Version 6.5.5

Bug Fixes:

• #10159 Several custom dashboards not working after 6.5.4 update
• #10091 Error when generating an Indicator based on an X509 Certificate Observable
• #10053 Bad margin/padding on some pages with an information section

Pull Requests:

• [frontend] Bad margin/padding on some pages with an information section (#10053) by @SarahBocognano in #10140
• [frontend] Settings tab name updated (#9914) by @ValentinBouzinFiligran in #10152
• [backend] X509 Certificate pattern definition (#10091) by @Archidoit in #10098
• Update dependency i18n-auto-translation to v2 by @renovate in #10135
• Update dependency apexcharts to v4.5.0 by @renovate in #10020
• [frontend] fix call to widget horizontal bar for relationships by @lndrtrbn in #10162
• Update dependency monocart-reporter to v2.9.15 by @renovate in #10132
• Update graphql-tools monorepo by @renovate in #10133
• Update dependency @types/node to v22.13.9 by @renovate in #10131
• Update dependency react-router-dom to v6.30.0 by @renovate in #10130
• Update dependency openai to v4.86.2 by @renovate in #10129

Full Changelog: 6.5.4...6.5.5

Version 6.5.4

Bug Fixes:

• #10107 [Customization] Default Values in attribute Markings Entity type cannot be disabled
• #10062 Too high margin between elements in the data tab of containers
• #10061 Wrong margin with the title in the history tab
• #10031 Clicking on the burger button in the playbook list view open the playbook
• #10030 Impossible to share Note with Organization
• #10007 No longer option to bulk edit the score when filtering on “Entity type = IPv4”
• #10006 Marking not accessible which are visible in the filters
• #9949 OpenCTI TAXII2 Connector error
• #9909 'In regards of' filter not working with observables
• #9828 [Indicators/observables generation] When using the “select all” function and adding filters, generation is not available.
• #9818 Inconsistancy of empty fields in Threat Actor Individual overview
• #9723 Switching between card view and list view introduce size change in the toggle buttons group of a few pixels
• #9616 The "more aliases" icon button is not vertically aligned with aliases chips
• #8833 Platform 100% CPU Usage, unresponsive.
• #8794 Inconsistent behavior on OpenCTI regarding artifact creation

Pull Requests:

• [frontend] Only accessible markings visible in filters (#10006) by @Archidoit in #10010
• [frontend] chip and menu buttons aligned (#9616) by @ValentinBouzinFiligran in #9999
• [frontend] improve entity type filter detection to display tool bar actions (#9828) by @Archidoit in #9855
• [frontend] Clicking on the burger button in the playbook list view open the playbook (#10031) by @SarahBocognano in #10054
• [frontend] Impossible to share Note with Organization (#10030) by @SarahBocognano in #10055
• [frontend] replace APP_SCRIPT_SNIPPET in dev mode by @labo-flg in #10056
• [frontend] fix missing score filed for bulk edit (#10007) by @marieflorescontact in #10042
• Update dependency uuid to v11.1.0 by @renovate in #10067
• Update dependency @types/node to v22.13.5 by @renovate in #10070
• Update remark by @renovate in #10068
• Update dependency filigran-icon to v0.14.0 by @renovate in #10065
• Update dependency compression to v1.8.0 by @renovate in #10021
• Update rjsf monorepo to v5.24.3 by @renovate in #9906
• Update graphqlcodegenerator monorepo by @renovate in #9899
• Update dependency tough-cookie to v5.1.1 by @renovate in #9892
• Update dependency html-to-pdfmake to v2.5.21 by @renovate in #9890
• Update otel/opentelemetry-collector-contrib Docker tag to v0.120.0 by @renovate in #9848
• Update dependency moment-timezone to v0.5.47 by @renovate in #9822
• Update dependency semver to v7.7.1 by @renovate in #9819
• Update dependency openai to v4.85.4 by @renovate in #9351
• Update dependency markdown-to-jsx to v7.7.4 by @renovate in #9339
• Update dependency @elastic/elasticsearch to v8.17.1 by @renovate in #10069
• [frontend] Fix button size in cards views (#9723) by @Gwendoline-FAVRE-FELIX in #10000
• [frontend] Mandatory file for Artifact creation (#8794) by @marieflorescontact in #10075
• [frontend] 'In regards of' filter tooltip for not detected relationships (#9909) by @Archidoit in #10003
• [frontend] refactor charts and dashboard to improve perfs (#9933) by @lndrtrbn in #10076
• Update dependency convert to v5.8.0 by @renovate in #10064
• [frontend] Inconsistancy of empty fields in Threat Actor Individual overview (#9818) by @SarahBocognano in #10106
• [frontend] align spacing in data & history tab (#10061) (#10062) by @delemaf in #10120
• [frontend] Fix spacing issues and buttons movement in Victimology view (#9724) by @Gwendoline-FAVRE-FELIX in #10012
• [backend/frontend] Add Import from XTM Hub button in Custom Dashboards by @jbanety in #10100
• Update dependency jsdom to v26 by @renovate in #10136
• Update dependency date-fns to v4 by @renovate in #10134
• Update dependency slack to v5 by @renovate in #10023
• Update Yarn to v4.7.0 by @renovate in #10127
• [frontend] Markings default values switching in Customization (#10107) by @Archidoit in #10142
• [backend] Update description for placeholders by @savacano28 in #10146
• Revert "Update dependency slack to v5" by @Archidoit in #10147

