1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-05-06 17:09:23 +00:00
Commit Graph

1188 Commits

Author SHA1 Message Date
afdesk
9815f99e2c
release: prepare v0.10.6 (#1863) 2025-04-24 21:59:01 +06:00
afdesk
56bb426fce
fix: update kubectl to v1.33.0 (#1861) 2025-04-24 20:05:35 +06:00
afdesk
5feae8a80d
release: prepare v0.10.5 (#1860) 2025-04-23 18:02:04 +06:00
dependabot[bot]
00cd12ef19
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1855)
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.57.0 to 1.57.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.57.0...service/eks/v1.57.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-version: 1.57.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-23 14:28:26 +06:00
dependabot[bot]
d1e948acd3
build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1847)
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.9 to 1.29.12.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.9...config/v1.29.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-23 14:14:56 +06:00
dependabot[bot]
c4c5317f44
build(deps): bump github.com/magiconair/properties from 1.8.9 to 1.8.10 (#1854)
Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties) from 1.8.9 to 1.8.10.
- [Release notes](https://github.com/magiconair/properties/releases)
- [Commits](https://github.com/magiconair/properties/compare/v1.8.9...v1.8.10)

---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
  dependency-version: 1.8.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-23 13:18:08 +06:00
Masashi Honma
6e454a1dd5
Fix CVEs (#1857)
Resolves #1852.

usr/local/bin/kube-bench (gobinary)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0)

┌──────────────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────┐
│     Library      │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                          Title                           │
├──────────────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────┤
│ golang.org/x/net │ CVE-2025-22872 │ MEDIUM   │ fixed  │ v0.36.0           │ 0.38.0         │ The tokenizer incorrectly interprets tags with unquoted  │
│                  │                │          │        │                   │                │ attribute valu ...                                       │
│                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-22872               │
├──────────────────┼────────────────┤          │        ├───────────────────┼────────────────┼──────────────────────────────────────────────────────────┤
│ stdlib           │ CVE-2025-22871 │          │        │ v1.24.1           │ 1.23.8, 1.24.2 │ net/http: Request smuggling due to acceptance of invalid │
│                  │                │          │        │                   │                │ chunked data in net/http...                              │
│                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-22871               │
└──────────────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────┘

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2025-04-23 12:54:40 +06:00
afdesk
cd322c587c
chore(ci): bump up golangci version to v1.64 (#1849) 2025-04-04 15:44:59 +06:00
Bastian Nutzinger
d28ea670c8
add necessary mounts for /var/vcap/data/jobs & sys (#1841) 2025-04-03 14:47:07 +06:00
Masashi Honma
6a46d64538
1.1.15, 1.1.17 of rke2-cis-1.7 fails (#1844)
Resolves #1843.

