kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00

Author	SHA1	Message	Date
Matthias Bertschy	ff96edae4d	use grype v0.99.1 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-17 10:11:19 +02:00
Ben Hirschberg	71dc7a702c	Merge pull request #1876 from cx-anjali-deore/fix/policy-binding-param Fixed issue #1800 : Added parameterNotFoundAction in spec.paramRef while creating policy binding	2025-09-15 10:17:52 +03:00
anjali-deore	6d92389285	Fixed issue 1800 Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>	2025-09-13 18:06:37 +05:30
Matthias Bertschy	88b9b22bca	Merge pull request #1857 from aadarsh-nagrath/default-matchers feat: add default matchers option to image scanning	2025-09-02 14:25:29 +02:00
Matthias Bertschy	182162d521	gofmt Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-02 13:51:45 +02:00
Matthias Bertschy	011fc0689d	return error on image when severity threshold exceeded Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-08-14 14:38:59 +02:00
aadarsh-nagrath	db30020c95	feat: add default matchers option to image scanning hey! added the default matchers option for image scanning as requested in #1838. now you can choose between stock matchers and CPE matchers when scanning images. what's new: - added --use-default-matchers flag to scan/image/patch commands - true = stock matchers (default behavior) - false = CPE matchers (more precise) usage: # use CPE matchers for more precise detection kubescape scan image nginx:latest --use-default-matchers=false # or in scan command kubescape scan --scan-images --use-default-matchers=false everything's backward compatible - existing code works exactly the same. just added the new option for folks who want more control over their vulnerability detection. fixes #1838 Signed-off-by: aadarsh-nagrath <anagrath1@gmail.com>	2025-08-06 21:48:40 +05:30
dependabot[bot]	01531b6276	Bump github.com/open-policy-agent/opa from 1.3.0 to 1.4.0 Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-policy-agent/opa/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/open-policy-agent/opa dependency-version: 1.4.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-28 12:20:18 +02:00
Ben Hirschberg	35288e7b85	Merge pull request #1846 from kubescape/fix/update-links Fix/update links	2025-07-27 10:01:27 +03:00
Matthias Bertschy	cd046fa695	fix buildnumber test Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-07-26 11:08:43 +02:00
Matthias Bertschy	daabd6c81a	do not fail version if update info cannot be fetched Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-07-25 08:48:27 +02:00
Yehudah Tor	5b351d5eec	Done URL ref's before problematic ones Signed-off-by: Yehudah Tor <yehudahtor@gmail.com>	2025-07-24 12:11:31 +03:00
Matthias Bertschy	6ed3e408be	check scanInfo.Submit in HandleResults to not submit by default Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-06-30 08:16:41 +02:00
Ben	2bd686131e	Incorporating review Signed-off-by: Ben <ben@armosec.io>	2025-06-10 14:32:26 +03:00
Ben	1ea4e0c304	Add configuration scan tools and resource handling Implemented two new tools: 'list_configuration_security_scan_manifests' for listing available configuration scan manifests and 'get_configuration_security_scan_manifest' for retrieving details of a specific manifest. Added a resource template for configuration manifests and integrated these tools into the mcpserver. Signed-off-by: Ben <ben@armosec.io>	2025-06-09 09:11:28 +03:00
Ben	1c2c928732	Failing build Signed-off-by: Ben <ben@armosec.io>	2025-05-23 15:13:22 +03:00
Ruslan Semagin	3b10443ff5	fix: goimports Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-04-01 12:26:15 +03:00
Ruslan Semagin	218e3914b1	test: increase test coverage Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-04-01 10:12:35 +03:00
Matthias Bertschy	97c83a652b	updating prerequisites to support custom kubeconfig Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-03-18 10:02:17 +01:00
Matthias Bertschy	75b295d579	update prerequisites command Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-02-26 11:20:33 +01:00
Matthias Bertschy	5d4bd2e94e	removing enable/disable colors, as not compatible with all loggers Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-02-18 11:38:47 +01:00
Matthias Bertschy	daadb5b804	update prerequisites Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-02-14 16:10:31 +01:00
Ruslan Semagin	835bcbeb12	fix: format imports with goimports Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-12 12:15:14 +03:00
Ruslan Semagin	2e4f7c4477	fix: add error handling and context propagation Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-12 09:02:01 +03:00