New Contributors:

• @jbanety made their first contribution in #10100

Full Changelog: 6.5.3...6.5.4

Version 6.5.3

Enhancements:

• #10028 Add capability to add a custom script snippet in the opencti html index

Bug Fixes:

• #10004 Spacing issues in restricted entities screen
• #9987 No link to OBAS when generating a simulation from an intrusion set
• #9985 Missing "contains" filter in "Data > Relationships"
• #9972 Not enough space before search bar of 'Rules engine'
• #9836 RSS Feed connectors always say they are buffering even when nothing is going on
• #9569 Align the height of hints to avoid strange effect on some windows
• #9450 Marking values order: change TLP:AMBER+STRICT to be hierarchically greater than TLP:AMBER
• #8429 In global search headers columns are not aligned
• #8015 Unable to see "active" job in connector interface when there are more than 50 jobs in progress.

Pull Requests:

• [backend/frontend] Fix generation scenario from threat and victime entities (#9987) by @savacano28 in #9991
• [backend] add Contains filter for Relationships (#9985) by @Archidoit in #9988
• [frontend] small UI fixes by @labo-flg in #10005
• [backend] Change marking values order: TLP:AMBER+STRICT to be hierarchically greater than TLP:AMBER (#9450) by @CelineSebe in #9515
• [frontend] Align the height between EnterpriseEdition and Danger zone labels by @CelineSebe in #9998
• [frontend] Fix spacing before search bar of 'Rules engine' (#9972) by @Gwendoline-FAVRE-FELIX in #10014
• [backend] change how we check if need to fetch rss feed (#9836) by @lndrtrbn in #9874
• Update graphql-tools monorepo by @renovate in #10022
• [backend/frontend] Improve readability of works in the connector interface by @CelineSebe in #9942

Full Changelog: 6.5.2...6.5.3

Version 6.5.2

Enhancements:

• #9882 Add markings support for workbench
• #9860 Change behavior of invalid access to display 404 instead of login redirect

Bug Fixes:

• #9971 No space in Exclusion lists screen
• #9970 Editing Arsenal > Tools is not possible
• #9962 Nothing happens at creation of a CSV mapper with existing name
• #9944 Side deletions of ref relationships can lead to updated_at upgrade
• #9940 Font Geologica is not used correctly
• #9936 Prevent event loop CPU blocking when processing applyUpdate in container rules
• #9923 Improve deletion of element with hundreds of thousands relationships
• #9921 OBAS simulation on IntrusionSet throw error
• #9894 Merge option isn't available on main search
• #9887 Playbook running / not running not vertically aligned
• #9881 Public dashboard doesnt correctly handle platform organization
• #9880 Spacing is not correct in dissemination list table between search and headers
• #9877 Exclusion lists are not case insensitive
• #9859 Account unit system accept unvailable option
• #9857 Entity types are not translated in 'main observable type' filter
• #9840 Entity type not translated in path header of Fintel template edition
• #9831 object_refs in Report object
• #9816 No action at 'no label' chip click in indicators list of Knowledge view
• #9815 Click on popover is propagate to the sighting line
• #9788 Triggers in groups overview are not respecting the radius of 4px
• #9740 Improve application stopping time
• #9626 Add a 21 organization to a user, delete another one automatically
• #9577 Don't save participants on Task creation
• #9556 Columns titles not aligned in the connectors view
• #9531 Linked entity and relationship lists inconsistent in knowledge tab
• #9292 Label filter adding via an indicator line not working in Knowledge tab of an entity
• #9234 Newly created users are always assigned to the default group even if another group is specified
• #8343 Inconsistent behavior on overview of demographics

