v10.1.0-rc3

Changes:

• f019d6f Merge branch 'main' into release/10.1.x
• 932588c changelog: update for 10.1.0-rc3
• 4e1bf22 OrcLib: Console: do not output '\0'
• 138251d OrcLib: Archive: Appender: fix compression level missuse
• d30d2db OrcLib: update some log messages
• 245004f OrcCommand: WolfLauncher: print "Ended" line with stats in the journal
• 3637886 OrcCommand: WolfLauncher: add empty line between commands output
• e9b26cb OrcLib: Utils: EnumFlags: fix operator& and operator~
• ab33fc3 Revert "OrcLib: Utils: EnumFlags: fix operator&"
• 8ccc6b7 OrcLib: Utils: EnumFlags: fix operator&

See More

• 782eb29 OrcCommand: GetSectors: fix missing lvalue causing getBootDiskName failure
• 81413c8 OrcLib: SystemIdentity: fix incorrect error check leading to missing info
• 916f079 OrcCommand: WolfExecution: fix possible nullptr deref on error path
• 1b963b4 OrcLib: Log: FileSink: use base_sink mutex for synchronisation
• accab5e OrcLib: Log: Sink: remove ByteStreamSink
• a42fa49 OrcCommand: WolfLauncher: capture console output as log
• 22b82f9 OrcLib: Log: add SpdlogLogger and SpdlogSink wrappers
• 98fd85f OrcLib: Log: move sink implementations into Sink directory
• c7207da OrcCommand: UtilitiesLogger: add support for SPDLOG_LEVEL env variable
• 03a0a4c OrcLib: Console: also duplicate emtpy lines into the logs
• ff0330c OrcLib: Log: Logger: DumpBackTrace: set temporarly logger level to trace
• 31d3457 OrcLib: Log: FileSink: simplify set_pattern_ with set_formatter_ wrapper
• 9853404 Log: remove useless messages
• a644ae2 OrcLib: Console: set console output redirection to info log level
• b30f648 OrcLib: Log: Logger: fix missing default log level for file facility
• ac8ea90 OrcLib: Log: Logger: remove useless m_loggers array entry
• 3333a1f OrcLib: Text: Print: rename kStringEmpty to kEmpty
• 5a17893 OrcCommand: Text: Fmt: add WolfPriority
• e43c3e4 OrcLib: Text: Print: replace Print overloads with specialization
• 93550d4 Merge branch 'main' into release/10.1.x
• 03e45c4 changelog: update for 10.1.0-rc2
• 8d6802f OrcLib: MFTRecordFileInfo: fix null pointer dereference
• 2eedb25 OrcCommand: WolfTask: lower 'Hanged' logs to 'Error' level
• 6f148c9 OrcLib: Logger: fix typo on ORC_BUILD_BOOST_STACKTRACE
• 1c23b12 OrcLib: Fmt: ByteQuantity: fix array bound check
• 19845be fix warning LNK4221
• e8e0a30 OrcCommand: Journal: fix output column size
• facb7c9 OrcCommand: WolfLauncher: print file size when added to upload queue
• 873a38f OrcCommand: WolfExecution: print archive file size once completed
• 132f49f OrcCommand: WolfExecution: print real file size when added for compression
• 7a8a671 Merge branch 'jean/log' into main
• 06eeafb vcpkg: update for spdlog
• 2fc5d4d OrcLib: Log: use perfect forwarding for wrappers
• 0c9cbcd OrcLib: CommandMessage: fix 'StdOutErr' configuration option
• 9d52a64 tools: ci: build: add parameters missing description
• 92cb8fc OrcLib: Print: Filter: fix PrintValue output
• 1b9f564 OrcLib: fix calling convention mismatch on x86 caused by macro
• fb5b061 OrcCommand: UtilitiesMain: add critical log on all error execution path
• 00060bb OrcLib: ZipCreate: fix CComPtr use
• 1664dd5 OrcCommand: fix custom formatter shadowed by ostream
• 9e45bdf OrcLib: FileInfo: remove trailing '' from ParentName
