Onefuzz

Added

* Service: Added a new webhook message format compatible with Azure Event Grid. [1640](https://github.com/microsoft/onefuzz/pull/1640)
* Service: Added initial auto scaling support for VM scale sets. [1647](https://github.com/microsoft/onefuzz/pull/1647), [#1661](https://github.com/microsoft/onefuzz/pull/1661)
* Agent: Add an explicit timeout to setup scripts so hangs are easier to debug. [1659](https://github.com/microsoft/onefuzz/pull/1659)

Changed

* CLI/Service: Updated multiple first-party and third-party Python dependencies. [1606](https://github.com/microsoft/onefuzz/pull/1606), [#1634](https://github.com/microsoft/onefuzz/pull/1634)
* Agent: Check system-wide memory usage and fail tasks that are nearly out of memory. [1657](https://github.com/microsoft/onefuzz/pull/1657)

Fixed

* Service: Fix `task` field to the correct `NodeTasks` type so serialization works correctly. [1627](https://github.com/microsoft/onefuzz/pull/1627)
* Agent: Convert escaped characters when accessing the name of a blob in a URL. [1673](https://github.com/microsoft/onefuzz/pull/1673)
* Agent: Override `runs` parameter when testing inputs as we only want to test them once. [1651](https://github.com/microsoft/onefuzz/pull/1651)
* Service: Remove deprecated `warn()` method. [1641](https://github.com/microsoft/onefuzz/pull/1641)

Added

* CLI/Service: Added `fuzzer_target_options` argument to the `libfuzzer` templates to allow passing some target options only in persistent fuzzing mode [1610](https://github.com/microsoft/onefuzz/pull/1610)

Changed

* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies.
[1530](https://github.com/microsoft/onefuzz/pull/1530)
* CLI/Service: Updated multiple first-party and third-party Python dependencies.
[1576](https://github.com/microsoft/onefuzz/pull/1576)
[1577](https://github.com/microsoft/onefuzz/pull/1577)
[1579](https://github.com/microsoft/onefuzz/pull/1579)
[1582](https://github.com/microsoft/onefuzz/pull/1582)
[1586](https://github.com/microsoft/onefuzz/pull/1586)
[1599](https://github.com/microsoft/onefuzz/pull/1599)
* CLI/Service: Begin update of scale set instances before reimaging to ensure they match the latest scale set model. [1612](https://github.com/microsoft/onefuzz/pull/1612)

Fixed

* Agent: Removed the `process_stats` telemetry event, which fixes a class of memory leaks on Windows `libfuzzer_fuzz` tasks. [1608](https://github.com/microsoft/onefuzz/pull/1608)
* CLI/Service: Fixed seven day stale node reimaging check. [1616](https://github.com/microsoft/onefuzz/pull/1616)

Added

* Agent: Added source line coverage data
[1518](https://github.com/microsoft/onefuzz/pull/1518)
[1534](https://github.com/microsoft/onefuzz/pull/1534)
[1538](https://github.com/microsoft/onefuzz/pull/1538)
[1535](https://github.com/microsoft/onefuzz/pull/1535)
[1572](https://github.com/microsoft/onefuzz/pull/1572)
* Agent: Added Cobertura XML output for source code visualization [1533](https://github.com/microsoft/onefuzz/pull/1533)
* Service: Added auto configuration properties to the monitoring agents [1541](https://github.com/microsoft/onefuzz/pull/1541)
* Service: Added tags to scalesets and VMs [1560](https://github.com/microsoft/onefuzz/pull/1560)

Changed

* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies.
[1489](https://github.com/microsoft/onefuzz/pull/1489)
[1495](https://github.com/microsoft/onefuzz/pull/1495)
[1496](https://github.com/microsoft/onefuzz/pull/1496)
[1501](https://github.com/microsoft/onefuzz/pull/1501)
[1502](https://github.com/microsoft/onefuzz/pull/1502)
[1507](https://github.com/microsoft/onefuzz/pull/1507)
[1510](https://github.com/microsoft/onefuzz/pull/1510)
[1513](https://github.com/microsoft/onefuzz/pull/1513)
[1514](https://github.com/microsoft/onefuzz/pull/1514)
[1517](https://github.com/microsoft/onefuzz/pull/1517)
[1519](https://github.com/microsoft/onefuzz/pull/1519)
[1521](https://github.com/microsoft/onefuzz/pull/1521)
[1522](https://github.com/microsoft/onefuzz/pull/1522)
[1528](https://github.com/microsoft/onefuzz/pull/1528)
[1557](https://github.com/microsoft/onefuzz/pull/1557)
[1566](https://github.com/microsoft/onefuzz/pull/1566)
* Agent: Changed the function that gets the `machine_id` to be `async` to avoid runtime nesting [1468](https://github.com/microsoft/onefuzz/pull/1468)
* Service: Removed generic reset command from the CLI [1511](https://github.com/microsoft/onefuzz/pull/1511)
* Service: Updated the way we check for endpoint authorization [1472](https://github.com/microsoft/onefuzz/pull/1472)

