github-actions[bot]
commented
1 month ago Dependency Review
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.
OpenSSF Scorecard
| Package | Version | Score | Details |
|---|
Closed sscheib closed 1 month ago
github-actions[bot]
commented
1 month ago ✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.
| Package | Version | Score | Details |
|---|
This PR contains the following updates:
v2.1.1->v2.1.2Note: The
pre-commitmanager in Renovate is not supported by thepre-commitmaintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.Release Notes
Checkmarx/kics (Checkmarx/kics)
### [`v2.1.2`](https://togithub.com/Checkmarx/kics/releases/tag/v2.1.2) [Compare Source](https://togithub.com/Checkmarx/kics/compare/v2.1.1...v2.1.2) #### What's Changed - update(dockerfile): update go version and golden images by [@cx-ruiaraujo](https://togithub.com/cx-ruiaraujo) in [https://github.com/Checkmarx/kics/pull/7186](https://togithub.com/Checkmarx/kics/pull/7186) - update(githubaction): update github action version by [@cx-monicac](https://togithub.com/cx-monicac) in [https://github.com/Checkmarx/kics/pull/7185](https://togithub.com/Checkmarx/kics/pull/7185) - update(certifi): update python certifi version on queries_validator requirements by [@ArturRibeiro-CX](https://togithub.com/ArturRibeiro-CX) in [https://github.com/Checkmarx/kics/pull/7188](https://togithub.com/Checkmarx/kics/pull/7188) - build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/Checkmarx/kics/pull/7190](https://togithub.com/Checkmarx/kics/pull/7190) - fix(resolver): max resolver depth considered while searching for cyclic references by [@EduardoSemanas](https://togithub.com/EduardoSemanas) in [https://github.com/Checkmarx/kics/pull/7199](https://togithub.com/Checkmarx/kics/pull/7199) - fix(query): fix unexpected behaviour in parameter-checking function for ARM queries by [@JulioSCX](https://togithub.com/JulioSCX) in [https://github.com/Checkmarx/kics/pull/7205](https://togithub.com/Checkmarx/kics/pull/7205) - update(fedramp): tackle IaC and SAST vulnerabilities by [@cx-ruiaraujo](https://togithub.com/cx-ruiaraujo) in [https://github.com/Checkmarx/kics/pull/7200](https://togithub.com/Checkmarx/kics/pull/7200) - docs(queries): update queries catalog by [@kicsbot](https://togithub.com/kicsbot) in [https://github.com/Checkmarx/kics/pull/7210](https://togithub.com/Checkmarx/kics/pull/7210) - fix(query): fix CWE field not appearing in KICS CLI and sarif reports by [@ArturRibeiro-CX](https://togithub.com/ArturRibeiro-CX) in [https://github.com/Checkmarx/kics/pull/7207](https://togithub.com/Checkmarx/kics/pull/7207) - update(workflow): add pattern validation for query name and description by [@JulioSCX](https://togithub.com/JulioSCX) in [https://github.com/Checkmarx/kics/pull/7208](https://togithub.com/Checkmarx/kics/pull/7208) - fix(packages): upgrade packages by [@cx-ruiaraujo](https://togithub.com/cx-ruiaraujo) in [https://github.com/Checkmarx/kics/pull/7226](https://togithub.com/Checkmarx/kics/pull/7226) - docs(queries): update queries catalog by [@kicsbot](https://togithub.com/kicsbot) in [https://github.com/Checkmarx/kics/pull/7220](https://togithub.com/Checkmarx/kics/pull/7220) - docs(kicsbot): preparing for release 2.1.2 by [@kicsbot](https://togithub.com/kicsbot) in [https://github.com/Checkmarx/kics/pull/7232](https://togithub.com/Checkmarx/kics/pull/7232) #### New Contributors - [@cx-monicac](https://togithub.com/cx-monicac) made their first contribution in [https://github.com/Checkmarx/kics/pull/7185](https://togithub.com/Checkmarx/kics/pull/7185) **Full Changelog**: https://github.com/Checkmarx/kics/compare/v2.1.1...v2.1.2Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.