Pull Requests:

• Update dependency dompurify to v3.2.4 by @renovate in #9850
• Update dependency @types/d3-scale to v4.0.9 - autoclosed by @renovate in #9849
• Update dependency filigran-icon to v0.12.0 by @renovate in #9821
• Update Node.js to v20.18.2 by @renovate in #9820
• [frontend] fix malware variants missing from relationships (#9531) by @delemaf in #9870
• [backend] fix minimal version compatibility for fintel template import (#8336) by @Archidoit in #9876
• [backend] Improve application stopping time (#9740) by @aHenryJard in #9715
• [frontend] translate entity type in Fintel template Breadcrumbs header path (#9840) by @Archidoit in #9853
• [frontend] Fix border-radius on triggers in groups overview (#9788) by @Gwendoline-FAVRE-FELIX in #9842
• [frontend] Playbook running / not running not vertically aligned (#9887) by @SarahBocognano in #9910
• [frontend] Spacing is not correct in dissemination list table between search and headers (#9880) by @SarahBocognano in #9911
• [frontend] Click on popover is propagate to the sighting line (#9815) by @SarahBocognano in #9917
• [frontend] merge icon available in global search for entities with same type (#9894) by @Archidoit in #9926
• [backend] fix Simulate throw error for IntrusionSet (#9921) by @marieflorescontact in #9922
• [backend] Check authorized members for element access (#4538) by @SouadHadjiat in #9809
• [frontend] correctly display observable types in filters list (#9857) by @Archidoit in #9901
• [frontend] Align column headings in the connectors view (#9556) by @Gwendoline-FAVRE-FELIX in #9918
• [frontend] Update demographic stixCoreRelationships from entity overview by @marieflorescontact in #9637
• Update dependency vite to v5.4.14 by @renovate in #9895
• Update dependency esbuild to v0.25.0 [SECURITY] by @renovate in #9938
• Update dependency apexcharts to v4 by @renovate in #9908
• Update fontsource monorepo to v5.1.1 by @renovate in #9898
• [frontend] fix usage of geologica (#9940) by @lndrtrbn in #9941
• Bump koa from 2.15.3 to 2.15.4 in /opencti-platform/opencti-front by @dependabot in #9948
• Bump nanoid from 3.3.7 to 3.3.8 in /opencti-platform/opencti-graphql by @dependabot in #9939
• [backend] Improve deletion of element with hundreds of thousands relationships (#9923) by @richard-julien in #9924
• [client] Add markings support for workbench by @richard-julien in #9883
• Update material-ui monorepo to v5.16.14 by @renovate in #9900
• Update redis Docker tag to v7.4.2 - autoclosed by @renovate in #9905
• Update docker.elastic.co/kibana/kibana Docker tag to v8.17.2 by @renovate in #9897
• Update Node.js to v22 by @renovate in #9907
• Update dependency uuid to v11.0.5 by @renovate in #9893
• Update dependency yara-python to v4.5.1 by @renovate in #9896
• Update quay.io/keycloak/keycloak Docker tag to v26.1.2 by @renovate in #9904
• Update dependency marked to v15.0.7 by @renovate in #9891
• Update dependency @types/node to v22.13.2 by @renovate in #9955
• [backend] Improve notification template verifications (#9795) by @SouadHadjiat in #9963
• [backend] Fix CSV mapper creation if name exists (#9962) by @Archidoit in #9964
• [frontend] fix UI in exclusion lists (#9971) by @labo-flg in #9973
• Update dependency filigran-ui to v0.32.1 by @renovate in #9889
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.17.2 by @renovate in #9852
• Update Node.js to v22.14.0 by @renovate in #9976
• Update dependency filigran-icon to v0.13.0 - autoclosed by @renovate in #9978
• Update dependency webpack to v5.98.0 by @renovate in #9979
• Update dependency @types/express to v5 by @renovate in #9980
• Update opensearchproject/opensearch-dashboards Docker tag to v2.19.0 by @renovate in #9954
• Update opensearchproject/opensearch Docker tag to v2.19.0 by @renovate in #9953
• [frontend] fix tool edition (#9970) by @Archidoit in #9975
• [backend] Prevent event loop CPU blocking when proces...

