Skip to content
This repository has been archived by the owner on Oct 14, 2024. It is now read-only.

chore(deps): update module github.com/checkmarx/kics to v2 #1953

Merged
merged 1 commit into from
Jul 25, 2024
Merged

chore(deps): update module github.com/checkmarx/kics to v2 #1953

merged 1 commit into from
Jul 25, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 22, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/Checkmarx/kics v1.7.13 -> v2.1.1 age adoption passing confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

Checkmarx/kics (github.com/Checkmarx/kics)

v2.1.1

Compare Source

🚀 New features and improvements

feat(query): add new query for tencentcloud CVM resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7136
feat(query): add new query for tencentcloud VPC resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7133
feat(query): add new query for tencentcloud TKE resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7138
feat(query): add new query for tencentcloud CDB resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7134
feat(query): add new query for tencentcloud CVM resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7122
feat(query): add new query for tencentcloud CLB resource by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7135

🐛 Bug fixes

fix(dockerfiles): update dockerfiles constant mapping in https://github.com/Checkmarx/kics/pull/7124
fix(version): bump urllib3 version from queries-validator requirements in https://github.com/Checkmarx/kics/pull/7140
fix(query): policy without principal query with false positive for IAM role used as an inline policy in https://github.com/Checkmarx/kics/pull/7097
fix(query): security groups not used query with false positive in aws_elasticache_instance resources in https://github.com/Checkmarx/kics/pull/7098
fix(query): add positive expected results for "secretId" and "secretKey" for Tencentcloud by @​SevenEarth in https://github.com/Checkmarx/kics/pull/7146

📦 Dependency updates bumps

build(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in https://github.com/Checkmarx/kics/pull/7155

👻 Maintenance

update(linting): update contribuition guide and remove deprecated linting methods in https://github.com/Checkmarx/kics/pull/7159
update(chainguard): update chainguard image for libcrypto3 and libssl3 versions update in https://github.com/Checkmarx/kics/pull/7173
docs(queries): update queries catalog in https://github.com/Checkmarx/kics/pull/7130
fix(docs): add urls to all queries download in https://github.com/Checkmarx/kics/pull/7154
update(query): change query name to maintain the same logic in https://github.com/Checkmarx/kics/pull/7141
update(ghaction): update kics-gh-action.yaml in https://github.com/Checkmarx/kics/pull/7127

New Contributors

@​SevenEarth made their first contribution in https://github.com/Checkmarx/kics/pull/7122

v2.1.0

Compare Source

🚀 New features and improvements

feat(bicep): adding bicep support in https://github.com/Checkmarx/kics/pull/6980
update(queries): databricks, nifcloud and tencentcloud queries run by default when kics scans terraform files in https://github.com/Checkmarx/kics/pull/7072
feat(engine): add --max-resolver-depth flag in https://github.com/Checkmarx/kics/pull/7043
feat(engine): similarity id improve in https://github.com/Checkmarx/kics/pull/6970

🐛 Bug fixes

fix(query): added missing case to storage blob query in https://github.com/Checkmarx/kics/pull/7030
fix(flow): save flow in https://github.com/Checkmarx/kics/pull/7083
fix(query): passwords and secrets - generic secrets with fp results in https://github.com/Checkmarx/kics/pull/7087
fix(query): apt-get Missing '-y' To Avoid Manual Input in https://github.com/Checkmarx/kics/pull/7060
fix(query): implicit flow in oauth2 queries duplicated in https://github.com/Checkmarx/kics/pull/7057
fix(query): revert changes in the 'platform_flag_with_from' query in https://github.com/Checkmarx/kics/pull/7117
fix(githubactions): add max length in https://github.com/Checkmarx/kics/pull/7063
fix(query): vcp peering route table should restrict cidr query with fp results in https://github.com/Checkmarx/kics/pull/7067
fix(query): fix bugs and small improvements to TF queries in https://github.com/Checkmarx/kics/pull/7052
fix(query): tf mfa delete doing checks out of its scope in https://github.com/Checkmarx/kics/pull/7051
fix(query): lower properties protocol in https://github.com/Checkmarx/kics/pull/6640
fix(query): slight refactor to actually filter the correct/wanted codes in https://github.com/Checkmarx/kics/pull/7035