• 0d73e1f OrcCommand: GetSamples: autorunsc: use UTC time output
• 7232a64 OrcCommand: fix partially ignored /Computer, /FullComputer, /SystemType
• c3e893d OrcCommand: UtilitiesMain: remove OutputFileOption and OutputDirOption
• ae99bf1 OrcLib: Fmt: error_code: display as unsigned errors from system category
• 502cfa3 OrcCommand: WolfLauncher: add missing usage options
• dbb45b8 OrcCommand: add missing usage option 'Compression'
• b0b6903 README: update azure badge
• fa337c6 changelog: update with 10.1.0-rc1
• b40d5a3 ci: azure: add additional artifact repository
• 6f127fa ci: azure: use binary caching with Azure Artifacts
• 5476a27 OrcParquetLib: fix build for vcpkg 2020.11-1
• 12e27c6 OrcLib: fix build for fmt 7.1.2
• a08a8f8 cmake: fix Arrow for vcpkg 2020.11-1
• 14a2e13 tools: rcedit: fix CompressionType parsing for vcpkg 2020.11-1
• 8d09edd vcpkg: update to 2020.11-1
• 764b9d7 tools: ci: build: update documentation
• d28b564 tools: ci: build: add switch -SSDeep
• a4850da tools: ci: build: check -Clean for error
• 4b4b4cf tools: ci: build: display cmake version
• 97707e1 tools: ci: build: stop on any error
• dea730a tools: ci: build: stop changing working directory for cmake execution
• ad6ef3b tools: ci: build: enforce some parameter case sensitivity
• 4455fb5 tools: ci: build: fix path quoting
• f47d928 tools: ci: build: move Find-CMake out of a loop
• 7e42da4 tools: ci: build: add option to specify vcpkg root directory
• 4d9173c tools: rcedit: use inherited CMAKE_MSVC_RUNTIME_LIBRARY
• 1092275 cmake: update install layout
• fe15397 OrcLib: fix calling convention mismatch on x86 caused by macro
• 353430b cmake: fix C4995 triggered by fmt 7.0.0
• 74ffa5e cmake: clang: disable warning C4995 for compatibility
• e22343a OrcLib: BITSAgent: set expected failure log to debug
• 95721fb log: add strong typing to HRESULT in log messages
• 3ba448b cmake: add option ORC_BUILD_BOOST_STACKTRACE
• 2f53123 Revert "cmake: add option ORC_BUILD_BACKTRACE to disable boost::stacktrace"
• 16850e4 Merge branch 'fabienfl/getthis' into fabienfl/spdlog
• 068ae22 OrcCommand: GetThis: use Archive7z
• b2628c6 OrcLib: Archive: add Archive7z
• 868ca46 OrcCommand: GetThis: disable FileFinder match storage
• f506d7d OrcCommand: GetThis: add WriteSample completion callback
• 42b1fa0 OrcCommand: GetThis: add CreateSample
• ce5166d OrcCommand: GetThis: add CreateUniqueSampleName
• e46a65c OrcCommand: GetThis: refactor CreateSampleFileName
• 0101dcd OrcCommand: GetThis: ConfigureSampleStream refactor
• adeae8f OrcCommand: GetThis: move RegFlushKey to anonymous namespace
• 0c81463 OrcCommand: GetThis: refactor FindMatchingSamples & AddSamplesForMatch
• c936dcf OrcCommand: GetThis: FindMatchingSamples: coding style
• f55203c OrcCommand: GetThis: refactor CollectMatchingSamples
• b85db17 OrcCommand: GetThis: replace 'enum ContentType' with 'enum class'
• f3cf6af OrcLib: CsvFileWriter: call WriteNothing if Write* argument is empty
• 6fbf7ac OrcCommand: GetThis: refactor AddSampleRefToCSV
• e31ae8b OrcCommand: GetThis: refactor CreateOutputDirLogFileAndCSV
• 109f178 Merge branch 'jean/structured' into fabienfl/spdlog
• a37bb23 OrcCommand: GetThis: refactor CreateArchiveLogFileAndCsv
• 3f5d388 OrcLib: System...

