github/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2026-02-14 18:10:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,286 Commits 5 Branches 99 Tags
1aa87bbebbeb96dabe7f8d9ac89172991bb521c4
Commit Graph

1286 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
1aa87bbebb build(deps): bump actions/setup-go from 6.1.0 to 6.2.0 (#2033) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4dc6199c7b...7a3fe6cf4c)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-06 19:09:11 +06:00
dependabot[bot]
06159c6edb build(deps): bump alpine from 3.23.2 to 3.23.3 (#2037) 
Bumps alpine from 3.23.2 to 3.23.3.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.23.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 13:31:36 +06:00
dependabot[bot]
22f5a1c559 build(deps): bump golang from 1.25.5 to 1.25.6 (#2034) 
Bumps golang from 1.25.5 to 1.25.6.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-30 13:26:36 +06:00
dependabot[bot]
0ec876e1bc build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.41.0 to 1.41.1 (#2031) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.41.0 to 1.41.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.41.0...v1.41.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 11:55:32 +06:00
dependabot[bot]
9e8c6b2c7d build(deps): bump actions/setup-go from 6.0.0 to 6.1.0 (#2027) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4469467582...4dc6199c7b)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-12 11:37:28 +06:00
LaibaBareera
581b68d985 Add CIS Benchmark for EKS-1.8 (#2020) 
* Add CIS Benchmark for EKS-1.8

* fix linter error

* fix the mentioned issue

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-12-29 17:30:13 +06:00
LaibaBareera
379f11996f ci: bump up Go version in pipeline (#2026) 2025-12-29 16:43:17 +06:00
dependabot[bot]
659b0c1cad build(deps): bump alpine from 3.23.0 to 3.23.2 (#2021) 
Bumps alpine from 3.23.0 to 3.23.2.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-23 13:35:10 +06:00
LaibaBareera
8afa78abaf release: prepare-0.14.1 (#2019) v0.14.1 2025-12-22 15:58:50 +06:00
LaibaBareera
2938a24924 chore: bump up kubectl version to 1.35.0 (#2018) 2025-12-22 15:34:07 +06:00
LaibaBareera
462a50341a fix: Checks of rke2-1.8 (#2010) 
* fix: Checks of rke2-1.8

* fix the check 1.1.7 and 1.1.8 in all rke2 versions

* fix the mentioned issues

* fix the check 1.1.11

---------
 2025-12-22 14:00:43 +06:00
dependabot[bot]
60eb8104ad build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#2012) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.66.1 to 1.67.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.66.1...service/ecs/v1.67.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.67.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 16:04:49 +06:00
dependabot[bot]
6eb894633a build(deps): bump github.com/aws/aws-sdk-go-v2/config (#2013) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.32.2 to 1.32.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.32.2...v1.32.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 15:24:21 +06:00
dependabot[bot]
428f433fae build(deps): bump actions/cache from 4 to 5 (#2011) 
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 14:50:50 +06:00
dependabot[bot]
8a3701577b build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.40.0 to 1.41.0 (#2014) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.40.0 to 1.41.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.40.0...v1.41.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 14:26:19 +06:00
dependabot[bot]
e3e9e7d390 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (#2005) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 14:12:47 +06:00
dependabot[bot]
e25d283dd1 build(deps): bump k8s.io/apimachinery from 0.34.2 to 0.34.3 (#2015) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.34.2 to 0.34.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.2...v0.34.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 10:16:19 +06:00
jdesouza
b48ee8511f CVE-2025-61729: (#2003) 2025-12-11 18:02:09 +06:00
dependabot[bot]
315817617b build(deps): bump golang from 1.25.4 to 1.25.5 (#2004) 
Bumps golang from 1.25.4 to 1.25.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 17:21:47 +06:00
dependabot[bot]
227665c9e8 build(deps): bump alpine from 3.22.2 to 3.23.0 (#2006) 
Bumps alpine from 3.22.2 to 3.23.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-11 14:04:35 +06:00
dependabot[bot]
4fc9c0e7a8 build(deps): bump gorm.io/gorm from 1.31.0 to 1.31.1 (#1995) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.31.0 to 1.31.1.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.31.0...v1.31.1)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 17:41:00 +06:00
dependabot[bot]
1f401b1a50 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1997) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.17 to 1.31.20.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.17...config/v1.31.20)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 17:27:08 +06:00
dependabot[bot]
10e0a78701 build(deps): bump golang from 1.25.3 to 1.25.4 (#1994) 
Bumps golang from 1.25.3 to 1.25.4.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 17:10:32 +06:00
dependabot[bot]
182cbaa71d build(deps): bump actions/checkout from 5 to 6 (#2001) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 16:32:01 +06:00
dependabot[bot]
7793925b22 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1998) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.65.2 to 1.65.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.65.2...service/ecs/v1.65.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.65.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 16:19:28 +06:00
dependabot[bot]
1cf0f8cd92 build(deps): bump k8s.io/client-go from 0.34.1 to 0.34.2 (#1999) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.34.1 to 0.34.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.34.1...v0.34.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 15:57:25 +06:00
dependabot[bot]
c9382e4e96 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#2000) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-26 10:57:01 +06:00
LaibaBareera
ec1005509f release: prepare-0.14.0 (#1990) 
Co-authored-by: afdesk <work@afdesk.com>
v0.14.0 		2025-11-05 13:50:58 +06:00
LaibaBareera
5678009fae chore: bump up kubectl version to 1.35.0-alpha.2 (#1991) 2025-11-05 13:37:29 +06:00
dependabot[bot]
25f773b279 build(deps): bump k8s.io/client-go from 0.33.4 to 0.34.1 (#1967) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.4 to 0.34.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.4...v0.34.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:56:21 +06:00
dependabot[bot]
e044dcaffb build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1985) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.11 to 1.31.15.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.11...config/v1.31.15)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:36:25 +06:00
dependabot[bot]
6a39a2e516 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1987) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.5 to 1.65.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.64.5...service/s3/v1.65.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:19:10 +06:00
LaibaBareera
496ec149bc fix: update checks 5.1.1, 5.1.2 and 5.1.4 for CIS 1.9 / CIS 1.10 (#1989) 
* Fix the issue 1982

