Changes
This release contains the following changes 🎉. Help spread the word or leave a GitHub star if you like it 😉
⚠️ Upgrade Notes
This release contains a fix in the Custom Resource Definitions (CRDs), Helm does not update CRDs after the initial installation.
To upgrade the CRDs you can run the following script or grab the latest CRDs from the git repo at the v4.8.0 tag:
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_clusterparsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_clusterscancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_clusterscantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_parsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_scans.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_scantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v4.8.0/operator/crds/execution.securecodebox.io_scheduledscans.yaml🚀 Features
- Add a optional ttlSecondsAfterFinished field to scans to cleanup finished scans #2293 @Reet00 (#2631)
- Support setting env variables for Scans generated by the Kubernetes AutoDiscovery @J12934 (#2628)
- Add
cascadeCLI Command To Visualize Cascaded Scans Hierarchy @Freedisch (#2608) - Add option to disable tls connection between the operator and the s3 endpoint @Michael-Kruggel (#2637)
🚓 Security Scanner
- Upgraded nuclei from v3.3.0 to v3.3.1 @secureCodeBoxBot (#2622)
- Upgraded semgrep from 1.82.0 to 1.85.0 @secureCodeBoxBot (#2620, #2613, #2609)
- Upgraded trivy from 0.54.0 to 0.54.1 @secureCodeBoxBot (#2606)
- Upgraded ZAP Automation Framework Version to 2.15.0 @J12934 (#2626)
🐛 Bug Fixes
- Add a custom entry script for ZAP Automation Framework to ensure that scans are compelting even when they have warning @J12934 (#2627)
📚 Documentation
- Fix Minor Typo in Install Docs @J12934 (#2642)
- Add google summer of code blog post @Freedisch (#2629)
📌 Dependencies
Minor dependency updates (11 pull requests). Click to expand.
- Bump @types/node from 22.5.0 to 22.5.2 in the npm-version-updates group @dependabot (#2641)
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 2 updates @dependabot (#2640)
- Bump the gradle-version-updates group across 1 directory with 3 updates @dependabot (#2633)
- Bump oxsecurity/megalinter from 7 to 8 in /.github/workflows in the github-actions-version-updates group @dependabot (#2632)
- Bump the npm-version-updates group with 2 updates @dependabot (#2634)
- Bump micromatch from 4.0.5 to 4.0.8 in /auto-discovery/kubernetes/pull-secret-extractor/integration-test @dependabot (#2635)
- Bump @types/node from 22.2.0 to 22.4.1 in the npm-version-updates group @dependabot (#2623)
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 3 updates @dependabot (#2617)
- Bump @types/node from 22.1.0 to 22.2.0 in the npm-version-updates group @dependabot (#2616)
- Bump the npm-version-updates group with 2 updates @dependabot (#2610)
- Bump mikefarah/yq from 4.44.2 to 4.44.3 in /.github/workflows in the github-actions-version-updates group @dependabot (#2611)
Distribution
Contributors
Thanks to all our contributors supporting this project 🤗
@Freedisch, @J12934, @Michael-Kruggel and @Reet00