v10.1.0-rc2

Changes:

• 93550d4 Merge branch 'main' into release/10.1.x
• 03e45c4 changelog: update for 10.1.0-rc2
• 8d6802f OrcLib: MFTRecordFileInfo: fix null pointer dereference
• 2eedb25 OrcCommand: WolfTask: lower 'Hanged' logs to 'Error' level
• 6f148c9 OrcLib: Logger: fix typo on ORC_BUILD_BOOST_STACKTRACE
• 1c23b12 OrcLib: Fmt: ByteQuantity: fix array bound check
• 19845be fix warning LNK4221
• e8e0a30 OrcCommand: Journal: fix output column size
• facb7c9 OrcCommand: WolfLauncher: print file size when added to upload queue
• 873a38f OrcCommand: WolfExecution: print archive file size once completed

See More

• 132f49f OrcCommand: WolfExecution: print real file size when added for compression
• 7a8a671 Merge branch 'jean/log' into main
• 06eeafb vcpkg: update for spdlog
• 2fc5d4d OrcLib: Log: use perfect forwarding for wrappers
• 0c9cbcd OrcLib: CommandMessage: fix 'StdOutErr' configuration option
• 9d52a64 tools: ci: build: add parameters missing description
• 92cb8fc OrcLib: Print: Filter: fix PrintValue output
• 1b9f564 OrcLib: fix calling convention mismatch on x86 caused by macro
• fb5b061 OrcCommand: UtilitiesMain: add critical log on all error execution path
• 00060bb OrcLib: ZipCreate: fix CComPtr use
• 1664dd5 OrcCommand: fix custom formatter shadowed by ostream
• 9e45bdf OrcLib: FileInfo: remove trailing '' from ParentName
• 0d73e1f OrcCommand: GetSamples: autorunsc: use UTC time output
• 7232a64 OrcCommand: fix partially ignored /Computer, /FullComputer, /SystemType
• c3e893d OrcCommand: UtilitiesMain: remove OutputFileOption and OutputDirOption
• ae99bf1 OrcLib: Fmt: error_code: display as unsigned errors from system category
• 502cfa3 OrcCommand: WolfLauncher: add missing usage options
• dbb45b8 OrcCommand: add missing usage option 'Compression'
• b0b6903 README: update azure badge
• fa337c6 changelog: update with 10.1.0-rc1
• b40d5a3 ci: azure: add additional artifact repository
• 6f127fa ci: azure: use binary caching with Azure Artifacts
• 5476a27 OrcParquetLib: fix build for vcpkg 2020.11-1
• 12e27c6 OrcLib: fix build for fmt 7.1.2
• a08a8f8 cmake: fix Arrow for vcpkg 2020.11-1
• 14a2e13 tools: rcedit: fix CompressionType parsing for vcpkg 2020.11-1
• 8d09edd vcpkg: update to 2020.11-1
• 764b9d7 tools: ci: build: update documentation
• d28b564 tools: ci: build: add switch -SSDeep
• a4850da tools: ci: build: check -Clean for error
• 4b4b4cf tools: ci: build: display cmake version
• 97707e1 tools: ci: build: stop on any error
• dea730a tools: ci: build: stop changing working directory for cmake execution
• ad6ef3b tools: ci: build: enforce some parameter case sensitivity
• 4455fb5 tools: ci: build: fix path quoting
• f47d928 tools: ci: build: move Find-CMake out of a loop
• 7e42da4 tools: ci: build: add option to specify vcpkg root directory
• 4d9173c tools: rcedit: use inherited CMAKE_MSVC_RUNTIME_LIBRARY
• 1092275 cmake: update install layout
• fe15397 OrcLib: fix calling convention mismatch on x86 caused by macro
• 353430b cmake: fix C4995 triggered by fmt 7.0.0
• 74ffa5e cmake: clang: disable warning C4995 for compatibility
• e22343a OrcLib: BITSAgent: set expected failure log to debug
• 95721fb log: add strong typing to HRESULT in log messages
