github Checkmarx/kics v1.4.9

latest releases: v2.1.3, v2.1.3-integrations, v2.1.2...
2 years ago

🚀 New features and improvements

added 20 new queries (Terraform, Ansible, Cloudformation, gRPC, Google Deployment Manager)
feat(gdm): added support to Google Deployment Manager (#4530)
feat(grpc): added support to gRPC (#4532)
feat(report): added CycloneDX SBOM report (#4579)
feat(report): added JUnit report (#4568)
feat(ci): added KICS Scan workflow on PR to master (#4561)

🐛 Bug fixes

fix(query): fixed query Multiple RUN, ADD, COPY, Instructions Listed (#4567) (#4573)
fix(query): "Azure Container Registry With No Locks" for Ansible (#4610)
fix(core): fixed negative lines and terminal checking (#4583)
fix(logs): fixed log error messages polution (#4597)
fix(report): corrected scan end time in pdf report (#4607)
fix(parser): fixed dockerfile parser with wrong payload when using arguments (#4591) (#4613)

📦 Dependency updates

ci(deps): bump peter-evans/create-pull-request from 3.11.0 to 3.12.0 (#4592)
ci(deps): bump actions/setup-python from 2.3.0 to 2.3.1 (#4574)
ci(deps): bump golang from 1.17.3-alpine to 1.17.5-alpine (#4588)

👻 Maintenance

feat(query): add allow rule for ansible-vault (#4605)
refactor(query): policies for CloudFormation (#4540)
docs(queries): all query csv file downloads now come with the name kics-queries.csv (#4532)

🚨 Breaking Changes

KICS will now point to 1 instead of -1 in the reports when failing to find the line containing the vulnerability (#4583)

Don't miss a new kics release

NewReleases is sending notifications on new releases.