[pull] main from intelowlproject:main

.env_template

@@ -13,4 +13,4 @@ COMPOSE_FILE=docker/default.yml:docker/local.override.yml
 #COMPOSE_FILE=docker/default.yml:docker/local.override.yml:docker/elasticsearch.yml
 
 # If you want to run a specific version, populate this
-# REACT_APP_INTELOWL_VERSION="3.0.1"
+# REACT_APP_INTELOWL_VERSION="3.1.0"

.github/actions/python_requirements/restore_virtualenv/action.yml

@@ -12,6 +12,9 @@ inputs:
     description: A git reference (name of the branch, reference to the PR) that will be used to build the cache key.
     required: false
     default: ${{ github.ref_name }}
+  python_version:
+    description: Python version string to include in the cache key, preventing cross-version cache collisions.
+    required: true
 
 outputs:
   cache-hit:
@@ -32,7 +35,7 @@ runs:
       uses: actions/cache/restore@v4
       with:
         path: ${{ inputs.virtual_environment_path }}
-        key: ${{ inputs.git_reference }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
+        key: ${{ inputs.git_reference }}-py${{ inputs.python_version }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
 
     - name: Activate restored virtual environment
       if: >

.github/actions/python_requirements/save_virtualenv/action.yml

@@ -12,6 +12,9 @@ inputs:
     description: A git reference (name of the branch, reference to the PR) that will be used to build the cache key.
     required: false
     default: ${{ github.ref_name }}
+  python_version:
+    description: Python version string to include in the cache key, preventing cross-version cache collisions.
+    required: true
 
 runs:
   using: "composite"
@@ -26,4 +29,4 @@ runs:
       uses: actions/cache/save@v4
       with:
         path: ${{ inputs.virtual_environment_path }}
-        key: ${{ inputs.git_reference }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
+        key: ${{ inputs.git_reference }}-py${{ inputs.python_version }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}

.github/workflows/_python.yml

@@ -261,6 +261,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python
+        id: setup_python
         uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python_version }}
@@ -343,6 +344,7 @@ jobs:
         uses: ./.github/actions/python_requirements/restore_virtualenv/
         with:
           requirements_paths: "${{ inputs.requirements_path }} requirements-linters.txt requirements-dev.txt requirements-docs.txt"
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Restore Python virtual environment related to target branch
         id: restore_python_virtual_environment_target_branch
@@ -351,6 +353,7 @@ jobs:
         with:
           requirements_paths: ${{ inputs.requirements_path }}
           git_reference: ${{ github.base_ref }}
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Create Python virtual environment
         if: >
@@ -423,6 +426,7 @@ jobs:
         uses: ./.github/actions/python_requirements/save_virtualenv
         with:
           requirements_paths: "${{ inputs.requirements_path }} requirements-linters.txt requirements-dev.txt requirements-docs.txt"
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Save pip cache related to PR event
         if: >

.github/workflows/create_python_cache.yaml

@@ -33,9 +33,10 @@ jobs:
       #        sudo apt-get update && sudo apt install <package1> <package2>...
 
       - name: Set up Python
+        id: setup_python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.12"
+          python-version: "3.13"
 
       - name: Set up Python virtual environment
         uses: ./.github/actions/python_requirements/create_virtualenv
@@ -52,4 +53,5 @@ jobs:
         uses: ./.github/actions/python_requirements/save_virtualenv
         with:
           requirements_paths: .github/test/python_test/requirements.txt
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 

.gitignore

@@ -2,9 +2,14 @@ venv/
 docs/build
 docker/env_file
 docker/env_file_postgres
+docker/env_file.backup.*
+docker/env_file_postgres.backup.*
 .env
+.env.backup.*
 __pycache__/
 mlmodels/
+# Backups created by gbctl
+backups/
 # JetBrains IDEs (PyCharm, IntelliJ, etc.)
 .idea/
 # Ruff cache
@@ -16,3 +21,5 @@ coverage.xml
 *.cover
 .coverage.*
 
+# gbctl configuration file
+.gbctl.conf

api/urls.py

@@ -13,6 +13,7 @@
     feeds_asn,
     feeds_pagination,
     general_honeypot_list,
+    news_view,
 )
 
