Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all dependencies #3

Closed
wants to merge 1 commit into from
Closed

Update all dependencies #3

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Jul 18, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
awscli patch 2.13.0 -> 2.13.1
checkov patch 2.3.234 -> 2.3.331
defenseunicorns/build-harness minor 1.7.0 -> 1.8.0
defenseunicorns/zarf minor 0.26.3 -> 0.28.2
defenseunicorns/zarf patch 0.28.1 -> 0.28.2
github.com/aws/aws-sdk-go require patch v1.44.299 -> v1.44.302
github.com/defenseunicorns/terraform-aws-uds-eks module patch v0.0.1-alpha -> v0.0.2
github.com/defenseunicorns/terraform-aws-uds-vpc module patch v0.0.2-alpha -> v0.0.2
github.com/terraform-aws-modules/terraform-aws-lambda module minor v5.0.0 -> v5.3.0
golang patch 1.20.5 -> 1.20.6
kubernetes/autoscaler patch 1.27.1 -> 1.27.2
kubernetes/autoscaler minor 9.28.0 -> 9.29.1
projectcalico/calico minor 3.25.1 -> 3.26.1
renovatebot/pre-commit-hooks repository minor 36.7.0 -> 36.10.0
terraform patch 1.5.2 -> 1.5.3
  • ⚠️ The E2E tests need to be run, they have a manual trigger. To start them add a comment to this PR that says /test all

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

aws/aws-cli (awscli)

v2.13.1

Compare Source

bridgecrewio/checkov (checkov)

v2.3.331

Compare Source

v2.3.330

Compare Source

v2.3.329

Compare Source

Feature
  • github: Add ability for External checks with git branch - #​5337
  • sca: add fix command and code for indirect deps - #​5347
Bug Fix
  • kubernetes: No dups when extracting images - #​5339

v2.3.328

Compare Source

v2.3.327

Compare Source

v2.3.326

Compare Source

Feature
  • sca: add fix code and command to cve report - #​5333
  • sca: fix code block array structure - #​5338
Bug Fix
  • general: properly encode non supported chars in SARIF uri field - #​5336
Documentation
  • sca: Add SCA skip comments to docs - #​5330

v2.3.325

Compare Source

v2.3.324

Compare Source

Bug Fix
  • kustomize: Added support for case where no parents are found for the relative fie path - #​5332
  • terraform: Update CKV2_AWS_12 for the new defaults - #​5203

v2.3.323

Compare Source

v2.3.322

Compare Source

v2.3.321

Compare Source

Feature
  • kustomize: Support child k8s resources inside kustomize origin annotations - #​5328

v2.3.320

Compare Source

Bug Fix
  • kustomize: Checked for existence of caller_file_path in definitions_raw - #​5324
  • openapi: Fix ws for CKV_OPENAPI_20 - #​5317
  • terraform: CKV_AWS_342 - managed rules have predefined actions - #​5322

v2.3.319

Compare Source

v2.3.318

Compare Source

Feature
  • general: support UTF-16 and other encodings in multiple frameworks - #​5308
  • kustomize: add back reverted kustomize annotations and update build github action to use github runners - #​5316
  • kustomize: Add origin annotations to calculate bases of kustomize checks - #​5298

v2.3.317

Compare Source

v2.3.316

Compare Source

Feature
  • secrets: Improve the entropy keyword combinator secret scanner - #​5307
Bug Fix
  • openapi: Fix CKV_OpenAPI_20 - #​5302
  • terraform: fix invalid value in CKV_AWS_304 - #​5301
  • terraform: support new field in CKV2_AWS_3 - #​5304

v2.3.315

Compare Source

v2.3.314

Compare Source

Feature
  • dockerfile: add ARM build for K8s container image - #​5293
  • general: Add checkov.spec to enable PyInstaller - #​5281
Bug Fix
  • terraform: remove CKV2_AZURE_18 check and improve CKV2_AZURE_1 - #​5294