• 3ba448b cmake: add option ORC_BUILD_BOOST_STACKTRACE
• 2f53123 Revert "cmake: add option ORC_BUILD_BACKTRACE to disable boost::stacktrace"
• 16850e4 Merge branch 'fabienfl/getthis' into fabienfl/spdlog
• 068ae22 OrcCommand: GetThis: use Archive7z
• b2628c6 OrcLib: Archive: add Archive7z
• 868ca46 OrcCommand: GetThis: disable FileFinder match storage
• f506d7d OrcCommand: GetThis: add WriteSample completion callback
• 42b1fa0 OrcCommand: GetThis: add CreateSample
• ce5166d OrcCommand: GetThis: add CreateUniqueSampleName
• e46a65c OrcCommand: GetThis: refactor CreateSampleFileName
• 0101dcd OrcCommand: GetThis: ConfigureSampleStream refactor
• adeae8f OrcCommand: GetThis: move RegFlushKey to anonymous namespace
• 0c81463 OrcCommand: GetThis: refactor FindMatchingSamples & AddSamplesForMatch
• c936dcf OrcCommand: GetThis: FindMatchingSamples: coding style
• f55203c OrcCommand: GetThis: refactor CollectMatchingSamples
• b85db17 OrcCommand: GetThis: replace 'enum ContentType' with 'enum class'
• f3cf6af OrcLib: CsvFileWriter: call WriteNothing if Write* argument is empty
• 6fbf7ac OrcCommand: GetThis: refactor AddSampleRefToCSV
• e31ae8b OrcCommand: GetThis: refactor CreateOutputDirLogFileAndCSV
• 109f178 Merge branch 'jean/structured' into fabienfl/spdlog
• a37bb23 OrcCommand: GetThis: refactor CreateArchiveLogFileAndCsv
• 3f5d388 OrcLib: SystemDetails: generalize Service Packs in SystemDetails
• c70f89a OrcLib: rename class Archive to OrcArchive for new namespace Archive
• 1862e0f OrcLib: Temporary: improve temporary folder deletion
• 7a78990 OrcLib: JobObject: improve log messages
• e94897e OrcLib: Enable multi-files extension dlls
• 3993a13 OrcLib: EmbeddedResource: modify EmbedType to an enum class
• af8fed3 OrcLib: ExtensionLibrary: add option to extract a library multiple times
• b634bc7 OrcLib: add default directory for extension libs
• ee6c571 OrcLib: Temporary: add UtilDeleteTemporaryDirectory
• b65d734 cmake: add option ORC_BUILD_BACKTRACE to disable boost::stacktrace
• cd5dd14 OrcLib: OrcException: add missing 'status' initialization
• 99f1ef9 OrcLib: Text: Fmt: FileTime: check FileTimeToSystemTime return value
• 548478b cmake: reinstate c++17 deprecation warnings
• be6c98d OrcLib: remove legacy element name
• 8045d5a cmake: OrcLib: split fmt implementation and forward declarations
• de3440c OrcLib: Text: Fmt: add specialization for fs::path
• d802b40 OrcLib: ArchiveExtract: support archive hierarchies in resources
• 60cb64d OrcLib: SystemDetails: use fs::path with GetCurrentWorkingDirectory
• 769d7b2 OrcLib: add missing StructuredOutput overloads
• aec3c11 OrcCommand: UtilitiesMain: add OutputOption overloads
• 5bf2f6f OrcLib: Text: Print: OutputSpec: add missing PrintValue overload
• 4636767 OrcSql: remove OrcSql related files
• 44627c7 ChakraCore: remove ChakraCore related files
• 1dba352 use LastWin32Error, ToHRESULT, SystemError
• 72cbf65 README: add License section
• 851148d OrcLib: Log: Logger: use utc iso format
• 1ea8365 OrcLib: TypeTraits: add TimeUtc<> strong type
• 7368439 OrcLib: replace OrcResult with Result
• 9d16964 OrcLib: Utils: add Result class
• f6ed473 OrcLib: Utils: Iconv: add overloads for easier error handling
• 0d31878 OrcLib: OrcResult: disable fmt s...

