github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 09:59:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,473 Commits 20 Branches 551 Tags
master
Commit Graph

378 Commits

Author SHA1 Message Date
Sanskarzz
82120f9d31 added support for exception rules 
Signed-off-by: Sanskarzz <sanskar.gur@gmail.com>
 2025-02-07 12:15:56 +01:00
Fernando-hub527
13cf34bffd refactor: update Maroto version to v2 
Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>
 2025-02-05 21:31:22 -03:00
Eng Zer Jun
2005010568 Replace golang.org/x/exp/slices with slices from stdlib (#1783) 2025-01-17 20:51:08 +02:00
Matthias Bertschy
b6c919feb1 add prerequisites command 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-01-16 14:10:40 +01:00
Amir Malka
d966b0acbc update opa-utils 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2025-01-09 16:35:53 +02:00
Amir Malka
14ffe35437 add trigger by indication in posture report 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2025-01-09 16:13:29 +02:00
Matthias Bertschy
5e0b25b04a update go-git 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-01-09 09:42:36 +01:00
Matthias Bertschy
1ed1bb11f2 bump vulnerable deps 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-12-20 16:31:50 +01:00
dependabot[bot]
b348acd291 Bump golang.org/x/crypto from 0.27.0 to 0.31.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.31.0.
- [Commits](https://github.com/golang/crypto/compare/v0.27.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-13 15:31:42 +00:00
jnathangreeg
5655051a95 bump opa-utils version 
Signed-off-by: jnathangreeg <jonathang@armosec.io>
 2024-11-17 12:13:23 +02:00
dependabot[bot]
a6752a5a6d Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-12 08:33:28 +00:00
Matthias Bertschy
f64d5a03af bump opa and go-logger 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-09-30 17:40:38 +02:00
James Stronz
99985e3235 Bumped k8s-interface version to v0.0.174, the latest release 
Signed-off-by: James Stronz <comrumino@archstrike.org>
 2024-09-24 23:44:39 -05:00
comrumino
27782afeac Upgraded aws module dependencies to resolve the error failed to get cloud data. resourceKind: ClusterDescribe; error: not found, ResolveEndpointV2. This error is a known issue regarding incompatible service module versions. Refer to https://github.com/aws/aws-sdk-go-v2/issues/2370#issuecomment-1953308268 for more details. 
Signed-off-by: comrumino <comrumino@archstrike.org>
 2024-09-19 12:21:43 -05:00
dependabot[bot]
f3e78f9408 Bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.4+incompatible to 26.1.5+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.4...v26.1.5)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-21 05:56:42 +00:00
dependabot[bot]
377509fab8 Bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.0+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.0...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-06 15:39:44 +00:00
dependabot[bot]
e93eb942a8 Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 14:43:55 +00:00
dependabot[bot]
ef2ded1933 Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.5 to 0.7.7.
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.5...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-25 06:06:07 +00:00
dependabot[bot]
f2b621134c Bump go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace 
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.40.0 to 0.44.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.40.0...zpages/v0.44.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-25 05:49:43 +00:00
Anubhav Gupta
2bbedc99dd Merge branch 'master' of ssh://github.com/kubescape/kubescape into copa-grype 2024-06-22 08:59:18 +05:30
dependabot[bot]
e1fe7cda50 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity 
Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.1...sdk/azcore/v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-13 14:09:34 +00:00
Matthias Bertschy
f293606f81 Merge pull request #1682 from slashben/vap-helper-features 
Adding two helper functions for VAP and CEL admission library
 2024-06-04 23:12:05 +02:00
Matthias Bertschy
d6d2315ad0 fixes for vap helper 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-06-04 13:41:00 +02:00
David Wertenteil
0ee98351c0 fix scanning unsupported clouds 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2024-05-26 15:45:19 +03:00
Anubhav Gupta
160709eabf Merge branch 'master' of ssh://github.com/kubescape/kubescape into copa-grype 2024-05-17 13:37:25 +05:30
Ben
0863d845e1 Adding two helper functions for VAP and CEL admission library 
Signed-off-by: Ben <ben@armosec.io>
 2024-05-09 14:32:04 +03:00
David Wertenteil
da6faa3df0 Merge pull request #1680 from kubescape/fix/repo-scanning 
Fix scanning repo
 2024-05-07 09:16:20 +03:00
David Wertenteil
3cbd2c458d fix scanning repo 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2024-05-06 16:22:38 +03:00
dependabot[bot]
29a313e708 Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 
Bumps [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/cosign/compare/v2.2.3...v2.2.4)

