• New features:
    • Parameterizable tasks:
      • Define a list of parameters per task
      • Parameter types can be either Selector, Checkbox, Integer, Date, or Text
      • Each parameter has a default value
      • Set parameter values on new execution form
      • Use them in your Bash or Powershell script tasks as environment variables
      • Use them in your SQL report tasks as query parameters
      • Very useful to allow business users to execute a task with restricted options
  • Project constants can now be used in your SQL report tasks as query parameters
  • Enhancements:
    • !!Breaking change!!: the : symbols in SQL report task queries must now be doubled, so as not to be confused with a query parameter
    • CF_PC_ project constant prefixes have been renamed to CPC_ (renaming in existing bash and powershell scripts will be done automatically on Ctfreak instance update)
    • Improve Rest API error messages
    • Update dependencies
  • FREE Edition specs update and new BUSINESS Edition (see homepage)
  • Bug Fixes:
    • Fix default submit button issues on some forms



  • Bug Fixes:
    • Support LOGIN SMTP authentication method in addition to PLAIN to enable email notifications to be sent to MS Office 365 smtp server



  • Enhancements:
    • Migrate to CodeMirror 6
    • Update dependencies
    • Reworking of license page
  • Bug Fixes:
    • Fix line wrap overflow issue when editing scripts
    • Fix chart duplication issue on SQL report tasks



  • New features:
    • Project constants:
      • Define a list of constants per project
      • Use them in your bash or powershell script tasks as environment variables
      • Update the value of your constants instead of updating your scripts
  • Enhancements:
    • Replace deprecated dependency to manage OpenID Connect token
    • Migrate front-end to Svelte 4
    • Update dependencies
    • Reworking of demo project



  • New features:
    • In SQL Report tasks:
      • Charts can be duplicated
      • New options to force axes to begin at zero
  • Enhancements:
    • Improve UI:
      • Increase selection area size for links
      • Reduces footer refresh rate
      • Update colors
    • Add license alerting:
      • Remaining days before license expiration
      • License check issues
    • New About page with third-party software list
  • Bug Fixes:
    • Reverse top and bottom axis for horizontal bar/line charts
    • Fix typo in sql report



  • Enhancements:
    • List of notifiers now transitions from a table to a grid on mobile resolution
    • Back-end is now built with Go 1.21
  • Bug Fixes:
    • Upon first startup, create the directory $HOME/.config if it is missing as needed



  • New features:
    • New SQL Report task:
      • Generate a responsive report from SQL queries
      • Mix multiple data sources
      • Choose from various types of charts
      • The FREE Edition allows creating up to 2 SQL report tasks
    • New project viewer role:
      • A user with this role on a given project will only be able to view the execution results of the project’s tasks (not the log files)
      • This role is ideal for restricting business users to access only the reports generated by SQL Report task
  • Enhancements:
    • Redesign of sub-execution database storage
    • New task type selector
    • Update dependencies
  • FREE Edition specs update
  • Bug Fixes:
    • Fix empty workflow edition issue
    • Remove Delete execution button for user with executor role
    • Fix cache issues on iOS



  • Enhancements:
    • Add command line arguments to setup external url and main OpenID Connect auth provider at startup of Ctfreak
    • Call OpenID Connect userinfo endpoint as fallback for missing claims in ID Token



  • New features:
    • Maximum number of concurrent shell script/command executions is now configurable for dedicated tasks
  • Enhancements:
    • A SQL script task can now be re-executed only on the failed databases of a previous execution
  • Bug Fixes:
    • Add explicit OpenID Connect “Empty user name” error message
    • Fix Typo in SSH credentials
    • Fix node/database execution list refresh issues with active/failed executions filter



  • Enhancements:
    • Retrieve mysql error number on failed database connection
  • Bug Fixes:
    • Aborted SQL script task should return Aborted instead of Failed for final status
    • RAISE NOTICE commands now properly appear in logs of SQL Script tasks for Postgresql databases without SSH tunneling
    • Fix SQL Script Aborting for Postgresql databases with SSH tunneling



  • New features:
    • Ctfreak now manages databases (following the same principle as nodes) !
      • Mysql and Postgresql are the first supported types, with others being added in future updates
      • Nodes can be used to connect to databases via an SSH tunnel
    • New SQL script task: execute SQL or PL/SQL script on databases
    • New global settings option to disable task scheduling
  • Enhancements:
    • !!Breaking change!!: node names are now unique. Any existing duplicates (if there are any) will therefore be given a new name “{old name}-1”, “{old name}-2”, … after the update.
    • Failed external node source syncs return more detailed errors
    • Node filters no longer exclude nodes without credential
    • Add all/active/failed executions filter for execution list
    • Update dependencies