Version 6.5.1

Bug Fixes:

• #9854 Enrich button doesn't work
• #9772 Missing translation for 'search' filters operator
• #9588 Obervables of type hashes values are not correctly truncated in the graph of containers
• #9533 [Playbook] Indicator generated by the playbook not added in the container
• #9487 Incorrect background color in the 'Create Multiple Entities' dialog box
• #8937 Data table content alignement in Create a relationship panels

Pull Requests:

• [frontend] add 'search' filter operator translation (#9772) by @Archidoit in #9802
• [frontend] Truncate the value of observables in Graph (#9588) by @Gwendoline-FAVRE-FELIX in #9826
• Update dependency recharts to v2.15.1 by @renovate in #9823
• [frontend] fix the background in the 'create multiple entities' dialog box by @CelineSebe in #9844
• [frontend] migrate/refactor StixCoreObjectKnowledgeBar component by @delemaf in #9817
• [backend] Improve markings edition control by @richard-julien in #9843
• [frontend] fix enrich button (#9854) by @JeremyCloarec in #9856

Full Changelog: 6.5.0...6.5.1

Version 6.5.0

Dear community, we're excited to announce the launch of OpenCTI 6.5.0! 🥳

This release focuses on solving key pain points and unlocking new use cases:

• Help analysts produce & disseminate finished intelligence
• IOC management: introduce exclusion lists to avoid ingesting unwanted IOCs
• AI: become an assistant for analysts

ℹ️ Enterprise Edition Activation Changes

Note

As you know, in June 2023 we introduced an “Enterprise Edition” of the platform. As we explained at the time, this was in no way a reneging on our commitment to open source software, which has been part of our DNA since the very first day of our adventure. We are convinced that we have honored this promise perfectly, continuing to invest heavily in the features of the community version and innovating for all our communities.

Access to the Enterprise Edition, subject to a special license and annual subscription, has remained for almost two years based on the good faith of the platform's users, with acceptance of the license requiring a simple checkbox in the platform settings.

To promote transparency and fair use of our products, OpenCTI 6.5.0 introduces a license key system to control activation of the Enterprise Edition. All Filigran customers and non-governmental charity organizations using EE in accordance with the terms of the license have already received their license key(s).

As a consequence, upgrading a platform with EE activated and without a valid license key will result in the full de-activation of all EE features. Of course, for organizations wishing to access the associated features for testing and development purposes, trial license keys can be generated automatically and independently from our website. Please, don't hesitate to reach out to us if you have any question or concern about this new license key system.

Analysts spend significant time working on incidents and reports to identify threats and create knowledge that improves their organization's security posture.

However, transforming this information into standardized, easily disseminated finished intelligence documents often proves challenging.

This is why we introduced the ability to create your own finished intelligence template 📜 (Enterprise Edition). From the container's customization page, you can now define templates that use variables of your container and the entities and relations present in your container. These predefined templates will reuse the intelligence contained in your container. Your analysts can simply generate finished intelligence from these templates to initialize documents pre-populated with relevant data. This significantly reduces the time needed to produce any kind of reports.

Better yet, these templates can be imported and exported 💡, allowing you to reuse them across different platforms!

In addition, we've added the capability to manage dissemination lists & leverage them to send PDF documents via email (Enterprise Edition) 📨. Once administrators define email distribution lists, analysts can use them to send Finished Intelligence documents directly to their dissemination circles. This gives non-OpenCTI users easy access to analyst-produced documents.

