Changes
This release contains the following changes 🎉. Help spread the word or leave a GitHub star if you like it 😉
⚠️ Upgrade Notes
This update adds new fields to the Custom Resource Definitions (CRDs), Helm does not update CRDs after the initial installation.
To upgrade the CRDs you can run the following script or grab the latest CRDs from the git repo at the v3.5.0 tag:
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/execution.securecodebox.io_parsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/execution.securecodebox.io_scans.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/execution.securecodebox.io_scantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.5.0/operator/crds/execution.securecodebox.io_scheduledscans.yaml🚀 Features
- Introduce scope limiter on cascading rules to enforce scope @EndPositive (#805)
- Add ability to configure affinity and tolerations for scans and hooks @malexmave (#806)
🐛 Bug Fixes
🚓 Security Scanner
- Upgraded amass from v3.15.0 to v3.15.2 @secureCodeBoxBot (#857)
- Upgraded cmseek from 1.1.3 to .1.1.3 @github-actions (#778)
- Upgraded kubeaudit from 0.15.0 to 0.16.0 @secureCodeBoxBot (#840)
- Upgraded nmap from 7.91-r0 to 7.92-r2 @EndPositive (#839)
- Upgraded semgrep from 0.73.0 to 0.76.1 @secureCodeBoxBot (#828, #833, #864)
- Upgraded trivy from 0.21.0 to 0.21.2 @secureCodeBoxBot (#841, #861)
- Run kube-hunter As Non Root User In Container @Ilyesbdlala (#836)
- Run angularjs-csti As Non Root User In Container @Ilyesbdlala (#852)
📚 Documentation
- Small fixes for the git-repo-scanner documentation @malexmave (#829)
- Update DefectDojo hook documentation @malexmave (#848)
- Small fixes for the trivy documentation @malexmave (#847)
- Small fixes for the CMSeeK documentation @Ilyesbdlala (#835)
- Small fixes for the Typo3Scan documentation @Ilyesbdlala (#831)
🔧 Maintenance
- Update list of scantypes for telemetry @malexmave (#846)
- Replaces the changelog in the SCB-Bot PRs with a link to release @Ilyesbdlala (#860)
- Fixes misformated SCB-Bot PR body @Ilyesbdlala (#851)
- Fixes misformatted upgrade changelog in the SCB bot's generated PR @Ilyesbdlala (#823)
Distribution
Contributors
Thx to all our contributors supporting this project 🤗
@EndPositive, @malexmave, @Ilyesbdlala, @J12934