github/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2026-02-14 10:00:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,260 Commits 5 Branches 99 Tags
c9382e4e960e6e57c167b5068829b151f18c70a0
Commit Graph

1260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
c9382e4e96 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#2000) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-26 10:57:01 +06:00
LaibaBareera
ec1005509f release: prepare-0.14.0 (#1990) 
Co-authored-by: afdesk <work@afdesk.com>
v0.14.0 		2025-11-05 13:50:58 +06:00
LaibaBareera
5678009fae chore: bump up kubectl version to 1.35.0-alpha.2 (#1991) 2025-11-05 13:37:29 +06:00
dependabot[bot]
25f773b279 build(deps): bump k8s.io/client-go from 0.33.4 to 0.34.1 (#1967) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.4 to 0.34.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.4...v0.34.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:56:21 +06:00
dependabot[bot]
e044dcaffb build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1985) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.11 to 1.31.15.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.11...config/v1.31.15)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:36:25 +06:00
dependabot[bot]
6a39a2e516 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1987) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.5 to 1.65.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.64.5...service/s3/v1.65.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:19:10 +06:00
LaibaBareera
496ec149bc fix: update checks 5.1.1, 5.1.2 and 5.1.4 for CIS 1.9 / CIS 1.10 (#1989) 
* Fix the issue 1982

* remove the type manual and revert changes of test in each check

* fix linter error

* changed scored to false for check 5.1.3, 5.1.5, 5.1.6
 2025-11-04 20:05:33 +06:00
LaibaBareera
c7d9863e57 add cis benchmark for rke2-cis-1.8 (#1983) 
* add cis benchmark for rke2-cis-1.8

* fix check 1.1.11, 1.1.7, 1.1.8, 4.1.9 and 4.1.10

* fix the issue in all rke2 versions

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-11-03 13:18:29 +06:00
dependabot[bot]
0990df031b build(deps): bump actions/setup-python from 5 to 6 (#1951) 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 18:53:29 +06:00
dependabot[bot]
c64cf3d19d build(deps): bump actions/checkout from 4 to 5 (#1925) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 18:37:54 +06:00
dependabot[bot]
a983f0c9de build(deps): bump alpine from 3.22.1 to 3.22.2 (#1974) 
Bumps alpine from 3.22.1 to 3.22.2.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 16:31:22 +06:00
dependabot[bot]
691afc028c build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1968) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:33:50 +06:00
dependabot[bot]
02305b2e7a build(deps): bump github.com/spf13/viper from 1.20.1 to 1.21.0 (#1969) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.20.1...v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:19:37 +06:00
dependabot[bot]
6d234c5155 build(deps): bump golang from 1.25.1 to 1.25.3 (#1980) 
Bumps golang from 1.25.1 to 1.25.3.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:02:19 +06:00
dependabot[bot]
506198ce97 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1981) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.2 to 1.64.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.64.2...service/iot/v1.64.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 11:01:42 +06:00
Tyler Auerbeck
fd531a75a7 Update golangci lint to v2 (#1972) 
* chore: migrate golangcilint to v2 config

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

* chore: update golangci-lint version in build workflow

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

* bump golagci-lint action to v8

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>

---------

Signed-off-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>
Co-authored-by: Tyler Auerbeck <tylerauerbeck@users.noreply.github.com>
 2025-10-07 15:11:10 +06:00
LaibaBareera
295b5e6aa9 release: prepare-0.13 (#1965) v0.13.0 2025-09-29 17:25:11 +06:00
dependabot[bot]
6943f0690a build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#1939) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 16:32:53 +06:00
dependabot[bot]
f52c5acbe6 build(deps): bump golang from 1.25.0 to 1.25.1 (#1946) 
Bumps golang from 1.25.0 to 1.25.1.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 15:11:46 +06:00
dependabot[bot]
0fd581935e build(deps): bump gorm.io/gorm from 1.30.1 to 1.31.0 (#1956) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.30.1 to 1.31.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.30.1...v1.31.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 14:39:18 +06:00
dependabot[bot]
c4dc17c96c build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1960) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.0 to 1.31.9.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.31.0...config/v1.31.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 12:13:22 +06:00
LaibaBareera
76804bf7fa feat: add cis benchmark for gke v1.8.0 (#1958) 
* add cis benchmark for gke v1.8.0

