What's Changed
🚓 Security Scanner
- Upgraded gitleaks from v8.28.0 to v8.29.0 @secureCodeBoxBot (#3349)
- Upgraded nuclei from v3.4.10 to v3.5.1 @secureCodeBoxBot (#3365)
- Upgraded semgrep from 1.138.0 to 1.143.0 @secureCodeBoxBot (#3306, #3331, #3339, #3347, #3364)
- Upgraded subfinder from v2.9.0 to v2.10.0 @secureCodeBoxBot (#3379)
- Upgraded trivy from 0.67.0 to 0.67.2 @secureCodeBoxBot (#3321)
- Upgraded trivy-sbom from 0.67.0 to 0.67.2 @secureCodeBoxBot (#3320)
- Upgraded whatweb from v0.6.2 to v0.6.3 @secureCodeBoxBot (#3332)
- Avoid confusion in cascading scans between http on port 443 by @Reet00 in #3271
🐛 Bug Fixes
📚 Documentation
- Improve AWS Pod Identity / IRSA Docs by @J12934 in #3314
- Add SCBaaS button by @p4trickweiss in #3350
- Add proposed ADR to use CEL in CascadingRules by @J12934 in #3328
🔧 Maintenance
📌 Dependencies
Minor dependency updates (43 pull requests). Click to expand.
- Bump the pip-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3289
- Dependabot/gradle/hooks/persistence defectdojo/hook/gradle version updates 27032e4d85 by @Weltraumschaf in #3281
- Bump github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0 in /auto-discovery/cloud-aws in the go-version-updates group across 1 directory by @dependabot[bot] in #3311
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3310
- Bump the npm-version-updates group across 2 directories with 2 updates by @dependabot[bot] in #3309
- Bump the npm-version-updates group in /documentation with 5 updates by @dependabot[bot] in #3307
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 5 updates by @dependabot[bot] in #3308
- Update golang Docker tag to v1.25.2 by @renovate[bot] in #3313
- Bump nodemailer from 6.10.1 to 7.0.7 in /hooks/notification/hook by @dependabot[bot] in #3312
- Update oven/bun Docker tag to v1.3 by @renovate[bot] in #3319
- Bump the npm-version-updates group in /documentation with 2 updates by @dependabot[bot] in #3322
- Bump the npm-version-updates group across 2 directories with 2 updates by @dependabot[bot] in #3323
- Bump the go-version-updates group across 3 directories with 1 update by @dependabot[bot] in #3325
- Update golang Docker tag to v1.25.3 by @renovate[bot] in #3326
- Bump the github-actions-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3324
- Bump github/codeql-action from 4.30.8 to 4.30.9 in /.github/workflows in the github-actions-version-updates group across 1 directory by @dependabot[bot] in #3335
- Bump @types/node from 24.7.2 to 24.8.1 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3336
- Bump python-gitlab from 6.4.0 to 6.5.0 in /scanners/git-repo-scanner/scanner in the pip-version-updates group across 1 directory by @dependabot[bot] in #3337
- Bump the npm-version-updates group in /documentation with 7 updates by @dependabot[bot] in #3334
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 2 updates by @dependabot[bot] in #3333
- Bump the npm-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3348
- Update Node.js to v24 by @renovate[bot] in #3346
- Bump @types/node from 24.8.1 to 24.9.1 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3345
- Bump github.com/onsi/ginkgo/v2 from 2.26.0 to 2.27.1 in /auto-discovery/cloud-aws in the go-version-updates group across 1 directory by @dependabot[bot] in #3344
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3343
- Update golang Docker tag to v1.25.4 by @renovate[bot] in #3352
- Bump the go-version-updates group across 3 directories with 3 updates by @dependabot[bot] in #3357
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3353
- Bump @types/node from 24.9.1 to 24.10.0 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3356
- Update dependency helm/helm to v3.19.1 by @renovate[bot] in #3358
- Update dependency go-task/task to v3.45.5 by @renovate[bot] in #3359
- Update dependency kubernetes/kubernetes to v1.34.2 by @renovate[bot] in #3361
- Bump the gradle-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3355
- Bump python-gitlab from 6.5.0 to 7.0.0 in /scanners/git-repo-scanner/scanner in the pip-version-updates group across 1 directory by @dependabot[bot] in #3354
- Bump js-yaml from 4.1.0 to 4.1.1 in /hooks/cascading-scans/hook by @dependabot[bot] in #3366
- Bump the npm-security-updates group across 3 directories with 1 update by @dependabot[bot] in #3368
- Update docker.io/bkimminich/juice-shop Docker tag to v19.1.1 by @renovate[bot] in #3370
- Bump js-yaml from 4.1.0 to 4.1.1 in /hooks/notification/hook by @dependabot[bot] in #3371
- Bump the npm-version-updates group in /documentation with 3 updates by @dependabot[bot] in #3373
- Bump js-yaml from 3.14.1 to 3.14.2 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3375
- Update debian Docker tag to v13.2 by @renovate[bot] in #3376
- Bump glob from 11.0.3 to 11.1.0 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3377
- Bump the go-version-updates group across 4 directories with 4 updates by @dependabot[bot] in #3374
- Bump the go-security-updates group across 3 directories with 1 update by @dependabot[bot] in #3380
Full Changelog: v5.1.0...v5.2.0