Changes
This release contains the following changes 🎉. Help spread the word or leave a GitHub star if you like it 😉
⚠️ Potential Breaking Scanner Upgrades
Important: please be aware that this release contains some potential breaking scanner updates. As discussed in ADR 0011 we accept potentially breaking changes delivered by security scanner projects within our minor updates. In the future, minor releases can contain changes that are breaking to some users. These changes will be highlighted in the release notes. Major releases will be used to indicate larger compatibility-breaking changes.
- Upgraded semgrep from 0.94.0 to 0.101.0 @secureCodeBoxBot (#1208, #1252, #1221, #1214)
- Semgrep has made some changes to the
semgrep scancommand and deprecated some flags.
- Semgrep has made some changes to the
🚀 Features
🚓 Security Scanner
- Upgraded amass from v3.19.2 to v3.19.3 @secureCodeBoxBot (#1245)
- Upgraded kubeaudit from 0.17.0 to 0.18.0 @secureCodeBoxBot (#1215)
- Upgraded nuclei from v2.7.1 to v2.7.3 @secureCodeBoxBot (#1212, #1232)
- Upgraded semgrep from 0.94.0 to 0.101.0 @secureCodeBoxBot (#1208, #1252, #1221, #1214)
- Upgraded trivy from 0.28.1 to 0.29.2 @secureCodeBoxBot (#1229, #1231)
⚓️ Hooks
- Update DefectDojo hook to jdk 17 @the-simmon (#1228)
🐛 Bug Fixes
- Fix incorrect mapping for SSLyze in DefectDojo Hook @J12934 (#1248)
- Fixes test dependencies installation for hooks locally @Ilyesbdlala (#1219)
- Added running unit-tests step to hooks ci steps @Ilyesbdlala (#1202)
- Fix yq compatibility @the-simmon (#1217)
🔧 Maintenance
- Phased out docs.securecodebox.io in main repo @Ilyesbdlala (#1233)
- Make Labels and Annotation consistent @the-simmon (#1210)
- Changed the CI requirements to run on pushes to main branch and on PRs @Ilyesbdlala (#1213)
📌 Dependencies
- Bulk dependency update @J12934 (#1241)
- Upgrade ws from 8.5.0 to 8.7.0 @snyk-bot (#1223)
- Upgrade axios from 0.26.1 to 0.27.2 @snyk-bot (#1183)
- Update Kubernetes Versions used in CI @J12934 (#1209)
Distribution
Contributors
Thanks to all our contributors supporting this project 🤗
@Ilyesbdlala, @J12934, @malexmave and @the-simmon