Releases: Checkmarx/kics
Releases · Checkmarx/kics
v2.1.10
What's Changed
- fix(engine): fix line counter for JSON Minified files by @cx-rui-araujo in #7473
- fix(analyzer): exclude azure-pipelines-vscode schema JSON file by @cx-rui-araujo in #7482
- update(deps): update helm to v3.18.2 and buildkit to v0.22.0 by @cx-rui-araujo in #7484
Full Changelog: v2.1.9...v2.1.10
Contributors
cx-rui-araujo
Assets 3
v2.1.9
What's Changed
- fix(perms): revert permissions change to fix results export error by @cx-artur-ribeiro in #7477
- fix(perms): revert file permission changes on reports by @cx-artur-ribeiro in #7479
- feat(analyzer): add a blacklist to the Analyzer to exclude FHIR files by @cx-artur-ribeiro in #7470
- fix(query): fix fn for S3_Bucket_Allows_Public_Policy query by @cx-artur-ribeiro in #7456
- docs(queries): update queries catalog by @kicsbot in #7480
- docs(kicsbot): preparing for release 2.1.9 by @kicsbot in #7481
Full Changelog: v2.1.8...v2.1.9
Contributors
kicsbot and cx-artur-ribeiro
Assets 3
v2.1.8
What's Changed
- ci(deps): bump the all group across 1 directory with 2 updates by @dependabot in #7446
- fix(queries): support all valid CloudWatch Logs retention periods by @jamesbascle in #7450
- ci(deps): bump the all group across 1 directory with 2 updates by @dependabot in #7453
- docs(queries): update universal JSON creation to docker command by @dmeiser in #7454
- update(deps): update OPA package to version 1.4.2 by @cx-rui-araujo in #7460
- fix(query): fn for s3_bucket_allows_delete_action_from_all_principals query by @cx-artur-ribeiro in #7455
- ci(deps): bump securego/gosec from 2.22.3 to 2.22.4 in the all group by @dependabot in #7463
- feat(resolver): kubernetes circular dependency is causing resource exhaustion by @cx-miguel-silva in #7421
- fix(lint): update lint version by @cx-artur-ribeiro in #7445
- docs(queries): update queries catalog by @kicsbot in #7462
- docs(kicsbot): preparing for release 2.1.8 by @kicsbot in #7471
New Contributors
- @jamesbascle made their first contribution in #7450
- @dmeiser made their first contribution in #7454
As part of PR #7423, we significantly optimized the OpenAPI payload generation by resolving a direct circular dependency that previously caused excessive and redundant schema expansion (due to direct references between openAPI files).
This fix has substantially reduced the size of OpenAPI payloads (.yaml or .json files), which in turn may have decreased the number of results produced by KICS OpenAPI queries.
Full Changelog: v2.1.7...v2.1.8
Contributors
dmeiser, jamesbascle, and 5 other contributors
Assets 3
v2.1.7
What's Changed
- update(dependabot): add groups to dependabot.yml github action by @cx-artur-ribeiro in #7344
- fix(query): fix FP in openAPI Invalid Media Type Value query by @cx-artur-ribeiro in #7350
- fix(documentation): update descriptionText metadata field for invalid media type openAPI query by @cx-artur-ribeiro in #7361
- docs(queries): add missing platforms to KICS docs website sidebar by @cx-artur-ribeiro in #7376
- ci(deps): bump the all group across 1 directory with 17 updates by @dependabot in #7373
- update(query): change amazonaws.cn links to aws.amazon.com by @connorg in #7288
- fix(password): fix Password and Secrets FP results by @cx-artur-ribeiro in #7353
- update(deps): update docker images to latest versions by @cx-rui-araujo in #7401
- fix(dockerfile): restore CGO_ENABLED=0 for static linking in Dockerfile by @smtan-gl in #7397
- docs(queries): update queries catalog by @kicsbot in #7356
- docs(kicsbot): preparing for release 2.1.6 by @kicsbot in #7402
- docs(ansible): remove outdated Ansible limitation and update copyright year by @cx-monica-casanova in #7409
- fix(engine): direct circular dependency is causing resource exhaustion by @cx-miguel-silva in #7423
- docs(typo): fix creating queries documentation page by @cx-artur-ribeiro in #7420
- build(deps): bump the all group across 1 directory with 28 updates by @dependabot in #7413
- ci(deps): bump the all group across 1 directory with 10 updates by @dependabot in #7427
- build(deps): bump the all group with 4 updates by @dependabot in #7426
- ci(deps): bump github/codeql-action from 362ef4ce205154842cd1d34794abd82bb8f12cd5 to d26c46acea4065b13fc57703621e0a7c8b9e836b in the all group by @dependabot in #7430
- build(deps): bump the all group with 3 updates by @dependabot in #7432
- feat(terraform): support nested HCL identifier parsing by grouping variable paths and preserving relative subpaths by @cx-artur-ribeiro in #7428
- docs(queries): update queries catalog by @kicsbot in #7440
- docs(kicsbot): preparing for release 2.1.7 by @kicsbot in #7444
New Contributors
Full Changelog: 2.1.5...v2.1.7
Contributors
connorg, dependabot, and 6 other contributors
Assets 3
v2.1.6
v2.1.6
This tag was signed with the committer’s verified signature.