 # Routers provide an easy way of automatically determining the URL conf.
@@ -29,6 +30,7 @@
     path("cowrie_session", cowrie_session_view),
     path("command_sequence", command_sequence_view),
     path("general_honeypot", general_honeypot_list),
+    path("news/", news_view),
     # router viewsets
     path("", include(router.urls)),
     # certego_saas:

api/views/__init__.py

@@ -3,4 +3,5 @@
 from api.views.enrichment import *
 from api.views.feeds import *
 from api.views.general_honeypot import *
+from api.views.news import *
 from api.views.statistics import *

api/views/news.py

@@ -0,0 +1,20 @@
+from rest_framework.decorators import api_view
+from rest_framework.response import Response
+
+from api.views.utils import get_greedybear_news
+
+
+@api_view(["GET"])
+def news_view(request):
+    """
+    Fetch GreedyBear blog posts from an RSS feed.
+
+    Filters for posts with "GreedyBear" in the title, truncates long summaries,
+    sorts by newest first, and caches results to improve performance.
+
+    Returns:
+        List[dict]: Each dict contains title, date, link, and subtext.
+        Returns an empty list if no relevant posts are found or feed fails.
+    """
+    news_list = get_greedybear_news()
+    return Response(news_list)

api/views/utils.py

@@ -6,14 +6,18 @@
 from datetime import datetime, timedelta
 from ipaddress import ip_address
 
+import feedparser
+import requests
 from django.conf import settings
 from django.contrib.postgres.aggregates import ArrayAgg
+from django.core.cache import cache
 from django.db.models import Count, F, Max, Min, Sum
 from django.http import HttpResponse, HttpResponseBadRequest, StreamingHttpResponse
 from rest_framework import status
 from rest_framework.response import Response
 
 from api.serializers import FeedsRequestSerializer
+from greedybear.consts import CACHE_KEY_GREEDYBEAR_NEWS, CACHE_TIMEOUT_SECONDS, RSS_FEED_URL
 from greedybear.models import IOC, GeneralHoneypot, Statistics
 
 logger = logging.getLogger(__name__)
@@ -401,3 +405,57 @@ def asn_aggregated_queryset(iocs_qs, request, feed_params):
         result.append(row_dict)
 
     return result
+
+
+def get_greedybear_news() -> list[dict]:
+    """
+    Fetch GreedyBear-related blog posts from the IntelOwl RSS feed.
+
+    Returns:
+        List of dicts with keys: title, date, link, subtext
+        Sorted newest first, or empty list on failure.
+    """
+    cached = cache.get(CACHE_KEY_GREEDYBEAR_NEWS)
+    if cached is not None:
+        return cached
+
+    try:
+        response = requests.get(RSS_FEED_URL, timeout=5)
+        response.raise_for_status()
+        feed = feedparser.parse(response.content)
+
+        filtered_entries = sorted(
+            [entry for entry in feed.entries if "greedybear" in entry.get("title", "").lower() and entry.get("published_parsed")],
+            key=lambda e: e.published_parsed,
+            reverse=True,
+        )
+
+        news_items: list[dict] = []
+        for entry in filtered_entries:
+            summary = entry.get("summary", "").strip().replace("\n", " ")
+
+            subtext = summary[:180].rsplit(" ", 1)[0] + "..." if len(summary) > 180 else summary
+
+            news_items.append(
+                {
+                    "title": entry.get("title"),
+                    "date": entry.get("published"),
+                    "link": entry.get("link"),
+                    "subtext": subtext,
+                }
+            )
+
+        cache.set(
+            CACHE_KEY_GREEDYBEAR_NEWS,
+            news_items,
+            CACHE_TIMEOUT_SECONDS,
+        )
+
+        return news_items
+
+    except Exception as exc:
+        logger.error(
+            "Failed to fetch GreedyBear news from RSS feed",
+            exc_info=exc,
+        )
+        return []

configuration/nginx/errors.conf

@@ -40,7 +40,7 @@ location /404.json {
 
 error_page 408 /408.json;
 location /408.json {
-    return 408 '{"code":408,"message":"Request Timeout}';
+    return 408 '{"code":408,"message":"Request Timeout"}';
 }
 
 error_page 413 /413.json;

docker/.version

@@ -1 +1 @@
-REACT_APP_GREEDYBEAR_VERSION="3.0.1"
+REACT_APP_GREEDYBEAR_VERSION="3.1.0"

docker/Dockerfile

@@ -2,18 +2,17 @@
 FROM node:lts-alpine3.22 AS frontend-build
 
 WORKDIR /
-# copy react source code
-COPY frontend/ .
-# copy version file as an env file
-COPY docker/.version .env.local
-# install and build
-RUN npm install npm@latest --location=global
+# install dependencies first for layer caching
+COPY frontend/package.json frontend/package-lock.json ./
 RUN npm install
 
