Changelog

v1.31.0

2025-10-12

• New features:
  • In Workflow tasks, child task parameter values are now editable (for PRO or BUSINESS Edition license holders)
• Enhancements:
  • Completing documentation for workflow tasks
  • On execution pages, display the parameter label (when defined) rather than the parameter name
  • Back-end is built with Go 1.25.2
• Bug fixes:
  • Fix “display logs” button access in desktop mode for the advanced executor role
  • Update dependencies

v1.30.2

2025-09-17

• Bug fixes:
  • Fix for proper handling of PowerShell script execution exit codes on WinRM nodes

v1.30.1

2025-08-14

• New features:
  • Addition of Youtrack integration
  • Add Youtrack notifier to automatically create a Youtrack issue on execution failure
• Enhancements:
  • Early check of third-party integration API tokens
  • Add “priority” param to Linear notifier
  • Update dependencies

v1.30.0

2025-08-07

• New features:
  • Addition of third-party integrations (defined at the project level)
    • GitHub integration
    • Jira (Cloud) integration
    • Linear integration
    • Telegram integration
  • New “issue tracking” notifiers to automatically create an issue on execution failure
    • GitHub notifier
    • Jira (Cloud) notifier
    • Linear notifier
• Enhancements:
  • API token used by Telegram notifiers is now defined at the project level
  • All tasks used by a notifier can be listed
  • API Breaking change:
    • Reading/creating/updating notifiers

v1.29.2

2025-07-02

• Bug fixes:
  • Fix node source import when switching to Postgresql backend

v1.29.1

2025-06-29

• New features:
  • Support for WinRM connection protocol (in addition to SSH)
    • Command, powershell script, and ansible playbook task can connect to Windows nodes through WinRM
    • API Breaking change for reading/creating/updating nodes
    • “SSH credentials” has been renamed “Credentials”
    • New yaml format for File node source (with backward compatibility with deprecated fields)
    • New json format for URL node source (with backward compatibility with deprecated fields)
• Enhancements:
  • New prerequisites on Windows nodes using SSH connections:
    • PowerShell>=7.2 must now be installed on the node and set as default shell for SSH connections
    • Support for nodes still using Windows Powershell as default shell is guaranteed up to and including CTFreak release 1.31
  • New logo background color on login page + drop shadow effect on logo
  • Update dependencies
• Bug fixes:
  • Fix UI freeze after login attempt following expired session

v1.28.1

2025-06-11

• Bug fixes:
  • Fix use of SMTP server without authentication for email notifier

v1.28.0

2025-05-30

• New features:
  • Add Teams to facilitate assignment of project roles to user groups
• Enhancements:
  • Access to user information and their effective role in different projects is now restricted to administrators, which applies to:
    • The web UI: there is no longer Users menu for non-administrators
    • The API: the following routes can now only be called by administrators:
      • /projectUserReports (POST)
      • /userReports (POST)
      • /userReports/{userId} (GET)
  • Completion of the API doc for user management
  • Update dependencies
• Bug fixes:
  • Fix missing import of login welcome message from old Sqlite backend when switching to Postgresql backend
  • Advanced executor project role now allows http response to be viewed for http request task executions
  • Fix failure to retrieve project list for non-admin users using CTFreak instance with postgresql backend
  • Fix failure to execute parameterizable tasks for Advanced executor & Executor project roles
  • Fix project role sorting
  • Fix modal form overflow

v1.27.1

2025-05-08

• Enhancements:
  • Add login welcome message
  • Adjusting login page layout
  • Add explicit “Remove license” button
  • Improved Sqlite backend hot backup with:
    • Adding an optional timestamp to the backup file name
    • Setting the maximum number of backups to keep
• Bug fixes:
  • Fix missing quotes style for Markdown text

v1.27.0

2025-05-04

• New features:
  • At the end of an execution, a notification can now be sent only if its status differs from the previous execution. For high-frequency tasks (such as monitoring a website every 5 minutes), this prevents being flooded with notifications of consecutive failures.
• Enhancements:
  • Update dependencies
• Bug fixes:
  • Fix missing multiple execution policy default value
• Reworking of FREE & BUSINESS Edition license

v1.26.0

2025-04-11

• New features:
  • Auto import all data from the old Sqlite backend when switching to Postgresql backend
• Enhancements:
  • Optimize nodes, databases and tasks storage
  • Update dependencies
• Bug fixes:
  • Escape key support to exit modal boxes
  • Postgresql backend:
    • Fix sorting when displaying node and database tags
    • Fix database credential retrieval for sql script and sql report tasks
  • Fix gitlab incoming webhook secret field update

