github Checkmarx/kics v1.5.10

latest releases: v2.1.3, v2.1.3-integrations, v2.1.2...
2 years ago

🚀 New features and improvements

added 2 queries for Ansible and Terraform

feat(filesystem): double star support to exclude folders (#5408)
feat(result): added resourceType and resourceName to CloudFormation queries result (#5361)
feat(result): added resourceType and resourceName to Terraform queries result (#5387)

🐛 Bug fixes

fix(query): s3 bucket policy accepts http requests (#5415) by @LupovichRan
fix(query): fixed incorrect Dockerfile metadata (#5424) by @ramprasathasokan
fix(queries): align descriptionText to similar queries across different platforms (#5446) by @roi-orca
fix(queries): fixed function check_schemes of openapi lib (#5433)
fix(queries): corrected policies (#5441)
fix(filesystem): added mutex to lock read and write on map (#5429)
fix(analyzer): fixed Dockerfile analyzer approach (#5407)
fix(inspector): fix timeout secrets inspector (#5419)

📦 Dependency updates bumps

build(deps): bump github.com/aws/aws-sdk-go from 1.44.21 to 1.44.29 (#5404) (#5409) (#5414) (#5425) (#5431) (#5437) (#5445) (#5448)
build(deps): bump github.com/tdewolff/minify/v2 from 2.11.5 to 2.11.9 (#5420) (#5439) (#5444)
build(deps): bump github.com/hashicorp/terraform-json (#5405)
build(deps): bump github.com/spf13/viper from 1.11.0 to 1.12.0 (#5410)
build(deps): bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 (#5413)
build(deps): bump github.com/open-policy-agent/opa from 0.40.0 to 0.41.0 (#5436)
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#5443)

ci(deps): bump golang from 1.18.2-alpine to 1.18.3-alpine (#5430)

👻 Maintenance

update(parser): support child modules in the tfplan payload (#5422)
update(dockerfile): added 256 color to Dockerfile (#5427)
update(queries): updated S3 Bucket queries for Terraform (#4872)
update(bom): updated AWS BOM S3 Bucket (#4873)
update(report): improved report message (#5418)
update(docs): added -t flag on docker run command (#5434)

Don't miss a new kics release

NewReleases is sending notifications on new releases.