Commit Graph

589 Commits

Author SHA1 Message Date
Rubén De la Torre Vico 04fe3f65e0 chore(deps): enable Dependabot pre-commit ecosystem and bump hooks (#10732) 2026-04-16 13:38:11 +02:00
stepsecurity-app[bot] 96e7d6cb3a feat(security): security best practices from StepSecurity (#10682)
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-04-14 15:13:12 +02:00
Josema Camacho 51591cb8cd build: bump poetry to 2.3.4 and consolidate SDK workflows (#10681) 2026-04-14 13:32:46 +02:00
Pedro Martín 31b645ee53 chore(github): allow GitHub release CDN in trivy scan allowlist (#10679) 2026-04-14 10:09:54 +02:00
Adrián Peña c6d5f44c5e chore: update pyjwt (#10661) 2026-04-13 14:09:37 +02:00
dependabot[bot] ad36938717 chore(deps): bump actions/download-artifact from 6.0.0 to 8.0.1 (#10541)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:25:14 +02:00
dependabot[bot] 10dd9460e9 chore(deps): bump azure/setup-helm from 4.3.0 to 5.0.0 (#10543)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:24:42 +02:00
dependabot[bot] c8d41745dd chore(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 (#10544)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:23:44 +02:00
dependabot[bot] c6c000a369 chore(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (#10545)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:23:18 +02:00
dependabot[bot] a2b083e8c8 chore(deps): bump actions/cache from 5.0.3 to 5.0.4 (#10546)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:22:58 +02:00
dependabot[bot] d2f7169537 chore(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#10548)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:22:26 +02:00
dependabot[bot] 632f2633c1 chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 (#10550)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:20:34 +02:00
dependabot[bot] 82d487a1e7 chore(deps): bump sorenlouv/backport-github-action from 10.2.0 to 11.0.0 (#10540)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:20:11 +02:00
dependabot[bot] 9a6a43637d chore(deps): bump pnpm/action-setup from 4.2.0 to 5.0.0 (#10551)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:19:50 +02:00
dependabot[bot] c21cf0ac20 chore(deps): bump tj-actions/changed-files from 47.0.4 to 47.0.5 (#10552)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:19:28 +02:00
dependabot[bot] f3b142c0cf chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 (#10554)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:19:00 +02:00
dependabot[bot] eda90c4673 chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#10555)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:18:16 +02:00
dependabot[bot] def59a8cc2 chore(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#10556)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:16:00 +02:00
dependabot[bot] 1bfed74db5 chore(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 (#10557)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 10:14:27 +02:00
Josema Camacho 283259f34c fix(sdk): resolve empty-set bug in _enabled_regions causing 36-region client creation and CI timeouts (#10598) 2026-04-08 08:40:58 +02:00
Pepe Fagoaga b2788df8cc chore(issues): automate conversation lock on issue close (#10596) 2026-04-07 13:07:02 +02:00
Andoni Alonso b1b361af8b chore(ci): update Pablo user for labeling purposes (#10594) 2026-04-07 12:54:04 +02:00
Pablo Fernandez Guerra (PFE) 6ac90eb1b5 chore(ui): add pnpm supply chain security protections (#10471)
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: César Arroba <cesar@prowler.com>
2026-04-01 14:10:01 +02:00
Alejandro Bailo 4f86667433 feat(sdk): add Vercel provider with 30 security checks (#10189)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
2026-03-31 16:21:22 +02:00
Pedro Martín 99b80ebbd9 chore(actions): add pr-check-compliance-mapping action (#10526) 2026-03-31 13:38:20 +02:00
César Arroba 6f6d62f51f fix(ci): remove DOCKER_HUB_REPOSITORY secret and add toniblyx mirror push (#10512) 2026-03-30 11:53:04 +02:00
César Arroba de492a770c fix(ci): remove DOCKER_HUB_REPOSITORY secret from sdk container workflow (#10509) 2026-03-30 10:20:38 +02:00
César Arroba e9009f783b fix(ci): remove setup-buildx-action from create-manifest jobs (#10508) 2026-03-30 10:01:32 +02:00
Pepe Fagoaga 8267fc4813 fix(step_security): keep notify in audit mode (#10496) 2026-03-27 16:01:24 +01:00
Josema Camacho cc197ea901 feat(api): add periodic cleanup of stale Attack Paths scans with dead-worker detection (#10387) 2026-03-27 14:17:22 +01:00
Pepe Fagoaga 2b5d015e09 feat(security): add missing endpoints to allowlist (#10495)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-27 13:53:52 +01:00
Adrián Peña 700b51ddad chore: update Python version references from 3.9 to 3.10 (#10493) 2026-03-27 13:13:36 +01:00
Pepe Fagoaga 417be55604 feat(security): block mode for hardened runners (#10482) 2026-03-27 13:08:59 +01:00
Terry Franklin 0a11ca4a68 feat(celery): VALKEY_SCHEME environment variable (#10420)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-27 09:22:35 +01:00
Pepe Fagoaga 73907db856 fix(trivy-scan): don't comment if PR from fork (#10490) 2026-03-27 08:37:19 +01:00
stepsecurity-app[bot] 716c130140 feat(security): security best practices from StepSecurity (#10480)
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-26 13:58:19 +01:00
Pepe Fagoaga 20cf5562b8 chore: update org members (#10461) 2026-03-25 09:36:10 +01:00
Pepe Fagoaga 36279f694c chore(gha): ignore zizmor rules and fix version comment (#10459) 2026-03-25 09:09:36 +01:00
César Arroba c991a1d0e8 chore: fix UI bump version (#10451) 2026-03-24 17:39:49 +01:00
César Arroba cece2cb87e chore: pin Prowler version to lastest master commit on push (#10384) 2026-03-19 14:32:38 +01:00
rchotacode 0f2fdcfb3f chore(oraclecloud): Add Oracle Defense Cloud Support (#10376)
Co-authored-by: Ronan Chota <ronan.chota@saic.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-03-19 09:41:58 +00:00
Pepe Fagoaga febd2c8fdb fix(ci): checkout upstream repo for tests (#10356) 2026-03-17 08:47:12 +01:00
Josema Camacho b311456160 fix(security): Ignore cryptography vulnerability until we can upgrade it (#10345) 2026-03-16 13:19:37 +01:00
dependabot[bot] 06e32e69c0 build(deps): bump actions/setup-node from 6.1.0 to 6.2.0 (#9933)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:51:27 +01:00
dependabot[bot] 6e9f54d1ba build(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#9937)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:51:07 +01:00
dependabot[bot] 41a7b19c7d build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#9936)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:46:40 +01:00
dependabot[bot] c972f19059 build(deps): bump actions/cache from 5.0.1 to 5.0.3 (#9934)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:45:26 +01:00
dependabot[bot] 27d074abe4 build(deps): bump actions/setup-python from 5.3.0 to 6.2.0 (#9932)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:44:28 +01:00
dependabot[bot] 28060064de build(deps): bump docker/login-action from 3.6.0 to 3.7.0 (#9931)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:41:34 +01:00
dependabot[bot] fd695b6992 build(deps): bump regclient/actions from f61d18f46c86af724a9c804cb9ff2a6fec741c7c to da9319db8e44e8b062b3a147e1dfb2f574d41a03 (#10202)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 09:41:16 +01:00