v1.25.1

2025-03-23

• Enhancements:
  • Update dependencies
• Bug fixes:
  • Add explicit message “Backup via CTFreak is only supported with a Sqlite backend” when using Postgresql backend

v1.25.0

2025-03-20

• New features:
  • Incoming webhook: payload, query parameters and form data can be used to set task parameters
  • Postgresql can replace Sqlite backend in the new Business Edition license
• Enhancements:
  • Update dependencies
• Bug fixes:
  • Fixed missing “application/json” mimetype for some API request responses

v1.24.0

2025-03-07

• New features:
  • Ansible playbook task: execute an ansible playbook
    • Manage playbook content in CTFreak or use a local playbook file
    • Dynamic ansible inventory generation from selected nodes
    • Generate a dedicated ansible log file per node
    • CTFreak project constants and task parameters can be used as ansible variables
    • Only available on Linux & FreeBSD manual installation
• Enhancements:
  • Project lists can be dynamically filtered by project name
  • Back-end is built with Go 1.24.1
  • Use log/slog as internal logger instead of logrus
  • Support for ansible playbook and local command tasks can be disabled via dedicated command line parameters when CTFreak is started
  • Update dependencies

v1.23.1

2025-01-19

• Bug fixes:
  • Fix empty tables and doughnut charts display in SQL report task execution

v1.23.0

2025-01-14

• SQL report task improvements:
  • New features:
    • New Table chart type
    • Explicit row breaks added for better control of report layout
  • Enhancements:
    • Replace Chart.js with Apache Echarts
    • Chart base width is now mandatory
  • Bug fixes:
    • Fix inverted vertical axis for horizontal bar/line charts
    • Fix chart display glitches on mobile resolution
    • Fix database name check
• Enhancements:
  • Redirect to the page initially requested (rather than the home page) after logging in again via the internal authentication provider
  • SPA build: replace Rollup with Vite
  • Update dependencies

v1.22.1

2024-11-04

• Bug fixes:
  • Use relative URL instead of external URL defined in global settings to access integrated API documentation

v1.22.0

2024-10-30

• New features:
  • Integrated API documentation available at: https://{YOUR CTFREAK INSTANCE}/api/v1/doc/
  • Execution timeout can now be specified at the global or project level
    • Global execution timeout is mandatory (30 days default)
    • At the very least, the global execution timeout is used, so an execution always has a defined timeout.
• Enhancements:
  • Improve logs
  • Update dependencies
• FREE Edition’s sequential execution restriction also applies to sub-executions

v1.21.0

2024-10-18

• New features:
  • Local command tasks support per-second scheduling granularity via an optional parameter for their cron expression (e.g. 20 * * * * * for execution every minute at the 20th second)
• Enhancements:
  • When a local command execution is aborted under linux & freebsd, this abort also applies to child processes
  • Execution retention period can now be set to 0 days (for tasks where only the last execution status/date needs to be retained)
  • By default, the internal database stores its temporary data in memory. This can now be disabled in the configuration file via the new useMemoryTempStoreFg flag
• Bug fixes:
  • Fix timeout error when CTFreak is started as a service on Windows (time-consuming internal database maintenance operations are now performed just after the service is considered to have been started by windows)
  • Fix memory leak when deleting a project with scheduled tasks
  • On new project form
    • Add missing Disable task scheduling option
    • Project Id is editable again

v1.20.0

2024-10-10

• New features:
  • Task scheduling can be disabled at the project level
  • Task lists provide information on the last execution of each task
• Enhancements:
  • Projects containing scheduled tasks can be deleted
  • Add ended execution date to executions lists
  • Update dependencies
  • Back-end is built with Go 1.23.2
• Bug fixes:
  • Fix truncated logs issue on high-frequency local command execution
  • Check min/max values for execution retention period specified at the project or task level
  • When the SSH session handshake hangs, execution can now be aborted
  • Use SIGTERM instead of SIGHUP as the first attempt to abort an ssh session

