github mongodb/kingfisher v1.105.0
Kingfisher v1.105.0
on GitHub

6 hours ago

[v1.105.0]

  • Fixed the Dynatrace token rule with a corrected regex and tenant-scoped validation.
    Thanks @beer4code. #413
  • Added GitHub public-event scanning via --public-events, with repeated --user or --user-file inputs and push/branch/create event expansion into commit, branch, or repository scans.
  • Expanded access-map coverage for Azure, AWS, Hugging Face, and Salesforce, including Azure credential aliases, AWS IAM policy evaluation, Hugging Face bucket metadata, and Salesforce API-version discovery plus read-only object and permission enumeration.
  • Added Hugging Face bucket scanning support, including owner/bucket and hf://buckets/... targets plus recursive bucket-tree enumeration.
  • Added Slack file scanning alongside message search, including downloading accessible files for scanning; private file downloads require files:read.
  • Added rule selection exclusions for scans via repeated --exclude-rule flags and rules.disabled in kingfisher.yaml, alongside the existing include selectors.
  • Improved the access-map docs and HTML viewer for the new Azure, AWS, Hugging Face, and Salesforce resource mappings.
  • Added SARIF import support to the report viewer, including .sarif uploads and Kingfisher SARIF metadata recovery alongside existing JSON/JSONL support.
Check out latest releases or
releases around mongodb/kingfisher v1.105.0

Don't miss a new kingfisher release

NewReleases is sending notifications on new releases.

Get notifications