  • New features:
    • Custom logo displayed on the login page and in the header of the sidebar menu (PRO Edition only)
  • Enhancements:
    • Perform a database vacuum when ctfreak starts



  • Enhancements:
    • Redesigned notification conditions in task editor



  • New features:
    • New Replacement multiple execution policy: when receiving an execution request while an execution is already running for a given task, abort the running one and chain a new execution



  • New features:
    • New Smart chaining multiple execution policy: when receiving an execution request while an execution is already running for a given task, chain the new execution (this is particularly useful for setting up a CI/CD pipeline)
  • Enhancements:
    • Requests for forbidden concurrent executions are rejected rather than resulting in a new failed execution
    • Project task lists can be dynamically filtered by task name
    • Add profile page
    • Use profile picture for OpenID Connect users
  • Bug Fixes:
    • OpenID Connect users “Full name” field is not editable anymore
    • Fix the link that redirects to the cron format documentation



  • Enhancements:
    • Use a darker theme color for better text readability
  • Bug Fixes:
    • When requesting the aborting of the execution of a command or script task, a SIGHUP signal is now sent for a graceful shutdown



  • New features:
    • Add Incoming Webhooks:
      • Generic webhook to execute a task with a simple HTTP POST request
      • Github/Gitlab webhook to execute a task after an event (push, …)
  • Enhancements:
    • Add task type preselection page
    • Add notifier type preselection page
    • Schedule embedded database analyze once a day to improve performance
    • API return distinct error messages for missing discord/mattermost/slack/msteams notifier parameters
    • Update dependencies



  • New features:
    • Add Telegram notifications
    • Add MS Teams notifications
  • Enhancements:
    • Add a command line argument to bypass the http port stored in the config file



  • Bug Fixes:
    • Ctfreak can now be properly run as a Windows service



  • New features:
    • New Powershell script task: execute powershell scripts on windows nodes through SSH
    • New node page with the list of tasks using the node (very useful for checking if there are still tasks related to the node before deleting it)
  • Enhancements:
    • !!Breaking change!! for Windows Ctfreak instances: Ctfreak config folder is no longer %AppData%\ctfreak but %LocalAppData%\ctfreak (think of moving your folder before your upgrade)
    • Add pagination of the task list on project pages
    • All listings increase from 30 to 40 items per page
    • The execution of a task now systematically requires a confirmation and redirects to the execution page
    • Notifications previously sent only in case of failed executions are now also sent in case of aborted executions
  • Bug Fixes:
    • Fix failed webhook call detection for Discord/Mattermost/Slack notifiers
    • Discord notifier name should not contain “discord”
    • Fix dead link in credential listing



  • New features:
    • Node filters now handles tag or node name exclusions with ! prefix
  • Enhancements:
    • Add a footer mention when a new ctfreak release is available to download
  • Bug Fixes:
    • Add a link to execution page in email notifications



  • Bug Fixes:
    • Fix Microsoft OpenID Connect preset
    • Add X-Accel-Buffering http header to prevent logs loading issues with nginx reverse-proxy



  • Enhancements:
    • Add Salesforce & Onelogin OpenID Connect presets
  • Bug Fixes:
    • Fix missing nodes menu for admin users without any project manager role



  • New features:
    • Add SSO via OpenID Connect
    • Add user rights management
    • Users are deletable
  • Enhancements:
    • Hide unassigned projects from non-admin users
    • Update dependencies
  • Bug Fixes:
    • Fix for disabled users not being taken into account in some cases
    • Fix null error messages on user creation or update



  • New features:
    • Add new Email Notifier
    • All notifiers can now be tested on demand
    • Add notifications for execution failures
  • Enhancements:
    • Remove empty headers on HTTP Request task creation



  • Bug Fixes:
    • Fix typo on Credential page
    • Fix OAuth Access Token



  • New features:
    • New HTTP Request task type to call API endpoints (webhook, ping, …).
    • PRO Edition now unlocks concurrent task executions instead of concurrent SSH connections (In other words, the FREE Edition now allows for concurrent SSH connections within the same task).



  • New features:
    • A task can now be re-executed only on the failed nodes of a previous execution.
  • Enhancements:
    • Add failed nodes filter for node execution list.



  • New features:
    • Add node attribute os family
  • Enhancements:
    • Do not prevent the creation of forbidden concurrent executions, just mark them as failed.
    • Remove node attribute ssh shell



  • Enhancements:
    • Client request a forced reload to clean browser cache when the client version does not match the server version.
    • Highlight nodes and external node sources with missing credential.
    • Typo: rename keys to credentials