fix(deps): update securecodebox packages to v5.3.0
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| cascading-scans (source) | minor |
5.0.0 -> 5.3.0
|
| docker.io/securecodebox/hook-persistence-defectdojo | minor |
5.0.0 -> 5.3.0
|
| kube-hunter (source) | minor |
5.0.0 -> 5.3.0
|
| nikto (source) | minor |
5.0.0 -> 5.3.0
|
| nmap (source) | minor |
5.0.0 -> 5.3.0
|
| nuclei (source) | minor |
5.0.0 -> 5.3.0
|
| operator (source) | minor |
5.0.0 -> 5.3.0
|
| persistence-defectdojo (source) | minor |
5.0.0 -> 5.3.0
|
| ssh-audit | minor |
5.0.0 -> 5.3.0
|
| sslyze (source) | minor |
5.0.0 -> 5.3.0
|
| trivy (source) | minor |
5.0.0 -> 5.3.0
|
| trivy-sbom (source) | minor |
5.0.0 -> 5.3.0
|
| zap-automation-framework (source) | minor |
5.0.0 -> 5.3.0
|
Release Notes
secureCodeBox/secureCodeBox (cascading-scans)
v5.3.0
What's Changed
🚓 Security Scanner
- Upgraded gitleaks from v8.29.0 to v8.30.0 @secureCodeBoxBot (#3383, #3394)
- Upgraded nuclei from v3.5.1 to v3.6.0 @secureCodeBoxBot (#3405)
- Upgraded semgrep from 1.143.0 to 1.145.0 @secureCodeBoxBot (#3382, #3404)
- Upgraded subfinder from v2.10.0 to v2.10.1 @secureCodeBoxBot (#3386)
- Upgraded trivy from 0.67.2 to 0.68.1 @secureCodeBoxBot (#3402)
- Upgraded trivy-sbom from 0.67.2 to 0.68.1 @secureCodeBoxBot (#3403)
🐛 Bug Fixes
- Fixes Incompatability with newer Elasticsearch Systems by @conleth in #3391
- Fix secret name in helm template by @yyvfuruta in #3340
📚 Documentation
- Add Link to Blog Post "Automating Penetration Testing with SecureCodeBox on Kubernetes Kind Clusters Using GitHub Actions" by Yasmine Gharbi in #3395
📌 Dependencies
Minor dependency updates (18 pull requests). Click to expand.
- Update dependency helm/helm to v3.19.2 by @renovate[bot] in #3362
- Bump the npm-version-updates group in /documentation with 3 updates by @dependabot[bot] in #3387
- Bump @types/node from 24.10.0 to 24.10.1 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3388
- Bump the github-actions-version-updates group across 1 directory with 5 updates by @dependabot[bot] in #3389
- Bump the gradle-version-updates group across 1 directory with 2 updates by @dependabot[bot] in #3390
- Update dependency helm-unittest/helm-unittest to v1.0.3 by @renovate[bot] in #3270
- Bump @types/react from 19.2.6 to 19.2.7 in /documentation in the npm-version-updates group by @dependabot[bot] in #3396
- Bump the github-actions-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3397
- Bump nodemailer from 7.0.7 to 7.0.11 in /hooks/notification/hook by @dependabot[bot] in #3399
- Update golang Docker tag to v1.25.5 by @renovate[bot] in #3400
- Update alpine Docker tag to v3.23 by @renovate[bot] in #3401
- Bump node-forge from 1.3.1 to 1.3.2 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3393
- Bump mdast-util-to-hast from 13.2.0 to 13.2.1 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3406
- Bump the npm-version-updates group in /documentation with 2 updates by @dependabot[bot] in #3407
- Bump the github-actions-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3409
- Bump org.sonarqube from 7.1.0.6387 to 7.2.0.6526 in /hooks/persistence-defectdojo/hook in the gradle-version-updates group by @dependabot[bot] in #3408
- Update dependency helm/helm to v4 by @renovate[bot] in #3363
- Update dependency kubernetes/kubernetes to v1.34.3 - autoclosed by @renovate[bot] in #3412
New Contributors
- @yyvfuruta made their first contribution in #3340
- @conleth made their first contribution in #3391
Full Changelog: https://github.com/secureCodeBox/secureCodeBox/compare/v5.2.0...v5.3.0
v5.2.0
What's Changed
🚓 Security Scanner
- Upgraded gitleaks from v8.28.0 to v8.29.0 @secureCodeBoxBot (#3349)
