New Table: Windows Update History #7407
Conversation
|
|
|
/easycla |
There was a problem hiding this comment.
I have a version of this in launcher and I'm excited to see this get added to osquery core. I don't feel like I can review the windows c++ code, but 👍 to the intent
There was a problem hiding this comment.
Hello @aleksmaus
Thanks for the PR! I have left some comments on the code
52d13c5 to
84212be
Compare
|
Made the implementation consistent with the established guidelines. This addresses all the latest code review feedback. |
|
I just tried the table on a Windows 11 VM with a lot of updates installed, and it worked great. Tests ran, pass. I reviewed the code and didn't find anything to change about it. LGTM |
|
@aleksmaus please rebase this on latest master, since there's an issue with the ReadTheDocs check that is solved there. |
|
gentle bump to encourage getting this merged! Can help if requested. |
|
@alessandrogario I think the author addressed your requested changes from before |
|
@alessandrogario could you respond please? |
Changes appear to have been addressed
|
@zwass I just checked and this still LGTM if you want to approve/merge |
|
Thank you! |
BTW Seph in my last pass I did look for any use of an API that allocated memory that needed to be freed by the caller. Didn't see that problem here. I meant to add that in a comment. |
|
(Windows 10, Office 2010 ) I was trying to check if some updates were installed. I tried 3 different PS commands which all gave different results but none of them returned the updates in question. The update installers all reported as already installed when run. This table windows_update_history doesn't include them either. They are office 2010 updates installed by running a MS download eg. mso2010-kb4484454-fullfile-x64-glb.exe. Looks like updates installed this way aren't reported by any of the usual tools. |
This change adds the new table
windows_update_historyas requested in the issue: #7405Screenshot:
Opening for a feedback.
Fixes: #7405