v2.3.313

Compare Source

v2.3.312

Compare Source

Platform
  • general: use sca inline suppressions - #​5285

v2.3.311

Compare Source

Feature
  • openapi: New OpenAPI check CKV_OPENAPI_20 - #​5253

v2.3.310

Compare Source

Bug Fix
  • terraform: remove deprecated check CKV_GCP_67 - #​5275
Documentation

v2.3.309

Compare Source

Feature
  • graph: add experimental debug output for graph check evaluation - #​5257
Bug Fix
  • general: revert add composer files to supported package files - #​5269
Platform
  • general: add composer files to supported package files - #​5263

v2.3.308

Compare Source

v2.3.307

Compare Source

v2.3.306

Compare Source

Feature
  • terraform: add module check for commit hash revision usage - #​5261
Bug Fix
  • openapi: add security definition type validation into CKV_OPENAPI_9 - #​5262
  • secrets: fix secrets omit crash when value is not string - #​5260
  • terraform: ignore local modules in CKV_TF_1 - #​5264

v2.3.305

Compare Source

v2.3.304

Compare Source

v2.3.303

Compare Source

Bug Fix
  • arm: consider encryption property in CKV_AZURE_2 - #​5254

v2.3.302

Compare Source

Bug Fix
  • terraform: add missing AWS RDS CA certificate identifiers for aws_db_instance resource - #​5247

v2.3.301

Compare Source

Feature
  • general: remove log from parallel common - #​5244
Platform
  • general: Fix local repo generated name if ends with / - #​5243

v2.3.300

Compare Source

v2.3.299

Compare Source

Feature
  • terraform: ensure kms key policy is defined - #​5235
Bug Fix
  • sca: fix wrongly invoked Image Referencer scanning when scanning a single file - #​5237
  • terraform_plan: add terraform plan vertices to terraform graph if not exist - #​5230

v2.3.298

Compare Source

v2.3.297

Compare Source

v2.3.296

Compare Source

Bug Fix
  • dockerfile: negative is_dockerfile() lookup on .dockerignore suffix - #​5219
  • terraform: fix empty value issue for CKV_GIT_4 - #​5222
Documentation
  • graph: add jsonpath custom policy example - #​5221

v2.3.295

Compare Source

v2.3.294

Compare Source

Feature
  • gha: add skip_path flag to GHA and allow multiple values in var_file - #​5213
  • sca: add root package name and version to csv sbom - #​5211

v2.3.293

Compare Source

v2.3.292

Compare Source

Feature
  • arm: Handle another structure for SQL retention policy - #​5210
Bug Fix
  • secrets: limit line length for custom secrets - #​5208
  • terraform: Update GCP checks for plan files - #​5197

v2.3.291

Compare Source

v2.3.290

Compare Source

v2.3.289

Compare Source

Feature
  • sca: removing the using of the constant CHECKOV_DISPLAY_REGISTRY_URL - #​5204

v2.3.288

Compare Source

v2.3.287

Compare Source

Feature
  • general: add checkov_diff pre-commit hook for scanning all changed files - #​5192
Bug Fix
  • cloudformation: fix CKV_AWS_33 to consider deny statements - #​5193
Documentation
  • general: Update pre-commit.md - #​5190

v2.3.286

Compare Source

v2.3.285

Compare Source

Feature
  • arm: and bicep: Ensure that Azure Front Door uses WAF in "Detection" or "Prevention" modes CKV_AZURE_123 - #​5049
Bug Fix
  • general: handle cloned checks filtered via labels - #​5188
  • terraform: adjust CKV_AZURE_6 to comply with new provider version - #​5189

v2.3.284

Compare Source

v2.3.283

Compare Source

Feature
  • arm: Handle arm db servers 2021 05 01 - #​5187
  • terraform: Mark unresolved tf function calls as unresolved - #​5186
Documentation
  • general: Add Enforcement CLI Command - #​5185

v2.3.282

Compare Source

v2.3.281

Compare Source

Feature
  • terraform_plan: Expose field changes to python checks - #​5112
Bug Fix
  • general: Check that the result is not None before extracting vars in cli multiprocess runs - #​5183
  • general: Correctly handle cli graphs in case we run with multiprocessing - #​5177