- Upgraded nuclei from v3.4.10 to v3.5.1 @secureCodeBoxBot (#3365)
- Upgraded semgrep from 1.138.0 to 1.143.0 @secureCodeBoxBot (#3306, #3331, #3339, #3347, #3364)
- Upgraded subfinder from v2.9.0 to v2.10.0 @secureCodeBoxBot (#3379)
- Upgraded trivy from 0.67.0 to 0.67.2 @secureCodeBoxBot (#3321)
- Upgraded trivy-sbom from 0.67.0 to 0.67.2 @secureCodeBoxBot (#3320)
- Upgraded whatweb from v0.6.2 to v0.6.3 @secureCodeBoxBot (#3332)
- Avoid confusion in cascading scans between http on port 443 by @Reet00 in #3271
🐛 Bug Fixes
📚 Documentation
- Improve AWS Pod Identity / IRSA Docs by @J12934 in #3314
- Add SCBaaS button by @p4trickweiss in #3350
- Add proposed ADR to use CEL in CascadingRules by @J12934 in #3328
🔧 Maintenance
📌 Dependencies
Minor dependency updates (43 pull requests). Click to expand.
- Bump the pip-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3289
- Dependabot/gradle/hooks/persistence defectdojo/hook/gradle version updates
27032e4by @Weltraumschaf in #3281 - Bump github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0 in /auto-discovery/cloud-aws in the go-version-updates group across 1 directory by @dependabot[bot] in #3311
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3310
- Bump the npm-version-updates group across 2 directories with 2 updates by @dependabot[bot] in #3309
- Bump the npm-version-updates group in /documentation with 5 updates by @dependabot[bot] in #3307
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 5 updates by @dependabot[bot] in #3308
- Update golang Docker tag to v1.25.2 by @renovate[bot] in #3313
- Bump nodemailer from 6.10.1 to 7.0.7 in /hooks/notification/hook by @dependabot[bot] in #3312
- Update oven/bun Docker tag to v1.3 by @renovate[bot] in #3319
- Bump the npm-version-updates group in /documentation with 2 updates by @dependabot[bot] in #3322
- Bump the npm-version-updates group across 2 directories with 2 updates by @dependabot[bot] in #3323
- Bump the go-version-updates group across 3 directories with 1 update by @dependabot[bot] in #3325
- Update golang Docker tag to v1.25.3 by @renovate[bot] in #3326
- Bump the github-actions-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3324
- Bump github/codeql-action from 4.30.8 to 4.30.9 in /.github/workflows in the github-actions-version-updates group across 1 directory by @dependabot[bot] in #3335
- Bump @types/node from 24.7.2 to 24.8.1 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3336
- Bump python-gitlab from 6.4.0 to 6.5.0 in /scanners/git-repo-scanner/scanner in the pip-version-updates group across 1 directory by @dependabot[bot] in #3337
- Bump the npm-version-updates group in /documentation with 7 updates by @dependabot[bot] in #3334
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 2 updates by @dependabot[bot] in #3333
- Bump the npm-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3348
- Update Node.js to v24 by @renovate[bot] in #3346
- Bump @types/node from 24.8.1 to 24.9.1 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3345
- Bump github.com/onsi/ginkgo/v2 from 2.26.0 to 2.27.1 in /auto-discovery/cloud-aws in the go-version-updates group across 1 directory by @dependabot[bot] in #3344
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3343
- Update golang Docker tag to v1.25.4 by @renovate[bot] in #3352
- Bump the go-version-updates group across 3 directories with 3 updates by @dependabot[bot] in #3357
- Bump the github-actions-version-updates group across 1 directory with 3 updates by @dependabot[bot] in #3353
- Bump @types/node from 24.9.1 to 24.10.0 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3356