v1.19.0

2024-09-29

• New features:
  • Local command task: execute a command directly on the server where CTFreak is installed
    • For those who need to schedule high-frequency command execution, local command task may be more suitable than command task, as it avoids SSH connection overload
    • Project constants and Task parameters can be used as environnement variables
    • Only an administrator can create this type of task
  • Log output task setting to define whether or not logs should be stored for local command, command, bash script, powershell script and sql script tasks
  • Global setting Disable project and task execution counters to prevents UI slowdowns when the execution history exceeds one million
  • Timeout task setting is available for all task types (it is no longer specific to http request tasks).
  • Task timeouts can be specified in seconds, minutes, hours or days
  • Advanced executor role to launch tasks associated with a project or view their executions including logs
• Enhancements:
  • When explicitly executing a task on all nodes or databases, Nodes/Databases Set filter must no longer be empty but contain the ‘*’ character
  • Optimized response times and refresh rate for retrieving execution lists
  • Execution lists can be restricted to aborted executions
  • When deleting a project, task or execution, the associated execution log folders are now deleted in the background
  • Aborting project, task or execution list retrieval immediately frees up resources
  • API Breaking change:
    • Reading/creating/updating tasks
    • Reading nodes
• Bug fixes:
  • Fix a race condition causing scheduling to stall (Happens when a change of execution state occurs at the same time as a cancellation of an execution list refresh in the web interface)
  • Prevents deletion of a project that still contains scheduled tasks
  • Fix minor memory leak from missing context cancellations
  • Multiple spaces are now preserved in log viewer

v1.18.1

2024-09-16

• Bug fixes:
  • Fix regression preventing bash script, powershell script, and sql report tasks creation

v1.18.0

2024-09-14

• New features:
  • Improved Workflow tasks:
    • Maximum number of concurrent child task executions is now configurable for workflow tasks that execute child tasks concurrently
    • Child tasks can be disabled/re-enabled (involves a breaking change in child task structure when reading/creating/updating workflow tasks through the API)
• Enhancements:
  • Drag & drop replaces move buttons to reorder Workflow Child tasks
  • Drag & drop completes move buttons to reorder:
    • SQL Report Charts
    • Task Parameters
  • Update dependencies
  • Use core24 base for snap build
• Bug fixes:
  • Remove unwanted child tasks deduplication displayed in Workflow task pages

v1.17.0

2024-08-26

• New features:
  • Execution retention period can now be specified at the project or task level
  • Files can be deleted in Node file explorer (requires at least STARTUP Edition)
• Enhancements:
  • Add a delay between failed login attempts to prevent brute-force attacks
  • Execution lists can be dynamically filtered by task name
  • Node lists can be dynamically filtered by node name
  • In SQL report tasks, chart base width becomes a minimum width: if the displayed width is less than the base/minimum width, a horizontal scroll bar appears rather than shrinking the chart
  • Add explicit Node unreachable error on failed SSH connection attempt
  • Revamp SSH connection management
  • Back-end is built with Go 1.23
• Bug fixes:
  • Removal of Windows Defender false positives with ctfreak.exe
  • Fix unreleased resources on failed Postgresql database connections over SSH tunneling
  • API execution creation now returns http code 201 instead of 200
  • Fix default submit button issues on task edition

v1.16.0

2024-07-30

• New features:
  • Node file explorer: CTFreak can now be used as a read-only SFTP web client for all your nodes
• Enhancements:
  • Smoother UI navigation with improved concurrent read-only access to backend database
  • Update dependencies
• Bug Fixes:
  • Fix saving of node filter tag exclusion when editing tasks

v1.15.0

2024-06-27

• New features:
  • Improved HTTP Request tasks:
    • Add optional HTTP response logging (status, headers and body)
    • JSON response body auto-prettifying
• Enhancements:
  • Add FreeBSD amd64 & arm64 build and install process
  • Add Linux arm64 build
  • Remove Linux arm32 build
  • Back-end is built with Go 1.22
  • Update dependencies
  • Update internal log timestamp format
• Reworking of FREE & STARTUP Edition license
• Bug Fixes:
  • Fix scrolling reset issues when editing large scripts
  • Remove redundant logs when executing SQL script task

v1.14.2

2024-05-12

• Bug Fixes:
  • Fix gitlab incoming webhook calls
  • Improve logs of failed incoming webhook calls

v1.14.0

2024-02-13

• New features:
  • Parameterizable tasks:
    • Define a list of parameters per task
    • Parameter types can be either Selector, Checkbox, Integer, Date, or Text
    • Each parameter has a default value
    • Set parameter values on new execution form
    • Use them in your Bash or Powershell script tasks as environment variables
    • Use them in your SQL report tasks as query parameters
    • Very useful to allow business users to execute a task with restricted options
• Project constants can now be used in your SQL report tasks as query parameters
• Enhancements:
  • !!Breaking change!!: the : symbols in SQL report task queries must now be doubled, so as not to be confused with a query parameter
  • CF_PC_ project constant prefixes have been renamed to CPC_ (renaming in existing bash and powershell scripts will be done automatically on CTFreak instance update)
  • Improve Rest API error messages
  • Update dependencies
• FREE Edition specs update and new BUSINESS Edition (see ctfreak.com homepage)
• Bug Fixes:
  • Fix default submit button issues on some forms
  • Use SMTP without authentication when SMTP Username is empty

