Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 11 commits
- 75 files changed
- 9 contributors
Commits on Feb 25, 2025
-
update(dependabot): add groups to dependabot.yml github action (#7344)
* update dependabot.yml with groups addition * update dockerfile images to fix vulnerabilities * update dockerfile images to fix vulnerabilities * update dockerfile images to fix vulnerabilities and go version * update helm version, go version and dockerfile go version * update dockerfile with new git image
Commits on Feb 28, 2025
-
fix(query): fix FP in openAPI Invalid Media Type Value query (#7350)
* fix Invalid Media Type Value FP on openAPI query * fix open-api lint issues removing black lines * update packages to fix vulnerabilities * Treat "content" inside "properties" as a field name, not an OpenAPI content spec
Commits on Mar 5, 2025
-
fix(documentation): update descriptionText metadata field for invalid…
… media type openAPI query (#7361) * Update descriptionText metadata field to fix queries documentation instead of .md
Commits on Mar 6, 2025
-
ci(deps): bump the all group across 1 directory with 17 updates (#7373)
* ci(deps): bump the all group across 1 directory with 17 updates Bumps the all group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.2.2` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.1.0` | `7.0.8` | | [thollander/actions-comment-pull-request](https://github.com/thollander/actions-comment-pull-request) | `b07c7f86be67002023e6cb13f57df3f21cdd3411` | `e4a76dd2b0a3c2027c3fd84147a67c22ee4c90fa` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.0` | `4.6.1` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.4.0` | `3.10.0` | | [actions/cache](https://github.com/actions/cache) | `4.2.0` | `4.2.2` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.4.1` | `6.15.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.1.0` | `6.5.0` | | [securego/gosec](https://github.com/securego/gosec) | `2.20.0` | `2.22.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `2bbafcdd7fbf96243689e764c2f15d9735164f33` | `80f993039571a6de66594ecaa432875a6942e8e0` | | [checkmarx/kics-github-action](https://github.com/checkmarx/kics-github-action) | `2.1.4` | `2.1.5` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.1.0` | `3.6.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.5.1` | `5.7.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `5.1.0` | `6.2.1` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.24.0` | `0.29.0` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `4.1.0` | `6.1.0` | Updates `actions/checkout` from 4.1.1 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...11bd719) Updates `peter-evans/create-pull-request` from 6.1.0 to 7.0.8 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c5a7806...271a8d0) Updates `thollander/actions-comment-pull-request` from b07c7f86be67002023e6cb13f57df3f21cdd3411 to e4a76dd2b0a3c2027c3fd84147a67c22ee4c90fa - [Release notes](https://github.com/thollander/actions-comment-pull-request/releases) - [Commits](thollander/actions-comment-pull-request@b07c7f8...e4a76dd) Updates `actions/upload-artifact` from 4.6.0 to 4.6.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@65c4c4a...4cec3d8) Updates `docker/setup-buildx-action` from 3.4.0 to 3.10.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3.4.0...b5ca514) Updates `actions/cache` from 4.2.0 to 4.2.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@1bd1e32...d4323d4) Updates `docker/build-push-action` from 6.4.1 to 6.15.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6.4.1...471d1dc) Updates `actions/setup-python` from 4 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.5.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@aaa42aa...2226d7c) Updates `securego/gosec` from 2.20.0 to 2.22.1 - [Release notes](https://github.com/securego/gosec/releases) - [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml) - [Commits](securego/gosec@6fbd381...43fee88) Updates `github/codeql-action` from 2bbafcdd7fbf96243689e764c2f15d9735164f33 to 80f993039571a6de66594ecaa432875a6942e8e0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@2bbafcd...80f9930) Updates `checkmarx/kics-github-action` from 2.1.4 to 2.1.5 - [Release notes](https://github.com/checkmarx/kics-github-action/releases) - [Commits](Checkmarx/kics-github-action@5a6152e...3246fb4) Updates `docker/setup-qemu-action` from 3.1.0 to 3.6.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@5927c83...2910929) Updates `docker/metadata-action` from 5.5.1 to 5.7.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@8e5442c...902fa8e) Updates `goreleaser/goreleaser-action` from 5.1.0 to 6.2.1 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@5742e2a...90a3faa) Updates `aquasecurity/trivy-action` from 0.24.0 to 0.29.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@6e7b7d1...18f2510) Updates `anchore/scan-action` from 4.1.0 to 6.1.0 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@d43cc1d...7c05671) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: thollander/actions-comment-pull-request dependency-type: direct:production dependency-group: all - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: securego/gosec dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-type: direct:production dependency-group: all - dependency-name: checkmarx/kics-github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: anchore/scan-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> * revert golangci-lint version from 6.5 to 6.1 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Artur Ribeiro <153724638+ArturRibeiro-CX@users.noreply.github.com> Co-authored-by: ArturRibeiro-CX <artur.ribeiro@checkmarx.com>
3 people authoredMar 6, 2025 -
update(query): change amazonaws.cn links to aws.amazon.com (#7288)
* update(query): change amazonaws.cn links to aws.amazon.com * Remove double-slashes in URLs --------- Co-authored-by: Artur Ribeiro <153724638+ArturRibeiro-CX@users.noreply.github.com>
Commits on Mar 13, 2025
-
fix(password): fix Password and Secrets FP results (#7353)
* fix Invalid Media Type Value FP on openAPI query * fix FP in password and secrets query * update container package to fix go-jose vulnerability * add new allow rule to accept type objects without default values * update test * fix regex * fix regex 2 * add positive results to passwords and secrets expected results * update tests, add 2 regexes instead of one to better tackle the issues - still need refactor * clear the regex to be more understandable * clear the regex to be more understandable * update regex to include type = object optionally * update regex to include type = object optionally * add new automation for a new discovered case on positive46.yaml, remove regex that would introduce false negatives * fix tests and remove negative and positive automation files * update grpc package * update golang.org/x/net package
Commits on Mar 17, 2025
-
-
fix: Restore CGO_ENABLED=0 for static linking in Dockerfile (#7397)
This reverts part of commit 42272a2 which removed CGO_ENABLED=0. The flag is necessary to ensure all dependencies are statically linked during the build process, preventing runtime dependencies on host system C libraries. Co-authored-by: Rui Araújo Gomes <rui.araujo@checkmarx.com> Co-authored-by: Artur Ribeiro <artur.ribeiro@checkmarx.com>
3 people authoredMar 17, 2025 -
docs(queries): update queries catalog (#7356)
Co-authored-by: ArturRibeiro-CX <153724638+ArturRibeiro-CX@users.noreply.github.com> Co-authored-by: Miguel Silva <100352574+cxMiguelSilva@users.noreply.github.com>
3 people authoredMar 17, 2025
Commits on Mar 18, 2025
-
docs(kicsbot): preparing for release 2.1.6 (#7402)
* docs(kicsbot): preparing for release 2.1.6 * bump 2.1.6 version --------- Co-authored-by: cxMiguelSilva <100352574+cxMiguelSilva@users.noreply.github.com> Co-authored-by: cxMiguelSilva <miguel.dasilva@checkmarx.com>
3 people authoredMar 18, 2025
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 2.1.5...v2.1.6