* remove the type manual and revert changes of test in each check

* fix linter error

* changed scored to false for check 5.1.3, 5.1.5, 5.1.6
 2025-11-04 20:05:33 +06:00
LaibaBareera
c7d9863e57 add cis benchmark for rke2-cis-1.8 (#1983) 
* add cis benchmark for rke2-cis-1.8

* fix check 1.1.11, 1.1.7, 1.1.8, 4.1.9 and 4.1.10

* fix the issue in all rke2 versions

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-11-03 13:18:29 +06:00
dependabot[bot]
0990df031b build(deps): bump actions/setup-python from 5 to 6 (#1951) 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 18:53:29 +06:00
dependabot[bot]
c64cf3d19d build(deps): bump actions/checkout from 4 to 5 (#1925) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 18:37:54 +06:00
dependabot[bot]
a983f0c9de build(deps): bump alpine from 3.22.1 to 3.22.2 (#1974) 
Bumps alpine from 3.22.1 to 3.22.2.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 16:31:22 +06:00
dependabot[bot]
691afc028c build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1968) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:33:50 +06:00
dependabot[bot]
02305b2e7a build(deps): bump github.com/spf13/viper from 1.20.1 to 1.21.0 (#1969) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.20.1...v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:19:37 +06:00
dependabot[bot]
6d234c5155 build(deps): bump golang from 1.25.1 to 1.25.3 (#1980) 
Bumps golang from 1.25.1 to 1.25.3.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:02:19 +06:00
dependabot[bot]
506198ce97 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1981) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.2 to 1.64.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.64.2...service/iot/v1.64.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 11:01:42 +06:00
Tyler Auerbeck
fd531a75a7 Update golangci lint to v2 (#1972) 
* chore: migrate golangcilint to v2 config

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

* chore: update golangci-lint version in build workflow

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

* bump golagci-lint action to v8

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

---------

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>
Co-authored-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>
 2025-10-07 15:11:10 +06:00
LaibaBareera
295b5e6aa9 release: prepare-0.13 (#1965) v0.13.0 2025-09-29 17:25:11 +06:00
dependabot[bot]
6943f0690a build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#1939) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 16:32:53 +06:00
dependabot[bot]
f52c5acbe6 build(deps): bump golang from 1.25.0 to 1.25.1 (#1946) 
Bumps golang from 1.25.0 to 1.25.1.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 15:11:46 +06:00
dependabot[bot]
0fd581935e build(deps): bump gorm.io/gorm from 1.30.1 to 1.31.0 (#1956) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.30.1 to 1.31.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.30.1...v1.31.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 14:39:18 +06:00
dependabot[bot]
c4dc17c96c build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1960) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.0 to 1.31.9.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.31.0...config/v1.31.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 12:13:22 +06:00
LaibaBareera
76804bf7fa feat: add cis benchmark for gke v1.8.0 (#1958) 
* add cis benchmark for gke v1.8.0

* fix linter error

* fix checks for managed services
 2025-09-26 12:18:40 +06:00
Markus Boehme
014ac455b5 eks-1.7.0: allow default value for eventRecordQPS rule (#1954) 
The CIS Benchmark for Amazon EKS v1.7.0, recommendation 3.2.7 asks to
"Ensure that the --eventRecordQPS argument is set to 0 or a level which
ensures appropriate event capture". The --event-qps option on the
command line and the eventRecordQPS option in the configuration file
both have the same default value of 5, but differ in how they treat the
an explicitly set value of 0:

  - The --event-qps command line option treats 0 as the default
    value of 5 QPS.
  - The eventRecordQPS configuration file option treats 0 as unlimited
    (and the absence of the option as the default value of 5 QPS).

Since setting --event-qps=0, using the default value, is acceptable for
the command line option, using the default value for eventRecordQPS by
not explicitly setting the option should be allowed as well. Note that
this is already the case in the configuration for the generic Kubernetes
CIS Benchmark.
 2025-09-26 12:06:18 +06:00
dependabot[bot]
844a28b3fd build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1959) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.62.0 to 1.64.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.62.0...service/iot/v1.64.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-24 11:37:14 +06:00