This PR adds pathes to schedulerkubeconfig and controllermanagerkubeconfig to
fix the failures. And replace hard coded values with variables.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2025-04-02 14:52:03 +06:00
dependabot[bot]
6edf7e590c
build(deps): bump k8s.io/client-go from 0.32.2 to 0.32.3 (#1833)
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.2 to 0.32.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.2...v0.32.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-18 17:13:33 +06:00
dependabot[bot]
a686691252
build(deps): bump k8s.io/apimachinery from 0.32.2 to 0.32.3 (#1834)
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.32.2 to 0.32.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.2...v0.32.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-18 16:55:05 +06:00
dependabot[bot]
486272f8db
build(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 (#1830)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.36.0.
- [Commits](https://github.com/golang/net/compare/v0.33.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-18 13:51:13 +06:00
afdesk
152d0e7528
release: prepare v0.10.4 (#1829) 2025-03-11 22:33:47 +06:00
mjshastha
c74ce3a813
fix: address vulnerabilities in kubectl (#1828)
kubectl has vulnerabilities in the stable version, it was fixed in 1.33.0-alpha.3
2025-03-11 18:06:25 +06:00
dependabot[bot]
594eb2cf18
build(deps): bump golang from 1.23.6 to 1.24.0 (#1805)
Bumps golang from 1.23.6 to 1.24.0.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: afdesk <work@afdesk.com>
2025-03-11 12:14:58 +06:00
dependabot[bot]
eb375f4d9d
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1826)
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.56.1 to 1.57.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.56.1...service/s3/v1.57.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-11 11:43:18 +06:00
dependabot[bot]
8c385ffb08
build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1827)
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.8 to 1.29.9.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.8...config/v1.29.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-11 11:24:39 +06:00
afdesk
b6a88e8282
release: prepare v0.10.3 (#1825) 2025-03-05 16:27:10 +06:00
dependabot[bot]
01afe91352
build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#1809)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.1 to 1.9.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.1...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-05 14:49:20 +06:00
dependabot[bot]
d85a765a00
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1824)
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.55.8 to 1.56.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/wafv2/v1.55.8...service/s3/v1.56.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-05 14:28:05 +06:00
dependabot[bot]
99d3eb6a9e
build(deps): bump k8s.io/client-go from 0.32.1 to 0.32.2 (#1811)
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.1 to 0.32.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-05 14:16:31 +06:00
dependabot[bot]
bd6eae0c97
build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1821)
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.29.4 to 1.29.8.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.29.4...config/v1.29.8)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: afdesk <work@afdesk.com>
2025-03-05 13:54:22 +06:00
mjshastha
b0cb472482
fix: Add default case to CIS benchmark version selection (#1823)
This commit adds a default case to the switch statements for both "rancher" and "rke2" platforms. This ensures that a fallback CIS benchmark version ("rke-cis-1.7" and "rke2-cis-1.7" respectively) is returned when the Kubernetes version does not match any of the explicitly defined cases.
2025-03-05 13:43:06 +06:00
dependabot[bot]
7f2f0f3227
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.36.0 to 1.36.3 (#1822)
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.36.0 to 1.36.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.36.0...v1.36.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-04 17:58:09 +06:00
dependabot[bot]
c8d80e6354
build(deps): bump alpine from 3.21.2 to 3.21.3 (#1806)
Bumps alpine from 3.21.2 to 3.21.3.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: afdesk <work@afdesk.com>
2025-03-04 13:32:03 +06:00
Simon Alexander Alsing
c40b2a72e2
fix: typo of applicaions which should have been applications (#1819) 2025-03-04 12:27:13 +06:00
Lihiz
949999145e
DEVOPS-934: Fix UBI image labels in order to be able to pass Red Hat pre-flight checks (#1812)
* DEVOPS-934: Fix UBI image labels in order to be able to pass Red Hat pre-flight checks
2025-02-19 15:25:31 +02:00
afdesk
422a7fc5b1
release: prepare v0.10.2 (#1803) 2025-02-12 20:41:39 +06:00
afdesk
18e7e35919
fix: suppress vulnerabilities in kubectl (#1802) 2025-02-12 20:26:50 +06:00
afdesk
f9e2c77967
ci: bump up Go version to 1.23.6 in Github workflows (#1801) 2025-02-12 20:13:43 +06:00
Grischa Ekart
2de22f84fc
Updated version in documentation and using a version var (#1799) 2025-02-12 12:15:11 +06:00
Masashi Honma
fcb6517b8b
Bump golang from 1.23.5 to 1.23.6 to fix CVE-2025-22866 (#1800)
This is the scan result of Trivy.

usr/local/bin/kube-bench (gobinary)
===================================
Total: 1 (UNKNOWN: 1, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────┬────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │        Fixed Version         │                   Title                    │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────┼────────────────────────────────────────────┤
│ stdlib  │ CVE-2025-22866 │ UNKNOWN  │ fixed  │ 1.23.5            │ 1.22.12, 1.23.6, 1.24.0-rc.3 │ Timing sidechannel for P-256 on ppc64le in │
│         │                │          │        │                   │                              │ crypto/internal/nistec                     │
│         │                │          │        │                   │                              │ https://avd.aquasec.com/nvd/cve-2025-22866 │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴──────────────────────────────┴────────────────────────────────────────────┘

