Skip to content

BP-2735: Release notes (2026-07-07)#333

Open
jeff-matthews wants to merge 17 commits into
release/v9.4.0from
BP-2735-release-notes
Open

BP-2735: Release notes (2026-07-07)#333
jeff-matthews wants to merge 17 commits into
release/v9.4.0from
BP-2735-release-notes

Conversation

@jeff-matthews

@jeff-matthews jeff-matthews commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Purpose

This pull request (PR) adds release notes for the v9.4.0 BloodHound release cycle to the release integration branch, which includes:

  • BloodHound v9.4.0
  • OpenHound v0.2.11 (also includes issues from undocumented iterations since v0.2.1)

No release for:

  • SharpHound
  • AzureHound

There are several related PRs for supporting documentation that also need to be reviewed and merged separately to ensure alignment with release notes:

Staging

Summary by CodeRabbit

  • New Features

    • Added a new release notes entry highlighting ADCS ESC14 Scenario A graph coverage and experimental graph ID lookup APIs.
    • Documented new Enterprise analysis options, including a variable analysis mode for faster re-runs after privilege zone changes.
  • Enhancements

    • Noted improved read-only access for auditors and updated default admin email guidance.
    • Expanded Zone Builder authoring guidance and increased default query memory limits.
  • Bug Fixes

    • Added multiple fixed issues across analysis, API, explore, OpenGraph, UI, findings, and collector stability.

@jeff-matthews jeff-matthews self-assigned this Jun 30, 2026
@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 935af650-fa5e-4994-b348-64d27f2a4a2f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the main change: adding release notes for 2026-07-07.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch BP-2735-release-notes

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.


<Update label="BloodHound" description="New Feature" tags={["Data Collection"]}>
{/*BED-6155*/}
## ADCS ESC14 Scenario A Attack Paths

@jeff-matthews jeff-matthews Jun 30, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #325


<Update label="BloodHound" description="New Feature" tags={["API"]}>
{/*BED-8608, BED-8609*/}
## Graph ID Lookup APIs

@jeff-matthews jeff-matthews Jun 30, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #332


<Update label="BloodHound" description="Enhancement" tags={["Administration"]}>
{/*BED-8189*/}
## Updated Default Admin Email Address

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #303


<Update label="BloodHound" description="Enhancement" tags={["Zone Builder"]}>
{/*BED-8276, BED-8781*/}
## Variable Analysis Mode

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #335


<Update label="BloodHound" description="Enhancement" tags={["Zone Builder"]}>
{/*BED-8303, BED-7739, BED-8520*/}
## Privilege Zone Rule Authoring Improvements

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #336

- Continues collection more often when single-object errors occur
- Handles deferred pipeline failures more consistently
- Reports its version to BloodHound for visibility on the **Manage Clients** page
- Uses human-readable plain-text logs by default for file and stdout output, while keeping structured JSON as an opt-in format

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR for supporting docs: #337

Comment thread docs/resources/release-notes/2026-07-07.mdx Outdated

@StephenHinck StephenHinck left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Slight tweak in verbiage

Co-authored-by: Stephen Hinck <shinck@specterops.io>
@jeff-matthews

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/resources/release-notes/2026-07-07.mdx`:
- Around line 91-93: The <Note> block is indented in a way that makes it render
as code instead of an admonition. Unindent the Note markup in the release note
content so the MDX parser treats it as a proper Note component; locate the block
by the <Note> tag in the release-notes entry and remove the extra leading
indentation around that section.

In `@docs/resources/release-notes/summary.mdx`:
- Around line 54-56: Update the release notes summary link so it points directly
to the fixed-issues heading on the target page rather than the generic
BloodHound update anchor. In the summary.mdx section with the “Fixed Issues”
text, adjust the href to use the fixed-issues anchor generated for the relevant
`<Update>` entry, taking into account Mintlify’s auto-generated heading anchors
from the `label` prop and any incrementing suffix if the label is repeated. Use
the surrounding “Fixed Issues” block and the `release-notes` link as the
location cues.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b8fe05d1-e5f6-4882-8888-2c76034bf407

📥 Commits

Reviewing files that changed from the base of the PR and between c955435 and 6737d05.

📒 Files selected for processing (4)
  • docs/docs.json
  • docs/manage-bloodhound/auth/users-and-roles.mdx
  • docs/resources/release-notes/2026-07-07.mdx
  • docs/resources/release-notes/summary.mdx

Comment thread docs/resources/release-notes/2026-07-07.mdx
Comment thread docs/resources/release-notes/summary.mdx Outdated
Comment thread docs/resources/release-notes/2026-07-07.mdx

@StephenHinck StephenHinck left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left a bunch of comments - happy to peek again!


This release expands ADCS attack path coverage, opens more administration workflows to auditors in read-only mode, and improves OpenHound collection resilience. Key highlights include:

- **New edges**: Model ADCS ESC14 Scenario A attack paths with new certificate-mapping edge coverage.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JonasBK does ESC14 require a SharpHound upgrade to collect? I believe it does and we should make sure to notate as such.

Comment thread docs/resources/release-notes/summary.mdx Outdated
Comment thread docs/resources/release-notes/summary.mdx Outdated

<Update label="BloodHound" description="New Feature" tags={["Data Collection"]}>
{/*BED-6155*/}
## ADCS ESC14 Scenario A Attack Paths

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a note that new SHarpHound is required for this

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New? I was told we're not doing a SharpHound release this cycle.

Comment thread docs/resources/release-notes/2026-07-07.mdx Outdated
Comment thread docs/resources/release-notes/2026-07-07.mdx
Co-authored-by: Stephen Hinck <shinck@specterops.io>

@zaton-netizen zaton-netizen left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good to go

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants