Changes
This release contains the following changes 🎉. Help spread the word or leave a GitHub star if you like it 😉
⚠️ Upgrade Notes
This release contains a fix in the Custom Resource Definitions (CRDs), Helm does not update CRDs after the initial installation.
To upgrade the CRDs you can run the following script or grab the latest CRDs from the git repo at the v4.5.0 tag:
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_clusterscantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_parsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_scans.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_scantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.5.0/operator/crds/execution.securecodebox.io_scheduledscans.yaml
🚀 Features
- Ensure Lurker Does Not Run Out of Memory When Uploading Large Scan Results @J12934 & @Alon-Katz (#2336)
🚓 Security Scanner
- Upgraded semgrep from 1.61.1 to 1.65.0 @secureCodeBoxBot (#2357, #2337, #2323, #2312)
🐛 Bug Fixes
- Add missing node selector field to CRDs @J12934 & @Alon-Katz (#2348)
📚 Documentation
- Fix typo in installation documentation @sw-fox (#2335)
- Document how to use AWS IAM for S3 in AWS @Weltraumschaf (#2314)
🔧 Maintenance
📌 Dependencies
Minor dependency updates (30 pull requests). Click to expand.
- Bump @types/node from 20.11.19 to 20.11.24 in /documentation @dependabot (#2330)
- Bump @types/react from 18.2.56 to 18.2.63 in /documentation @dependabot (#2334)
- Bump @types/react from 18.2.63 to 18.2.64 in /documentation @dependabot (#2355)
- Bump com.fasterxml.jackson.core:jackson-annotations from 2.16.1 to 2.16.2 in /hooks/persistence-defectdojo/hook @dependabot (#2352)
- Bump com.fasterxml.jackson.core:jackson-core from 2.16.1 to 2.16.2 in /hooks/persistence-defectdojo/hook @dependabot (#2349)
- Bump com.fasterxml.jackson.core:jackson-databind from 2.16.1 to 2.16.2 in /hooks/persistence-defectdojo/hook @dependabot (#2350)
- Bump com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.16.1 to 2.16.2 in /hooks/persistence-defectdojo/hook @dependabot (#2351)
- Bump eslint from 8.56.0 to 8.57.0 in /documentation @dependabot (#2316)
- Bump eslint-plugin-react from 7.33.2 to 7.34.0 in /documentation @dependabot (#2354)
- Bump fsfe/reuse-action from 2 to 3 in /.github/workflows @dependabot (#2333)
- Bump google.golang.org/protobuf from 1.27.1 to 1.33.0 in /lurker @dependabot (#2359)
- Bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in /auto-discovery/kubernetes @dependabot (#2361)
- Bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in /operator @dependabot (#2360)
- Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /auto-discovery/cloud-aws @dependabot (#2362)
- Bump ip from 2.0.0 to 2.0.1 in /scanners/amass/parser @dependabot (#2308)
- Bump jose from 4.11.2 to 4.15.5 in /auto-discovery/kubernetes/pull-secret-extractor/integration-test @dependabot (#2341)
- Bump jose from 4.11.2 to 4.15.5 in /hook-sdk/nodejs @dependabot (#2340)
- Bump jose from 4.11.2 to 4.15.5 in /hooks @dependabot (#2338)
- Bump jose from 4.11.2 to 4.15.5 in /parser-sdk/nodejs @dependabot (#2339)
- Bump jose from 4.11.4 to 4.15.5 in /hooks/notification/hook @dependabot (#2343)
- Bump jose from 4.11.4 to 4.15.5 in /scanners @dependabot (#2342)
- Bump jose from 4.14.4 to 4.15.5 in /hooks/cascading-scans/hook @dependabot (#2344)
- Bump jose from 4.14.4 to 4.15.5 in /tests/integration @dependabot (#2345)
- Bump jose from 4.15.4 to 4.15.5 @dependabot (#2346)
- Bump mikefarah/yq from 4.41.1 to 4.42.1 in /.github/workflows @dependabot (#2321)
- Bump org.mockito:mockito-core from 5.10.0 to 5.11.0 in /hooks/persistence-defectdojo/hook @dependabot (#2331)
- Bump org.mockito:mockito-junit-jupiter from 5.10.0 to 5.11.0 in /hooks/persistence-defectdojo/hook @dependabot (#2332)
- Bump sass from 1.71.0 to 1.71.1 in /documentation @dependabot (#2319)
- Bump sass-loader from 14.1.0 to 14.1.1 in /documentation @dependabot (#2317)
- Bump typescript from 5.3.3 to 5.4.2 in /documentation @dependabot (#2356)
Distribution
Contributors
Thanks to all our contributors supporting this project 🤗
@J12934, @Weltraumschaf and @sw-fox