From 55ed7a066368efd5230a078b00fcfeca384e57d2 Mon Sep 17 00:00:00 2001 From: Josema Camacho Date: Tue, 24 Mar 2026 12:15:44 +0100 Subject: [PATCH] docs(CHANGELOG): cutting for 5.22.0 (#10437) --- api/CHANGELOG.md | 17 ++++++----------- prowler/CHANGELOG.md | 2 +- ui/CHANGELOG.md | 7 +++++-- 3 files changed, 12 insertions(+), 14 deletions(-) diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md index 403c5f5d09..3fa6952f3d 100644 --- a/api/CHANGELOG.md +++ b/api/CHANGELOG.md @@ -2,25 +2,21 @@ All notable changes to the **Prowler API** are documented in this file. -## [1.23.0] (Prowler UNRELEASED) +## [1.23.0] (Prowler v5.22.0) + +### 🚀 Added + +- Finding groups support `check_title` substring filtering [(#10377)](https://github.com/prowler-cloud/prowler/pull/10377) ### 🐞 Fixed - Finding groups latest endpoint now aggregates the latest snapshot per provider before check-level totals, keeping impacted resources aligned across providers [(#10419)](https://github.com/prowler-cloud/prowler/pull/10419) - Mute rule creation now triggers finding-group summary re-aggregation after historical muting, keeping stats in sync after mute operations [(#10419)](https://github.com/prowler-cloud/prowler/pull/10419) - -### 🔐 Security - -- Replace stdlib XML parser with `defusedxml` in SAML metadata parsing to prevent XML bomb (billion laughs) DoS attacks [(#10165)](https://github.com/prowler-cloud/prowler/pull/10165) - -## [1.22.2] (Prowler UNRELEASED) - -### 🐞 Fixed - - Attack Paths: Deduplicate nodes before ProwlerFinding lookup in Attack Paths Cypher queries, reducing execution time [(#10424)](https://github.com/prowler-cloud/prowler/pull/10424) ### 🔐 Security +- Replace stdlib XML parser with `defusedxml` in SAML metadata parsing to prevent XML bomb (billion laughs) DoS attacks [(#10165)](https://github.com/prowler-cloud/prowler/pull/10165) - Bump `flask` to 3.1.3 (CVE-2026-27205) and `werkzeug` to 3.1.6 (CVE-2026-27199) [(#10430)](https://github.com/prowler-cloud/prowler/pull/10430) --- @@ -38,7 +34,6 @@ All notable changes to the **Prowler API** are documented in this file. ### 🚀 Added - `CORS_ALLOWED_ORIGINS` configurable via environment variable [(#10355)](https://github.com/prowler-cloud/prowler/pull/10355) -- Finding groups support `check_title` substring filtering [(#10377)](https://github.com/prowler-cloud/prowler/pull/10377) - Attack Paths: Tenant and provider related labels to the nodes so they can be easily filtered on custom queries [(#10308)](https://github.com/prowler-cloud/prowler/pull/10308) ### 🔄 Changed diff --git a/prowler/CHANGELOG.md b/prowler/CHANGELOG.md index 9582f7123a..883b49eb76 100644 --- a/prowler/CHANGELOG.md +++ b/prowler/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to the **Prowler SDK** are documented in this file. -## [5.21.2] (Prowler UNRELEASED) +## [5.22.0] (Prowler v5.22.0) ### 🐞 Fixed diff --git a/ui/CHANGELOG.md b/ui/CHANGELOG.md index 62cb024ec5..58394198ed 100644 --- a/ui/CHANGELOG.md +++ b/ui/CHANGELOG.md @@ -2,12 +2,16 @@ All notable changes to the **Prowler UI** are documented in this file. -## [1.22.0] (Prowler UNRELEASED) +## [1.22.0] (Prowler v5.22.0) ### 🚀 Added - Attack Paths custom openCypher queries with Cartography schema guidance and clearer execution errors [(#10397)](https://github.com/prowler-cloud/prowler/pull/10397) +### 🔄 Changed + +- Findings filters now use a batch-apply pattern with an Apply Filters button, filter summary strip, and independent filter options instead of triggering API calls on every selection [(#10388)](https://github.com/prowler-cloud/prowler/pull/10388) + --- ## [1.21.0] (Prowler v5.21.0) @@ -19,7 +23,6 @@ All notable changes to the **Prowler UI** are documented in this file. ### 🔄 Changed -- Findings filters now use a batch-apply pattern with an Apply Filters button, filter summary strip, and independent filter options instead of triggering API calls on every selection - Google Workspace provider support [(#10333)](https://github.com/prowler-cloud/prowler/pull/10333) - Image (Container Registry) provider support in UI: badge icon, credentials form, and provider-type filtering [(#10167)](https://github.com/prowler-cloud/prowler/pull/10167) - Events tab in Findings and Resource detail cards showing an AWS CloudTrail timeline with expandable event rows, actor info, request/response JSON payloads, and error details [(#10320)](https://github.com/prowler-cloud/prowler/pull/10320)