v10.1.0-rc1

Changes:

• b0b6903 README: update azure badge
• fa337c6 changelog: update with 10.1.0-rc1
• b40d5a3 ci: azure: add additional artifact repository
• 6f127fa ci: azure: use binary caching with Azure Artifacts
• 5476a27 OrcParquetLib: fix build for vcpkg 2020.11-1
• 12e27c6 OrcLib: fix build for fmt 7.1.2
• a08a8f8 cmake: fix Arrow for vcpkg 2020.11-1
• 14a2e13 tools: rcedit: fix CompressionType parsing for vcpkg 2020.11-1
• 8d09edd vcpkg: update to 2020.11-1
• 764b9d7 tools: ci: build: update documentation

See More

• d28b564 tools: ci: build: add switch -SSDeep
• a4850da tools: ci: build: check -Clean for error
• 4b4b4cf tools: ci: build: display cmake version
• 97707e1 tools: ci: build: stop on any error
• dea730a tools: ci: build: stop changing working directory for cmake execution
• ad6ef3b tools: ci: build: enforce some parameter case sensitivity
• 4455fb5 tools: ci: build: fix path quoting
• f47d928 tools: ci: build: move Find-CMake out of a loop
• 7e42da4 tools: ci: build: add option to specify vcpkg root directory
• 4d9173c tools: rcedit: use inherited CMAKE_MSVC_RUNTIME_LIBRARY
• 1092275 cmake: update install layout
• fe15397 OrcLib: fix calling convention mismatch on x86 caused by macro
• 353430b cmake: fix C4995 triggered by fmt 7.0.0
• 74ffa5e cmake: clang: disable warning C4995 for compatibility
• e22343a OrcLib: BITSAgent: set expected failure log to debug
• 95721fb log: add strong typing to HRESULT in log messages
• 3ba448b cmake: add option ORC_BUILD_BOOST_STACKTRACE
• 2f53123 Revert "cmake: add option ORC_BUILD_BACKTRACE to disable boost::stacktrace"
• 16850e4 Merge branch 'fabienfl/getthis' into fabienfl/spdlog
• 068ae22 OrcCommand: GetThis: use Archive7z
• b2628c6 OrcLib: Archive: add Archive7z
• 868ca46 OrcCommand: GetThis: disable FileFinder match storage
• f506d7d OrcCommand: GetThis: add WriteSample completion callback
• 42b1fa0 OrcCommand: GetThis: add CreateSample
• ce5166d OrcCommand: GetThis: add CreateUniqueSampleName
• e46a65c OrcCommand: GetThis: refactor CreateSampleFileName
• 0101dcd OrcCommand: GetThis: ConfigureSampleStream refactor
• adeae8f OrcCommand: GetThis: move RegFlushKey to anonymous namespace
• 0c81463 OrcCommand: GetThis: refactor FindMatchingSamples & AddSamplesForMatch
• c936dcf OrcCommand: GetThis: FindMatchingSamples: coding style
• f55203c OrcCommand: GetThis: refactor CollectMatchingSamples
• b85db17 OrcCommand: GetThis: replace 'enum ContentType' with 'enum class'
• f3cf6af OrcLib: CsvFileWriter: call WriteNothing if Write* argument is empty
• 6fbf7ac OrcCommand: GetThis: refactor AddSampleRefToCSV
• e31ae8b OrcCommand: GetThis: refactor CreateOutputDirLogFileAndCSV
• 109f178 Merge branch 'jean/structured' into fabienfl/spdlog
• a37bb23 OrcCommand: GetThis: refactor CreateArchiveLogFileAndCsv
• 3f5d388 OrcLib: SystemDetails: generalize Service Packs in SystemDetails
• c70f89a OrcLib: rename class Archive to OrcArchive for new namespace Archive
• 1862e0f OrcLib: Temporary: improve temporary folder deletion
• 7a78990 OrcLib: JobObject: improve log messages
• e94897e OrcLib: Enable multi-files extension dlls
• 3993a13 OrcLib: EmbeddedResource: modify EmbedType to an enum class
