v0.25 Security Release! + Feature drop

Security

When install GMT in an unsecured multi-user environment a malicious actor that has already penetrated the system could replace a binary in an allowed sudoers path to get root access rights.

This security vulnerability is to be seen as relatively low, as the system is not open from the outside. It is a local privilege escalation.

We recommend updating to this release as soon as possible. Fix can be applied by just running the install script (install_linux.sh / install_mac.sh) again.

Features

• Power per Container is now displayed in the dashboard. This feature is based on a linear estimation of the container CPU usage and the total machine power
• Multi-Stage-Build Docker Images Support
• Global Timeout to abort measurement when a timer is expired
• Weekly projects for the timeline projects to run a project only once a week
• RAPL energy filtering guard clause is now checked

What's Changed

• Bump green-coding-solutions/eco-ci-energy-estimation from 2 to 3 by @dependabot in #754
• Bump fastapi from 0.110.2 to 0.110.3 by @dependabot in #758
• Bump orjson from 3.10.1 to 3.10.2 by @dependabot in #759
• Bump tqdm from 4.66.2 to 4.66.4 by @dependabot in #760
• Added more sanity checks for duplicate and wrong container names; Add… by @ArneTR in #762
• Bump schema from 0.7.5 to 0.7.7 by @dependabot in #765
• Bump orjson from 3.10.2 to 3.10.3 by @dependabot in #764
• Bump redis from 5.0.3 to 5.0.4 by @dependabot in #756
• Bump psycopg-pool from 3.2.1 to 3.2.2 by @dependabot in #771
• Bump pylint from 3.1.0 to 3.2.0 by @dependabot in #772
• Bump pytest from 8.1.1 to 8.2.0 by @dependabot in #757
• Bump pydantic from 2.7.0 to 2.7.1 by @dependabot in #755
• Contexts and volume included can now happen in parent directories by @ArneTR in #767
• Trying to force keyword args by @ArneTR in #766
• Bump psycopg[binary] from 3.1.18 to 3.1.19 by @dependabot in #770
• Bump pytest from 8.2.0 to 8.2.1 by @dependabot in #775
• Bump playwright/python from v1.43.0-jammy to v1.44.0-jammy in /docker/auxiliary-containers/gcb_playwright by @dependabot in #774
• Bump pylint from 3.2.0 to 3.2.2 by @dependabot in #776
• Allow local URI to be a symbolic link by @davidkopp in #779
• Bump requests from 2.31.0 to 2.32.2 by @dependabot in #782
• Bump scipy from 1.13.0 to 1.13.1 by @dependabot in #784
• Proposal: Increase default wait time for dependencies by @davidkopp in #781
• Bump docker from 7.0.0 to 7.1.0 by @dependabot in #786
• Moving int to str by @ArneTR in #785
• Bump uvicorn[standard] from 0.29.0 to 0.30.0 by @dependabot in #787
• Uvicorn worker by @ArneTR in #788
• Improve Healthcheck with start-interval parameter by @davidkopp in #783
• Bump pydantic from 2.7.1 to 2.7.2 by @dependabot in #789
• Added sorting by date and unified ci and measurement runs frontend by @ArneTR in #769
• Bump requests from 2.32.2 to 2.32.3 by @dependabot in #791
• Adding network to SCI and clarifications by @ArneTR in #793
• Moving our workflows to Ubuntu 24.04 because Docker Engine is too old… by @ArneTR in #794
• Reducing workflow permissions by @ArneTR in #797
• Power per container by @ArneTR in #795
• Bump uvicorn[standard] from 0.30.0 to 0.30.1 by @dependabot in #801
• Adds a script to remove carbonDB duplicates by @ribalba in #799
• Bump pydantic from 2.7.2 to 2.7.3 by @dependabot in #802
• Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #804
• Bump python from 3.12.3-slim-bookworm to 3.12.4-slim-bookworm in /docker by @dependabot in #807
• Bump redis from 5.0.4 to 5.0.5 by @dependabot in #805
• Bump pylint from 3.2.2 to 3.2.3 by @dependabot in #806
• Bump orjson from 3.10.3 to 3.10.4 by @dependabot in #808
• Bump pydantic from 2.7.3 to 2.7.4 by @dependabot in #809
• Bump redis from 5.0.5 to 5.0.6 by @dependabot in #810
• Bump orjson from 3.10.4 to 3.10.5 by @dependabot in #811
• Bump psutil from 5.9.8 to 6.0.0 by @dependabot in #816
• Added randomly by @ArneTR in #818
• Warmup for machines added if too cool by @ArneTR in #817
• Local images support by @ArneTR in #813
• Global timeout by @ArneTR in #814
• Kaniko enable multi-stage builds by @ArneTR in #819
• Bump scipy from 1.13.1 to 1.14.0 by @dependabot in #820
• Co2eq totals and Co2i totals by @ArneTR in #823
• Calling fixture by @ArneTR in #826
• Bump redis from 5.0.6 to 5.0.7 by @dependabot in #822
• Bump psycopg[binary] from 3.1.19 to 3.2.1 by @dependabot in #827
• Bump pylint from 3.2.3 to 3.2.5 by @dependabot in #828
• Bump pydantic from 2.7.4 to 2.8.0 by @dependabot in #829
• Bump orjson from 3.10.5 to 3.10.6 by @dependabot in #830
• Weekly projects added by @ArneTR in #834
• Bump pydantic from 2.8.0 to 2.8.2 by @dependabot in #831
• Expires header added to email by @ArneTR in #824
• Bump docker/build-push-action from 5 to 6 by @dependabot in #815
• Bump playwright/python from v1.44.0-jammy to v1.45.0-jammy in /docker/auxiliary-containers/gcb_playwright by @dependabot in #832
• Bump fastapi from 0.110.3 to 0.111.1 by @dependabot in #837
• Bump pytest from 8.2.2 to 8.3.1 by @dependabot in #840
• Bump hiredis from 2.3.2 to 3.0.0 by @dependabot in #841
• Bump uvicorn[standard] from 0.30.1 to 0.30.3 by @dependabot in #839
• Bump pylint from 3.2.5 to 3.2.6 by @dependabot in #838
• Security fix for python interpreter replacement by @ArneTR in #835
• Rapl energy filtering check by @ArneTR in #836

Full Changelog: v0.24...v0.24.1