nicolargo
eb0c4c2bd5
Update README.md file
2026-04-12 09:52:21 +02:00
nicolargo
d6808be667
SSRF in Glances IP Plugin via public_api leads to credential leakage - Correct CVE-2026-35587
2026-04-12 09:27:01 +02:00
nicolargo
fdfb977b1d
Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS in Glances - Mitigate CVE-2026-34839
2026-04-12 09:22:36 +02:00
nicolargo
c2e4fd6b41
Optimize token for Claude
2026-04-12 09:14:21 +02:00
nicolargo
b7182821fc
Optimize token for Claude
2026-04-12 09:14:09 +02:00
nicolargo
f2c3ba9e2b
Lint the code
2026-04-12 08:58:27 +02:00
Nicolas Hennion
e41b665576
Merge pull request #3520 from morimori-dev/fix/cassandra-cql-injection-ghsa-grp3-h8m8-45p7
...
fix(cassandra): validate keyspace/table/replication_factor to prevent CQL injection (GHSA-grp3-h8m8-45p7)
2026-04-12 08:53:07 +02:00
Paul
1563ff8e0a
fix(cassandra): use logger.error and return instead of sys.exit on invalid config
...
Per reviewer feedback:
- Replace logger.critical with logger.error for config validation errors
- Replace sys.exit(2) with self.export_enable = False + return so the
export module does not terminate the Glances process on bad config
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-11 22:03:29 +09:00
nicolargo
24615e52e7
Update doc and webui
2026-04-11 09:26:20 +02:00
nicolargo
acd5c6a4a8
Merge branch 'csvke-RV1126BP-70-Add-Rockchip-MPP-Support' into develop
2026-04-11 09:19:58 +02:00
nicolargo
eb3a608d08
Merge branch 'RV1126BP-70-Add-Rockchip-MPP-Support' of github.com:csvke/glances into csvke-RV1126BP-70-Add-Rockchip-MPP-Support
2026-04-11 09:19:10 +02:00
Nicolas Hennion
2c20656339
Merge pull request #3521 from nicolargo/dependabot/npm_and_yarn/glances/outputs/static/npm-989d12babf
...
Bump the npm group in /glances/outputs/static with 2 updates
2026-04-11 09:17:50 +02:00
Nicolas Hennion
356b0846ea
Merge pull request #3522 from nicolargo/dependabot/github_actions/actions-60639b94c2
...
Bump the actions group with 2 updates
2026-04-11 09:17:28 +02:00
csvke
bcf9f3db5d
RV1126BP-70: Fix Codacy issues in rockchip_mpp.py
...
- Remove unnecessary pass statement in exit()
- Replace unused variable 'addr' with '_'
2026-04-11 01:34:44 +08:00
csvke
a8023b3e4c
RV1126BP-70: Add config, docs, and unit tests for MPP plugin
...
- Add [mpp] section to conf/glances.conf with disable=True
- Add docs/aoa/mpp.rst documentation page and index entry
- Add unit test test_026_mpp with Rockchip MPP test fixtures
2026-04-11 01:34:44 +08:00
csvke
fc059208a7
RV1126BP-70: Add Rockchip MPP plugin for hardware encoder/decoder monitoring
...
- New plugin: glances/plugins/mpp/ with Rockchip MPP backend
- Reads per-engine load/utilization from /proc/mpp_service/load
- Tracks active sessions from /proc/mpp_service/sessions-summary
- Auto-enables load_interval when not set
- Displays RKVENC, RKVDEC, RKJPEGD engines with load % and session count
- TUI: Added to top bar with hotkey '8' to toggle
- WebUI: Vue component, uiconfig, CSS, rebuilt bundle
- Tested on Rockchip RV1126B-P with ffmpeg rkmpp HW transcode
2026-04-11 01:34:44 +08:00
dependabot[bot]
1315531d7b
Bump the actions group with 2 updates
...
