58b0fa556d
feat(ui): add attack paths node visual mapper
...
- Add typed resolver for graph node visual metadata
- Reuse existing service icons for known resource labels
- Cover exact, alias, and fallback mappings with tests
2026-05-05 20:00:22 +02:00
aa311623fe
refactor(ui): simplify attack paths graph interactions
...
- Reuse shared measured-fit scheduling for graph viewport updates
- Consolidate node action dialog state
- Tighten browser harness dialog detection
2026-05-05 19:25:00 +02:00
142b45a387
fix(ui): improve attack paths graph interactions
...
- Restore supported graph scroll zoom behavior
- Add node action selector for ambiguous resource clicks
- Open finding and node details in existing drawers
- Cover resource actions with browser tests
2026-05-05 19:13:04 +02:00
ec102d1569
fix(ui): re-fit attack-path graph when expand reveals off-screen findings
...
Recover the expand-time auto-fit lost while smoothing the filter
fix. Hidden findings are not measured by React Flow on initial
render, so `fitViewOptions.includeHiddenNodes` cannot extend the
initial viewport to cover them — clicking a resource that has its
findings laid out beyond the framed area would leave the user with
empty space and no way to discover the newly revealed nodes.
The expand-fit only fires for resources that just transitioned from
collapsed to expanded, and only when at least one of the connected
findings sits entirely past the current viewport (full bounding box
beyond the edge). Partially clipped edge nodes are left alone so
the framing the user already has is preserved when nothing has
actually moved off-screen.
Auto-fits now use asymmetric padding (extra room on the right and
bottom) to keep the minimap clear after a fit. Without it, fitted
nodes could land underneath the bottom-right minimap and become
unclickable.
The expand-without-re-fit test was a lock-in for the previous
behaviour and is replaced with one asserting the new behaviour:
expanding resources whose findings sit off-screen re-fits the
viewport.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-05 17:28:08 +02:00
d26f455784
fix(ui): re-fit attack-path graph on filter toggle and harden minimap
...
The Attack Path graph now re-fits its viewport when the user enters
the filtered view (click on a finding) or returns to the full graph
("Back to Full View"), so the focused subgraph and the restored
full graph are always centered instead of leaving the viewport
pointing at the previous coordinates. Resource expansion no longer
re-fits — the initial fit already includes hidden findings, so newly
revealed nodes sit inside the framing the user already has.
The minimap viewport indicator (mask cut-out) is darkened and given
a thicker border to stand out against the dark theme, where it was
previously hard to see.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-05 16:05:57 +02:00
4d5a77a58a
chore(openspec): stop tracking openspec as submodule
...
Detach the openspec submodule so the directory is managed as a
local clone instead. /openspec/ remains in .gitignore so the cloned
working tree is never tracked by this repo.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-05 14:35:50 +02:00
c183d5e868
fix: format
2026-05-05 14:18:51 +02:00
74e5118646
Merge remote-tracking branch 'origin/PROWLER-1273/react-flow-migration' into PROWLER-1273/react-flow-migration
2026-05-05 13:48:03 +02:00
48882b553f
Merge remote-tracking branch 'origin/master' into PROWLER-1273/react-flow-migration
2026-05-05 13:41:30 +02:00
8acbddd125
[CHAIN] test(ui): add Vitest Browser test coverage for Attack Paths ( #10970 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-05 13:38:42 +02:00
786059bfb2
chore(docs): Bump version to v5.25.2 ( #10993 )
...
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com >
2026-05-05 10:45:07 +02:00
3d4f5e66ab
Merge remote-tracking branch 'origin/master' into PROWLER-1273/react-flow-migration
...
# Conflicts:
# ui/CHANGELOG.md
# ui/dependency-log.json
2026-05-05 09:21:51 +02:00
a4fc230cf4
[CHAIN] feat(ui): add graph export, minimap and fullscreen polish ( #10800 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-05 09:16:29 +02:00
1d54244f2b
[CHAIN] feat(ui): add graph interactions and filtered view ( #10756 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-05 09:00:09 +02:00
ff2bf5b01d
[CHAIN] refactor(ui): replace D3 graph rendering with React Flow ( #10705 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-05-05 08:55:47 +02:00
703a33108c
chore(changelog): prepare for v5.25.2 ( #10991 )
2026-05-05 08:47:28 +02:00
7c6d658154
fix(k8s): match RBAC rules by apiGroup, not just core ( #10969 )
...
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com >
2026-05-04 19:54:03 +02:00
21d7d08b4b
fix(timeline): Return a compact actor name from CloudTrail events ( #10986 )
2026-05-04 19:39:17 +02:00
f314725f4d
fix(k8s): deduplicate RBAC findings by unique subject ( #10242 )
...
