helm/securecodebox/persistence-defectdojo 4.1.0-alpha.4

v4.1.0-alpha.4

on Artifact Hub

v4.1.0-alpha.4

This release contains is a alpha release for the upcoming 4.1.0 release. 🎉
If everything goes well, the actual 4.1.0 will follow a couple of hours later.
Help spread the word or leave a GitHub star if you like it 😉

🚀 Features

• Add trivy-k8s scan support (closes #1411) @fbelter-iteratec (#1694)
• Added a concurrency policy option for scheduledScan CRD @Ilyesbdlala (#1749)
• Added a crontab configuration option to scheduledScans @Ilyesbdlala (#1722)
• Allow to configure env and volumes in hooks @Zero3141 (#1881)
• Allowed Specifying Labels for Pods of Scans @Ilyesbdlala (#1899)
• DefectDojo Hook: Allow setting minimum severity on Import (closes #1700 ) @ManuelNeuer (#1775)
• Enable client/server mode for trivy by default to cache the vulnerability DB (closes #911) @o1oo11oo (#1760)
• Hardcode debian version in screenshooter Dockerfile @Zero3141 (#1829)
• Remove deprecated userId attribute for DefectDojo Hook @Zero3141 (#1861)
• Update JuiceShop Helm chart to use modern Ingress resource @maze88 (#1882)

🚓 Security Scanner

• Upgraded amass from v3.23.2 to v4.2.0 @Ilyesbdlala, @secureCodeBoxBot (#1773, #1821, #1825)
• Upgraded doggo from v0.5.5 to v0.5.7 @secureCodeBoxBot (#1824, #1955)
• Upgraded ffuf from v2.0.0 to v2.1.0 @secureCodeBoxBot (#1968)
• Upgraded gitleaks from v8.16.3 to v8.18.0 @secureCodeBoxBot (#1753, #1768, #1873)
• Upgraded nmap from 7.92-r2 to 7.93-r1 @Zero3141 (#1960)
• Upgraded nuclei from v2.9.6 to v2.9.14 @secureCodeBoxBot (#1865, #1872, #1880, #1898, #1778, #1788, #1823, #1843)
• Upgraded semgrep from 1.24.1 to 1.41.0 @secureCodeBoxBot (#1761, #1764, #1777, #1784, #1794, #1822, #1840, #1844, #1863, #1879, #1890, #1940, #1962)
• Upgraded ssh-audit from v2.9.0 to v3.0.0 @secureCodeBoxBot (#1939)
• Upgraded sslyze from 5.1.3 to 5.2.0 @secureCodeBoxBot (#1983)
• Upgraded trivy from 0.42.0 to 0.45.1 @secureCodeBoxBot (#1757, #1785, #1793, #1846, #1859, #1888, #1966)
• Upgraded typo3scan from v1.1.2 to v1.1.3 @secureCodeBoxBot (#1771)
• Upgraded wpscan from v3.8.22 to v3.8.24 @secureCodeBoxBot (#1762)
• Upgraded zap from 2.12.0 to 2.13.0 @secureCodeBoxBot (#1810)
• Upgraded zap-advanced from 2.12.0 to 2.13.0 @secureCodeBoxBot (#1809)

🐛 Bug Fixes

• Added sslyze parser check for successful ASN1 certificate parsing @Ilyesbdlala (#1856)
• Fix typo in trivy-rbac RoleBinding name @o1oo11oo (#1765)
• Fixed Bug ErrImagePull in SSH-audit parser @Reet00 (#1801)
• Implemented the failIfFoundUrlsLessThan and warnIfFoundUrlsLessthan settings in ZAP Advanced @Ilyesbdlala (#1791)

🧪 Test

• Remove skipped test against securecodebox.io @Zero3141 (#1875)
• Fixed the kind image used in zap-advanced tests @Ilyesbdlala (#1792)
• Fixes the tests of Trivy and adds a check for empty scanResults @Ilyesbdlala (#1787)