• af8fed3 OrcLib: ExtensionLibrary: add option to extract a library multiple times
• b634bc7 OrcLib: add default directory for extension libs
• ee6c571 OrcLib: Temporary: add UtilDeleteTemporaryDirectory
• b65d734 cmake: add option ORC_BUILD_BACKTRACE to disable boost::stacktrace
• cd5dd14 OrcLib: OrcException: add missing 'status' initialization
• 99f1ef9 OrcLib: Text: Fmt: FileTime: check FileTimeToSystemTime return value
• 548478b cmake: reinstate c++17 deprecation warnings
• be6c98d OrcLib: remove legacy element name
• 8045d5a cmake: OrcLib: split fmt implementation and forward declarations
• de3440c OrcLib: Text: Fmt: add specialization for fs::path
• d802b40 OrcLib: ArchiveExtract: support archive hierarchies in resources
• 60cb64d OrcLib: SystemDetails: use fs::path with GetCurrentWorkingDirectory
• 769d7b2 OrcLib: add missing StructuredOutput overloads
• aec3c11 OrcCommand: UtilitiesMain: add OutputOption overloads
• 5bf2f6f OrcLib: Text: Print: OutputSpec: add missing PrintValue overload
• 4636767 OrcSql: remove OrcSql related files
• 44627c7 ChakraCore: remove ChakraCore related files
• 1dba352 use LastWin32Error, ToHRESULT, SystemError
• 72cbf65 README: add License section
• 851148d OrcLib: Log: Logger: use utc iso format
• 1ea8365 OrcLib: TypeTraits: add TimeUtc<> strong type
• 7368439 OrcLib: replace OrcResult with Result
• 9d16964 OrcLib: Utils: add Result class
• f6ed473 OrcLib: Utils: Iconv: add overloads for easier error handling
• 0d31878 OrcLib: OrcResult: disable fmt specialisation
• fc4dda1 OrcLib: Output: Text: Fmt: add std::error_code
• 3f0cc4f OrcLib: fix non portable lamba prototype
• c7746eb OrcLib: BinaryBuffer: remove PrintHex method
• 102f07c OrcLib: Log: FileSink: fix build with vs 16.8.0
• 60e64d3 OrcLib: fix build with vs 16.8.0
• 54c3e14 OrcLib: SystemIdentity: fix typo on 'physical_memory'
• dce89de OrcLib: OrcException: use fmt
• e0bf971 OrcLib: rename ExceptionSeverity Severity
• 9f6d248 OrcCommand: WolfLauncher: fix archive skipped when server is unavailable
• 9b98309 OrcCommand: UtilitiesMain: WMain: set exit code to critical+error count
• 54f419e OrcCommand: UtilitiesMain: remove dead code
• 84ee735 OrcCommand: UtilitiesMain: footer displays warn/error/critical log count
• 3091bdc OrcLib: Output: Console: duplicate printed lines to log file sink
• 576f14f Replace spdlog function with Logger's wrappers
• 057c222 OrcLib: CsvFileWriter: fix always true condition on pointer
• 4d30617 OrcLib: OrcException: fix return variable's stack address
• 1fddffa OrcLib: Buffer: fix already defined default template parameter
• 68251ee OrcLib: Text: Fmt: add forward declarations
• 5f21403 OrcLib: LocationSet: add missing namespace
• e901c00 OrcLib: Writer: use standard type instead of ambiguous typedef
• fca4233 OrcLib: FSVBR: add missing enum case
• d0fc6da OrcLib: EmbeddedResource: fix warning about uneeded 'static' keyword
• 2244acb OrcLib: remove unused variable
• b21173c OrcLib: UtilitiesMain: replace BOOST_SCOPE_EXIT with ScopeGuard
• 983450e OrcLib: fix missing return value
• 85e47f3 OrcCommand: UtilitiesMain: fix swprintf_s parameter
• 897cb93 OrcLib: CsvFileWriter: fix EscapeQuoteInserter
• 51b79b1 clang: fix clang build
• 1020b9e OrcLib: BitLocker: fix mi...

