Summary

First release after lawl discovered their system being breached. We picked up the towel and turned every pebble to make sure no malicious code has been smuggled into the code.

Notable changes

New release process

The release process has been switched from the former update server that was managed by lawl, to github releases. This allows for a more transparent handling of update binaries, but also a complete automated release process using github actions.

Spring cleanup

By removing some of the C components we did a small spring cleanup and import them now from their upstream projects as git submodules into our build process. The Makefile has been modified accordingly, so even for the developers the workflow did not change.

Filter selection validation

When selecting filter up till now there were situations where NoiseTorch showed statuses that were misleading and in some rare edge cases even wrong. That situation has been vastly improved and the user experience should now be a lot clearer than before.

Security testing and dependabot

To improve the overall security in our workflow, we added several github actions to automatically validate and verify the code we have written and will write in the future. This ensures our changes will satisfy a defined set of quality gates before coming into a release.
Dependabot helps us keeping an eye on security updates within our dependencies to hopefully avoid shipping with flawed builds.