github Checkmarx/kics v1.5.5
on GitHub

latest releases: v2.1.2, v2.1.2-integrations, v2.1.1...
2 years ago

🚀 New features and improvements

added 30 new queries (Kubernetes, and Docker Compose)
feat(analyzer): added Docker Compose initial support (#4851)
feat(report): added CSV report (#5046)
feat(logs): added lines scanned and lines parsed (#5050)
feat(analyzer & parser): added Kubeblet Configuration support (#5001) (#5013)

🐛 Bug fixes

fix(secrets regex): added "Avoiding Secrets Manager arn" (#5048)
fix(pre-commit): pre-commit hook fix and integration update (#5031) (#5069)
fix(query): updated ebs not optimized queries (#5020) by @lipeavelar
fix(query): defined NET_BIND_SERVICE as exception in containers_with_added_capabilities k8s rule (#4888) by @Churro
fix(query): extended containers_running_as_root k8s rule to work if no securityContext is defined (#4886) by @Churro
fix(query): refined missing_app_armor_config k8s rule to operate on specific containers (#4895) by @Churro
fix(query): fixed "S3 Static Website Host Enabled" for CF (#5060)
fix(query): added kubelet config file to Kubelet Read Only Port is Not Set To Zero query (#5010)
fix(query): added kubelet config to Anonymous Auth Is Not Set To False query (#5014)
fix(query): added kubelet config to Authorization Mode Set To Always Allow query (#5017)
fix(query): update validCertificate.pem for "Certificate Has Expired" query (#5059) (#5061)
fix(query): fixed Client Certificate Authentication Not Setup Properly (#5091)
delete(query): removed query lambda_function_without_tags (#5036) by @jycamier
delete(query): removed redundant default_service_account_in_use k8s rule (#5078) by @Churro
delete(query): removed redundant resource_with_allow_privilege_escalation k8s rule (#5076) by @Churro

📦 Dependency updates bumps

build(deps): bump github.com/aws/aws-sdk-go from 1.43.19 to 1.43.28 (#5004) (#5019) (#5033) (#5041) (#5047) (#5079) (#5083)
build(deps): bump github.com/johnfercher/maroto from 0.34.0 to 0.35.0 (#5040)

ci(deps): bump golang from 1.17.8-alpine to 1.18.0-alpine (#5003)
ci(deps): bump alpine from 3.15.1 to 3.15.3 (#5015) (#5039) (#5082)
ci(deps): bump peter-evans/create-pull-request from 3.14.0 to 4 (#5038)
ci(deps): bump actions/cache from 2.1.7 to 3 (#5025)
ci(deps): bump peter-evans/repository-dispatch from 1 to 2 (#5032)

👻 Maintenance

update(common lib): improved performance of get_nested_values_info (#5075) by @Churro
update(docs): gitlab integration: clarify that SAST report requires an ultimate license (#5086) by @floh96
update(printer): moved printer package from internal to use KICS as a module (#5066)
update(query): updated "Kubelet Server Periodic Certificate Switch Disabled" to "Rotate Kubelet Server Certificate Not Active" (#5030)
update(query): updated AWS IAM Policy Grants Full Permissions for Terraform (#5064)
update(BoM): updated BoM queries and BoM docs (#5074)

Check out latest releases or
releases around Checkmarx/kics v1.5.5

Don't miss a new kics release

NewReleases is sending notifications on new releases.

Get notifications