* fix linter error

* fix checks for managed services
 2025-09-26 12:18:40 +06:00
Markus Boehme
014ac455b5 eks-1.7.0: allow default value for eventRecordQPS rule (#1954) 
The CIS Benchmark for Amazon EKS v1.7.0, recommendation 3.2.7 asks to
"Ensure that the --eventRecordQPS argument is set to 0 or a level which
ensures appropriate event capture". The --event-qps option on the
command line and the eventRecordQPS option in the configuration file
both have the same default value of 5, but differ in how they treat the
an explicitly set value of 0:

  - The --event-qps command line option treats 0 as the default
    value of 5 QPS.
  - The eventRecordQPS configuration file option treats 0 as unlimited
    (and the absence of the option as the default value of 5 QPS).

Since setting --event-qps=0, using the default value, is acceptable for
the command line option, using the default value for eventRecordQPS by
not explicitly setting the option should be allowed as well. Note that
this is already the case in the configuration for the generic Kubernetes
CIS Benchmark.
 2025-09-26 12:06:18 +06:00
dependabot[bot]
844a28b3fd build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1959) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.62.0 to 1.64.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.62.0...service/iot/v1.64.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-24 11:37:14 +06:00
LaibaBareera
21dd168736 add checks for cis benchmarks of rh-1.8 (#1945) 
Co-authored-by: afdesk <work@afdesk.com>
 2025-09-16 14:00:14 +06:00
Andy Pitcher
e3becc9f19 Create cis-1.11 (#1944) 
First yamls and Update info
	- Modify yaml versions from 1.10 to 1.11
	- Adapt configmap to cover cis-1.11
	- Adapt docs and cmd files
	- Fix version_mapping in global configMap and common_test.go: Kuberversion for cis-1.11
	- doc: improve version mapping in platforms
Adapt master.yaml
	- modify: 1.1.20 https://workbench.cisecurity.org/benchmarks/19519/tickets/24017 permissions changed from 600 to 644
	- create: 1.2.30 Ensure that the --service-account-extend-token-expiration parameter is set to false (Automated)
Adapt node.yaml
	- Add: 4.2.14 Ensure that the --seccomp-default parameter is set to true (Manual)
	- Add: 4.2.15 Ensure that the --IPAddressDeny is set to any (Manual) - this check is to be removed in CIS-1.1.12, I suggest we discard it.
	- Modify: 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Manual) - (changed from 600 to 644) https://workbench.cisecurity.org/community/43/discussions/11786
	- Modify: 4.2.4 Verify that if defined, readOnlyPort is set to 0 (Manual) - Added "if defined"
Adapt policies.yaml
	- Modify: 5.1.1 to 5.1.6 from (Automated) to (Manual)
	- Modify: section titled "General Policies" was renumbered from 5.7 in v1.10 to 5.6
 2025-09-09 15:00:43 +06:00
LaibaBareera
52a646c2a3 Add rh 1.4 (#1922) 
* add CIS Benchmark for eks-v1.7

* fix failed test cases

* added eks 1.7 for supported kubernetes version

* added eks 1.7 for supported kubernetes version

* fix failed test cases

* add test cases for it

* fix

* add test case for eks 1.5

* change methodoloy

* fix the issue mentioned in pr

* fix linter error

* Update cmd/util.go

Co-authored-by: afdesk <work@afdesk.com>

* fix the failed test

* add cis benchmark for red hat openshift containre v1.4

* fix failed test cases

* fix checks for rh-1.4

* mark scored true to manual test if they have test cases

* fix check 1.2.4

* rebase the changes in go.sum

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-09-02 22:28:03 +06:00
dependabot[bot]
0333e55b63 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.38.0 to 1.38.1 (#1934) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.38.0 to 1.38.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.38.0...v1.38.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.38.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 15:05:54 +06:00
LaibaBareera
abca29520b release: prepare-0.12 (#1929) 
* release: prepare-0.12