v2.3.280

Compare Source

v2.3.279

Compare Source

v2.3.278

Compare Source

Bug Fix
  • kubernetes: dont' fail if spec is missing and default value is set to the fix value. - #​5167

v2.3.277

Compare Source

v2.3.276

Compare Source

Feature
  • arm: ARM and bicep checks for CKV_AZURE_121 - #​5029
  • terraform: Ensure Application Gateway defines secure SSL protocols CKV_AZURE_217, 218 - #​5027
  • terraform: Ensure Azure firewall sets threatintelMode to Deny - #​5013
  • terraform: Ensure firewall defines a policy - #​5038
  • terraform: Ensure Firewall policy has IDPS mode as deny - #​5039
Bug Fix
  • dockerfile: support platform flag in CKV_DOCKER_11 - #​5170
  • terraform: support condition in IAM policy data blocks - #​5171
  • terraform: Unable to download Terraform modules from JFrog Artifactory - #​5155

v2.3.275

Compare Source

v2.3.274

Compare Source

v2.3.273

Compare Source

Feature
  • ansible: add support of inline suppression for Ansible graph checks - #​5143
  • terraform: Use just AWS regex to check EC2Credentials - #​5159
Bug Fix
  • cloudformation: fix evaluate_default_refs func in cfn - #​5164
  • general: fix SARIF output related to security-severity field - #​5160
  • terraform: adjust CKV_AWS_85 to only look for one log type to pass - #​5162
  • terraform: update latest major version of Postgres to v15 - #​5163
Platform
  • general: Add no upload flag and report contributors for all API key runs - #​5052

v2.3.272

Compare Source

v2.3.271

Compare Source

v2.3.270

Compare Source

v2.3.269

Compare Source

v2.3.268

Compare Source

v2.3.267

Compare Source

Bug Fix
  • kubernetes: fix extracting k8s nested resources - #​5146
  • sca: suppression - fix unit testing - #​5158
  • sca: suppression is not working on SCA packages - #​5156

v2.3.266

Compare Source

v2.3.265

Compare Source

v2.3.264

Compare Source

Feature
  • terraform: don't fail CKV_AWS_2 on un-rendered value - #​5147
  • terraform: Foreach support resources edges - #​5145
Bug Fix
  • terraform: exclude unrestrictable actions in CKV_AWS_355 and CKV_AWS_356 - #​5135
Documentation
  • general: Update operators with examples - #​5137

v2.3.263

Compare Source

v2.3.262

Compare Source

v2.3.261

Compare Source

Feature
  • general: Added computation of git_root_path to igraph serialization - #​5107
  • sca: adding validation for the file_line_number - #​5132
  • terraform: foreach remove error from info log. - #​5139
Bug Fix
  • terraform: Should use UNKNOWN rather than skipped - #​5136

v2.3.260

Compare Source

v2.3.259

Compare Source

Feature
  • terraform: extend CKV2_AWS_5 with new resources - #​5129
  • terraform: IAM limit resource access - #​5015
Bug Fix
  • kustomize: fix empty kustomize file crash - #​5131
Platform
  • general: SBOM lines numbers adjusting - #​5127

v2.3.258

Compare Source

v2.3.257

Compare Source

Feature
  • sca: adding the risk factor v2 to the vulnerability details - #​5108
  • sca: dockerfile image-referencer fixes - #​5120
  • secrets: Add new pre-commit hook for secrets - #​5103
  • terraform: add check to look at star resources - #​4996
Bug Fix
  • gitlab: Skipping image blocks without name attribute - #​5126
  • terraform: fix terraform variable rendering for provider alias - #​5124
Platform
  • general: Enhancing Sarif output with Security Severity Level - #​5074