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2025-02-10 12:11:21 +06:00
afdesk
60d1842d0d
release: prepare v0.10.1 (#1797) 2025-02-04 22:08:07 +06:00
Abubakr-Sadik Nii Nai Davis
26aaeecc0f
fix: required fixes for rke-cis 1.7 / 1.28 / 1.29 (#1792) 2025-02-04 18:19:05 +06:00
dependabot[bot]
c04b700d8a
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1794)
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.55.3 to 1.55.8.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.55.3...service/wafv2/v1.55.8)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 18:01:51 +06:00
dependabot[bot]
4d82ee7f9a
build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1795)
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.28.10 to 1.29.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.10...config/v1.29.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 17:43:45 +06:00
dependabot[bot]
62a54424cb
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.32.8 to 1.36.0 (#1796)
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.32.8 to 1.36.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.32.8...v1.36.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 17:30:37 +06:00
dependabot[bot]
a7bd33cd02
build(deps): bump k8s.io/client-go from 0.32.0 to 0.32.1 (#1785)
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.0 to 0.32.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.0...v0.32.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 17:18:32 +06:00
Masashi Honma
c9985a6e9b
Bump golang from 1.23.4 to 1.23.5 to fix vulnerabilities. (#1793)
This is the scan result of Trivy.

usr/local/bin/kube-bench (gobinary)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │        Fixed Version        │                            Title                             │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────────────────┼──────────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2024-45336 │ MEDIUM   │ fixed  │ v1.23.4           │ 1.22.11, 1.23.5, 1.24.0-rc2 │ golang: net/http: net/http: sensitive headers incorrectly    │
│         │                │          │        │                   │                             │ sent after cross-domain redirect                             │
│         │                │          │        │                   │                             │ https://avd.aquasec.com/nvd/cve-2024-45336                   │
│         ├────────────────┤          │        │                   │                             ├──────────────────────────────────────────────────────────────┤
│         │ CVE-2024-45341 │          │        │                   │                             │ golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can │
│         │                │          │        │                   │                             │ bypass URI name...                                           │
│         │                │          │        │                   │                             │ https://avd.aquasec.com/nvd/cve-2024-45341                   │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────────────────┴──────────────────────────────────────────────────────────────┘

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2025-02-04 17:06:14 +06:00
dependabot[bot]
368a8b5017
build(deps): bump k8s.io/apimachinery from 0.32.0 to 0.32.1 (#1782)
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.32.0 to 0.32.1.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.0...v0.32.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 16:55:04 +06:00
dependabot[bot]
b1547c0b6b
build(deps): bump golang from 1.23.4 to 1.23.5 (#1787)
Bumps golang from 1.23.4 to 1.23.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-04 16:42:00 +06:00
afdesk
fcfb537ac1
fix(ci): add missed args for building docker images (#1788) 2025-01-21 22:36:54 +06:00
Lihiz
5557601134
DEVOPS-788: in order to pass RedHat operator certification, labels mu… (#1781)
* DEVOPS-788: in order to pass RedHat operator certification, labels must be set on images

---------

Co-authored-by: Lihi Zitzer <lihi.zitzer@aquasec.com>
2025-01-20 17:47:55 +02:00
afdesk
5967494a5e
release: prepare v0.10.0 (#1777) 2025-01-16 09:50:56 +06:00
afdesk
08574d779f
chore: bump up Go version to 1.23.4 (#1776)
* chore; bump up Go version to 1.23.4

* chore(ci): set up a timeout for go linter

* chore: remove deprecated linter checks

* chore: bump up golinter timeout to 10sec

* chore: bump up golinter action version to v1.61

* chore: fix linter errors

* chore: set up a timeout for golinter in Github action
2025-01-15 23:02:16 +06:00
dependabot[bot]
4e70640598
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1770)
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.55.0 to 1.55.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.55.0...service/iot/v1.55.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-15 15:46:30 +06:00
dependabot[bot]
362e95a219
build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1769)
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.28.6 to 1.28.10.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.6...config/v1.28.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-15 15:01:02 +06:00
dependabot[bot]
9e526e6c5f
build(deps): bump github.com/golang/glog from 1.2.3 to 1.2.4 (#1774)
Bumps [github.com/golang/glog](https://github.com/golang/glog) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/golang/glog/releases)
- [Commits](https://github.com/golang/glog/compare/v1.2.3...v1.2.4)

---
updated-dependencies:
- dependency-name: github.com/golang/glog
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 15:50:02 +06:00
dependabot[bot]
438dc0922c
build(deps): bump alpine from 3.21.0 to 3.21.2 (#1773)
Bumps alpine from 3.21.0 to 3.21.2.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 11:04:55 +06:00