Onefuzz

Added

* Service: Added feature flag to toggle Azure DevOps work item processing [3353](https://github.com/microsoft/onefuzz/pull/3353)
* Service: Requeue Azure DevOps notifications when the feature flag for work item processing is set to 'disabled' [3358](https://github.com/microsoft/onefuzz/pull/3358)

Added

* Agent: Implemented `debuginfo` caching [3280](https://github.com/microsoft/onefuzz/pull/3280)

Changed

* Agent: Limit azcopy copy buffer to 512MB of RAM as the default maximum [3293](https://github.com/microsoft/onefuzz/pull/3293)
* Agent: Define local fuzzing tasks relationships through new templating model [3117](https://github.com/microsoft/onefuzz/pull/3117)
* Deployment: Replaced `--upgrade` flag with `--skip_aad_setup` flag in the deploy.py setup script [3345](https://github.com/microsoft/onefuzz/pull/3345)
* Service: Make `ServiceConfiguration` eagerly evaluated [3136](https://github.com/microsoft/onefuzz/pull/3136)
* Service: Improved `TimerRetention` performance through several UPN changes & fixes [3289](https://github.com/microsoft/onefuzz/pull/3289)

Fixed

* Agent: Fixed resolution of sibling .NET DLLs [3325](https://github.com/microsoft/onefuzz/pull/3325)
* Agent/Service: Bumped several C and Rust dependencies [3319](https://github.com/microsoft/onefuzz/pull/3319), [#3320](https://github.com/microsoft/onefuzz/pull/3320), [#3317](https://github.com/microsoft/onefuzz/pull/3317), [#3297](https://github.com/microsoft/onefuzz/pull/3297), [#3301](https://github.com/microsoft/onefuzz/pull/3301), [#3291](https://github.com/microsoft/onefuzz/pull/3291), [#3195](https://github.com/microsoft/onefuzz/pull/3195), [#3328](https://github.com/microsoft/onefuzz/pull/3328)
* CLI: Look for azcopy.exe in environment variable `AZCOPY` and determine if it's actually referencing a directory [3344](https://github.com/microsoft/onefuzz/pull/3344)
* CLI: Updated `repro get_files` to handle regression reports [3340](https://github.com/microsoft/onefuzz/pull/3340)
* CLI: Fixed missing `target_timeout` setting in the Libfuzzer basic template [3334](https://github.com/microsoft/onefuzz/pull/3334)
* CLI: Fixed false 'missing' dependency warning [3331](https://github.com/microsoft/onefuzz/pull/3331)
* CLI: Fixed the `debug notification test_template` command expecting a `task_id` [3308](https://github.com/microsoft/onefuzz/pull/3308)
* Deployment: Update App Registration redirect URIs if deployment uses a custom domain [3341](https://github.com/microsoft/onefuzz/pull/3341)
* Service: Fixed links in bugs filed from regression reports by populating `InputBlob` when possible [3342](https://github.com/microsoft/onefuzz/pull/3342)
* Service: Fixed several storage issues to improve platform performance and reduce spurious `404`s [3313](https://github.com/microsoft/onefuzz/pull/3313)
* Service: Added extra logging when `System.Title` is too long [3332](https://github.com/microsoft/onefuzz/pull/3332)
* Service: Render `System.Title` before trying to trim it to the max allowed size [3329](https://github.com/microsoft/onefuzz/pull/3329)
* Service: Differentiate `INVALID_JOB` and `INVALID_TASK` error codes [3318](https://github.com/microsoft/onefuzz/pull/3318)

Added

* Agent: Added tool to check source allowlists [3246](https://github.com/microsoft/onefuzz/pull/3246)
* Agent: Precache `debuginfo` analysis for target exe in coverage example [3225](https://github.com/microsoft/onefuzz/pull/3225)
* Agent/CLI/Service: Allow tasks environment variables to be set [3294](https://github.com/microsoft/onefuzz/pull/3294)
* CLI/Service: Correlate cli to service to facilitate event lookups in AppInsights [3137](https://github.com/microsoft/onefuzz/pull/3137)
* CLI: Added `--target_timeout` flag for qemu_user template command [3277](https://github.com/microsoft/onefuzz/pull/3277)
* Documentation: Updated Threat Model [3215](https://github.com/microsoft/onefuzz/pull/3215)
* Service: Added optional `Unless` condition when updating/re-opening Work Items [3227](https://github.com/microsoft/onefuzz/pull/3227)
* Service: Include the task ID in the prerequisite task failure message [3219](https://github.com/microsoft/onefuzz/pull/3219)
* Service: Added events retention policy passed-integration-tests [3186](https://github.com/microsoft/onefuzz/pull/3186)

