defsec
defsec copied to clipboard
aquasecurity
Trivy's misconfiguration scanning engine
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.20.0 to 0.24.0. Commits 7bbe320 go.mod: update golang.org/x dependencies c48da13 http2: fix TestServerContinuationFlood flakes 762b58d http2: fix tipos in comment ba87210 http2: close connections when receiving too...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/aquasecurity/trivy-policies](https://github.com/aquasecurity/trivy-policies) from 0.8.0 to 0.10.0. Release notes Sourced from github.com/aquasecurity/trivy-policies's releases. v0.10.0 What's Changed chore(deps): bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 by @dependabot in aquasecurity/trivy-policies#75 fix(checks): add missing ID...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. Release notes Sourced from github.com/stretchr/testify's releases. v1.9.0 What's Changed Fix Go modules version by @SuperQ in stretchr/testify#1394 Document that require is not safe to...
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.60.0 to 0.63.0. Release notes Sourced from github.com/open-policy-agent/opa's releases. v0.63.0 This release contains a mix of features, performance improvements, and bugfixes. Runtime, Tooling, SDK cmd/exec: Add --timeout...
in support of https://github.com/aquasecurity/trivy/issues/5863, adding functionality to support the handling of the Terraform resource `aws_ec2_client_vpn_endpoint` and checks for missing `client_login_banner_options` argument.
Related to https://github.com/aquasecurity/trivy/discussions/5877 Adds new AWS service for IAM Identity Center Permission Set to address [NIST CPRT SP 800-53 Release 5.1.1 AC-12](https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-12)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. Release notes Sourced from github.com/google/uuid's releases. v1.6.0 1.6.0 (2024-01-16) Features add Max UUID constant (#149) (c58770e) Bug Fixes fix typo in version 7 uuid...
The rules declared in `trivy-policy` should not depend on this repository, so the functions `result.new` and `isManaged` should be moved. Due to REGO language limitations, the `result.new` function cannot be...
The id attribute is equal to the name attribute for `aws_iam_role`, `aws_iam_user` and `aws_iam_group` resources. Ref: - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#id
Adding a new rule to check if Global Service Events are enabled in CloudTrail and have not been turned off as this value is enabled by default. Links: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-global-service-events https://registry.terraform.io/providers/rgeraskin/aws2/latest/docs/resources/cloudtrail#include_global_service_events...
