What's New in v2.1.0

Realtime Updates

• Server-Sent Events (SSE) — dashboards update instantly when rounds complete instead of polling every 30s. Scoreboard, overview, services, injects, and admin pages all converted. Graceful fallback to polling if SSE unavailable. (#1191)

Inject System

• Inject categories — templates can be classified as Business, Technical, or Incident Response (#1174)
• Admin grading without submission — white team can score injects for verbal presentations without requiring a team submission (#1169)
• Inject cache fix — submit/resubmit/comment now properly invalidates cached data (#1171)
• Overview disclaimer — shows banner when inject scores are hidden (#1170)

Scoring & Stats

• Scoring overview tables — white team stats page shows service and inject scores with ordinal rankings per category, with copy-to-clipboard for spreadsheets (#1175)

Check Improvements

• SSH check diagnostics — step-by-step output: reachable → auth → command execution with exit codes (#1172)
• WinRM check diagnostics — same step-by-step pattern for WinRM checks (#1173)

Admin UX

• Sidebar search filter — filter services by name in the admin sidebar (#1168)
• Overview admin links — status icons link to admin service pages for white team
• Scrollable sidebar — handles 60+ services per team without pushing page content

Flags

• Offline host indicator — black X icon on flags capture status page for hosts that haven't checked in (#1187)

Performance & Reliability

• uWSGI tuning — listen queue 256, harakiri 60s, thunder-lock, broken pipe suppression (#1167)
• nginx optimization — gzip compression, upstream keepalive, SSE proxy, upload buffering (#1167)
• SQLAlchemy fix — relationship warning on InjectRubricScore resolved (#1166)

Infrastructure

• Docker CI fix — apt lock contention in multi-platform builds (#1190, #1192)
• gevent added for SSE server (runs alongside uWSGI)
• Alembic migration for inject category field (002)

Summary

This release includes all work done for the current CCDC competition season.

Major Features

• Bootstrap 5.3 migration with dark mode and theme system
• Inject system rewrite with rubric-based grading
• Announcements system with configurable welcome page
• Team name anonymization
• Score rollback for admin recalculation
• Check dry-run mode for pre-competition validation
• Check output artifact storage

Engine Performance

• Fix engine performance bottlenecks for large competitions
• Optimize engine check lookup and settings in wait loop
• Eager-load environment properties and service accounts to eliminate N+1 queries
• Fix round duration to include result processing time

Redis Stability

• Add Redis socket timeouts to prevent 120s connection hangs
• Disable Redis RDB persistence to prevent BGSAVE hangs
• Add result expiration to prevent Redis key buildup

Output Handling

• Cap task output to prevent Redis serialization bloat
• Truncate output on engine side and use truncated output for matching
• Align Redis output cap to DB (5K) and disable file writes
• Fall back to DB output when disk file not found

Bug Fixes (Competition Critical)

• Fix flag totals scoring query returning incorrect results
• Fix stats page service ratio (Round.id vs Round.number)
• Fix stuck Celery tasks hanging rounds indefinitely (hard time limits + engine timeout)
• Add network timeouts to all check scripts (SSH, FTP, SMTP, SMB, WinRM, HTTP, etc.)
• Fix check output permission denied in Docker containers
• Fix inject grade data loss
• Fix open redirect vulnerability in login
• Fix rollback endpoint lock timeout, engine reset, and race condition
• Add 5-second regex timeout to prevent ReDoS hangs

Observability

• Add engine round phase logging for performance visibility
• Add progress logging to result processing loop
• Add per-task timing to identify slow dispatches and result fetches

Infrastructure

• Redesigned test suite (pytest fixtures, parametrize)
• Multi-stage Docker builds with layer optimization
• Optimized CI with parallel tests and pip cache

What's Changed

• Fix inject comments crash from string-based joinedload (SQLAlchemy compatibility)
• Add docker-compose.override.yml to .gitignore

Bug Fixes

• Fix inject template import errors and null team crashes (#1114)
• Fix SLA Decimal/float TypeError when multiplying base_points by float multiplier (#1113)
• Fix overview service status query using wrong round identifier (#1098)
• Fix flags setup and API for SQLite compatibility (#1092)

Improvements

• Optimize Docker builds with multi-stage base and layer reduction
• Modernize Docker image build workflow
• Add mobile-responsive CSS for scoreboard and admin pages (#1101)
• Add X-Forwarded-Proto header to nginx proxy config
• Parameterize MySQL passwords and add .env to gitignore
• Migrate to pyproject.toml-based configuration (#1088)
• Enhance version system with git info and detailed version tracking (#1087)

Dependency Updates

• cryptography 46.0.3 → 46.0.4 (#1111)
• pyyaml 6.0.2 → 6.0.3 (#1095)
• bcrypt 4.3.0 → 5.0.0 (#1094)
• pytest 8.4.2 → 9.0.2 (#1096)
• coverage 6.1.2 → 7.6.10