Changed

* Agent: Shrink published Rust debug info [3247](https://github.com/microsoft/onefuzz/pull/3247), [#3252](https://github.com/microsoft/onefuzz/pull/3252)
* Agent: Get rid of yanked hermit-abi versions [3270](https://github.com/microsoft/onefuzz/pull/3270)
* Documentation: Updated coverage docs to use correct quotes [3279](https://github.com/microsoft/onefuzz/pull/3279)
* Service: Better errors from Download: Make `GetFileSasUrl` nullable [3229](https://github.com/microsoft/onefuzz/pull/3229)
* Service: Changed template rendering from async to synchronous [3241](https://github.com/microsoft/onefuzz/pull/3241)
* Service: Log webhook exception as an "error" since we are retrying anyways [3238](https://github.com/microsoft/onefuzz/pull/3238)
* Service: Make `WebhookMessageEventGrid` compatible with the event grid format [3286](https://github.com/microsoft/onefuzz/pull/3286)

Fixed

* Agent: Improved .dll redirection by setting up .local file before invoking LibFuzzer [3269](https://github.com/microsoft/onefuzz/pull/3269)
* Agent/Service: Bumped several C, Rust dependencies, and Rust version to 1.71 [3278](https://github.com/microsoft/onefuzz/pull/3278), [#3281](https://github.com/microsoft/onefuzz/pull/3281), [#3221](https://github.com/microsoft/onefuzz/pull/3221), [#3230](https://github.com/microsoft/onefuzz/pull/3230), [#3231](https://github.com/microsoft/onefuzz/pull/3231), [#3203](https://github.com/microsoft/onefuzz/pull/3203), [#3240](https://github.com/microsoft/onefuzz/pull/3240), [#3239](https://github.com/microsoft/onefuzz/pull/3239), [#3199](https://github.com/microsoft/onefuzz/pull/3199), [#3254](https://github.com/microsoft/onefuzz/pull/3254), [#3257](https://github.com/microsoft/onefuzz/pull/3257), [#3273](https://github.com/microsoft/onefuzz/pull/3273), [#3258](https://github.com/microsoft/onefuzz/pull/3258), [#3271](https://github.com/microsoft/onefuzz/pull/3271), [#3292](https://github.com/microsoft/onefuzz/pull/3292)
* CLI/Service: Fixed regression bugs, file bugs on `regression_report` and properly reset state on duplicates [3263](https://github.com/microsoft/onefuzz/pull/3263)
* Service: Improve Azure DevOps validation problem reporting and resiliency [3222](https://github.com/microsoft/onefuzz/pull/3222)
* Service: Updated KeyVault access policy for Azure WebSites service account access [3109](https://github.com/microsoft/onefuzz/pull/3109)
* Service: Switched to default `HttpCompletion`, which is `ResponseRead` to attempt to prevent webhooks occasionally failing to send [3259](https://github.com/microsoft/onefuzz/pull/3259)
* Service: Fixed `Timestamp` response from API [3237](https://github.com/microsoft/onefuzz/pull/3237)
* Service: Trim `System.Title` if length is longer than 128 characters [3284](https://github.com/microsoft/onefuzz/pull/3284)

Added

* Agent: Include debug info in the release binaries to improve backtraces and debuggability [3194](https://github.com/microsoft/onefuzz/pull/3194)
* Agent: Added a timeout when closing the app insight channels [3181](https://github.com/microsoft/onefuzz/pull/3181)
* Agent: Require input marker in arguments when given an input corpus directory [3205](https://github.com/microsoft/onefuzz/pull/3205)
* Agent/CLI/Service: Added `extra_output` container, rename `extra` container [3064](https://github.com/microsoft/onefuzz/pull/3064)
* Agent: Creating `CustomMetrics` for Rust `CustomEvents` [3188](https://github.com/microsoft/onefuzz/pull/3188)
* Agent: Added prereqs for implementing caching for coverage locations and debuginfo in `coverage` task [3218](https://github.com/microsoft/onefuzz/pull/3218)
* CLI: Added command `onefuzz repro get_files` for downloading files to locally reproduce a crash [3160](https://github.com/microsoft/onefuzz/pull/3160)
* CLI: Added command `onefuzz debug notification test_template <template> [--task_id <task_id>] [--report <report>]` to allow a report to be sent when debugging [3206](https://github.com/microsoft/onefuzz/pull/3206)
* Documentation: Added documentation on how to use the validation tools [3212](https://github.com/microsoft/onefuzz/pull/3212)