v1.13.2

2024-01-10

• Bug Fixes:
  • Support LOGIN SMTP authentication method in addition to PLAIN to enable email notifications to be sent to MS Office 365 smtp server

v1.13.1

2023-12-28

• Enhancements:
  • Migrate to CodeMirror 6
  • Update dependencies
  • Reworking of license page
• Bug Fixes:
  • Fix line wrap overflow issue when editing scripts
  • Fix chart duplication issue on SQL report tasks

v1.13.0

2023-10-24

• New features:
  • Project constants:
    • Define a list of constants per project
    • Use them in your bash or powershell script tasks as environment variables
    • Update the value of your constants instead of updating your scripts
• Enhancements:
  • Replace deprecated dependency to manage OpenID Connect token
  • Migrate front-end to Svelte 4
  • Update dependencies
  • Reworking of demo project

v1.12.0

2023-09-21

• New features:
  • In SQL Report tasks:
    • Charts can be duplicated
    • New options to force axes to begin at zero
• Enhancements:
  • Improve UI:
    • Increase selection area size for links
    • Reduces footer refresh rate
    • Update colors
  • Add license alerting:
    • Remaining days before license expiration
    • License check issues
  • New About page with third-party software list
• Bug Fixes:
  • Reverse top and bottom axis for horizontal bar/line charts
  • Fix typo in sql report

v1.11.1

2023-08-13

• Enhancements:
  • List of notifiers now transitions from a table to a grid on mobile resolution
  • Back-end is now built with Go 1.21
• Bug Fixes:
  • Upon first startup, create the directory $HOME/.config if it is missing as needed

v1.11.0

2023-08-05

• New features:
  • New SQL Report task:
    • Generate a responsive report from SQL queries
    • Mix multiple data sources
    • Choose from various types of charts
    • The FREE Edition allows creating up to 2 SQL report tasks
  • New project viewer role:
    • A user with this role on a given project will only be able to view the execution results of the project’s tasks (not the log files)
    • This role is ideal for restricting business users to access only the reports generated by SQL Report task
• Enhancements:
  • Redesign of sub-execution database storage
  • New task type selector
  • Update dependencies
• FREE Edition specs update
• Bug Fixes:
  • Fix empty workflow edition issue
  • Remove Delete execution button for user with executor role
  • Fix cache issues on iOS

v1.10.1

2023-06-20

• Enhancements:
  • Add command line arguments to setup external url and main OpenID Connect auth provider at startup of CTFreak
  • Call OpenID Connect userinfo endpoint as fallback for missing claims in ID Token

v1.10.0

2023-06-18

• New features:
  • Maximum number of concurrent shell script/command executions is now configurable for dedicated tasks
• Enhancements:
  • A SQL script task can now be re-executed only on the failed databases of a previous execution
• Bug Fixes:
  • Add explicit OpenID Connect “Empty user name” error message
  • Fix Typo in SSH credentials
  • Fix node/database execution list refresh issues with active/failed executions filter

v1.9.2

2023-05-30

• Enhancements:
  • Retrieve mysql error number on failed database connection
• Bug Fixes:
  • Aborted SQL script task should return Aborted instead of Failed for final status
  • RAISE NOTICE commands now properly appear in logs of SQL Script tasks for Postgresql databases without SSH tunneling
  • Fix SQL Script Aborting for Postgresql databases with SSH tunneling

v1.9.0

2023-05-12

• New features:
  • CTFreak now manages databases (following the same principle as nodes) !
    • Mysql and Postgresql are the first supported types, with others being added in future updates
    • Nodes can be used to connect to databases via an SSH tunnel
  • New SQL script task: execute SQL or PL/SQL script on databases
  • New global settings option to disable task scheduling
• Enhancements:
  • !!Breaking change!!: node names are now unique. Any existing duplicates (if there are any) will therefore be given a new name “{old name}-1”, “{old name}-2”, … after the update.
  • Failed external node source syncs return more detailed errors
  • Node filters no longer exclude nodes without credential
  • Add all/active/failed executions filter for execution list
  • Update dependencies

v1.8.4

2023-04-11

• New features:
  • Custom logo displayed on the login page and in the header of the sidebar menu (PRO Edition only)
• Enhancements:
  • Perform a database vacuum when ctfreak starts

v1.8.3

2023-03-19

• Enhancements:
  • Redesigned notification conditions in task editor

v1.8.2

2023-03-11

• New features:
  • New Replacement multiple execution policy: when receiving an execution request while an execution is already running for a given task, abort the running one and chain a new execution