In certain circumstances, intelligence access needs to be more restricted—for instance, during critical incidents or when handling sensitive threat reports. To address this, we've added the ability to restrict access to a container with our authorized member mechanism 🔒(Enterprise Edition). Even with shared containers, enabling access restriction limits visibility to specifically authorized users, groups, or organizations. These authorized members receive only the access rights you grant them (view, edit, manage), helping you maintain data confidentiality.

To ensure restricted data remains manageable if an entity manager leaves your organization, administrators can access a restriction management panel 🔓 to remove restrictions on entities when needed.

Minimizing false positives is essential for improving the accuracy and effectiveness of threat detection. To support this, we've introduced exclusion lists ⛔ in OpenCTI.
This feature lets you create exclusion lists to prevent specific IOCs, such as internal IPs or trusted domains, from being ingested into the platform. By preventing the ingestion of these non-malicious IOCs, you ensure they are not propagated to your external detection solutions (ex: SIEM), reducing noise and enhancing detection accuracy.

AI should enhance analysts' daily work, which is why we've revamped our AI module ✨ (Enterprise Edition). Now available across all platform entities, it supports analysts in their daily tasks. From any entity, such as a threat, analysts can quickly view latest activity, get summaries from recent reports, and see activity logs—putting useful information at their fingertips!

Understanding and presenting data effectively is crucial in CTI. This is why we have worked on the following features.

• Correlation views have been redesigned with this in mind. All container types can now correlate with each other—for example, if an incident response shares IOCs with a report, they'll be correlated. We've added an information panel explaining container correlations and improved the graph view to better illustrate entity relationships between containers. 💡
• Dashboards, especially List widgets, now feature the ability to select columns in knowledge & entity perspective 📊. Users can select and reorder columns based on their needs. When filtering across multiple entity types, only common attributes will be available for selection.
• We've added a useful feature to notifications: you can now filter on the trigger of the notification 🔔(via label click or filter selection). This helps you understand which trigger generated which notification.
• Knowledge views for Attack Patterns have been enhanced with a relation view, making information easier to understand and manage. This improvement was specifically requested by the community 👂 to better handle Attack Patterns linked to threats.

Our OpenBAS :openbas: integration has been redesigned to support choosing the correct architecture when running simulations from OpenCTI. This includes a deprecation, detailed below.

In terms of data ingestion, OpenCTI now provides the capability to expose TAXII 2.1 data collections for pushing STIX-formatted data. Available under Data/Ingestion, the TAXII Push ingester enables users and external systems to import STIX 2.1 objects into OpenCTI through an exposed TAXII collection, ensuring full compliance with the 'Add objects' section of the TAXII 2.1 specification.

We’ve also updated and integrated a new GraphQL playground to enhance your development experience by making it easier to test and interact with our GraphQL API 😎.

Finally, we've improved performance for large dataset operations ⚡ through two backend enhancements: improved worker thread pool and relocated lock mechanism to a separate process. This means faster background task processing and more efficient operations on shared entities, resulting in fewer errors.

Regarding connectors and integrations, this milestone brought several new connectors and integrations like:

• Tenable Security Center
• Google SecOps SIEM
• Proofpoint ET Pro Rep List
• Spycloud
• Zvelo
• YARA Import Files

But also to enhance some connectors :

• Hatching triage
• Sentinel-Intel
• RecordedFuture
• Mandiant
• Crowdstrike
• ImportDocument
• Harfanglab
• Flashpoint

We deeply want to thank our Partner & Community for their contributions:

• New connectors:
  • Loader Insight Agency File Feed
  • Intel471-V2
  • Zscaler ZIA
  • IBM XTI
  • Hunt.io
  • Wiz
• Connectors enhancements:
  • TAXII2-connector
  • MISP connector
  • Feedly
  • Tagger
  • crtsh
  • Orange Cyber Defense
  • Zerofox
  • TheHive
  • Greynoize
  • VirusTotal
  • ShadowServer
  • ransomware.live

Finally, we have made efforts to expand the availability of our Docker containers. In addition to being hosted on Docker Hub, all OpenCTI containers are now also accessible via [GitHub Container Registry](https://github.com/orgs/OpenCTI-Platform/packages).

We hope this release will please you! Feel free to drop us a note about anything. We’re always happy to get feedback about our product usage, whether it’s to hear that everything works perfectly or to get some improvement ideas to.