- Update dependency helm/helm to v3.19.1 by @renovate[bot] in #3358
- Update dependency go-task/task to v3.45.5 by @renovate[bot] in #3359
- Update dependency kubernetes/kubernetes to v1.34.2 by @renovate[bot] in #3361
- Bump the gradle-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3355
- Bump python-gitlab from 6.5.0 to 7.0.0 in /scanners/git-repo-scanner/scanner in the pip-version-updates group across 1 directory by @dependabot[bot] in #3354
- Bump js-yaml from 4.1.0 to 4.1.1 in /hooks/cascading-scans/hook by @dependabot[bot] in #3366
- Bump the npm-security-updates group across 3 directories with 1 update by @dependabot[bot] in #3368
- Update docker.io/bkimminich/juice-shop Docker tag to v19.1.1 by @renovate[bot] in #3370
- Bump js-yaml from 4.1.0 to 4.1.1 in /hooks/notification/hook by @dependabot[bot] in #3371
- Bump the npm-version-updates group in /documentation with 3 updates by @dependabot[bot] in #3373
- Bump js-yaml from 3.14.1 to 3.14.2 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3375
- Update debian Docker tag to v13.2 by @renovate[bot] in #3376
- Bump glob from 11.0.3 to 11.1.0 in /documentation in the npm-security-updates group across 1 directory by @dependabot[bot] in #3377
- Bump the go-version-updates group across 4 directories with 4 updates by @dependabot[bot] in #3374
- Bump the go-security-updates group across 3 directories with 1 update by @dependabot[bot] in #3380
Full Changelog: https://github.com/secureCodeBox/secureCodeBox/compare/v5.1.0...v5.2.0
v5.1.0
🚀 Features
- Make the healthchecks for the operator configurable via helm values by @J12934 in #3223
- Switch ncrack password encryption from RSA to age-encryption by @p4trickweiss in #3247
- Improve operator and auto-discovery log consistency and switch to json logs by @J12934 in #3227
🚓 Security Scanner
- Upgraded nuclei from v3.4.7 to v3.4.10 @secureCodeBoxBot (#3228, #3232)
- Upgraded semgrep from 1.131.0 to 1.138.0 @secureCodeBoxBot (#3211, #3231, #3248, #3258, #3269, #3283, #3296)
- Upgraded subfinder from v2.8.0 to v2.9.0 @secureCodeBoxBot (#3298)
- Upgraded trivy from 0.65.0 to 0.67.0 @secureCodeBoxBot (#3252, #3303)
- Upgraded trivy-sbom from 0.65.0 to 0.67.0 @secureCodeBoxBot (#3253, #3304)
- Upgraded whatweb from v6.0.1 to v0.6.2 @secureCodeBoxBot (#3236)
🐛 Bug Fixes
- Fix Dependency Track Hook by @p4trickweiss in #3290
- Added affinity and tolerations fields to ssh-audit-scan-type.yaml by @DevikHaruko in #3297
- Migrate scan kubernetes finalizers to avoid warnings about non-recommended finalizer url structure by @J12934 in #3226
📚 Documentation
- Fix minor documentation issues by @J12934 in #3221
- Replace Snyk badge with OpenSSF Scorecard Badge by @J12934 in #3233
- Update supported k8s versions to include new Kubernetes 1.34 release. by @J12934 in #3255
- Update Security Policy with new supported Versions and Update Advisory Publishing Process by @J12934 in #3235
🔧 Maintenance
- Automatically set labels for renovate MRs by @J12934 in #3203
- Renovate for ci.yaml dependencies by @J12934 in #3204
- Optimize Go Docker builds with native cross-compilation by @J12934 in #3206
- Migrate docker repository for petstore by @Reet00 in #3213
- Remove unnecessary create-blog-post script by @Weltraumschaf in #3244
- Migrate parser-sdk to typescript by @J12934 in #3254
- Changes the comments behind pinned actions to include their full version by @J12934 in #3264
- Rewrite pull-secret-extractor in Go by @p4trickweiss in #3267
- Pin GitHub Pipeline Action Dependencies and specify reduced pipeline permissions by @J12934 in #3229
📌 Dependencies
Minor dependency updates (41 pull requests). Click to expand.