Bumps the actions group with 2 updates: [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) and [docker/login-action](https://github.com/docker/login-action ).
Updates `pypa/gh-action-pypi-publish` from 1.13.0 to 1.14.0
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](ed0c53931b...cef221092ehttps://github.com/docker/login-action/releases )
- [Commits](b45d80f862...4907a6ddecsupport@github.com >
2026-04-09 05:20:40 +00:00
dependabot[bot]
ad49eebb4e
Bump the npm group in /glances/outputs/static with 2 updates
...
Bumps the npm group in /glances/outputs/static with 2 updates: [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint ) and [webpack](https://github.com/webpack/webpack ).
Updates `typescript-eslint` from 8.58.0 to 8.58.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/typescript-eslint )
Updates `webpack` from 5.105.4 to 5.106.0
- [Release notes](https://github.com/webpack/webpack/releases )
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack/compare/v5.105.4...v5.106.0 )
---
updated-dependencies:
- dependency-name: typescript-eslint
dependency-version: 8.58.1
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm
- dependency-name: webpack
dependency-version: 5.106.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: npm
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-09 05:17:24 +00:00
morimori-dev
d339181f03
fix(cassandra): validate keyspace/table/replication_factor to prevent CQL injection
...
Interpolating config values directly into CQL strings allows an attacker
with write access to glances.conf to inject arbitrary CQL statements via
the keyspace, table, or replication_factor fields.
Add _validate_cql_identifier() to enforce that keyspace and table contain
only letters, digits, and underscores (standard CQL identifier rules).
Cast replication_factor to int and reject values less than 1.
Fixes GHSA-grp3-h8m8-45p7 / CVE-2026-35588
2026-04-09 09:29:59 +09:00
nicolargo
8aa613712a
Merge branch 'issue3516' into develop
2026-04-06 17:48:21 +02:00
nicolargo
6940195b1a
pycache file is put in wheel #3516
2026-04-06 17:48:01 +02:00
nicolargo
d07233857b
Windows-curses noz support Python 3.14
2026-04-04 16:49:34 +02:00
nicolargo
eb6b8c848f
Update WebUI
2026-04-04 16:15:56 +02:00
nicolargo
f72edef56a
Revert "Merge pull request #3507 from duriantaco/remove-dead-code"
...
This reverts commit 1ed473d429183e2a4200
2026-04-04 16:13:17 +02:00
nicolargo
81d6db5040
Merge branch 'develop' of github.com:nicolargo/glances into develop
2026-04-04 16:05:49 +02:00
Nicolas Hennion
c348bb3ed4
Merge pull request #3509 from nicolargo/dependabot/npm_and_yarn/glances/outputs/static/npm-09a430aeca
...
Bump the npm group in /glances/outputs/static with 3 updates
2026-04-04 16:05:34 +02:00
Nicolas Hennion
1ed473d429
Merge pull request #3507 from duriantaco/remove-dead-code
...
Remove dead code
2026-04-04 16:05:15 +02:00
Nicolas Hennion
183e2a4200
Merge pull request #3510 from nicolargo/dependabot/github_actions/actions-fd00acb19b
...
Bump github/codeql-action from 4.34.1 to 4.35.1 in the actions group
2026-04-04 16:01:39 +02:00
nicolargo
196b3dc537
Merge branch 'develop' of github.com:nicolargo/glances into develop
2026-04-04 15:50:18 +02:00
dependabot[bot]
bf3a651b7d
Bump github/codeql-action from 4.34.1 to 4.35.1 in the actions group
...
Bumps the actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 4.34.1 to 4.35.1
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3869755554...c10b8064desupport@github.com >
2026-04-02 07:03:07 +00:00
dependabot[bot]
ea78714a0b
Bump the npm group in /glances/outputs/static with 3 updates
...