Fixed

* Service: Increase reliability of integration tests. [1505](https://github.com/microsoft/onefuzz/pull/1505)
* Agent: Avoid leaking unused file and cache data [1539](https://github.com/microsoft/onefuzz/pull/1539)
* Agent: Fixed new clippy errors [1516](https://github.com/microsoft/onefuzz/pull/1516)

Added

* Agent: Added common source coverage format. [1403](https://github.com/microsoft/onefuzz/pull/1403)
* Service: Added class to store and retrieve rules associated with an API endpoint. This supports the ability to control who has access to an API. [1420](https://github.com/microsoft/onefuzz/pull/1420)
* Service: Support for NSG creation during deployment, allowing restricted access to the scaleset and repro VMs. [1331](https://github.com/microsoft/onefuzz/pull/1331), [#1340](https://github.com/microsoft/onefuzz/pull/1340), [#1358](https://github.com/microsoft/onefuzz/pull/1358), [#1385](https://github.com/microsoft/onefuzz/pull/1385), [#1393](https://github.com/microsoft/onefuzz/pull/1393), [#1395](https://github.com/microsoft/onefuzz/pull/1395), [#1400](https://github.com/microsoft/onefuzz/pull/1400), [#1404](https://github.com/microsoft/onefuzz/pull/1404), [#1406](https://github.com/microsoft/onefuzz/pull/1406), [#1410](https://github.com/microsoft/onefuzz/pull/1410)
* Service: Guest account access is disabled by default when creating the default service principal during deployment. [1425](https://github.com/microsoft/onefuzz/pull/1425)
* Service: Group membership check added. [1074](https://github.com/microsoft/onefuzz/pull/1074)
* Service: Exposed the `target_timeout` parameter in the `radamsa basic` template. [1499](https://github.com/microsoft/onefuzz/pull/1499)

Changed

* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies. [1360](https://github.com/microsoft/onefuzz/pull/1360), [#1364](https://github.com/microsoft/onefuzz/pull/1364), [#1367](https://github.com/microsoft/onefuzz/pull/1367), [#1368](https://github.com/microsoft/onefuzz/pull/1368), [#1369](https://github.com/microsoft/onefuzz/pull/1369), [#1382](https://github.com/microsoft/onefuzz/pull/1382), [#1429](https://github.com/microsoft/onefuzz/pull/1429), [#1455](https://github.com/microsoft/onefuzz/pull/1455), [#1456](https://github.com/microsoft/onefuzz/pull/1456), [#1414](https://github.com/microsoft/onefuzz/pull/1414), [#1416](https://github.com/microsoft/onefuzz/pull/1416), [#1417](https://github.com/microsoft/onefuzz/pull/1417), [#1423](https://github.com/microsoft/onefuzz/pull/1423), [#1438](https://github.com/microsoft/onefuzz/pull/1438), [#1446](https://github.com/microsoft/onefuzz/pull/1446), [#1458](https://github.com/microsoft/onefuzz/pull/1458), [#1463](https://github.com/microsoft/onefuzz/pull/1463), [#1470](https://github.com/microsoft/onefuzz/pull/1470), [#1453](https://github.com/microsoft/onefuzz/pull/1453), [#1492](https://github.com/microsoft/onefuzz/pull/1492), [#1493](https://github.com/microsoft/onefuzz/pull/1493), [#1480](https://github.com/microsoft/onefuzz/pull/1480), [#1488](https://github.com/microsoft/onefuzz/pull/1488), [#1490](https://github.com/microsoft/onefuzz/pull/1490)

Fixed

* Service: Fixed Azure DevOps work item creation by adding missing client initialization. [1370](https://github.com/microsoft/onefuzz/pull/1370)
* Service: Fixed validation of the `target_exe` blob name, enabling nesting in a subdirectory of the `setup` container. [1371](https://github.com/microsoft/onefuzz/pull/1371)
* Service: Migrated to MS Graph, as `azure-graphrbac` is soon to be deprecated. [966](https://github.com/microsoft/onefuzz/pull/966)
* Service: Stopped ignoring unexpected errors when authenticating the client secret. [1376](https://github.com/microsoft/onefuzz/pull/1376)
* Service: Fixed regex to correctly capture the object ID when trying to remove an invalid application ID. [1408](https://github.com/microsoft/onefuzz/pull/1408)
* Service: Added check for service principal use during user role assignment. [1479](https://github.com/microsoft/onefuzz/pull/1479)
* Service: Added support for Compute Gallery images. [1450](https://github.com/microsoft/onefuzz/pull/1450)

