github Checkmarx/kics v1.5.2
on GitHub

latest releases: v2.1.3, v2.1.3-integrations, v2.1.2...
2 years ago

🚀 New features and improvements

added 4 new queries (Ansible, CloudFormation, and Terraform)
feat(terraformer): added terraformer integration with AZURE #4802
feat(terraformer): added terraformer integration with GCP #4804
feat(terraform): added support for better IAM Policy evaluation and basic terraform resource relationship querying by @rams3sh in #4766
feat(docs): added Bamboo integration #4791
feat(docs): added AWS CodeBuild integration #4790
feat(cli): multiple paths for queries #4813

🐛 Bug fixes

fix(bom): fixed SQS #4820
fix(golang): fixed generic error message go-getter #4792
fix(analyzer): fixed anlyzer scan on GDM #4805
fix(query): containers-run-with-low-uid k8s query should consider statement precedence by @Churro in #4788
fix(query): update seccomp-profile-is-not-configured rule to match seccompProfile attribute by @Churro in #4789
fix(query): fixed vulnerable policies queries #4811
fix(query): extended readinessProbe k8s rule to cover additional resources by @Churro in #4829
fix(query): changed severity, description text and URL in "Liveness Probe Is Not Defined" query #4834
fix(query): covered additional deprecated API versions in k8s rule by @Churro in #4830
fix(query): update service_does_not_target_pod k8s rule with new logic to match labels and ports by @Churro in #4817
fix(query): be able to check default_tags on multiple providers by @jycamier in #4839
fix(query): fixed "Service Control Policies Disabled" query #4843

📦 Dependency updates bumps

ci(deps): bump actions/setup-python from 2.3.1 to 2.3.2 #4797
ci(deps): bump golang from 1.17.6-alpine to 1.17.7-alpine #4827
build(deps): bump github.com/open-policy-agent/opa from 0.37.1 to 0.37.2 #4826
build(deps): bump github.com/tidwall/gjson from 1.13.0 to 1.14.0 #4786
build(deps): bump github.com/aws/aws-sdk-go from 1.42.47 to 1.42.48 #4800
build(deps): bump github.com/aws/aws-sdk-go from 1.42.52 to 1.42.53 #4837

👻 Maintenance

update(report): added Checkmarx logo to pdf and HTML reports #4838 #4844 #4847
update(report): improved junit report #4796
update(docs): updated ASFF documentation by #4784
update(docs): added mention to 'descriptionID' in creating-queries documentation #4835
update(analyzer): only anaylze possible IaC files #4814
remove(query): removed "Use of Apk Upgrade" query #4832

💔 Deprecation

_Please be notified that KICS deprecated the availability of binaries in the GitHub releases assets as of version 1.5.2.
It is advised to update all systems (pipelines, integrations, etc.) to use KICS Docker Images.

Check out latest releases or
releases around Checkmarx/kics v1.5.2

Don't miss a new kics release

NewReleases is sending notifications on new releases.

Get notifications