v2.3.0

• Nancy dependency check (#483)

  • [FEAT] Adding Nancy dependency check for golang.

• Optional shellcheck (#488)

  • [FEAT] From now on, shellcheck is not enabled by default. To enable it, use the -j flag.
  • [FIX] Fixing error in shellcheck output parse

v2.2.1

• Disable docker pull with -D flag (#486).
  • [FIX] Fixing error that cli was trying to pull images with active disable docker flag.

v2.2.0

• Fix data-races when running analysis (#477)

  • [FIX] Adding corrections to run tests with data-races

• Improvement on Swift rules description (#479)

  • [CHORE] Adding CWE links in all descriptions of swift rules

• Feature/dependency-check (#478)

  • [FEAT] Adding new tool owasp dependency check for languages: Python, Ruby, Javascript/Typescript, Java, C#

• Feature/dotnet cli (#480)

  • [FEAT] Adding new tool dotnet-cli for languages: C#

v2.1.0

• New support for swift language
• Improvent "how to add new language using horusec-engine"

v2.0.2

• Adding horusec version of print using json file

v2.0.1

• Update on the analysis tool gitleaks to the latest version available;
• Correction for analysis in the git history ignoring files inside the .git folder.

v2.0.0

In this new version we had the separation of the repositories between the horusec web platform and the CLI to see more details see the article published on the zup blog.

In this new version, in addition to the code migration, we implemented some new features:

• Only possible vulnerabilities of the type Vulnerability will be presented in the output, if you want to view other types such as False Positive, Risk Accepted, among others just use the new option: show-vulnerabilities-types;
• We have updated the hash generation to contain the author of the commit, it may happen that some pipelines are blocked due to vulnerabilities, just update the hashes in your configuration file or if you are using only the dealings via the web application just run the migration in your environment.
• We removed some options that were depreciated, such as:
  • Ignore tool using the tools-ignore flag;
    • Remembering that you can still ignore security tools using the horusecCliToolsConfig configuration file option;
  • Create a filter-path directory filter;
• We fixed some bugs in the option workDir and commitAuthors.

v1.9.3

• Updating engine version to fix wrong column value

v1.9.2

• Fixing sonarqube malformed output
• Modifing pipeline of security

v1.10.3

• Removing messages service unnecessary env variable 'address' in #432
• Updating engine version to fix wrong column value in #439