Changed

* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies. [1301](https://github.com/microsoft/onefuzz/pull/1301), [#1302](https://github.com/microsoft/onefuzz/pull/1302), [#1310](https://github.com/microsoft/onefuzz/pull/1310), [#1312](https://github.com/microsoft/onefuzz/pull/1312), [#1332](https://github.com/microsoft/onefuzz/pull/1332), [#1335](https://github.com/microsoft/onefuzz/pull/1335), [#1336](https://github.com/microsoft/onefuzz/pull/1336), [#1337](https://github.com/microsoft/onefuzz/pull/1337), [#1341](https://github.com/microsoft/onefuzz/pull/1341), [#1342](https://github.com/microsoft/onefuzz/pull/1342), [#1343](https://github.com/microsoft/onefuzz/pull/1343), [#1344](https://github.com/microsoft/onefuzz/pull/1344), [#1353](https://github.com/microsoft/onefuzz/pull/1353)
* CLI/Service: Updated multiple first-party and third-party Python dependencies. [1346](https://github.com/microsoft/onefuzz/pull/1346), [#1348](https://github.com/microsoft/onefuzz/pull/1348), [#1355](https://github.com/microsoft/onefuzz/pull/1355), [#1356](https://github.com/microsoft/onefuzz/pull/1356)

Fixed

* Service: Fixed authentication when using a client secret. [1300](https://github.com/microsoft/onefuzz/pull/1300)
* Deployment: Fixed an issue where the wrong AppRole was assigned when creating new CLI registrations. [1308](https://github.com/microsoft/onefuzz/pull/1308)
* Deployment: Suppress a dependency's noisy logging of handled errors when deploying. [1304](https://github.com/microsoft/onefuzz/pull/1304)

Added

* Agent: Added ability to handle fake crash reports generated by debugging tools during regression tasks. [1233](https://github.com/microsoft/onefuzz/pull/1233)
* Service: Added ability to configure virtual network IP ranges. [1268](https://github.com/microsoft/onefuzz/pull/1268)
* Deployment: Added `flake8` to the deployment process to align with rest of the Python codebase linting. [1286](https://github.com/microsoft/onefuzz/pull/1286)
* Service: Added custom extensions to enable Microsoft Security Monitoring extensions. [1184](https://github.com/microsoft/onefuzz/pull/1184)
* CLI: Added `--readonly_inputs` option to the `libfuzzer basic` template. [1247](https://github.com/microsoft/onefuzz/pull/1247)

Changed

* CLI: Increased the default verbosity of destructive CLI commands. [1264](https://github.com/microsoft/onefuzz/pull/1264)
* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies. [1239](https://github.com/microsoft/onefuzz/pull/1239), [#1240](https://github.com/microsoft/onefuzz/pull/1240), [#1236](https://github.com/microsoft/onefuzz/pull/1236), [#1238](https://github.com/microsoft/onefuzz/pull/1238), [#1245](https://github.com/microsoft/onefuzz/pull/1245), [#1246](https://github.com/microsoft/onefuzz/pull/1246), [#1252](https://github.com/microsoft/onefuzz/pull/1252), [#1253](https://github.com/microsoft/onefuzz/pull/1253), [#1254](https://github.com/microsoft/onefuzz/pull/1254), [#1257](https://github.com/microsoft/onefuzz/pull/1257), [#1261](https://github.com/microsoft/onefuzz/pull/1261), [#1262](https://github.com/microsoft/onefuzz/pull/1262), [#1276](https://github.com/microsoft/onefuzz/pull/1276), [#1278](https://github.com/microsoft/onefuzz/pull/1278)

Fixed

* Deployment: Fixed deployment in some regions by specifying widely-supported versions of Application Insights resources. [1291](https://github.com/microsoft/onefuzz/pull/1291)
* Deployment: Fixed an issue with multi-tenant deployment caused by a mismatch between the identifier used to configure the app registration and value used to authenticate the CLI client. [1270](https://github.com/microsoft/onefuzz/pull/1270)
* Service: Fixed `scaleset proxy reset` to reset all proxies in specified region. [1275](https://github.com/microsoft/onefuzz/pull/1275)
* CLI: Temporarily ignore type errors from `azure-storage-blob` due to invalid Python type signatures. [1258](https://github.com/microsoft/onefuzz/pull/1258)