v1.8.1

2023-03-10

• New features:
  • New Smart chaining multiple execution policy: when receiving an execution request while an execution is already running for a given task, chain the new execution (this is particularly useful for setting up a CI/CD pipeline)
• Enhancements:
  • Requests for forbidden concurrent executions are rejected rather than resulting in a new failed execution
  • Project task lists can be dynamically filtered by task name
  • Add profile page
  • Use profile picture for OpenID Connect users
• Bug Fixes:
  • OpenID Connect users “Full name” field is not editable anymore
  • Fix the link that redirects to the cron format documentation

v1.7.2

2023-02-23

• Enhancements:
  • Use a darker theme color for better text readability
• Bug Fixes:
  • When requesting the aborting of the execution of a command or script task, a SIGHUP signal is now sent for a graceful shutdown

v1.7.1

2023-02-18

• New features:
  • Add Incoming Webhooks:
    • Generic webhook to execute a task with a simple HTTP POST request
    • Github/Gitlab webhook to execute a task after an event (push, …)
• Enhancements:
  • Add task type preselection page
  • Add notifier type preselection page
  • Schedule embedded database analyze once a day to improve performance
  • API return distinct error messages for missing discord/mattermost/slack/msteams notifier parameters
  • Update dependencies

v1.6.0

2023-01-31

• New features:
  • Add Telegram notifications
  • Add MS Teams notifications
• Enhancements:
  • Add a command line argument to bypass the http port stored in the config file

v1.5.2

2023-01-10

• Bug Fixes:
  • CTFreak can now be properly run as a Windows service

v1.5.1

2023-01-09

• New features:
  • New Powershell script task: execute powershell scripts on windows nodes through SSH
  • New node page with the list of tasks using the node (very useful for checking if there are still tasks related to the node before deleting it)
• Enhancements:
  • !!Breaking change!! for Windows CTFreak instances: CTFreak config folder is no longer %AppData%\ctfreak but %LocalAppData%\ctfreak (think of moving your folder before your upgrade)
  • Add pagination of the task list on project pages
  • All listings increase from 30 to 40 items per page
  • The execution of a task now systematically requires a confirmation and redirects to the execution page
  • Notifications previously sent only in case of failed executions are now also sent in case of aborted executions
• Bug Fixes:
  • Fix failed webhook call detection for Discord/Mattermost/Slack notifiers
  • Discord notifier name should not contain “discord”
  • Fix dead link in credential listing

v1.4.0

2023-01-04

• New features:
  • Node filters now handles tag or node name exclusions with ! prefix
• Enhancements:
  • Add a footer mention when a new ctfreak release is available to download
• Bug Fixes:
  • Add a link to execution page in email notifications

v1.3.2

2022-12-28

• Bug Fixes:
  • Fix Microsoft OpenID Connect preset
  • Add X-Accel-Buffering http header to prevent logs loading issues with nginx reverse-proxy

v1.3.1

2022-12-27

• Enhancements:
  • Add Salesforce & Onelogin OpenID Connect presets
• Bug Fixes:
  • Fix missing nodes menu for admin users without any project manager role

v1.3.0

2022-12-22

• New features:
  • Add SSO via OpenID Connect
  • Add user rights management
  • Users are deletable
• Enhancements:
  • Hide unassigned projects from non-admin users
  • Update dependencies
• Bug Fixes:
  • Fix for disabled users not being taken into account in some cases
  • Fix null error messages on user creation or update

v1.2.0

2022-10-25

• New features:
  • Add new Email Notifier
  • All notifiers can now be tested on demand
  • Add notifications for execution failures
• Enhancements:
  • Remove empty headers on HTTP Request task creation

v1.1.2

2022-10-18

• Bug Fixes:
  • Fix typo on Credential page
  • Fix OAuth Access Token

v1.1.1

2022-09-26

• New features:
  • New HTTP Request task type to call API endpoints (webhook, ping, …).
  • PRO Edition now unlocks concurrent task executions instead of concurrent SSH connections (In other words, the FREE Edition now allows for concurrent SSH connections within the same task).

v1.0.9

2022-09-14

• New features:
  • A task can now be re-executed only on the failed nodes of a previous execution.
• Enhancements:
  • Add failed nodes filter for node execution list.

v1.0.8

2022-09-04

• New features:
  • Add node attribute os family
• Enhancements:
  • Do not prevent the creation of forbidden concurrent executions, just mark them as failed.
  • Remove node attribute ssh shell

v1.0.7

2022-09-02

• Enhancements:
  • Client request a forced reload to clean browser cache when the client version does not match the server version.
  • Highlight nodes and external node sources with missing credential.
  • Typo: rename keys to credentials