github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,453 Commits 20 Branches 551 Tags
f70d81d7c48a6c5955fbea084598fe76bd6bda01
Commit Graph

3453 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthias Bertschy
cc9dcf827e Revert "use ubuntu-latest-16-cores runner for docker build" 
This reverts commit 76943d05fb.
v3.0.42-rc.2 		2025-10-15 10:01:39 +02:00
Matthias Bertschy
76943d05fb use ubuntu-latest-16-cores runner for docker build 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.42-rc.1 		2025-10-13 10:23:07 +02:00
Matthias Bertschy
621ac111cb Merge pull request #1880 from kubescape/hostagent-block 
fix: improve error handling in hostscanner pod validation
v3.0.42-rc.0 		2025-10-12 11:52:16 +02:00
Matthias Bertschy
3f80bce811 fix: improve error handling in hostscanner pod validation 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-10-10 16:13:43 +02:00
Matthias Bertschy
cc6895fc50 chore: update syft action to use latest version 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-10-10 15:00:35 +02:00
Matthias Bertschy
7d9d8e4b59 Merge pull request #1879 from kubescape/fix-post-release 
fix: post release action does not take tag from GITHUB_REF env var
 2025-10-08 15:57:44 +02:00
Amir Malka
f8d4bf515d fix: post release action does not take tag from GITHUB_REF env var 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2025-10-08 16:18:35 +03:00
Matthias Bertschy
774ebe4a5f bump python to 3.9 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-29 17:44:13 +02:00
Matthias Bertschy
45a07a8046 Merge pull request #1877 from kubescape/grype 
migrate to grype v0.99.1
v3.0.41 		2025-09-17 11:35:30 +02:00
Matthias Bertschy
ff96edae4d use grype v0.99.1 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.41-rc.0 		2025-09-17 10:11:19 +02:00
Matthias Bertschy
34b82cad27 Merge pull request #1875 from kkrypt0nn/master 
fix: Don't run scan in installation script
 2025-09-16 15:13:31 +02:00
Matthias Bertschy
1a4c979ab8 update golangci-lint config 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-16 13:54:23 +02:00
Matthias Bertschy
3481af4a5b bump golangci-lint action 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-16 11:48:02 +02:00
Ben Hirschberg
71dc7a702c Merge pull request #1876 from cx-anjali-deore/fix/policy-binding-param 
Fixed issue #1800 : Added parameterNotFoundAction in spec.paramRef while creating policy binding
 2025-09-15 10:17:52 +03:00
anjali-deore
6d92389285 Fixed issue 1800 
Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>
 2025-09-13 18:06:37 +05:30
Krypton
bd0be45c0b fix: Don't run scan in installation script 
Signed-off-by: Krypton <root@krypton.ninja>
 2025-09-12 19:54:31 +02:00
Amir Malka
7ebf078d0c fix post-release workflow (#1873) 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2025-09-02 19:51:20 +03:00
Matthias Bertschy
1bd729cf83 fix go tidy 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.40 v3.0.40-rc.1 		2025-09-02 14:45:12 +02:00
Matthias Bertschy
88b9b22bca Merge pull request #1857 from aadarsh-nagrath/default-matchers 
feat: add default matchers option to image scanning
v3.0.40-rc.0 		2025-09-02 14:25:29 +02:00
Matthias Bertschy
182162d521 gofmt 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-02 13:51:45 +02:00
Matthias Bertschy
1c02191bb1 Merge pull request #1866 from kubescape/tablewriter 
replace olekukonko/tablewriter with jedib0t/go-pretty
 2025-09-01 17:38:18 +02:00
Matthias Bertschy
ca66ccb33d replace olekukonko/tablewriter with jedib0t/go-pretty 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-01 16:38:42 +02:00
Matthias Bertschy
07eda20b88 Merge pull request #1869 from htsr/fix-imagescan-use-all-targets-exceptions 
fix(imagescan): use all targets in exceptions
 2025-09-01 16:29:04 +02:00
Matthias Bertschy
108c84d97d Merge pull request #1867 from cx-anjali-deore/feature/ListcontainerName 
Issue 1817 fix: Show container name in Assisted remediation
 2025-09-01 16:28:51 +02:00
Matthias Bertschy
35e7fa2b94 fix imports 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-09-01 15:49:31 +02:00
Hugo Thiessard
abb7917b29 fix(imagescan): use all targets in exceptions 
Previously, kubescape only used the first target in scan image exceptions.
Added a test to verify the fix.

