github Checkmarx/kics v1.5.4
on GitHub

latest releases: v2.1.2, v2.1.2-integrations, v2.1.1...
2 years ago

🚀 New features and improvements

added 107 new queries (Terraform Alicloud, Terraform Azure, Terraform AWS, Kubernetes), new total is 2245
feat(alicloud): added support to Alicloud provider for Terraform
feat(analyzer & parser): decrypt Ansible Vault file on the fly in (#4976)
feat(docs): added environment variables list to documentation in (#4979)

🐛 Bug fixes

fix(query): revise list of unsafe sysctls in cluster_allows_unsafe_sysctls k8s rule by @Churro in (#4883)
fix(query): fix searchKey and additional resource kinds in volume_mount_with_os_directory_write_permissions k8s rule by @Churro in (#4889)
fix(query): extend image_without_digest k8s rule to cover further resource kinds by @Churro in (#4892)
fix(query): extend container_requests_not_equal_to_its_limits k8s rule to cover further resource kinds and remove redundant checks by @Churro in (#4974)
fix(query): extend image_pull_policy_of_container_is_not_always k8s rule to cover additional resource kinds by @Churro in (#4891)
fix(query): extend net_raw_capabilities_not_being_dropped k8s rule to cover further resource kinds by @Churro in (#4884)
fix(query): k8s rule service_account_token_automount_not_disabled should also consider automount option in ServiceAccount by @Churro in (#4887)
fix(query): add a missing SSE way for SQS by @jycamier in (#4984)
fix(query): show privilege_escalation_allowed k8s alert also in case no securityContext is defined by @Churro in (#4885)
fix(query): extend memory_limits_not_defined k8s rule to cover further resource kinds by @Churro in (#4943)
fix(query): extend memory_requests_not_defined k8s rule to cover further resource kinds by @Churro in (#4944)
fix(query): fix path to spec in root_container_not_mounted_as_read_only k8s rule by @Churro in (#4893)
fix(query): S3 Bucket Policy Accepts Http Requests in #4949
fix(report): fix pdf description row length in (#4937)

📦 Dependency updates bumps

build(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.38.1 in (#4913) (#4987)
build(deps): bump github.com/moby/buildkit from 0.9.3 to 0.10.0 in (#4958)
build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 in (#4966)
build(deps): bump helm.sh/helm/v3 from 3.8.0 to 3.8.1 in (#4957)
build(deps): bump github.com/getsentry/sentry-go from 0.12.0 to 0.13.0 in (#4965)
build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 in (#4995)
build(deps): bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.19 in (#4932) (#4956) (#4967) (#4973) (#4986) (#4994)
ci(deps): bump docker/build-push-action from 2.9.0 to 2.10.0 in (#4985)
ci(deps): bump golang from 1.17.7-alpine to 1.17.8-alpine in (#4933)

👻 Maintenance

update(ubi): update ubi to version 8 in (#4905)
update(docs-generator): added trace to severities in (#4998)

Full Changelog: v1.5.3...v1.5.4

Check out latest releases or
releases around Checkmarx/kics v1.5.4

Don't miss a new kics release

NewReleases is sending notifications on new releases.

Get notifications