- Update golang Docker tag by @renovate[bot] in #3207
- Update dependency go-task/task to v3.44.1 by @renovate[bot] in #3208
- Update dependency helm/helm to v3.18.5 by @renovate[bot] in #3209
- Update dependency kubernetes/kubernetes to v1.33.4 by @renovate[bot] in #3210
- Bump the go-version-updates group across 4 directories with 6 updates by @dependabot[bot] in #3217
- Bump the npm-version-updates group in /documentation with 2 updates by @dependabot[bot] in #3214
- Bump actions/checkout from 4 to 5 in /.github/workflows in the github-actions-version-updates group across 1 directory by @dependabot[bot] in #3216
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 3 updates by @dependabot[bot] in #3215
- Update docker.io/swaggerapi/petstore3 Docker tag to v1.0.27 by @renovate[bot] in #3218
- Update dependency helm/helm to v3.18.6 by @renovate[bot] in #3222
- Bump the go-version-updates group across 3 directories with 2 updates by @dependabot[bot] in #3240
- Bump io.freefair.lombok from 8.14 to 8.14.2 in /hooks/persistence-defectdojo/hook in the gradle-version-updates group by @dependabot[bot] in #3237
- Add pip to dependabot by @Reet00 in #3234
- Bump the npm-version-updates group across 1 directory with 2 updates by @dependabot[bot] in #3241
- Update dependency kubernetes-sigs/kind to v0.30.0 by @renovate[bot] in #3245
- Update dependency kubernetes/kubernetes to v1.34.0 by @renovate[bot] in #3246
- Dependabot/gradle/hooks/persistence defectdojo/hook/gradle version updates
7f209d1by @Weltraumschaf in #3251 - Update docker.io/bkimminich/juice-shop Docker tag to v19 by @renovate[bot] in #3257
- Update golang Docker tag to v1.25.1 by @renovate[bot] in #3256
- Bump the npm-version-updates group across 2 directories with 1 update by @dependabot[bot] in #3261
- Bump the npm-version-updates group in /documentation with 4 updates by @dependabot[bot] in #3260
- Bump the github-actions-version-updates group across 1 directory with 5 updates by @dependabot[bot] in #3265
- Update debian Docker tag to v13.1 by @renovate[bot] in #3266
- Bump the go-version-updates group across 4 directories with 9 updates by @dependabot[bot] in #3263
- Update dependency kubernetes/kubernetes to v1.34.1 by @renovate[bot] in #3268
- Bump the npm-version-updates group in /documentation with 2 updates by @dependabot[bot] in #3275
- Bump the npm-version-updates group across 2 directories with 1 update by @dependabot[bot] in #3277
- Update dependency helm/helm to v3.19.0 by @renovate[bot] in #3273
- Bump github/codeql-action from 3.30.1 to 3.30.3 in /.github/workflows in the github-actions-version-updates group across 1 directory by @dependabot[bot] in #3274
- Bump the go-version-updates group across 4 directories with 5 updates by @dependabot[bot] in #3278
- Update dependency go-task/task to v3.45.3 by @renovate[bot] in #3280
- Update dependency go-task/task to v3.45.4 by @renovate[bot] in #3282
- Update golang Docker tag to v1.25.1 by @renovate[bot] in #3288
- Bump @types/node from 24.4.0 to 24.5.2 in /hook-sdk/nodejs in the npm-version-updates group across 1 directory by @dependabot[bot] in #3287
- Bump oxsecurity/megalinter from 8.8.0 to 9.0.1 in /.github/workflows in the github-actions-version-updates group across 1 directory by @dependabot[bot] in #3286
- Bump tar-fs from 3.0.10 to 3.1.1 in /tests/integration in the npm-security-updates group across 1 directory by @dependabot[bot] in #3292
- Bump tar-fs from 3.1.0 to 3.1.1 in /hooks/notification/hook by @dependabot[bot] in #3291
- Bump tar-fs from 3.1.0 to 3.1.1 in /hooks/cascading-scans/hook by @dependabot[bot] in #3293
- Bump the npm-security-updates group across 2 directories with 1 update by @dependabot[bot] in #3294
- Bump the npm-version-updates group across 1 directory with 9 updates by @dependabot[bot] in #3300
- Bump the github-actions-version-updates group across 1 directory with 4 updates by @dependabot[bot] in #3302
New Contributors
- @p4trickweiss made their first contribution in #3247
- @DevikHaruko made their first contribution in #3297
Full Changelog: https://github.com/secureCodeBox/secureCodeBox/compare/v5.0.0...v5.1.0
Configuration
- If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by bot for Kubernetes GitOps Tooling Zone