+# copy source code and build
+COPY frontend/ .
+COPY docker/.version .env.local
 RUN PUBLIC_URL=/static/reactapp/ npm run build
 
 # Stage 2: Backend
-FROM python:3.13-alpine3.22
+FROM python:3.13-slim-trixie
 
 ENV PYTHONUNBUFFERED=1
 ENV DJANGO_SETTINGS_MODULE=greedybear.settings
@@ -22,12 +21,15 @@ ENV LOG_PATH=/var/log/greedybear
 
 ARG WATCHMAN=false
 
-RUN mkdir -p ${LOG_PATH} \
-    ${LOG_PATH}/django \
-    ${LOG_PATH}/uwsgi \
-    # py3-psycopg2 is required to use PostgresSQL with Django \
-    # libgomp is required to train the model
-    && apk --no-cache -U add bash py3-psycopg2 gcc python3-dev alpine-sdk linux-headers libgomp \
+RUN mkdir -p ${LOG_PATH}/django ${LOG_PATH}/uwsgi \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends \
+       # Build dependencies (removed after pip install)
+       gcc python3-dev \
+       # Runtime dependencies:
+       # libexpat1 is required by uWSGI/Python,
+       # libgomp1 is required for model training, netcat-openbsd for healthcheck
+       libexpat1 libgomp1 netcat-openbsd \
     && pip3 install --no-cache-dir --upgrade pip
 
 COPY requirements/project-requirements.txt $PYTHONPATH/project-requirements.txt
@@ -51,11 +53,13 @@ RUN touch ${LOG_PATH}/django/api.log ${LOG_PATH}/django/api_errors.log \
     && touch ${LOG_PATH}/django/django_errors.log ${LOG_PATH}/django/elasticsearch.log\
     && touch ${LOG_PATH}/django/authentication.log ${LOG_PATH}/django/authentication_errors.log \
     && mkdir -p ${PYTHONPATH}/mlmodels \
-    && adduser -S -H -u 2000 -D -g www-data www-data \
+    && usermod -u 2000 www-data \
     && chown -R www-data:www-data ${LOG_PATH} /opt/deploy/ ${PYTHONPATH}/mlmodels/ \
     && rm -rf docs/ frontend/ tests/ .github/ docker/hooks/ \
     && /bin/bash ./docker/watchman_install.sh \
-    && apk del gcc python3-dev alpine-sdk linux-headers
+    && apt-get purge -y gcc python3-dev \
+    && apt-get autoremove -y \
+    && rm -rf /var/lib/apt/lists/* # remove the apt package index cache
 
 # start period is high to allow data migration for 1.4.0
 HEALTHCHECK --interval=10s --timeout=2s --start-period=500s --retries=3 CMD nc -z localhost 8001 || exit 1

docker/Dockerfile_nginx

@@ -1,4 +1,4 @@
-FROM library/nginx:1.29.4-alpine
+FROM library/nginx:1.29.5-alpine
 RUN mkdir -p /var/cache/nginx /var/cache/nginx/feeds
 RUN apk update && apk upgrade && apk add bash
 ENV NGINX_LOG_DIR=/var/log/nginx

docker/entrypoint_uwsgi.sh

@@ -15,10 +15,15 @@ echo "Waiting for db to be ready..."
 python manage.py makemigrations durin
 python manage.py migrate
 
-# Collect static files
-python manage.py collectstatic --noinput
+# Collect static files, overwriting existing ones
+python manage.py collectstatic --noinput --clear --verbosity 0
+
+# Obtain the current GreedyBear version number
+. /opt/deploy/greedybear/docker/.version
+export REACT_APP_GREEDYBEAR_VERSION
 
 echo "------------------------------"
+echo "GreedyBear $REACT_APP_GREEDYBEAR_VERSION"
 echo "DEBUG: " $DEBUG
 echo "DJANGO_TEST_SERVER: " $DJANGO_TEST_SERVER
 echo "------------------------------"

docker/watchman_install.sh

@@ -3,7 +3,7 @@
 # This script can be disabled during development using REPO_DOWNLOADER_ENABLED=true env variable
 if [ "$WATCHMAN" = "false" ]; then echo "Skipping WATCHMAN installation because we are not in test mode"; exit 0;  fi
 
-apk add gcc linux-headers build-base
+apt-get update && apt-get install -y --no-install-recommends gcc build-essential
 pip3 install --compile -r requirements/django-server-requirements.txt
 
 # install Watchman to enhance performance on the Django development Server