All the details about what has been released for which repo is available here:

• openCTI: https://github.com/OpenCTI-Platform/opencti/releases
• connectors: https://github.com/OpenCTI-Platform/connectors/releases
• client-python: https://github.com/OpenCTI-Platform/client-python/releases

⚠️ Deprecation

Deprecation Notice: GenerationScenario Mutations in OpenCTI - OpenBAS

The following three mutations related to GenerationScenario have been deprecated due to changes in their signature and response format:

• obasContainerGenerateScenario → Replaced by obasContainerGenerateScenarioWithInjectPlaceholders
• obasThreatGenerateScenario→ Replaced by obasThreatGenerateScenarioWithInjectPlaceholders
• obasVictimGenerateScenario→ Replaced by obasVictimGenerateScenarioWithInjectPlaceholders

Key Changes in new version : + WithInjectPlaceholders

New Signature Object: SimulationConfig

• simulationType: Defines the type of simulation: Technical or Simulated
• selection:
  -...

Version 6.4.11

Enhancements:

• #9814 [backend] Limit inference explanations for single relationship

Bug Fixes:

• #9824 An infinite update loop can happen when two instances listen to each other streams
• #9795 [backend] Improve notification template verifications
• #9771 Missing CSV feeds entity types translations
• #9769 Bad confirmation message when deleting a dashboard or an investigation
• #9752 [Task] When you try to add a participant, the message remains blocked.
• #9270 Reindexing fail from opencti_stix_core_relationships-000001 to opencti_deleted_objects
• #9057 In an Incident, the Observables count on Knowledge is one below the actual count
• #8985 No action when clicking on a label in 'Add entities' panel
• #8697 OpenCTI TAXII Feed - 413 Content Too Large
• #8672 Missing entities listed in Knowledge tab
• #8115 Incorrect display in Threat Actors menu category

Pull Requests:

• [backend] Fix reindex error on deleting old objects (#9270) by @SouadHadjiat in #9742
• [frontend] Fix QR code for OTP on dark mode that is not readable by @Kedae in #9773
• Update dependency @opensearch-project/opensearch to v2.13.0 by @renovate in #9207
• Update dependency nodemailer to v6.10.0 by @renovate in #9780
• Update dependency filigran-ui to v0.29.2 by @renovate in #9779
• [backend] add configurable taxii feed ingestion pagination (#8697) by @JeremyCloarec in #9659
• Update dependency @datadog/pprof to v5.5.1 by @renovate in #9777
• Update dependency pdfmake to v0.2.18 by @renovate in #9667
• Update otel/opentelemetry-collector-contrib Docker tag to v0.118.0 by @renovate in #9538
• Update graphql-tools monorepo by @renovate in #9438
• Update dependency @date-io/date-fns to v3.2.0 by @renovate in #9430
• Update dependency graphql to v16.10.0 by @renovate in #9361
• Update dependency graphql-scalars to v1.24.1 by @renovate in #9338
• Update dependency html-to-pdfmake to v2.5.20 by @renovate in #9322
• Update dependency graphql-rate-limit-directive to v2.0.6 by @renovate in #9321
• Bump nanoid from 3.3.7 to 3.3.8 in /opencti-platform/opencti-front by @dependabot in #9277
• [frontend] Delete confirmation message for workspaces (#9769) by @Archidoit in #9770
• [frontend] action on 'No label' click in 'Add entities' panel (#8985) by @Archidoit in #9749
• Update dependency rate-limiter-flexible to v5.0.5 by @renovate in #9668
• Update dependency monocart-reporter to v2.9.13 by @renovate in #8852
• Update dependency react-router-dom to v6.29.0 by @renovate in #9781
• [frontend] Align knowledge bar counters (#8115) by @delemaf in #9304
• [backend] Fix null for objectParticipant in Task (#9752) by @Kedae in #9755
• [backend] Improve template notification verifications (#9795) by @aHenryJard in #9810
• [frontend] translate types in CSV feeds list (#9771) by @Archidoit in #9804
• [backend] now also send event_id for events sent to worker coming from stream (#9824) by @JeremyCloarec in #9791

