…_map` (#7789)

…7788)

- Linux: instead of using the uptime and having to extrapolate
  the boot time and then calculate the start time,
  which causes multiple clock reads and therefore an inherent
  imprecision in the final result, we read directly the boot time
  from procfs once and keep it in memory for the whole
  process duration.

- macOS: instead of extrapolating the process age and then use that
  to calculate the start time, which is again done through two different
  clock reads, read the already correct start time from another API.
  This also fixes a bug with system sleep, since the start time
  retrieved by the previous APIs was a relative value that didn't
  include system sleep.

…still running (#7783)

Fixes #8007

Fixes the empty "host" column in the "logged_in_users" table on Windows, by falling back to the WTSClientName from the WTSQuerySessionInformationW API.

…7813)

Use the same version of python when installing the modules via pip
and when configuring osquery, otherwise the tests
will not find the modules.

Open pipe handles non-exclusively, specifically on Windows. Fixes issue 7809.

#7818)

- Fixes the retry mechanism of some AWS HTTP requests
  in some cases, like STS.
  The osquery MakeRequest implementation for the AWS SDK
  was incorrectly setting a 200 response code when the osquery http client
  would throw an exception, due to some internal error or simply
  due to reaching the timeout for sending the request.
  Not only this hides some of the logging that could happen
  when this is reported as an error, but it also prevents
  the AWS SDK logic to retry again.

- Improve again the STS credentials retrieval failure message,
  since in some cases the error message was empty.
  Now print the error message when present, the STS error type,
  and the HTTP response code, when present.

- Improve support on shutting down quickly when the AWS logger plugin
  is retrying sending logs.

A deadlock could happen if a log relay thread
was trying to serialize logs into the database
when a database reset was being attempted.

Since the log relay thread is started by the same thread
that executes the database reset, the scheduler thread,
ensure that the log relay thread has finished its work
before doing a database reset on the next scheduler loop.

Also ensure that when the scheduler is finishing its work,
to permit osquery to exit, we wait on the log relaying thread
if it's still running to prevent race conditions
and possible crashes on shutdown.

Finally remove the relayStatusLog call from the watcher process,
it's a no-op since there's no logger plugin active.

The set-output command is being deprecated,
use the special $GITHUB_OUTPUT environment file instead.

The AWS SDK request GetContentType function must not be called
if we aren't sure (with HasContentType for instance)
that the content type is in the headers,
because it doesn't return an empty type and instead
returns something referencing uninitialized memory.

Only check CurrentControlSet, since the others are clones/backups.

#7726)

* Add column to es_process_events indicating if binary is ad-hoc signed

* Switch to a general codesigning_flags column and include additional flags

- Add the third_party_libraries_cves_scanner.py and github_api.py
  helper scripts to scan for third party libraries CVEs,
  using the NIST NVD APIs and database,
  and a local third party libraries manifest which provides the metadata
  necessary for the scan.

  When new CVEs are found, and if the script is run
  with the --create_issues flag, new issues will be opened in the repository,
  if not already opened, to keep track of them.

- Add a validate_manifest_libraries_versions.py and manifest.py helper
  scripts to verify that the manifest of libraries is always
  with the correct format and that is up to date.

- Add a CI job running periodically once a day will use these scripts
  to validate the manifest, scan for CVEs and open issues.

- Validate the manifest during PRs too.