---
updated-dependencies:
- dependency-name: github.com/sigstore/cosign/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-06 06:18:56 +00:00
David Wertenteil
2f208c0866 Merge pull request #1668 from kubescape/bump 
bump opa-utils
 2024-04-30 08:43:19 +03:00
Matthias Bertschy
9521cf1974 bump syft version 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-04-29 14:00:18 +02:00
Matthias Bertschy
8ec56976c5 bump opa-utils 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-04-25 18:48:40 +02:00
Anubhav Gupta
6ee6a78a75 Merge branch 'master' of https://github.com/kubescape/kubescape into copa-grype 2024-04-09 21:37:46 +05:30
Matthias Bertschy
22fc14ae50 bump deps for vulnerabilities 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-03-28 10:05:38 +01:00
YiscahLevySilas1
a8cc411945 update backend version 
Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>
 2024-03-26 12:06:21 +02:00
YiscahLevySilas1
0477f8cb03 use regolibrary v2 
Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>
 2024-03-26 09:05:01 +02:00
Anubhav Gupta
b9fd60b395 fix 
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
 2024-03-26 12:06:16 +05:30
Matthias Bertschy
708bf4477a Fix gitlab (#1639) 
* always use git token if we provide one

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

* bump go-git-url for gitlab fix

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

* fix action permissions for cosign signature

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

---------

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-03-18 11:02:39 +02:00
Matthias Bertschy
725eab67f9 bump go-git-url to fix private gitlab scans 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-03-14 08:51:56 +01:00
Matthias Bertschy
2429d2b89d move versioncheck to kubescape/backend 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-03-06 14:44:37 +01:00
Matthias Bertschy
f1c34efa97 bump go-git-url for self-hosted gitlab 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-03-06 11:51:36 +01:00
Anubhav Gupta
f0c3a568f0 change reference from anubhav06 to project-copacetic 
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
 2024-03-05 17:36:48 +01:00
Alfredo Garcia
fad8f2b272 Add Vulnerability scanning report to the summaryDetails section (#1615) 
* Add Vulnerability scanning report to the summaryDetails section

Signed-off-by: Alfredo Garcia <algarcia@vmware.com>

* Updating the opa-utils dependency version

Signed-off-by: Alfredo Garcia <algarcia@vmware.com>

---------

Signed-off-by: Alfredo Garcia <algarcia@vmware.com>
 2024-03-01 14:59:23 +02:00
David Wertenteil
533edc6d05 Fixing exceptions for regovector objects 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2024-02-29 08:42:32 +02:00
Matthias Bertschy
ac6c5ca570 image scan add schema v1 support 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2024-02-28 10:25:16 +01:00
David Wertenteil
ea7a8bef94 Fix/backlog (#1613) 
* Many minor improvements

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* Handle fw scan error

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* Remove prometheus docs

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* fix workload threshold

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* fixed units

Signed-off-by: David Wertenteil <dwertent@armosec.io>

---------

Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2024-02-26 22:42:41 +02:00
dependabot[bot]
e644b6cc74 Bump helm.sh/helm/v3 from 3.12.1 to 3.14.2 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.12.1 to 3.14.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.12.1...v3.14.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-25 21:29:21 +00:00
David Wertenteil
6c5c1265d5 Bump k8s-interface version 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2024-02-22 18:23:48 +02:00
David Wertenteil
121e4ccad4 Merge pull request #1590 from kubescape/nolibgit 
remove libgit files and dependencies
 2024-02-21 15:29:04 +02:00
dependabot[bot]
036b7e25fa Bump github.com/moby/buildkit from 0.12.1 to 0.12.5 
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.12.1 to 0.12.5.
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](https://github.com/moby/buildkit/compare/v0.12.1...v0.12.5)

---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 11:15:26 +00:00