v10.0.16

Changes:

• 4ff1d40 Merge branch 'dev'
• 135aeba changelog: update with 10.0.16
• fec8325 ci: azure: build on release/* instead of master
• ddfc6be OrcLib: FileInfo: minor fixes
• 6a78cee OrcCommand: NtfsInfo: add SecurityDirectorySize and SecurityDirectorySignatureSize
• b376472 OrcLib: SystemDetails: add "Windows" and "RTM" tag for pre-Win10 versions
• 9b64b02 OrcLib: CsvFileWriter: fix memory corruption

This list of changes was auto generated.

v10.0.15

Changes:

• a6946c6 Merge branch 'dev'
• 87efb05 changelog: add CHANGELOG.md
• 8beebc9 Revert "OrcLib: LocationSet: expand Orc variable '{ProfileDirectory}'"
• 332a1a6 OrcLib: LocationSet: parse 'location' for keyword like "UserProfiles"
• 375ecab OrcLib: LocationSet: expand Orc variable '{ProfileDirectory}'
• ea91726 OrcLib: CsvFileWriter: fix access violation
• 242cfe7 OrcLib: CsvFileWriter: fix access violation
• 3aedc26 OrcLib: Buffer: fix method 'full'
• e928016 Revert "Orc: always enable "press any key to continue" on debug"
• a478935 OrcCommand: WolfLauncher: fix archive skipped when server is unavailable

See More

• c7623da Removing truncation of DFIR-OrcComputer environment variable (carrying /computer value to children).

This list of changes was auto generated.

v10.0.14

Changes:

• a1c104c Merge branch 'dev'
• c754d40 OrcLibTest: SystemDetails: lower test requirements on mounted volumes
• 01c6560 OrcLibTest: ProfileList: lower tests requirements on profile_list
• f95e212 OrcLibTest: Registry: lower test requirements
• 8aa1909 OrcLibTest: Result: fix expected message
• f265908 OrcLibTest: authenticode: replace 'mrt.exe' which could be missing
• abaedd8 WolfLauncher: add execution timestamp to the outline
• 1542a2c OrcLib: SystemDetails: use unique execution timestamp
• 3db29ba OrcLib: Command: fix warning using v142 toolset
• 970bc47 Merge branch 'jean/outline' into dev