Full Changelog: 6.4.10...6.4.11

Version 6.4.10

Enhancements:

• #9748 Improve prepareElementForIndexing function to prevent event loop blocking
• #9481 Major upgrade of mistrail ai client to 1.3.6

Bug Fixes:

• #9279 Bad margin in 'Add indicators to observable' panel

Pull Requests:

• [frontend] In Observable / Indicators composed with this observable view, fix the css(#9279) by @Gwendoline-FAVRE-FELIX in #9391
• [backend] Upgrade of mistral ai client version (#9481) by @aHenryJard in #9482
• Update dependency @analytics/google-analytics to v1.1.0 by @renovate in #9336
• [backend] check multiple keys for meEdit mutation (#9739) by @marieflorescontact in #9741
• [frontend] Fix scrollbar on loggin page by @Kedae in #9750
• [backend] Prevent prepareElementForIndexing to block event loop by @richard-julien in #9744
• [frontend] Fix the high level error for OTP by @Kedae in #9756

Full Changelog: 6.4.9...6.4.10

Version 6.4.9

Enhancements:

• #9717 Remove some denormalized IDs for very large entities to improve performances

Bug Fixes:

• #9721 Bad confirmation message when deleting an Infrastructure
• #9719 Platform crashes after user deletion
• #9698 Error when creating an Infrastructure
• #9693 Bearer token plaintext in error logs of the worker
• #9568 History tab top margin / spacing is incorrect
• #9567 In create entity form (on the fly), spacing of the first field is not correct
• #9520 Search feature in content mapping view does not search for highlighted text
• #9401 Bug - GraphQLError: Execution timeout, too many concurrent call on the same entities / File not found or restricted
• #9299 Can't download CSV/PNG/SVG of a dashboard widget
• #9216 Clicking on a stopped live stream logout from the platform
• #8981 The description of the relationship between an object and a TTP is not displayed
• #8736 [RSS Feed] Error 403 on accessible public feeds
• #8183 Upserting text field with "null" with configured default value lead to strange update behavior
• #6835 Imported sightings' confidence level is always "5 - Improbable"

Pull Requests:

• [frontend] refacto how we get apex chart context (#9299) by @lndrtrbn in #9633
• [frontend] spacing on entity's form (#9567) by @ValentinBouzinFiligran in #9608
• [frontend] History tab top margin / spacing (#9568) by @ValentinBouzinFiligran in #9621
• Update dependency filigran-ui to v0.25.3 by @renovate in #9641
• Update dependency moment-timezone to v0.5.46 by @renovate in #9644
• Update dependency nodemailer to v6.9.16 by @renovate in #9645
• Update dependency graphql-ws to v5.16.2 by @renovate in #9642
• Update dependency eslint-plugin-react to v7.37.4 by @renovate in #9640
• [frontend] reset searchTerm when highlighting changes in content mapping (#9520) by @JeremyCloarec in #9591
• Update dependency unified to v11.0.5 by @renovate in #9676
• Update dependency lru-cache to v11.0.2 by @renovate in #9643
• Bump vite from 5.4.8 to 5.4.12 in /opencti-platform/opencti-front by @dependabot in #9677
• Update dependency ts-loader to v9.5.2 by @renovate in #9674
• Bump vite from 5.4.10 to 5.4.14 in /opencti-platform/opencti-graphql by @dependabot in #9679
• Update dependency react-router-dom to v6.28.2 by @renovate in #9671
• Update dependency typescript to v5.7.3 by @renovate in #9675
• Update dependency i18n-auto-translation to v1.10.1 by @renovate in #9666
• Update dependency @testing-library/user-event to v14.6.1 by @renovate in #9665
• Update dependency react-cookie to v7.2.2 by @renovate in #9669
• Update dependency express to v4.21.2 by @renovate in #9317
• Update dependency react-markdown to v9.0.3 by @renovate in #9670
• Update dependency three-spritetext to v1.9.4 by @renovate in #9673
• [backend/frontend] add configuration to have better chances to get RSS Feed contents (#8736) by @aHenryJard in #9244
• [CI] Upload artifact should work if only back or front has worked (#9687) by @aHenryJard in #9681
• Bump undici from 6.20.1 to 6.21.1 in /opencti-platform/opencti-graphql by @dependabot in #9664
• [backend/frontend] Remove some denormalized IDs for very large entities to improve performances (#9717) by @SamuelHassine in #9718
• [backend] No default values on upsert mode (#8183) by @lndrtrbn in #9296
• [backend] only kill session in sseMiddleware for auth bearer sessions (#9216) by @JeremyCloarec in #9708
• [frontend] Fix error at infrastructure creation (#9698) by @Archidoit in #9726
• [frontend] Confirmation message when deleting an infrastructure (#9721) by @Archidoit in #9725
• [frontend] Fix for user deletion on cache + prevent loop on error on Private Root (#9719) by @Kedae in #9720
• [backend] Fix usage of ElasticSearch ID by @SamuelHassine in #9727
• [backend] Enhance logging of migrations by @SamuelHassine in #9732