What's Changed
- update(dependabot): add groups to dependabot.yml github action by @ArturRibeiro-CX in #7344
- fix(query): fix FP in openAPI Invalid Media Type Value query by @ArturRibeiro-CX in #7350
- fix(documentation): update descriptionText metadata field for invalid media type openAPI query by @ArturRibeiro-CX in #7361
- docs(queries): add missing platforms to KICS docs website sidebar by @ArturRibeiro-CX in #7376
- ci(deps): bump the all group across 1 directory with 17 updates by @dependabot in #7373
- update(query): change amazonaws.cn links to aws.amazon.com by @connorg in #7288
- fix(password): fix Password and Secrets FP results by @ArturRibeiro-CX in #7353
- update(deps): update docker images to latest versions by @cx-ruiaraujo in #7401
- fix(dockerfile): restore CGO_ENABLED=0 for static linking in Dockerfile by @smtan-gl in #7397
- docs(queries): update queries catalog by @kicsbot in #7356
- docs(kicsbot): preparing for release 2.1.6 by @kicsbot in #7402
New Contributors
Full Changelog: 2.1.5...v2.1.6
Contributors
connorg, dependabot, and 4 other contributors
Assets 3
v2.1.5
What's Changed
- update(dockerfile): revert KICS user change from 65532 back to root by @cx-ruiaraujo in #7322
- update(deps): bump path-to-regexp and express in /.github/scripts/server-mock by @dependabot in #7324
- fix(query): correct keyActualValue and keyExpectedValue for maxItems validation by @ArturRibeiro-CX in #7328
- fix(query): openapi maximum_length_undefined query enum and format sanitizers by @EduardoSemanas in #7327
- fix(query): openapi pattern undefined fp enum and format sanitizers by @EduardoSemanas in #7323
- docs(queries): update queries catalog by @kicsbot in #7329
- docs(kicsbot): preparing for release 2.1.5 by @kicsbot in #7332
Full Changelog: v2.1.4...v2.1.5
Contributors
dependabot, kicsbot, and 3 other contributors
Assets 3
docs(kicsbot): preparing for release 2.1.5 (#7332)
* docs(kicsbot): preparing for release 2.1.5 * bumps kics version --------- Co-authored-by: cx-monicac <109349080+cx-monicac@users.noreply.github.com> Co-authored-by: cx-monicac <monica.casanova@checkmarx.com>
v2.1.4
v2.1.4
This tag was signed with the committer’s verified signature.