See More

• f31a364 OrcLib: move from Orc:Result to stx::Result
• 0dcd668 OrcParquetLib: fix multiple inheritance of ParquetWriter
• a80bd87 OrcLib: add path to FileStream
• b1ea851 OrcLib: SparseStream: improve and fix build
• 0e6c897 ApacheOrc: refactor code, rename OptRowColum to ApacheOrc
• f8a877d OrcLib: fix C4838: improve NTFS constants definition
• 1500e03 OrcLib: StructuredOutputWriter, BoudTableRecord: fix reparse point and sparse file attributes
• 32346dc cmake: remove the JSON cmake option
• de2c535 FastFind: reduce output file hierarchy
• bca92e2 OrcLib: JSONOutputWriter: fix inHex for StructuredOutput
• ed41d2f FastFind: fix and improve FastFind.json
• 45c4989 FastFind: fix timestamp in structured output
• 954502e OrcLib: StructureOutput, TableOutput: refactor IWriter and IOutput
• a22bfe2 OrcCommand: move FastFind output schema to OrcCommand
• e595218 OrcLib: add XML support for Begin/End of collections
• b4e4151 WMI refactoring, optimisation, code cleanup
• cd2e4cb OrcLib: SystemDetails: narrow the list of properties to return from WMI.
• 63e3453 OrcLib: SystemIdentity: add CPU and Physical memory informations
• 4d50c5b OrcLib: WMIUtil: add get bool property
• 152ba0a WolfLauncher: add invocation command line
• 1d5880b OrcLib: add CommandLine and Parent process access
• 5fdd70b WolfLauncher: use pretty formatting in outline
• 5e34348 OrcLib: add environment and list of QFEs to SystemDetails and SystemIdentity
• 8ef254f OrcLib: improve WMI implementation
• 6be5c2e OrcLib: Profile list in outline code complete
• 68eab1e OrcLib: add Registry class to read values from the registry
• cdcc0ea OrcLib: Buffer: add inner_elts method
• 0af5d6a OrcLib: SystemIdentity: add ProcessArea
• b73ead8 OrcCommand: WolfLauncher: OutLine: add selected commands
• 9a63e0c OrcLib: move system identity code from OrcCommand to SystemIdentity
• 11bdcb8 OrcLib: BITSAgent: add connection to share when using BITS over SMB
• 0058627 OrcLib: add ProfileList
• d4ee5f9 OrcLib: move StructuredOutput to a dedicated header
• d317f08 OrcLib: add Orc::Result based on Rust's Result type
• 3e1f9f3 vcpkg: update to dfir-orc/2020.06
• 1fda5cd Orc: always enable "press any key to continue" on debug
• 68aa227 Orc: fix "press any key to continue" to be effective on error
• ba148a0 cmake: add optional dll to install targets
• 2ad1535 cmake: add option ORC_DOWNLOADS_ONLY
• facae2d cmake: vcpkg: fix NO_UPGRADE option
• e1212aa cmake: set ORC_BUILD_BCPKG default to ON
• 6c455b7 ci: azure: use 'windows-2019' agent
• baf5a3b tools: ci: build.ps1: check cmake.exe exit status
• 4d92fd9 tools: ci: build.ps1: handle one-liners with multiple architectures
• 5d510e3 tools: ci: build.ps1: add options -ApacheOrc -Parquet
• 25abd3e tools: ci: build.ps1: add '-A Win32' for vs2019 x86 builds

This list of changes was auto generated.

v10.0.13

Changes:

• 74a1a6f Merge branch 'dev'
• fd55b4d vcpkg: libressl: fix w2k3 missing InitOnceExecuteOnce

This list of changes was auto generated.

v10.0.12

Changes:

• 4c16164 Merge branch 'dev'
• 1ea5b3d WolfLauncher: Add archive creation time and file size in external log
• 4b636a5 ORC_BUILD_JSON is now ON by defaut
• 8e9d3b3 Merge branch 'dev'
• 4ffc929 Merge branch 'fabienfl/azure_debug_build' into dev
• 509ebeb ci: azure: make publish optional
• 5f83a27 ci: azure: use build.ps1
• 29f6e4a tools: ci: add build.ps1
• eacfbea Merge branch 'jean/system_identity' into dev
• f26fc01 OrcCommand: WolfLauncher: add outline json file

See More

• 4bf6a9a OrcLib: JSONOutputWriter: add initial implementation
• bd30259 OrcLib: FileInfo: fix warning message on incorrect column name
• da305a2 OrcLib: SystemDetails: add network adapter enumeration
• dacbe4a OrcLib: SystemDetails: add locale & language information
• 5d064d6 OrcCommand: WolfExecution: fix exception on x86 when memory limits is >=4GB

This list of changes was auto generated.

v10.0.11

Changes:

• e50af36 Merge branch 'dev'
• 0eee88d OrcLib: FileFind: fix match logic for hard links
• 1472fb6 Fix JobMemoryLimit&ProcessMemoryLimit for values > 4GB

This list of changes was auto generated.

v10.0.10

Changes:

• 77cb202 Merge branch 'dev'
• 53973a4 vcpkg: update for fix on libressl patch

This list of changes was auto generated.