Ruslan Semagin	fe7dad4560	Refactor: propagate context from main to avoid redundant context creation - Introduced a single context in main() to handle interrupt signals (os.Interrupt, syscall.SIGTERM). - Removed repetitive context creation in the program by reusing the propagated context. - Improved code readability and maintainability by centralizing context management. - Ensured consistent handling of graceful shutdown across the program. Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-11 19:52:48 +03:00
VaibhavMalik4187	0545818f82	Added tests and improvements for image exceptions Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
VaibhavMalik4187	199c57be30	WIP: Load image exceptions from file Added initial commit to start loading image exceptions from json files. Currently, it supports vulnerability exceptions using their CVE-IDs. Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
VaibhavMalik4187	7d55c79f11	Feature: Added exceptions flag in scan image cmd This commit introduces the "exceptions" flag in the scan image command. Users can pass a list of vulnerabilities they ignore while scanning an image using this flag. Also added tests for the same. Fixes: https://github.com/kubescape/kubescape/issues/1564 Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
Eng Zer Jun	2005010568	Replace `golang.org/x/exp/slices` with `slices` from stdlib (#1783 )	2025-01-17 20:51:08 +02:00
Matthias Bertschy	b6c919feb1	add prerequisites command Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-01-16 14:10:40 +01:00
Amir Malka	14ffe35437	add trigger by indication in posture report Signed-off-by: Amir Malka <amirm@armosec.io>	2025-01-09 16:13:29 +02:00
Matthias Bertschy	70a9380966	fix go imports Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-01-09 12:14:56 +01:00
Ben	4f3ef49f99	Implementing capability to print out the "print" statements of the rego Signed-off-by: Ben <ben@armosec.io>	2024-11-20 00:10:18 +02:00
Matthias Bertschy	ac0d982531	fix generated ValidatingAdmissionPolicyBinding Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-07-15 16:05:27 +02:00
Matthias Bertschy	2d77ea7b62	use pager.EachListItem to filter parented resources Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-07-03 16:41:12 +02:00
Anubhav Gupta	2bbedc99dd	Merge branch 'master' of ssh://github.com/kubescape/kubescape into copa-grype	2024-06-22 08:59:18 +05:30
Matthias Bertschy	d6d2315ad0	fixes for vap helper Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-06-04 13:41:00 +02:00
Ben	65aa28dd38	renaming command Signed-off-by: Ben <ben@armosec.io>	2024-06-03 23:33:01 +03:00
Anubhav Gupta	160709eabf	Merge branch 'master' of ssh://github.com/kubescape/kubescape into copa-grype	2024-05-17 13:37:25 +05:30
Ben	0863d845e1	Adding two helper functions for VAP and CEL admission library Signed-off-by: Ben <ben@armosec.io>	2024-05-09 14:32:04 +03:00
Matthias Bertschy	9521cf1974	bump syft version Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-04-29 14:00:18 +02:00
fanqiaojun	bd35d521f2	Fix some comments Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>	2024-04-13 15:42:01 +08:00
Anubhav Gupta	6ee6a78a75	Merge branch 'master' of https://github.com/kubescape/kubescape into copa-grype	2024-04-09 21:37:46 +05:30
Matthias Bertschy	2429d2b89d	move versioncheck to kubescape/backend Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-03-06 14:44:37 +01:00
Anubhav Gupta	f0c3a568f0	change reference from anubhav06 to project-copacetic Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>	2024-03-05 17:36:48 +01:00
David Wertenteil	522cc3a454	Merge pull request #1305 from hoorayman/fix/cmd-framework-redundant-code fix(cmd/scan/framework.go): remove redundant code	2024-03-03 15:16:44 +02:00
David Wertenteil	ea7a8bef94	Fix/backlog (#1613 ) * Many minor improvements Signed-off-by: David Wertenteil <dwertent@armosec.io> * Handle fw scan error Signed-off-by: David Wertenteil <dwertent@armosec.io> * Remove prometheus docs Signed-off-by: David Wertenteil <dwertent@armosec.io> * fix workload threshold Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed units Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-02-26 22:42:41 +02:00
hoorayman	f1eaf09570	fix(cmd/scan/framework.go): remove redundant code Signed-off-by: hoorayman <813458665@qq.com>	2024-02-20 10:40:17 +08:00
Matthias Bertschy	3e287db1f9	remove libgit files and dependencies Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-01-20 10:24:21 +01:00
Matthias Bertschy	fb3357fba4	Merge pull request #1546 from kubescape/set-default-format Set default format	2023-11-27 11:02:49 +01:00

1 2 3 4 5 ...

298 Commits