github/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2026-02-14 18:10:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,271 Commits 5 Branches 99 Tags
e3e9e7d390a79a2b82345434a2df834cae9f82fd
Commit Graph

216 Commits

Author SHA1 Message Date
dependabot[bot]
e3e9e7d390 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (#2005) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 14:12:47 +06:00
dependabot[bot]
e25d283dd1 build(deps): bump k8s.io/apimachinery from 0.34.2 to 0.34.3 (#2015) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.34.2 to 0.34.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.34.2...v0.34.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 10:16:19 +06:00
dependabot[bot]
4fc9c0e7a8 build(deps): bump gorm.io/gorm from 1.31.0 to 1.31.1 (#1995) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.31.0 to 1.31.1.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.31.0...v1.31.1)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 17:41:00 +06:00
dependabot[bot]
1f401b1a50 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1997) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.17 to 1.31.20.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.17...config/v1.31.20)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 17:27:08 +06:00
dependabot[bot]
7793925b22 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1998) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.65.2 to 1.65.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.65.2...service/ecs/v1.65.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.65.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 16:19:28 +06:00
dependabot[bot]
1cf0f8cd92 build(deps): bump k8s.io/client-go from 0.34.1 to 0.34.2 (#1999) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.34.1 to 0.34.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.34.1...v0.34.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 15:57:25 +06:00
dependabot[bot]
c9382e4e96 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#2000) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-26 10:57:01 +06:00
dependabot[bot]
25f773b279 build(deps): bump k8s.io/client-go from 0.33.4 to 0.34.1 (#1967) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.4 to 0.34.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.4...v0.34.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:56:21 +06:00
dependabot[bot]
e044dcaffb build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1985) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.11 to 1.31.15.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.11...config/v1.31.15)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:36:25 +06:00
dependabot[bot]
6a39a2e516 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1987) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.5 to 1.65.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.64.5...service/s3/v1.65.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-05 12:19:10 +06:00
dependabot[bot]
691afc028c build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1968) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:33:50 +06:00
dependabot[bot]
02305b2e7a build(deps): bump github.com/spf13/viper from 1.20.1 to 1.21.0 (#1969) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.20.1...v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 12:19:37 +06:00
dependabot[bot]
506198ce97 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1981) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.64.2 to 1.64.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.64.2...service/iot/v1.64.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 11:01:42 +06:00
dependabot[bot]
6943f0690a build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#1939) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 16:32:53 +06:00
dependabot[bot]
0fd581935e build(deps): bump gorm.io/gorm from 1.30.1 to 1.31.0 (#1956) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.30.1 to 1.31.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.30.1...v1.31.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 14:39:18 +06:00
dependabot[bot]
c4dc17c96c build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1960) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.0 to 1.31.9.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.31.0...config/v1.31.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-29 12:13:22 +06:00
dependabot[bot]
844a28b3fd build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1959) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.62.0 to 1.64.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.62.0...service/iot/v1.64.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.64.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-24 11:37:14 +06:00
LaibaBareera
52a646c2a3 Add rh 1.4 (#1922) 
* add CIS Benchmark for eks-v1.7

* fix failed test cases

* added eks 1.7 for supported kubernetes version

* added eks 1.7 for supported kubernetes version

* fix failed test cases

* add test cases for it

* fix

* add test case for eks 1.5

* change methodoloy

* fix the issue mentioned in pr

* fix linter error

* Update cmd/util.go

Co-authored-by: afdesk <work@afdesk.com>

* fix the failed test

* add cis benchmark for red hat openshift containre v1.4

* fix failed test cases

* fix checks for rh-1.4

* mark scored true to manual test if they have test cases

* fix check 1.2.4

* rebase the changes in go.sum

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-09-02 22:28:03 +06:00
dependabot[bot]
0333e55b63 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.38.0 to 1.38.1 (#1934) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.38.0 to 1.38.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.38.0...v1.38.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.38.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 15:05:54 +06:00
dependabot[bot]
2df3826789 build(deps): bump github.com/go-viper/mapstructure/v2 (#1932) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.4.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-22 12:59:06 +06:00
dependabot[bot]
e9c0f3c8a6 build(deps): bump k8s.io/client-go from 0.33.3 to 0.33.4 (#1931) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.3 to 0.33.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.3...v0.33.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-19 17:50:58 +06:00
dependabot[bot]
77a5aba051 build(deps): bump gorm.io/gorm from 1.30.0 to 1.30.1 (#1921) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.30.0 to 1.30.1.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.30.0...v1.30.1)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.30.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 14:39:02 +06:00
dependabot[bot]
47b782d4d5 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1924) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.58.2 to 1.62.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.58.2...service/s3/v1.62.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.62.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 13:18:57 +06:00
dependabot[bot]
2731f9d9f2 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1927) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.18 to 1.31.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.18...v1.31.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 12:44:12 +06:00
LaibaBareera
9c01682a92 add CIS Benchmark for eks-v1.7 (#1916) 
* add CIS Benchmark for eks-v1.7

* fix failed test cases

* added eks 1.7 for supported kubernetes version

* added eks 1.7 for supported kubernetes version

* fix failed test cases

* add test cases for it

* fix

* add test case for eks 1.5

* change methodoloy

* fix the issue mentioned in pr

* fix linter error

* Update cmd/util.go

Co-authored-by: afdesk <work@afdesk.com>

* fix the failed test

---------

Co-authored-by: afdesk <work@afdesk.com>
 2025-08-18 12:05:16 +06:00
dependabot[bot]
9fa5c45321 build(deps): bump k8s.io/client-go from 0.33.2 to 0.33.3 (#1910) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.2 to 0.33.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.2...v0.33.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 23:22:39 +06:00
dependabot[bot]
329e0d27f8 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1908) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.17 to 1.29.18.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.17...config/v1.29.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 22:45:56 +06:00
dependabot[bot]
d509b7b23b build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1909) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.58.0 to 1.58.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.58.0...service/s3/v1.58.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.58.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 21:25:17 +06:00
dependabot[bot]
1f3f282b2b build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3 (#1911) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.33.2 to 0.33.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.33.2...v0.33.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 20:24:05 +06:00
dependabot[bot]
308fa068ba build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.36.5 to 1.36.6 (#1912) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.36.5 to 1.36.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.36.5...v1.36.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.36.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 19:55:19 +06:00
dependabot[bot]
20d5858fc5 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1903) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.16 to 1.29.17.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.16...config/v1.29.17)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 16:28:25 +06:00
dependabot[bot]
79d120609d build(deps): bump k8s.io/client-go from 0.33.1 to 0.33.2 (#1902) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.1 to 0.33.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.1...v0.33.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:55:30 +06:00
dependabot[bot]
d2cb29d66d build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1900) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.5 to 1.58.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.57.5...service/s3/v1.58.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:39:09 +06:00
dependabot[bot]
d483671e70 build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2 (#1899) 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.33.1 to 0.33.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.33.1...v0.33.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 15:09:32 +06:00
dependabot[bot]
95909f4f25 build(deps): bump github.com/go-viper/mapstructure/v2 (#1904) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.3.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 14:44:10 +06:00
dependabot[bot]
98aa7bbfce build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1890) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.14 to 1.29.16.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.14...config/v1.29.16)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-17 13:01:40 +06:00
dependabot[bot]
665c95239a build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1891) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.4 to 1.57.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.57.4...service/ecs/v1.57.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.57.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-17 11:10:02 +06:00
dependabot[bot]
51e849d9f7 build(deps): bump gorm.io/driver/postgres from 1.5.11 to 1.6.0 (#1880) 
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres) from 1.5.11 to 1.6.0.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.5.11...v1.6.0)

---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-03 13:01:00 +06:00
dependabot[bot]
2077fcf1e0 build(deps): bump k8s.io/client-go from 0.33.0 to 0.33.1 (#1875) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.0 to 0.33.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.33.0...v0.33.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-27 12:34:21 +06:00
dependabot[bot]
dd4ddb59ea build(deps): bump gorm.io/gorm from 1.26.1 to 1.30.0 (#1878) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.26.1 to 1.30.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.26.1...v1.30.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-27 12:08:32 +06:00
dependabot[bot]
6ecc6a2066 build(deps): bump github.com/golang/glog from 1.2.4 to 1.2.5 (#1871) 
Bumps [github.com/golang/glog](https://github.com/golang/glog) from 1.2.4 to 1.2.5.
- [Release notes](https://github.com/golang/glog/releases)
- [Commits](https://github.com/golang/glog/compare/v1.2.4...v1.2.5)

---
updated-dependencies:
- dependency-name: github.com/golang/glog
  dependency-version: 1.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-13 16:27:15 +06:00
dependabot[bot]
eb8ffc613e build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1872) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.3 to 1.57.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/eks/v1.57.3...service/eks/v1.57.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.57.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-13 14:47:29 +06:00
dependabot[bot]
f0c648d16e build(deps): bump gorm.io/gorm from 1.25.12 to 1.26.0 (#1865) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.12 to 1.26.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.12...v1.26.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-12 14:59:34 +06:00
dependabot[bot]
23b2a1aa7d build(deps): bump github.com/spf13/viper from 1.19.0 to 1.20.1 (#1848) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.19.0 to 1.20.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.19.0...v1.20.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-06 16:13:04 +06:00
dependabot[bot]
60110935cb build(deps): bump k8s.io/client-go from 0.32.3 to 0.33.0 (#1866) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.3 to 0.33.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.3...v0.33.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-06 11:33:58 +06:00
dependabot[bot]
190548035d build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1867) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.2 to 1.57.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/eks/v1.57.2...service/eks/v1.57.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.57.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-06 11:13:02 +06:00
dependabot[bot]
00cd12ef19 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1855) 
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.0 to 1.57.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.57.0...service/eks/v1.57.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.57.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-23 14:28:26 +06:00
dependabot[bot]
d1e948acd3 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1847) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.9 to 1.29.12.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.9...config/v1.29.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-23 14:14:56 +06:00
dependabot[bot]
c4c5317f44 build(deps): bump github.com/magiconair/properties from 1.8.9 to 1.8.10 (#1854) 
Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties) from 1.8.9 to 1.8.10.
- [Release notes](https://github.com/magiconair/properties/releases)
- [Commits](https://github.com/magiconair/properties/compare/v1.8.9...v1.8.10)

---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
  dependency-version: 1.8.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-23 13:18:08 +06:00
Masashi Honma
6e454a1dd5 Fix CVEs (#1857) 
Resolves #1852.

usr/local/bin/kube-bench (gobinary)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0)

┌──────────────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────┐
│     Library      │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                          Title                           │
├──────────────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────┤
│ golang.org/x/net │ CVE-2025-22872 │ MEDIUM   │ fixed  │ v0.36.0           │ 0.38.0         │ The tokenizer incorrectly interprets tags with unquoted  │
│                  │                │          │        │                   │                │ attribute valu ...                                       │
│                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-22872               │
├──────────────────┼────────────────┤          │        ├───────────────────┼────────────────┼──────────────────────────────────────────────────────────┤
│ stdlib           │ CVE-2025-22871 │          │        │ v1.24.1           │ 1.23.8, 1.24.2 │ net/http: Request smuggling due to acceptance of invalid │
│                  │                │          │        │                   │                │ chunked data in net/http...                              │
│                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-22871               │
└──────────────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────┘

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2025-04-23 12:54:40 +06:00