysis is generated by the LLM model
- Summarize the Assemblyline analysis for a full sumbssion or a single file
- Analyse a snippet of code to help a user understand what the code does


v4.4.0.stable90
Features

- [Time-Bound Hash Lists](https://github.com/CybercentreCanada/assemblyline/issues/82)
- This will introduce setting an expiry for items in both hash lists (safe & bad)
- [Add the ability to add/modify item in the safe/bad lists for the](https://github.com/CybercentreCanada/assemblyline/issues/144)
- Add tag for imported packages in JAR files (`file.jar.imported_package`)

Bugfixes
- Invalidate update source caching if URI changes
- Prevent the UI to add an item to the safe/bad list twice
- Don't crash if you can't reclassify the documents related to a submission, leave the documents unchanged
- Lucene: Assess numbers as numerical values before assuming they are dates

Optimizations

- Speed up OCR string detection by doing substring comparison rather than using regex
- Improve source update process for service updaters
- Additional environment-based configurations added for setting retry properties
- Cache file existence checks when handling duplicate files in task
- Related to: [Performance degradation / Services stuck on downloading task file after upgrade to stable89](https://github.com/CybercentreCanada/assemblyline/issues/167)
- Remove unnecessary connection resets to the datastore

v4.4.0.stable89
Bugfix

- Freshen files during cache hit
- Make sure files are present in the filestore before calling a cache hit valid
- Bring back defanged URL support in Ingest and Submit APIs

Optimizations

- Change the query for the ontology APIs to make it faster
- Added APMAwareThreadpoolExecutor for better APM reporting
- Amazon S3 optimizations in filestore
- SFTP optimizations in filestore
- Faster filestore.get method for all filestore types