Highlights

New Feature: SLA Penalties and Dynamic Scoring System (#1083)

• Dynamic score multipliers per round (early rounds 2x, normal 1x, late rounds 0.5x)
• SLA penalties for consecutive service failures
• Configurable via admin interface

Improvements

Performance

• Fix SQLAlchemy performance issues with optimized queries (#1051)
• Fix stale settings after toggle due to in-memory cache

CI/CD & Docker

• Add Docker Hub publishing to image workflow
• Optimize Docker builds with parallelization and registry cache
• Add manual workflow trigger with publish_latest option

Documentation

• Update CLAUDE.md to reflect current codebase state (#1078)
• Write project roadmap (#1079)
• Improve README with architecture docs and better organization (#1080)
• Fix Python versioning documentation (#1081)

Code Quality

• Add comprehensive test coverage for high and medium impact areas (#1063)
• Replace deprecated datetime.utcnow() with datetime.now(timezone.utc) (#1085)
• Remove duplicate claude.md (case conflict on Windows)

Dependencies

• Bump mock from 5.1.0 to 5.2.0 (#1037)

What's New in v1.1.0

This release includes significant improvements to Docker support, performance optimizations, new features, and extensive testing improvements.

🐳 Docker & ARM64 Support

• ARM64 Support: Docker images now support both linux/amd64 and linux/arm64 architectures (#1075)
• GHCR Migration: Images published to GitHub Container Registry with proper multi-arch builds
• Optimized Docker Images: Reduced image sizes and improved build times (#1058)

✨ New Features

• Playwright-based Web Checks: Advanced web application testing with headless browser support (#1072)
• Flag System: Full CTF-style flag capture functionality with UI (#958, #959)
• Black Team Agent: Red team agent tracking and scoring (#772)
• Engine Pause: Ability to pause/resume competition engine (#769, #770)
• Inject System Improvements: Enhanced inject management and template import (#728)
• WinRM Check: Windows Remote Management service check support
• Telnet Check: Telnet service check support
• NFS Check: Network File System check support
• OpenVPN Check: VPN connectivity check support
• Wordpress Check: WordPress site availability check

🚀 Performance Improvements

• Database Query Optimization: Fixed N+1 queries with eager loading (#1052, #1055)
• Settings Caching: Added Redis caching for settings (#1053)
• Blue Team Services Optimization: Improved service loading performance (#776)
• Static File Caching: Nginx caching for static assets (#947, #948)
• JavaScript Performance: Optimized client-side code (#1060)

🔧 Infrastructure

• Semantic Versioning: Implemented bump-my-version for releases (#1056)
• Pre-commit Hooks: Added black, isort, and flake8 (#996)
• Airgapped Deployment: Comprehensive tooling and documentation (#1062)
• Docker Healthchecks: Replaced wait scripts with compose healthchecks (#1017)
• pyproject.toml Migration: Modern Python packaging (#996)

🐛 Bug Fixes

• Fixed admin batch operations in inject template import (#1057)
• Fixed recursive loading of checks (#946)
• Fixed cache flushing on round end (#949)
• Fixed SQLAlchemy legacy usage and deprecation warnings (#1005, #922)
• Fixed integration test database setup (#1043)
• Fixed Elasticsearch, SMTP, and FTP testbed builds (#1035)
• Fixed config loader fallback defaults (#1045)
• Fixed round stats to use round timestamps (#963)
• Fixed percentage calculation in team stats
• Fixed uwsgi buffer sizes (#950)

📦 Dependency Updates

• Python base image updated
• Flask 2.x → 3.1.2
• Celery 5.6.2
• SQLAlchemy 2.x compatibility
• Werkzeug 3.1.5
• cryptography 46.0.3
• mysqlclient 2.2.7
• And many more security and compatibility updates

📚 Documentation

• Comprehensive CLAUDE.md for AI assistants (#1050, #1064)
• Airgapped deployment guide (#1062)
• API overview documentation (#1016)
• Configuration loader documentation (#988)
• Improved README (#1014)

🔒 Security

• Multiple Snyk and Dependabot security fixes
• CodeQL analysis integration
• Container security scanning

Docker Images: Available on GHCR with :latest and :v1.1.0 tags

docker pull ghcr.io/scoringengine/scoringengine/base:latest
docker pull ghcr.io/scoringengine/scoringengine/web:latest
docker pull ghcr.io/scoringengine/scoringengine/engine:latest
docker pull ghcr.io/scoringengine/scoringengine/worker:latest
docker pull ghcr.io/scoringengine/scoringengine/bootstrap:latest

Full Changelog: v1.0.0...v1.1.0