Changed

* Agent: Removed agent traces from AppInsights [3143](https://github.com/microsoft/onefuzz/pull/3143)
* Agent: Include debug info in the release binaries to improve backtraces and debuggability [3194](https://github.com/microsoft/onefuzz/pull/3194)
* Agent: Make coverage-recording errors non-fatal [3166](https://github.com/microsoft/onefuzz/pull/3166)
* Deployment/Service: Enable custom metrics app config value [3190](https://github.com/microsoft/onefuzz/pull/3190)
* Documentation: Renamed example `coverage.rs` to `record.rs` to match documentation [3204](https://github.com/microsoft/onefuzz/pull/3204)
* Service: Moved authentication into middleware [3133](https://github.com/microsoft/onefuzz/pull/3133)
* Service: Store authentication information in KeyVault [3127](https://github.com/microsoft/onefuzz/pull/3127), [#3223](https://github.com/microsoft/onefuzz/pull/3223)
* Service: Port current logging implementation to ILogger [3173](https://github.com/microsoft/onefuzz/pull/3173)
* Service: Added improved error reporting from scale-in protection modification [3184](https://github.com/microsoft/onefuzz/pull/3184)
* Service: Downgraded queue error to warning when retrying because the message is too large [3224](https://github.com/microsoft/onefuzz/pull/3224)

Fixed

* Agent: Skip entire function if entry offset excluded [3172](https://github.com/microsoft/onefuzz/pull/3172)
* Agent: Try to kill debuggee if Linux recording times out [3177](https://github.com/microsoft/onefuzz/pull/3177)
* Agent: Apply allowlist to source conversion in coverage task [3208](https://github.com/microsoft/onefuzz/pull/3208)
* Service: Bumped C and Rust dependencies [3200](https://github.com/microsoft/onefuzz/pull/3200), [#3165](https://github.com/microsoft/onefuzz/pull/3165), [#3168](https://github.com/microsoft/onefuzz/pull/3168), [#3153](https://github.com/microsoft/onefuzz/pull/3153), [#3169](https://github.com/microsoft/onefuzz/pull/3169), [#3185](https://github.com/microsoft/onefuzz/pull/3185), [#3191](https://github.com/microsoft/onefuzz/pull/3191), [#3163](https://github.com/microsoft/onefuzz/pull/3163), [#3209](https://github.com/microsoft/onefuzz/pull/3209), [#3146](https://github.com/microsoft/onefuzz/pull/3146), [#3198](https://github.com/microsoft/onefuzz/pull/3198)

Changed

* CLI/Service: Don’t validate error codes on client side [3131](https://github.com/microsoft/onefuzz/pull/3131)

Fixed

* Agent: Switched from unmaintained Rust dependency `tui` to `ratatui` [3155](https://github.com/microsoft/onefuzz/pull/3155)
* Agent: Removed dependency on the abandoned Rust `users` crate [3150](https://github.com/microsoft/onefuzz/pull/3150)
* Agent/CLI/Service: Bumped several C, Python, and Rust dependencies [3118](https://github.com/microsoft/onefuzz/pull/3118), [#3132](https://github.com/microsoft/onefuzz/pull/3132), [#3088](https://github.com/microsoft/onefuzz/pull/3088), [#3106](https://github.com/microsoft/onefuzz/pull/3106), [#3140](https://github.com/microsoft/onefuzz/pull/3140), [#3120](https://github.com/microsoft/onefuzz/pull/3120), [#3145](https://github.com/microsoft/onefuzz/pull/3145), [#3151](https://github.com/microsoft/onefuzz/pull/3151)
* CLI/Service: Include a reason when a task has never started [3148](https://github.com/microsoft/onefuzz/pull/3148)
* Service: Fixed bug for scale-in protection [3144](https://github.com/microsoft/onefuzz/pull/3144)

Added

* Service: Created `CustomMetrics` for the Node and Task Heartbeat. [3082](https://github.com/microsoft/onefuzz/pull/3082)
* Service: Add an event for Repro VM creation. [3091](https://github.com/microsoft/onefuzz/pull/3091)
* Service: Add more context to the deletion of nodes. [3102](https://github.com/microsoft/onefuzz/pull/3102)
* Documentation: Create documentation for events 2.0 migration. [3098](https://github.com/microsoft/onefuzz/pull/3098)

Changed

* Agent: Match the agent version to the server [3093](https://github.com/microsoft/onefuzz/pull/3093)
* Service: Increase lock wait timeout for `qemu_user` setup script. [3114](https://github.com/microsoft/onefuzz/pull/3114)

Fixed

* Service: Fixed issue that incorrectly marked tasks as failed. [3083](https://github.com/microsoft/onefuzz/pull/3083)
* Service: Fixed bug when truncating reports. [3103](https://github.com/microsoft/onefuzz/pull/3103)
* Service: Allow use of `readonly_inputs` for `qemu_user` template. [3116](https://github.com/microsoft/onefuzz/pull/3116)
* Service: Fix logic to set `check_fuzzer_help`. [3130](https://github.com/microsoft/onefuzz/pull/3130)
* CLI: Fix CLI failure dude to ErrorCode enums out of sync. [3129](https://github.com/microsoft/onefuzz/pull/3129)