📦 Dependency updates bumps

ci(deps): bump peter-evans/repository-dispatch from 2 to 3 in https://github.com/Checkmarx/kics/pull/7049
ci(deps): bump goreleaser/goreleaser-action from 4.2.0 to 5.1.0 in https://github.com/Checkmarx/kics/pull/7070
ci(deps): bump docker/setup-buildx-action from 2 to 3 in https://github.com/Checkmarx/kics/pull/7048
ci(deps): bump styfle/cancel-workflow-action from 0.11.0 to 0.12.1 in https://github.com/Checkmarx/kics/pull/7050
ci(deps): bump golangci/golangci-lint-action from 3.5.0 to 4.0.0 in https://github.com/Checkmarx/kics/pull/6878
ci(deps): bump dev-drprasad/delete-tag-and-release from 0.2.1 to 1.0.1 in https://github.com/Checkmarx/kics/pull/6419
ci(deps): bump peter-evans/create-pull-request from 4 to 6 in https://github.com/Checkmarx/kics/pull/6864

👻 Maintenance

chore(databricks): add new spark LTS runtime by @​dim-ops in https://github.com/Checkmarx/kics/pull/7079
chore(databricks): remove deprecated spark lts version by @​dim-ops in https://github.com/Checkmarx/kics/pull/7080
update(script): requests version upgrade to 2.32.0 in https://github.com/Checkmarx/kics/pull/7066
update(query): removing special chars from query name in https://github.com/Checkmarx/kics/pull/7061
docs(queries): update queries catalog in https://github.com/Checkmarx/kics/pull/7041
update(docs): experimental queries docs update in https://github.com/Checkmarx/kics/pull/7076
update(deps): dependencies update in https://github.com/Checkmarx/kics/pull/7101
update(deps): update dependencies in https://github.com/Checkmarx/kics/pull/7108
update(readme): readme improvements in https://github.com/Checkmarx/kics/pull/7084
update(prtemplate): update pull request template in https://github.com/Checkmarx/kics/pull/7088
update(codeowners): update CODEOWNERS in https://github.com/Checkmarx/kics/pull/7119
update(roadmap): roadmap is updated in https://github.com/Checkmarx/kics/pull/7082
update(queries): prefix "(beta)" added to queries that are still under review in https://github.com/Checkmarx/kics/pull/7085
update(repo): create CODEOWNERS in https://github.com/Checkmarx/kics/pull/7046
update(gopkg): update package path for v2 in https://github.com/Checkmarx/kics/pull/7042

Configuration

📅 Schedule: Branch creation - "after 8am on Monday" in timezone Etc/UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner July 22, 2024 20:52
@renovate renovate bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 22, 2024
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jul 22, 2024

ℹ Artifact update notice

File name: plugins/store/kics/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 73 additional dependencies were updated

Details:

Package Change
cloud.google.com/go v0.110.10 -> v0.112.1
cloud.google.com/go/compute/metadata v0.2.3 -> v0.3.0
cloud.google.com/go/iam v1.1.5 -> v1.1.6
cloud.google.com/go/storage v1.35.1 -> v1.38.0
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 -> v0.0.0-20230124172434-306776ec8161
github.com/BurntSushi/toml v1.3.2 -> v1.4.0
github.com/Microsoft/hcsshim v0.11.4 -> v0.12.3
github.com/cespare/xxhash/v2 v2.2.0 -> v2.3.0
github.com/cheggaaa/pb/v3 v3.1.2 -> v3.1.5
github.com/containerd/containerd v1.7.12 -> v1.7.17
github.com/emicklei/proto v1.11.2 -> v1.13.2
github.com/fatih/color v1.14.1 -> v1.17.0
github.com/felixge/httpsnoop v1.0.3 -> v1.0.4
github.com/getsentry/sentry-go v0.20.0 -> v0.28.0
github.com/go-logr/logr v1.3.0 -> v1.4.2
github.com/gocarina/gocsv v0.0.0-20220310154401-d4df709ca055 -> v0.0.0-20240520201108-78e41c74b4b1
github.com/golang/protobuf v1.5.3 -> v1.5.4
github.com/google/pprof v0.0.0-20211214055906-6f57359322fd -> v0.0.0-20240528025155-186aa0362fba
github.com/googleapis/gax-go/v2 v2.12.0 -> v2.12.3
github.com/hashicorp/go-version v1.6.0 -> v1.7.0
github.com/hashicorp/hcl/v2 v2.16.2 -> v2.20.1
github.com/hashicorp/terraform-json v0.16.0 -> v0.22.1
github.com/johnfercher/maroto v0.40.0 -> v0.43.1-0.20230914003034-2e439ed90fe3
github.com/jung-kurt/gofpdf v1.16.2 -> v1.16.3-0.20210918000319-0c885ad36193
github.com/klauspost/compress v1.17.2 -> v1.17.8
github.com/mattn/go-runewidth v0.0.12 -> v0.0.15
github.com/open-policy-agent/opa v0.58.0 -> v0.65.0
github.com/opencontainers/image-spec v1.1.0-rc5 -> v1.1.0
github.com/pelletier/go-toml/v2 v2.1.0 -> v2.2.2
github.com/prometheus/client_golang v1.16.0 -> v1.19.1
github.com/prometheus/client_model v0.4.0 -> v0.6.1
github.com/prometheus/common v0.44.0 -> v0.54.0
github.com/prometheus/procfs v0.10.1 -> v0.15.1
github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 -> v0.0.0-20201227073835-cf1acfcdf475
github.com/rivo/uniseg v0.2.0 -> v0.4.7
github.com/rs/zerolog v1.29.0 -> v1.33.0
github.com/sagikazarmark/locafero v0.4.0 -> v0.6.0
github.com/sosedoff/ansible-vault-go v0.1.1 -> v0.2.0
github.com/spf13/viper v1.18.2 -> v1.19.0
github.com/tdewolff/minify/v2 v2.12.9 -> v2.20.32
github.com/tdewolff/parse/v2 v2.6.8 -> v2.7.14
github.com/tidwall/gjson v1.14.4 -> v1.17.1
github.com/tidwall/pretty v1.2.0 -> v1.2.1
github.com/zclconf/go-cty v1.13.1 -> v1.14.4
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 -> v0.52.0
go.opentelemetry.io/otel v1.19.0 -> v1.27.0
go.opentelemetry.io/otel/metric v1.19.0 -> v1.27.0
go.opentelemetry.io/otel/sdk v1.19.0 -> v1.27.0
go.opentelemetry.io/otel/trace v1.19.0 -> v1.27.0
golang.org/x/crypto v0.23.0 -> v0.24.0
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 -> v0.0.0-20240604190554-fc45aab8b7f8
golang.org/x/net v0.25.0 -> v0.26.0
golang.org/x/oauth2 v0.15.0 -> v0.20.0
golang.org/x/sys v0.20.0 -> v0.21.0
golang.org/x/term v0.20.0 -> v0.21.0
golang.org/x/text v0.15.0 -> v0.16.0
golang.org/x/tools v0.21.0 -> v0.22.0
google.golang.org/api v0.153.0 -> v0.171.0
google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 -> v0.0.0-20240213162025-012b6fc9bca9
google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 -> v0.0.0-20240604185151-ef581f913117
google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f -> v0.0.0-20240604185151-ef581f913117
helm.sh/helm/v3 v3.14.4 -> v3.15.1
k8s.io/api v0.29.0 -> v0.30.0
k8s.io/apiextensions-apiserver v0.29.0 -> v0.30.0
k8s.io/apimachinery v0.29.0 -> v0.30.0
k8s.io/apiserver v0.29.0 -> v0.30.0
k8s.io/cli-runtime v0.29.0 -> v0.30.0
k8s.io/client-go v0.29.0 -> v0.30.0
k8s.io/component-base v0.29.0 -> v0.30.0
k8s.io/klog/v2 v2.110.1 -> v2.120.1
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 -> v0.0.0-20240228011516-70dd3763d340
k8s.io/kubectl v0.29.0 -> v0.30.0
mvdan.cc/sh/v3 v3.6.0 -> v3.8.0

@akijakya akijakya added this pull request to the merge queue Jul 25, 2024
Merged via the queue into main with commit c3bf307 Jul 25, 2024
17 checks passed
@akijakya akijakya deleted the renovate/github.com-checkmarx-kics-2.x branch July 25, 2024 12:15
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@akijakya akijakya akijakya approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@akijakya