Bumps the npm group in /glances/outputs/static with 3 updates: [hotkeys-js](https://github.com/jaywcjlove/hotkeys-js ), [lodash](https://github.com/lodash/lodash ) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint ).
Updates `hotkeys-js` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/jaywcjlove/hotkeys-js/releases )
- [Commits](https://github.com/jaywcjlove/hotkeys-js/compare/v4.0.2...v4.0.3 )
Updates `lodash` from 4.17.23 to 4.18.1
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1 )
Updates `typescript-eslint` from 8.57.2 to 8.58.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/typescript-eslint )
---
updated-dependencies:
- dependency-name: hotkeys-js
dependency-version: 4.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm
- dependency-name: lodash
dependency-version: 4.18.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: npm
- dependency-name: typescript-eslint
dependency-version: 8.58.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: npm
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-02 06:59:09 +00:00
duriantaco
ae4e31ec05
chore: remove 14 verified dead functions and methods
2026-03-31 17:50:44 +08:00
duriantaco
6cfec83a62
chore: remove 14 verified dead functions and methods
2026-03-31 17:50:29 +08:00
Nicolas Hennion
3d2f31be61
Back to develop
2026-03-31 06:22:21 +00:00
Nicolas Hennion
fd7f15e397
Merge master
2026-03-31 06:09:26 +00:00
Nicolas Hennion
9e1200bd5a
Correct CI v2
2026-03-31 06:02:38 +00:00
Nicolas Hennion
8bd7c9916c
Update CI
2026-03-30 16:47:19 +00:00
Nicolas Hennion
915d2e68bd
Merge pull request #3499 from csvke/RV1126BP-68-Add-RV1126B-NPU-support-for-Glances
...
fix: support single-core Rockchip NPU load parsing and improve device naming
2026-03-30 13:58:44 +02:00
Nicolas Hennion
3663ec7cf9
Merge pull request #3505 from juliosuas/fix/memory-negative-values-lxc
...
fix: clamp memory used/percent to non-negative values for LXC containers
2026-03-30 13:53:49 +02:00
Julio César Suástegui
7a351ac38c
fix: clamp memory used/percent to non-negative values for LXC containers
...
In LXC containers using cgroup v2, psutil may report 'available' memory
greater than 'total' due to kernel memory over-commit accounting. This
caused 'used = total - available' to be negative, resulting in negative
memory usage and percentage values being displayed in the UI.
Fix: clamp 'used' to max(0, total - available) and 'percent' to
[0.0, 100.0] after the calculation so they are never negative or
greater than 100% regardless of what the OS reports.
Fixes #3358
2026-03-30 02:58:54 -06:00
nicolargo
02c5d653f5
On the road of Glances 4.5.4
2026-03-29 17:04:35 +02:00
nicolargo
4dbbe529d6
Merge branch 'master' into develop
2026-03-29 17:01:55 +02:00
nicolargo
aa20f43d65
Merge branch 'develop' of github.com:nicolargo/glances into develop
2026-03-29 17:01:47 +02:00
nicolargo
b4c963e173
version 4.5.3
2026-03-29 16:56:27 +02:00
nicolargo
aefe4311a4
Merge branch 'develop'
2026-03-29 16:42:07 +02:00
nicolargo
f5f1c33a3c
Prepare release 4.5.3
2026-03-29 16:41:48 +02:00
Continuous Integration
05a7416182
Continuous Integration Build Artifacts
2026-03-29 14:26:13 +00:00
Nicolas Hennion
b79d98dcc8
Merge pull request #3500 from nicolargo/dependabot/npm_and_yarn/glances/outputs/static/npm-9d9799450a
...
Bump the npm group in /glances/outputs/static with 4 updates
2026-03-29 16:22:02 +02:00
nicolargo
d40c139a7c
Merge branch 'feature/improve-refresh' into develop
2026-03-28 14:19:38 +01:00
nicolargo
111a97a67f
Improve plugins refresh rates
2026-03-28 14:19:20 +01:00