Signed-off-by: Hugo Thiessard <htsr@pm.me>
 2025-09-01 15:05:00 +02:00
Matthias Bertschy
31ba56a0cf Merge pull request #1868 from kubescape/dependabot/go_modules/github.com/ulikunitz/xz-0.5.14 
Bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14
 2025-09-01 09:43:12 +02:00
dependabot[bot]
b3efe4d003 Bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 
Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.12 to 0.5.14.
- [Commits](https://github.com/ulikunitz/xz/compare/v0.5.12...v0.5.14)

---
updated-dependencies:
- dependency-name: github.com/ulikunitz/xz
  dependency-version: 0.5.14
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-01 05:35:18 +00:00
anjali-deore
5faade2b66 Fixed test cases 
Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>
 2025-08-31 17:37:32 +05:30
Matthias Bertschy
79207f66be don't read services from configmap, use file 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.39 v3.0.39-rc.0 		2025-08-29 15:21:25 +02:00
anjali-deore
af39f9a7ef fix removed space 
Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>
 2025-08-29 15:31:35 +05:30
anjali-deore
482b7c1f67 fix 1817 ,code cleanup 
Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>
 2025-08-29 15:20:00 +05:30
anjali-deore
82e2fd0be2 fix issue 1817,Added Container Name in control scan output 
Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>
 2025-08-29 15:20:00 +05:30
Matthias Bertschy
6eec751027 Merge pull request #1864 from kubescape/dependabot/go_modules/httphandler/github.com/hashicorp/go-getter-1.7.9 
Bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 in /httphandler
 2025-08-21 17:48:44 +02:00
dependabot[bot]
4a6480c8b4 Bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.8 to 1.7.9.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.8...v1.7.9)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.7.9
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-21 17:14:35 +02:00
Matthias Bertschy
a51bfa4c3e Merge pull request #1863 from kubescape/new_fix/issue_1284 
Issue 1284 fix: new approach implemented
 2025-08-19 16:02:53 +02:00
Yehudah Tor
2a48af3c17 new approach of fix implemented 
Signed-off-by: Yehudah Tor <yehudahtor@gmail.com>
 2025-08-19 12:22:15 +03:00
Matthias Bertschy
ffeb4577e3 refactor output formatting in prettyprinter and related files 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.38 v3.0.38-rc.1 		2025-08-18 12:15:54 +02:00
Matthias Bertschy
b5c7422355 Merge pull request #1862 from kubescape/threshold 
bump helm.sh/helm/v3 to 3.18.5
v3.0.38-rc.0 		2025-08-18 11:07:42 +02:00
Matthias Bertschy
e41b5d77a0 bump helm.sh/helm/v3 to 3.18.5 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-08-18 10:28:34 +02:00
Matthias Bertschy
5afaae8847 Merge pull request #1860 from kubescape/threshold 
return error on image when severity threshold exceeded
 2025-08-18 10:22:19 +02:00
Matthias Bertschy
011fc0689d return error on image when severity threshold exceeded 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-08-14 14:38:59 +02:00
aadarsh-nagrath
db30020c95 feat: add default matchers option to image scanning 
hey! added the default matchers option for image scanning as requested in #1838. now you can choose between stock matchers and CPE matchers when scanning images.

what's new:
- added --use-default-matchers flag to scan/image/patch commands
- true = stock matchers (default behavior)
- false = CPE matchers (more precise)

usage:
# use CPE matchers for more precise detection
kubescape scan image nginx:latest --use-default-matchers=false

# or in scan command
kubescape scan --scan-images --use-default-matchers=false

everything's backward compatible - existing code works exactly the same. just added the new option for folks who want more control over their vulnerability detection.

fixes #1838

Signed-off-by: aadarsh-nagrath <anagrath1@gmail.com>
 2025-08-06 21:48:40 +05:30
Matthias Bertschy
c5341a356b fix prettyprinter test results 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.37 v3.0.37-rc.2 		2025-07-28 15:06:09 +02:00
Matthias Bertschy
85a7f57373 Merge pull request #1854 from kubescape/fixurls 
fix docs URL in tests
v3.0.37-rc.1 		2025-07-28 14:55:14 +02:00
Matthias Bertschy
cd9ebdf08f fix workflow permissions 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-07-28 14:44:36 +02:00
Matthias Bertschy
bc602a78ab fix docs URL in tests 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-07-28 14:41:25 +02:00
Matthias Bertschy
a2361fd155 Merge pull request #1853 from kubescape/dependabot/go_modules/github.com/containerd/containerd/v2-2.0.5 
Bump github.com/containerd/containerd/v2 from 2.0.4 to 2.0.5
v3.0.37-rc.0 		2025-07-28 14:26:07 +02:00
Matthias Bertschy
aa8d41fc2e fix workflow permissions 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-07-28 14:18:31 +02:00
dependabot[bot]
5bd4beb41f Bump github.com/containerd/containerd/v2 from 2.0.4 to 2.0.5 
Bumps [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v2.0.4...v2.0.5)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd/v2
  dependency-version: 2.0.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-28 14:14:59 +02:00