Skip to content

Releases: ZupIT/horusec

v1.4.2

28 Dec 13:23
@wiliansilvazup wiliansilvazup
v1.4.2
6c28d21
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.2
  • Fix keycloak environments
  • Update logs of gRCP communication
  • Add gRCP in health check route in horusec-account, horusec-api, horusec-analytics, horusec-auth
  • Update CLI configs
    • DEPRECATED flag tools-ignore
    • Add new option horusecCliToolsConfig for usage only horusec-config.json file with this option you can ignore an tool and pass image path if this tool is private in other repository
    • Add new option config-file-path for usage in global flags for pass location of your horusec-config.json very usage in horusec-cli image docker
    • Deprecating options that use a list in a string format such as "HASH1, HASH2" can now be used as an array in the horusec-config.json file
Assets 7
Loading

v1.4.1

14 Dec 16:26
@wiliansilvazup wiliansilvazup
v1.4.1
215b9ea
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.1

Updates:

  • New flag to bind path locally with horusec-cli docker image and change entry point in image;
  • Change Horusec-CLI to usage docker sock locally, improving analysis performance.
Assets 7
Loading

v1.4.0

08 Dec 21:08
@wiliansilvazup wiliansilvazup
v1.4.0
2a98dc4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.0

  • Update:

    • Fix link for install CLI in docs
    • Fix version stable for migrate-cli
    • Fix email port
    • Fix Get horusec-config.json path
    • Fix helm charts
    • Fix Horusec Logo in template e-mails
    • Adding logs in gRCP connection

  • New feature:

    • Adding unit test in Horusec Leaks rules
    • Adding Reset password and Update account screen and api
    • Improvements in webhook screen
    • Adding FlawFinder Tool suport for C and C++ PHP projects
    • Adding PhpCodeSniffer Tool suport for PHP projects
    • New flag to send headers dynamic into horusec-cli and horusec-api communication
Assets 7
Loading

v1.3.0

23 Nov 13:36
@wiliansilvazup wiliansilvazup
v1.3.0
160e31b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0

  • Adding suport for:

    • Javascript(nodejs, web-applications)
    • Typescript
    • C#(.net framework, .net, .net 5, .netcore 3.x)
    • Kubernetes(yaml)
    • PHP
    • C
    • HTML
    • JSON

  • New feature:

    • Adding webhook to dispatch analysis object with http-request
    • Integration with new tools in analysis: (semgrep, horusec-csharp, horusec-nodejs, horusec-kubernetes, eslint)

  • Update:

    • Fix nil pointer when not found code in vulnerability using horusec-engine
    • Fix some regexes in horusec-java and horusec-leaks
    • Migrate routes of auth-users of horusec-account to horusec-auth
    • Migrate horusec-lp to private repository
    • Change log error to warn if not found package-lock or .csproject or requirements.txt

Versions:

  • Services:
    • Horusec-Account=v0.7.0
    • Horusec-Analytic=v0.6.1
    • Horusec-Api=v2.6.0
    • Horusec-Manager=v1.3.0
    • Horusec-Auth=v1.1.0
    • Horusec-Messages=v1.6.0
    • Horusec-Migration=v0.0.1
    • Horusec-Webhook=v1.0.0
    • Horusec-CLI=v1.5.0
  • Tools:
    • Horusec-Leaks=v0.2.6
    • Horusec-Kotlin=v0.3.2
    • Horusec-Kubernetes=v1.0.0
    • Horusec-Nodejs=v1.0.0
    • Horusec-Csharp=v1.0.0
    • Horusec-Java=v0.3.5
    • Bandit=v1.0.1
    • Safety=v1.0.0
    • Brakeman=v1.0.0
    • Gosec=v1.0.0
    • NpmAudit=v1.0.0
    • YarnAudit=v1.0.0
    • Gitleaks=v1.0.2
    • Tfsec=v1.0.0
    • SecuriyCodeScan=v1.0.0
    • Semgrep=v1.0.0
    • EsLint=v1.0.0
Assets 7
Loading

v1.2.0

09 Nov 19:21
@wiliansilvazup wiliansilvazup
v1.2.0
a09fd47
Compare
Choose a tag to compare
v1.2.0
  • Adding option to have endpoints per environment variable in the frontend
  • Changing e2e tests to be applied according to the chosen environment
  • Adding new auth service with: Native Horusec, ldap and keycloak authentication
  • Changing frontend to behave according to authentication settings
  • Adding new feature "Application Admin"
  • Adding gRCP integration to Horusec
  • Change docker version requirements to warn in the log
  • Run migration in hook of the helm
Assets 7
Loading

v1.1.0

19 Oct 11:43
@wiliansilvazup wiliansilvazup
v1.1.0
d4b58fb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0
  • Getting automatic csproj, package-lock, requirements
  • Fixing dashboard of company visible only admin
  • Removing fields Type, VulnerabilityBellow and Version from analysis
  • Adding New permission supervisor
  • Adding token of organization
  • Adding create repository when pass via CLI using token of organization
  • Adding screen not found
  • Change to repository and user unique names
  • Adding screen to manipulate false positives, risk accept, vulnerabilities and corrected
  • Adding flag to skip and not broken pipeline if hash is false positive
  • Adding flag to skip and not broken pipeline if hash is risk accept
  • Adding CLI image to docker
  • Removing DEPRECATED manager
  • Fixing regexes in horusec-java
Assets 7
Loading

v1.0.1

02 Oct 19:50
@wiliansilvazup wiliansilvazup
v1.0.1
adf6442
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.1
  • Deprecated old horusec-manager
  • Fixing swagger in horus-analytics
  • Update README.md
  • Change github actions on run
  • Adding route to verify user if exists
  • Fixing ignore multiple paths
  • Fixing yarn.lock and package.lock found
Assets 2
Loading

v1.0.0

29 Sep 19:15
@wiliansilvazup wiliansilvazup
v1.0.0
c1bd1dd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0 
Update LICENSE
Assets 2
Loading