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com >
2026-05-04 18:11:38 +02:00
02f43a7ad6
docs: add Prowler Studio page and remove check-kreator pages ( #10981 )
2026-05-04 17:51:02 +02:00
0dd8981ee4
feat: add issue template for creating new checks ( #10976 )
2026-05-04 17:47:39 +02:00
269e51259d
docs: add troubleshooting guide for stuck scans after worker crash ( #10938 )
2026-05-04 17:24:09 +02:00
f4afdf0541
chore(ui): decrement changelog entry version to 1.25.2 ( #10974 )
2026-05-04 14:59:27 +01:00
652cb69216
fix(ui): compliance card layout polish ( #10939 )
2026-05-04 12:59:06 +01:00
921f49a0de
feat(aws): add bedrock_prompt_management_exists security check ( #10878 )
2026-05-04 12:38:15 +02:00
6cb770fcc8
fix(ui): clean up findings expanded resource row layout ( #10949 )
2026-05-04 11:17:54 +01:00
86449fb99d
chore(vercel): add disclaimer for checks depending on billing plan ( #10663 )
2026-05-04 08:56:50 +02:00
40dd0e640b
fix(sdk): strip http(s):// scheme from image registry URLs ( #10950 )
2026-05-04 08:37:46 +02:00
8db3a89669
ci: remove andoniaf from prowler-cloud ( #10926 )
2026-04-30 18:07:25 +02:00
c802dc8a36
feat(codebuild): use batched API calls to prevent throttling and false positives ( #10639 )
...
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-04-30 17:19:21 +02:00
3ab9a4efa5
chore(changelog): update with latest changes ( #10948 )
2026-04-30 14:13:40 +02:00
36b8aa1b79
fix(boto3): pass config to clients ( #10944 )
2026-04-30 14:11:29 +02:00
e821e07d7d
docs(rbac): add Manage Alerts permission ( #10947 )
2026-04-30 13:58:17 +02:00
228fe6d579
feat: add ASD Essential Eight compliance framework for AWS ( #10808 )
...
Co-authored-by: Boon <boon@security8.work >
Co-authored-by: pedrooot <pedromarting3@gmail.com >
2026-04-30 13:49:08 +02:00
578186aa40
feat(sdk): integrate universal compliance into CLI pipeline ( #10301 )
2026-04-30 13:49:00 +02:00
4608e45c8a
fix(image): block parser-mismatch SSRF in registry auth ( #10945 )
2026-04-30 12:56:35 +02:00
5987651aee
chore(README): update with latest changes ( #10946 )
2026-04-30 12:56:06 +02:00
85800f2ddd
chore(pre-commit): add priority tiers to .pre-commit-config.yaml ( #10842 )
...
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-30 12:33:09 +02:00
4fb5272362
refactor(ui): unify DataTable pagination into a single callback ( #10863 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
2026-04-30 08:58:11 +02:00
85d38b5f71
feat(scans): Reset resource failed findings to 0 for ephemeral resources ( #10929 )
2026-04-29 19:08:16 +02:00
59dcdb87c4
chore(docs): Bump version to v5.25.1 ( #10940 )
...
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com >
2026-04-29 18:44:12 +02:00
9297453b8a
fix(sdk): add autouse mock_aws fixture and leak detector to prevent AWS test leaks ( #10605 )
2026-04-29 17:49:40 +02:00
dd37f4ee1f
fix(azure): update flow log compliance text for NSG retirement ( #10937 )
2026-04-29 16:45:58 +02:00
20f36f7c84
chore: changelog v5.25.1 ( #10934 )
2026-04-29 14:00:53 +02:00
ec4d27746f
fix(ui): reposition compliance card export menu ( #10918 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Pedro Martín <pedromarting3@gmail.com >
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-04-29 13:52:36 +02:00
7076900fb1
fix(kubernetes): use cluster name as provider_uid in OCSF output ( #10483 )
...
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-04-29 13:45:49 +02:00
5d90352a0f
fix(api): redirect scan report and compliance downloads to presigned S3 URLs ( #10927 )
2026-04-29 13:19:19 +02:00
a981dc64a7
docs(sdk): link route53 changelog entry to PR ( #10928 )
2026-04-29 12:24:27 +02:00
d2086cad3f
fix(api): Attack Paths AWS region fallback and stale SCHEDULED cleanup ( #10917 )
2026-04-29 12:20:43 +02:00
380b89cfb6
fix(sdk): cover CNAME → dangling S3 in route53 takeover check ( #10920 )
2026-04-29 11:14:33 +01:00
Alan Buscaglia