v2.3.256

Compare Source

v2.3.255

Compare Source

v2.3.254

Compare Source

v2.3.253

Compare Source

v2.3.252

Compare Source

v2.3.251

Compare Source

Feature
  • secrets: add jwt detector to the secret runner - #​5116
  • terraform: Adding yaml based build time policies for corresponding PC runtime policies - #​5089
  • terraform: AWS Ensure RDS performance insights uses a CMK - #​4985
  • terraform: NACL should restrict port ingress - #​4976
  • terraform: RDS Enable Performance insights - #​4983
Bug Fix
  • dockerfile: improve update searching in CKV_DOCKER_5 - #​5115
Documentation
  • general: Update CLI Command Reference.md - #​5114

v2.3.250

Compare Source

v2.3.249

Compare Source

v2.3.248

Compare Source

v2.3.247

Compare Source

Feature
  • general: add SPDX output - #​5104
  • kubernetes: seperate service acoount builder to improve performance - #​5093
  • sca: showing line numbers in the cli output for csv - #​5096
  • sca: showing line numbers in the cli output for licenses - #​5098

v2.3.246

Compare Source

v2.3.245

Compare Source

Feature
  • dockerfile: Support docker graph check skips - #​5085
  • sca: using the lines in the directly in the record, rather than in the "vulnerability_details" + having it in ExtraResources - #​5092

v2.3.244

Compare Source

v2.3.243

Compare Source

Feature
  • kubernetes: Improve k8s perf - #​5083
  • terraform: EMR - At rest local disk, EBS and in transit encryption checks - #​4968
Bug Fix
  • kubernetes: add mini k8s parser for invalid templates - #​5088
  • terraform: handle false-positives for Route53ZoneEnableDNSSECSigning - #​5084
Platform
  • general: Add lines to SBOM - #​5078
  • graph: upload graphs to the platform - #​5073

v2.3.242

Compare Source

v2.3.241

Compare Source

v2.3.240

Compare Source

Bug Fix
  • terraform: skip invalid multiple modules names - #​5079

v2.3.239

Compare Source

Bug Fix
  • sca: only run image referencer with sca_image framework - #​5081

v2.3.238

Compare Source

Feature
  • kustomize: Support inline skips for Kubernetes graph checks - #​5070

v2.3.237

Compare Source

Bug Fix
  • secrets: add filter for suppressed custom secret checks - #​5068
  • secrets: exclude Kubernetes secretName from secret scanning - #​5071
  • secrets: omit the code line - #​5075

v2.3.236

Compare Source

v2.3.235

Compare Source

defenseunicorns/build-harness (defenseunicorns/build-harness)

v1.8.0

Compare Source

What's Changed

Full Changelog: defenseunicorns/build-harness@1.7.1...1.8.0

v1.7.1

Compare Source

What's Changed

Package Update Change
flux2 patch 2.0.0 -> 2.0.1
golang patch 1.20.5 -> 1.20.6

Full Changelog: defenseunicorns/build-harness@1.7.0...1.7.1

defenseunicorns/zarf (defenseunicorns/zarf)

v0.28.2

Compare Source

What's Changed
Features
Fixes
Dependencies
Development
New Contributors

Full Changelog: zarf-dev/zarf@v0.28.1...v0.28.2

v0.28.1

Compare Source

What's Changed

Features

Fixes

Docs

Dependencies

Full Changelog: zarf-dev/zarf@v0.28.0...v0.28.1

v0.28.0

Compare Source

What's Changed

⚠️ Breaking Changes

This only impacts existing deployments using the k3s component from the default init package, and the deprecated APIs are outlined in the K8s Deprecated API Migration Guide. Chart manifests will need to be updated to support the new APIs and will need to be redeployed to the cluster ideally prior to upgrading k3s. Zarf-managed charts can detect deprecations and attempt migrations after a k3s update but any GitOps deployments will need to be updated manually (see the Helm mapkubeapis plugin if you need to do this after updating k3s)

Features

    

Rollup From v0.27 Patch Releases

Fixes

Rollup From v0.27 Patch Releases

Docs

Rollup From v0.27 Patch Releases

Dependencies

Rollup From v0.27 Patch Releases

Development


Configuration

📅 Schedule: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the renovate label Jul 18, 2023
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 489c23d to 5df8709 Compare July 18, 2023 21:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant