Synapse

=====================

Model Changes
-------------
- Update to the ``it`` and ``lang`` models.
(`3219 <https://github.com/vertexproject/synapse/pull/3219>`_)
- See :ref:`userguide_model_v2_141_0` for more detailed model changes.

Features and Enhancements
-------------------------
- Update ``$lib.infosec.cvss.vectToScore()`` to include a normalized
CVSS vector in the output.
(`3211 <https://github.com/vertexproject/synapse/pull/3211>`_)
- Optimize the addition and removal of lightweight edges when operating
on N1 edges in Storm.
(`3214 <https://github.com/vertexproject/synapse/pull/3214>`_)
- Added ``$lib.gen.langByCode``.
(`3219 <https://github.com/vertexproject/synapse/pull/3219>`_)

Bugfixes
--------
- Fix bug with regular expression comparisons for some types.
(`3213 <https://github.com/vertexproject/synapse/pull/3213>`_)
- Fix a ``TypeError`` being raised when passing a heavy Number object to
``$lib.math.number()``.
(`3215 <https://github.com/vertexproject/synapse/pull/3215>`_)
- Fix an issue with the Cell backup space checks. They now properly calculate
the amount of free space when the Cell backup directory is configured
on a separate volume from the Cell storage directory.
(`3216 <https://github.com/vertexproject/synapse/pull/3216>`_)
- Prevent the ``yield`` operator from directly emitting nodes into the Storm
pipeline if those node objects came from a different view. Nodes previously
lifted in this manner must be lifted by calling the ``iden()`` function on
the object to ensure the node being lifted into the pipeline reflects the
current view.
(`3218 <https://github.com/vertexproject/synapse/pull/3218>`_)
- Always remove the ``mirror`` configuration option from ``cell.mods.yaml``
when provisioning a service via Aha. The previous behavior prevented the
correct restoration of a service from a backup which had been changed from
being a leader to being a mirror.
(`3220 <https://github.com/vertexproject/synapse/pull/3220>`_)

=====================

Bugfixes
--------
- Fix a typo which prevented the Synapse package for ``v2.140.0`` from being
published on PyPI.
(`3212 <https://github.com/vertexproject/synapse/pull/3212>`_)

=====================

Announcement
------------

Synapse now only supports Python 3.11+.

Model Changes
-------------
- Update to the ``inet``, ``file``, and ``ou`` models.
(`3192 <https://github.com/vertexproject/synapse/pull/3192>`_)
(`3202 <https://github.com/vertexproject/synapse/pull/3202>`_)
(`3207 <https://github.com/vertexproject/synapse/pull/3207>`_)
- See :ref:`userguide_model_v2_140_0` for more detailed model changes.

Features and Enhancements
-------------------------
- Synapse now only supports Python 3.11+. The library will now fail to import
on earlier Python interpeters, and the published modules on PyPI will no
longer install on Python versions < 3.11.
(`3156 <https://github.com/vertexproject/synapse/pull/3156>`_)
- Replace ``setup.py`` with a ``pyproject.toml`` file.
(`3156 <https://github.com/vertexproject/synapse/pull/3156>`_)
(`3195 <https://github.com/vertexproject/synapse/pull/3195>`_)
- Usages of ``hashlib.md5()`` and ``hashlib.sha1()`` have been updated to add
the ``usedforsecurity=False`` argument.
(`3163 <https://github.com/vertexproject/synapse/pull/3163>`_)
- The Storm ``diff`` command is now marked as safe for ``readonly`` execution.
(`3207 <https://github.com/vertexproject/synapse/pull/3207>`_)
- Add a ``svc:set`` event to the Behold API message stream. This event is
fired when a Cortex connects to a Storm Service.
(`3205 <https://github.com/vertexproject/synapse/pull/3205>`_)

Bugfixes
--------
- Catch ``ZeroDivisionError`` and ``decimal.InvalidOperation`` errors in Storm
expressions and raise a ``StormRuntimeError``.
(`3203 <https://github.com/vertexproject/synapse/pull/3203>`_)
- Fix a bug where ``synapse.lib.platforms.linux.getTotalMemory()`` did not
return the correct value in a process running in cgroupsv1 without a
maximum memory limit set.
(`3198 <https://github.com/vertexproject/synapse/pull/3198>`_)
- Fix a bug where a Cron job could be created with an invalid Storm query.
Cron jobs now have their queries parsed as part of creation to ensure that
they are valid Storm. ``$lib.cron`` APIs now accept heavy Storm query
objects as query inputs.
(`3201 <https://github.com/vertexproject/synapse/pull/3201>`_)
(`3207 <https://github.com/vertexproject/synapse/pull/3207>`_)
- Field data sent via Storm ``$lib.inet.http`` APIs that uses a multipart
upload without a valid ``name`` field now raises a ``BadArg`` error.
Previously this would result in a Python ``TypeError``.
(`3199 <https://github.com/vertexproject/synapse/pull/3199>`_)
(`3206 <https://github.com/vertexproject/synapse/pull/3206>`_)

Deprecations
------------
- Remove the deprecated ``synapse.common.lockfile()`` function.
(`3191 <https://github.com/vertexproject/synapse/issue/3191>`_)

=====================

Announcement
------------

Due to the introduction of several powerful new APIs and performance
improvements, Synapse will be updating to *only* support Python >=3.11.
Our current plan is to drop support for Python <=3.10 in ~4 weeks on
2023-06-19. The next release after 2023-06-19 will include changes that
are not backward compatible to earlier versions of Python.

If you currently deploy Synapse Open-Source or Synapse Enterprise via
the standard docker containers, you will be unaffected. If you install
Synapse via PyPI, you will need to ensure that your environment is
updated to Python 3.11+.

Model Changes
-------------
- Update ``it:sec:cpe`` normalization to extend truncated CPE2.3 strings.
(`3186 <https://github.com/vertexproject/synapse/pull/3186>`_)

Features and Enhancements
-------------------------
- The ``str`` type now accepts ``float`` values to normalize.
(`3174 <https://github.com/vertexproject/synapse/pull/3174>`_)

Bugfixes
--------
- Fix an issue where the ``file:bytes:sha256`` property set handler could fail
during data merging.
(`3180 <https://github.com/vertexproject/synapse/pull/3180>`_)
- Fix an issue where iterating light edges on nodes could result in degraded
Cortex performance.
(`3186 <https://github.com/vertexproject/synapse/pull/3186>`_)

Improved Documentation
----------------------
- Update the Cortex admin guide to include additional examples for setting up
user and role permissions.
(`3187 <https://github.com/vertexproject/synapse/pull/3187>`_)

=====================

Features and Enhancements
-------------------------
- Add ``it:sec:cwe`` to the list of types identified with scrape APIs.
(`3182 <https://github.com/vertexproject/synapse/pull/3182>`_)
- Update the calculations done by ``$lib.infosec.cvss.vectToScore()`` to more
closely emulate the NVD CVSS calculator.
(`3181 <https://github.com/vertexproject/synapse/pull/3181>`_)

Bugfixes
--------
- Fix an issue with ``synapse.tools.storm`` where the ``!export`` command did
not use the view specified when starting the tool.
(`3184 <https://github.com/vertexproject/synapse/pull/3184>`_)
- The ``synapse.common.getSslCtx()`` API now only attempts to load files in
the target directory. This avoids confusing errors that may be logged when
the target directory contains sub directories.
(`3179 <https://github.com/vertexproject/synapse/pull/3179>`_)
- Fix an edge case in ``$lib.infosec.cvss.vectToScore()`` when calculating
CVSS v2 scores.
(`3181 <https://github.com/vertexproject/synapse/pull/3181>`_)

Deprecations
------------
- Mark the Python function ``synapse.common.lockfile()`` as deprecated. It
will be removed in ``v2.140.0``.
(`3183 <https://github.com/vertexproject/synapse/issue/3183>`_)

=====================

Automatic Migrations
--------------------
- Migrate any ``inet:url`` nodes with ``:user`` and ``:passwd`` properties
which may have been URL encoded. These values are now decoded.
(`3169 <https://github.com/vertexproject/synapse/pull/3169>`_)
- Migrate the storage type for the ``file:bytes:mime:pe:imphash`` property.
(`3173 <https://github.com/vertexproject/synapse/pull/3173>`_)
- See :ref:`datamigration` for more information about automatic migrations.

Model Changes
-------------
- Updates to the ``geospace``, ``inet``, ``infotech``, ``ou``, ``risk``,
and ``transport`` models.
(`3169 <https://github.com/vertexproject/synapse/pull/3169>`_)
- See :ref:`userguide_model_v2_137_0` for more detailed model changes.

Features and Enhancements
-------------------------
- Add a modulo arithmetic operator ( ``%`` ) to Storm expression parsing.
(`3168 <https://github.com/vertexproject/synapse/pull/3168>`_)
- Add ``$lib.auth.easyperm`` Storm library for interacting with objects that
use a simplified permissions model.
(`3167 <https://github.com/vertexproject/synapse/pull/3167>`_)
- Add ``.vars`` attribute to the Storm ``auth:user`` object. This can
be used to access user variables.
(`3167 <https://github.com/vertexproject/synapse/pull/3167>`_)
- Add ``$lib.infosec.cvss.vectToScore()`` to calculate CVSS scores.
(`3171 <https://github.com/vertexproject/synapse/pull/3171>`_)
- The Storm ``delnode`` command node now requires the use of ``--force`` to
delete a node which has lightweight edges pointing to it.
(`3176 <https://github.com/vertexproject/synapse/pull/3176>`_)
- The STIX export configuration may now include a ``synapse_extension`` value
set to ``$lib.false`` to disable the Synapse STIX extension data from being
added to objects in the bundle.
(`3177 <https://github.com/vertexproject/synapse/pull/3177>`_)
- Remove whitespace stripping from Storm queries prior to parsing them. This
allows any error highlighting information to accurately reflect the query
submitted to the Cortex.
(`3175 <https://github.com/vertexproject/synapse/pull/3175>`_)

Bugfixes
--------
- Fix an issue where raising an integer value to a fractional power
in Storm was not handled correctly.
(`3170 <https://github.com/vertexproject/synapse/pull/3170>`_)
- Handle a SyntaxError that may occur during Storm parsing due to a change
in CPython 3.11.4.
(`3170 <https://github.com/vertexproject/synapse/pull/3170>`_)
- The ``inet:url`` type now URL decodes the ``user`` and ``passwd``
properties when normalizing them. Thank you ``captainGeech42`` for the
bug report.
(`2568 <https://github.com/vertexproject/synapse/issue/2568>`_)
(`3169 <https://github.com/vertexproject/synapse/pull/3169>`_)
- The URL parser in ``synapse.lib.urlhelp`` now URL decodes the ``user``
and ``passwd`` values when parsing URLs.
(`3178 <https://github.com/vertexproject/synapse/issue/3178>`_)

Deprecations
------------
- Mark the Storm functions ``$lib.infosec.cvss.saveVectToNode()`` and
``$lib.infosec.cvss.vectToProps()`` as deprecated.
(`3178 <https://github.com/vertexproject/synapse/issue/3178>`_)