Full Changelog: 6.4.8...6.4.9

Version 6.4.8

Enhancements:

• #9335 [Multiple connectors] Support AMBER+STRICT marking

Bug Fixes:

• #9586 Suggestion engine select field is broken in containers
• #9573 Cannot access CSV and TAXII feed if user has only capability to manage feeds
• #9521 Task objects listed "Unknown"
• #9428 Logout button miss placed if connected user as no knowledge capability
• #9371 Sync ingestion: manage error on file issue and allow ingestion of elements with missing files
• #9358 Memory leak when ingesting an opencti stream configured with an empty starting synchronization date
• #9330 Tools entity version are not fillable
• #9280 Ordering not working in add nested objects panel
• #9211 Improve confidentiality of history
• #9078 [Org segregation] Object not visible despite belonging to the correct organization
• #8986 [livestream] renaming of observable creates a new one in perfect sync mode
• #8843 Livetstream filtering of containers does not send event of ref being shared
• #8146 Unable to display "sighting" detail when creating a sighting from an organisation entity
• #7637 [Filter] Filter on "Observable" meta type

Pull Requests:

• [backend] keep increasing back pressure delay if queue size keeps increasing (#9358) by @JeremyCloarec in #9555
• [frontend] Enable the ordering in Observables / nested objects panel (#9280) by @Gwendoline-FAVRE-FELIX in #9527
• [frontend] Logout button miss placed if connected user as no knowledge capability (#9428) by @SarahBocognano in #9524
• [backend] fix capability check on feeds (#9573) by @lndrtrbn in #9574
• [frontend] Fix the selected field name in suggestion by @CelineSebe in #9590
• [backend] fix internal_id being removed during observable fullsync (#8986) by @JeremyCloarec in #9218
• Update testing-library monorepo by @renovate in #9615
• [frontend] display virtual types in entity type filter list (#7637) by @Archidoit in #9541
• Update rjsf monorepo to v5.24.1 by @renovate in #9614
• [frontend] Sighting redirection from an entity Sighting tab (#8146) by @Archidoit in #9603
• Update dependency react-pdf to v9.2.1 by @renovate in #9537
• Update quay.io/keycloak/keycloak Docker tag to v26.1.0 by @renovate in #9613
• [backend] Share/unshare tasks should be done by creation date from olders to more recents to have correctly ordered stream events (#8843)(#9200)(#9371) by @aHenryJard in #9394
• [frontend] refactor: use representative main (#9521) by @delemaf in #9522
• [backend] handle inferred organizations in organization sharing by @marieflorescontact in #9558
• Update dependency fs-extra to v11.3.0 by @renovate in #9611
• Update dependency tough-cookie to v5.1.0 by @renovate in #9612
• Update dependency filigran-icon to v0.11.0 by @renovate in #9610
• Update Yarn to v4.6.0 by @renovate in #9488
• Update dependency cross-fetch to v4.1.0 by @renovate in #9431
• Update graphqlcodegenerator monorepo by @renovate in #9439
• Update dependency express-rate-limit to v7.5.0 by @renovate in #9360
• [frontend] Tools entity version are not fillable (#9330) by @SarahBocognano in #9525
• Update dependency react-force-graph-2d to v1.27.0 by @renovate in #9627
• Update dependency @types/node to v20.17.14 - autoclosed by @renovate in #9628

Full Changelog: 6.4.7...6.4.8