📚 Documentation

• Add Heiko Kiesel to contributors @Zero3141 (#1795)
• Add logo to helm docs and README @Zero3141 (#1866)
• Add recurring documentation issue @Zero3141 (#1956)
• Capitalize "Kubernetes" in scanner documentations @Zero3141 (#1831)
• Clarify documentation that scans and hooks/scanners must be deleted before the operator @Zero3141 (#1900)
• Clean up docs dir as prerequiste for monorepo @Weltraumschaf (#1892)
• Fix documentation findings @Zero3141 (#1878)
• Fix screenshooter documentation @Zero3141 (#1827)
• Fixed markdown typo for heading in ZAP documentation @sofi0071 (#1819)
• Improve issue templates @Zero3141 (#1874)
• Improve Kubeaudit documentation @Zero3141 (#1867)
• Improve ncrack documentation @Zero3141 (#1836)
• Improve Nikto examples @Zero3141 (#1868)
• Improve SSH examples @Zero3141 (#1869)
• Improve SSLyze examples @Zero3141 (#1870)
• Improve wpscan documentation @Zero3141 (#1871)
• Link ffuf GitHub repo in README @Zero3141 (#1876)
• Move documentation to main repository @Zero3141 (#1893)
• Publish SBOM blogpost part two @o1oo11oo (#1954)
• Replace sponsor image paths to documentation path @Zero3141 (#1950)
• Update filename and image of second SBOM blogpost @o1oo11oo (#1935)
• Warn about rate limits in trivy-k8s docs @o1oo11oo (#1855)

🔧 Maintenance

• Add note about resource limits for persistence-defectdojo hook @Ilyesbdlala (#1889)
• Added warning about amass enum not exiting correctly @Ilyesbdlala (#1895)
• Changed SCB-Bot to check all PRs for exisiting upgrade PRs @Ilyesbdlala (#1832)
• Explicitly install the tools kubectl/helm/kind in the CI @Ilyesbdlala (#1842)
• Fix failing build of DefectDojo persistance hook @Weltraumschaf (#1820)
• Improve issue templates @Zero3141 (#1874)
• Move dependabot configuration file to correct location @Zero3141 (#1937)
• Refresh Helm Docs Update CI @Zero3141 (#1862)
• Remove GitHub Actions warnings @Zero3141 (#1951)
• Remove skipped test against securecodebox.io @Zero3141 (#1875)
• Remove unused language versions (fixes #1945) @o1oo11oo (#1946)
• Removed Jest/npm/node Versions from Makefiles @Ilyesbdlala (#1789)
• Rename leftover lurcher to lurker @o1oo11oo (#1897)
• Rename leftover lurcher to lurker @o1oo11oo (#1897)
• Updated Elastic Stack from 7.9.2 to 7.17.3 @Ilyesbdlala (#1816)
• Updated megalinter and gpg import actions to avoid the use of save-state and set-output @Ilyesbdlala (#1802)
• Updated the templates/rbac of the operator @Ilyesbdlala (#1811)
• Upgrade node to latest LTS in templates @o1oo11oo (#1896)
• Upgrade node version to current LTS @o1oo11oo (#1853)
• Upgrade CI base images to latest LTS version i.e 22.04 @Ilyesbdlala (#1841)
• Used pinned versions instead of latest for all ci images @Ilyesbdlala (#1948)

📌 Dependencies

• Upgrade node version to current LTS @o1oo11oo (#1853)
• Upgrade node to latest LTS in templates @o1oo11oo (#1896)
• Upgrade to latest version of DefectDojo Client lib @Weltraumschaf (#1857)
• Upgrade eslint from 8.47.0 to 8.49.0 in /documentation @dependabot (#1941)
• Upgrade eslint-plugin-prettier from 3.4.1 to 5.0.0 in /documentation @dependabot (#1942)
• Upgrade gopkg.in/yaml.v3 from 3.0.0-20220512140231-539c8e751b99 to 3.0.0 @dependabot (#1885, #1883, #1884)
• Upgrade certifi from 2022.12.7 to 2023.7.22 in /auto-discovery/kubernetes/pull-secret-extractor @dependabot (#1834)
• Upgrade word-wrap from 1.2.3 to 1.2.4 @dependabot (#1817)
• Upgrade semver from 6.3.0 to 6.3.1 @Zero3141 & @dependabot (#1808, #1796, #1807)
• Upgrade ts-jest from 29.0.5 to 29.1.0 @rseedorff (#1782)

Distribution

Contributors

Thanks to all our contributors supporting this project 🤗
@Ilyesbdlala, @J12934, @ManuelNeuer, @Reet00, @Weltraumschaf, @Zero3141, @fbelter-iteratec, @maze88, @o1oo11oo, @rseedorff, @secureCodeBoxBot, @snyk-bot, @sofi0071, Frank Belter and Vanessa Hermann