* fix
v0.12.0 		2025-08-22 13:56:21 +06:00
LaibaBareera
858c15c999 update kubectl version (#1933) 2025-08-22 13:38:37 +06:00
dependabot[bot]
2df3826789 build(deps): bump github.com/go-viper/mapstructure/v2 (#1932) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.4.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-22 12:59:06 +06:00
dependabot[bot]
e9c0f3c8a6 build(deps): bump k8s.io/client-go from 0.33.3 to 0.33.4 (#1931) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.3 to 0.33.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.3...v0.33.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-19 17:50:58 +06:00
dependabot[bot]
77a5aba051 build(deps): bump gorm.io/gorm from 1.30.0 to 1.30.1 (#1921) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.30.0 to 1.30.1.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.30.0...v1.30.1)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.30.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 14:39:02 +06:00
dependabot[bot]
47b782d4d5 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1924) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.58.2 to 1.62.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.58.2...service/s3/v1.62.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.62.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 13:18:57 +06:00
dependabot[bot]
2731f9d9f2 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1927) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.18 to 1.31.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.18...v1.31.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 12:44:12 +06:00
dependabot[bot]
7a18d0bddf build(deps): bump golang from 1.24.5 to 1.24.6 (#1926) 
Bumps golang from 1.24.5 to 1.24.6.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.24.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 12:21:48 +06:00
LaibaBareera
9c01682a92 add CIS Benchmark for eks-v1.7 (#1916) 
* add CIS Benchmark for eks-v1.7

* fix failed test cases

* added eks 1.7 for supported kubernetes version

* added eks 1.7 for supported kubernetes version

* fix failed test cases

* add test cases for it

* fix

* add test case for eks 1.5

* change methodoloy

* fix the issue mentioned in pr

* fix linter error

* Update cmd/util.go

Co-authored-by: afdesk <work@afdesk.com>

* fix the failed test

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-08-18 12:05:16 +06:00
mjshastha
a02030bd51 Release pr -- fixed vulns. (#1915) v0.11.2 2025-07-30 12:33:53 +06:00
dependabot[bot]
9fa5c45321 build(deps): bump k8s.io/client-go from 0.33.2 to 0.33.3 (#1910) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.2 to 0.33.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.2...v0.33.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 23:22:39 +06:00
dependabot[bot]
329e0d27f8 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1908) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.17 to 1.29.18.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.17...config/v1.29.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 22:45:56 +06:00
dependabot[bot]
77eff279ce build(deps): bump golang from 1.24.4 to 1.24.5 (#1906) 
Bumps golang from 1.24.4 to 1.24.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.24.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 21:59:34 +06:00
dependabot[bot]
d509b7b23b build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1909) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.58.0 to 1.58.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.58.0...service/s3/v1.58.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.58.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 21:25:17 +06:00
dependabot[bot]
1f3f282b2b build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3 (#1911) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.33.2 to 0.33.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.33.2...v0.33.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 20:24:05 +06:00
dependabot[bot]
308fa068ba build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.36.5 to 1.36.6 (#1912) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.36.5 to 1.36.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.36.5...v1.36.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.36.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 19:55:19 +06:00
dependabot[bot]
29f3e436a7 build(deps): bump alpine from 3.22.0 to 3.22.1 (#1913) 
Bumps alpine from 3.22.0 to 3.22.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: 3.22.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 17:35:00 +06:00
dependabot[bot]
20d5858fc5 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1903) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.16 to 1.29.17.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.16...config/v1.29.17)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 16:28:25 +06:00
dependabot[bot]
79d120609d build(deps): bump k8s.io/client-go from 0.33.1 to 0.33.2 (#1902) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.1 to 0.33.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.1...v0.33.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:55:30 +06:00
dependabot[bot]
d2cb29d66d build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1900) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.5 to 1.58.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.57.5...service/s3/v1.58.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:39:09 +06:00
dependabot[bot]
d483671e70 build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2 (#1899) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.33.1 to 0.33.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.33.1...v0.33.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:09:32 +06:00
dependabot[bot]
95909f4f25 build(deps): bump github.com/go-viper/mapstructure/v2 (#1904) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.3.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 14:44:10 +06:00