What's Changed
- docs(kicsbot): preparing for release 2.1.3 by @kicsbot in #7264
- ci(deps): fix npm vulnerability by @cxMiguelSilva in #7278
- fix(query): improve query name security_group_without_description by @aristosvo in #6867
- docs(queries): update queries catalog by @kicsbot in #7281
- update(dockerfile): update Dockerfile USER and add OCI labels to all releases by @cx-ruiaraujo in #7292
- update(ghaction): update kics-gh-action.yaml by @Gabriel28840 in #7286
- update(dockerfile): add new cx images by @cx-ruiaraujo in #7294
- update(deps): vulnerabilities cleanup by @cx-ruiaraujo in #7315
- fix(docs): remove NIFCloud from Beta by @cx-ruiaraujo in #7316
- update(query): update App Service Not Using Latest TLS Encryption Version query to the latest version by @anterosilva1985 in #7302
- fix(queries): add suffix In Defaults for Ansible config queries by @cx-ruiaraujo in #7314
- docs(queries): update queries catalog by @kicsbot in #7317
- update(readme): fix date. by @cx-andrep in #7318
- feat(engine): add new QueryID pattern by @cx-ruiaraujo in #7313
- docs(kicsbot): preparing for release 2.1.4 by @kicsbot in #7320
New Contributors
- @aristosvo made their first contribution in #6867
- @Gabriel28840 made their first contribution in #7286
Full Changelog: v2.1.3...v2.1.4
Contributors
aristosvo, Gabriel28840, and 5 other contributors
Assets 3
v2.1.3
What's Changed
- fix(password): fix missing positive results from Password and Secrets query by @ArturRibeiro-CX in #7223
- build(makefile): update makefile to add podman commands by @ArturRibeiro-CX in #7243
- update(go): update go version to 1.23.1 by @ArturRibeiro-CX in #7251
- update(cwe): add CWE infos file and logic to sarif reports by @ArturRibeiro-CX in #7178
- update(query): add CWE infos to terraform queries by @ArturRibeiro-CX in #7187
- update(query): add CWE infos to openAPI queries by @ArturRibeiro-CX in #7181
- update(query): add CWE infos to ansible queries by @ArturRibeiro-CX in #7184
- update(query): add CWE infos to cloudFormation queries by @ArturRibeiro-CX in #7180
- update(query): add CWE infos to K8s queries by @ArturRibeiro-CX in #7177
- update(query): add CWE infos to gRPC, Knative and Buildah queries by @ArturRibeiro-CX in #7172
- update(query): add CWE infos to Pulumi queries by @ArturRibeiro-CX in #7171
- update(query): add cwe infos to crossplane queries by @ArturRibeiro-CX in #7170
- update(query): add cwe infos to CICD queries by @ArturRibeiro-CX in #7166
- update(query): add cwe infos to Google Deployment Manager queries by @ArturRibeiro-CX in #7167
- update(query): add CWE information to volume_has_sensitive_host_directory by @julianthome in #7153
- update(query): add cwe infos to serverlessFW queries by @ArturRibeiro-CX in #7165
- update(query): add cwe infos to Azure Resource Manager queries by @ArturRibeiro-CX in #7169
- update(query): add cwe infos to dockerCompose queries by @ArturRibeiro-CX in #7164
- docs(update): update getting started documentation with installation guidance by @ArturRibeiro-CX in #7245
- update(nifcloud): update nifcloud queries metadata and functionality by @ArturRibeiro-CX in #7206
- fix(gcp): rename test files resources to fix parsing errors on gcp queries by @ArturRibeiro-CX in #7253
- docs(queries): update queries catalog by @kicsbot in #7237
New Contributors
- @julianthome made their first contribution in #7153
Full Changelog: v2.1.2...v2.1.3
Contributors
julianthome, kicsbot, and cx-artur-ribeiro
Assets 3
v2.1.2
What's Changed
- update(dockerfile): update go version and golden images by @cx-ruiaraujo in #7186
- update(githubaction): update github action version by @cx-monicac in #7185
- update(certifi): update python certifi version on queries_validator requirements by @ArturRibeiro-CX in #7188
- build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #7190
- fix(resolver): max resolver depth considered while searching for cyclic references by @EduardoSemanas in #7199
- fix(query): fix unexpected behaviour in parameter-checking function for ARM queries by @JulioSCX in #7205
- update(fedramp): tackle IaC and SAST vulnerabilities by @cx-ruiaraujo in #7200
- docs(queries): update queries catalog by @kicsbot in #7210
- fix(query): fix CWE field not appearing in KICS CLI and sarif reports by @ArturRibeiro-CX in #7207
- update(workflow): add pattern validation for query name and description by @JulioSCX in #7208
- fix(packages): upgrade packages by @cx-ruiaraujo in #7226
- docs(queries): update queries catalog by @kicsbot in #7220
- docs(kicsbot): preparing for release 2.1.2 by @kicsbot in #7232
New Contributors
- @cx-monicac made their first contribution in #7185
Full Changelog: v2.1.1...v2.1.2
Contributors
dependabot, kicsbot, and 5 other contributors