Alan Buscaglia
f9c140dbbd
fix(ui): classify attack path findings exactly
...
- Treat only ProwlerFinding as a clickable finding node
- Keep GuardDuty and Inspector findings as graph resources
- Add regression coverage for provider finding resources
2026-05-19 18:17:38 +02:00
Pedro Martín
60aa601e92
fix(docker): chown copied files to prowler pin uv sync --locked ( #11234 )
2026-05-19 18:03:05 +02:00
Hugo Pereira Brito
fc1fd538bd
fix(ci): bump harden-runner to v2.19.3 so issue-triage jobs stop failing on ubuntu-slim ( #11217 )
2026-05-19 16:06:13 +01:00
Hugo Pereira Brito
40c1761840
fix(s3): only emit shadow-resource finding when bucket name matches a predictable pattern ( #11220 )
2026-05-19 15:46:05 +01:00
Pedro Martín
0ab0e8671d
fix(azure): skip system 'master' DB in sqlserver_tde_encrypted_with_cmk ( #11233 )
2026-05-19 16:34:33 +02:00
Hugo Pereira Brito
7a7c828fc7
feat(m365/entra): add entra_app_registration_client_secret_unused check (consolidates #11097 and #11212 ) ( #11232 )
...
Co-authored-by: shadyfox <git@twink.energy >
Co-authored-by: Oleksandr Yizchak Sanin <alexaaander.sanin@gmail.com >
2026-05-19 15:14:32 +01:00
Pedro Martín
5cbe473eb9
chore(stepsecurity): add missing endpoints ( #11223 )
2026-05-19 16:07:33 +02:00
Pepe Fagoaga
caf2f61563
docs: update security section with latest changes ( #11231 )
...
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com >
2026-05-19 16:03:58 +02:00
s1ns3nz0
9dc4deccb6
feat(gcp): add cloudsql_instance_cmek_encryption_enabled check ( #11023 )
...
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-05-19 15:52:16 +02:00
Prowler Bot
476e7d1010
chore(release): Bump versions to v5.28.0 ( #11227 )
...
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com >
2026-05-19 15:11:44 +02:00
Pepe Fagoaga
cb01769237
chore(changelog): prepare for v5.27.0 ( #11218 )
2026-05-19 11:42:10 +02:00
Pedro Martín
4c802620c4
chore(readme): update table Prowler at a Glance ( #11216 )
2026-05-19 11:19:49 +02:00
Adrián Peña
4fa8d5465e
refactor(mcp): align /health with IETF health-check format ( #11207 )
2026-05-19 09:51:32 +02:00
Alan Buscaglia
31b9619627
fix(ui): improve attack paths node labels ( #11197 )
2026-05-19 09:32:16 +02:00
Alan Buscaglia
d4a1bc10e9
docs(skills): require changelog confirmation ( #11209 )
2026-05-19 09:25:45 +02:00
Adrián Peña
a1848747a3
refactor(ui): align /api/health with IETF health-check format ( #11206 )
2026-05-19 09:19:34 +02:00
César Arroba
4c0a3f477f
chore(ci): consolidate sdk/api/ui/docs bump workflows into single bump-version.yml ( #11208 )
2026-05-18 18:29:17 +02:00
César Arroba
bc443eef22
chore(ci): drop views.py version bump/verify steps in favor of pyproject.toml-derived RELEASE_ID ( #11205 )
2026-05-18 17:38:57 +02:00
Hugo Pereira Brito
298ad3382f
chore(ui): make View Resource an icon-only link next to the resource name ( #11193 )
...
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com >
2026-05-18 15:48:24 +01:00
Pedro Martín
bfcbe0a9c4
feat(scaleway): add new provider ( #11166 )
2026-05-18 16:42:10 +02:00
Adrián Peña
37aa290d1c
feat(api): add health/live and health/ready probe endpoints ( #11200 )
2026-05-18 16:28:36 +02:00
César Arroba
5cd7fe4f96
revert(ci): drop views.py version bump/verify steps in favor of pyproject.toml-derived RELEASE_ID ( #11202 )
2026-05-18 15:59:52 +02:00
César Arroba
0234f038f0
chore(ci): drop views.py version bump/verify steps in favor of pyproject.toml-derived RELEASE_ID ( #11201 )
2026-05-18 15:44:21 +02:00
Pedro Martín
5ca6e31f45
fix(vercel): exclude API token from serialization and repr ( #11198 )
2026-05-18 14:30:44 +02:00
Alan Buscaglia
21df5c58b1
fix(ui): preserve scans provider wizard flow
2026-05-18 13:34:32 +02:00
lydiavilchez
964548a677
fix(googleworkspace): add API filter to Drive and Calendar services to prevent rate limiting ( #11195 )
2026-05-18 12:57:22 +02:00
Pedro Martín
5d34577b0b
feat(reporting): bound PDF compliance report memory and CPU ( #11160 )
2026-05-18 11:46:26 +02:00
Pedro Martín
855e74add0
chore(deps): fix osv-scanner from API ( #11192 )
2026-05-18 10:20:43 +02:00
Adrián Peña
40b7cb3991
fix(api): skip scan tasks when provider was deleted ( #11185 )
2026-05-15 13:48:02 +02:00
Pedro Martín
c1cfda530f
docs(powerbi): add new documentation + update .pbit ( #11177 )
2026-05-15 09:58:46 +02:00
lydiavilchez
9894ac7bc3
feat(googleworkspace): implement Chat service with 6 CIS checks ( #11126 )
2026-05-14 17:19:11 +02:00
Pedro Martín
8ae076f22c
fix(gcp): update duplicated CIS requirement ID ( #11180 )
2026-05-14 16:17:04 +02:00
Adrián Peña
27fb8518cd
chore(sdk): pin root transitive deps to prevent silent drift ( #11178 )
2026-05-14 16:14:34 +02:00
Pepe Fagoaga
375de5dc87
docs: replace safety for osv-scanner ( #11179 )
2026-05-14 15:04:09 +02:00
Pepe Fagoaga
3410fc927a
chore(security): replace safety with osv-scanner ( #11167 )
2026-05-14 14:35:09 +02:00
Alejandro Bailo
dcf91ef252
feat(ui): add health check endpoint ( #11145 )
2026-05-14 13:47:48 +02:00
lydiavilchez
bf4fd8fabd
fix(googleworkspace): use per-service resources for Directory ( #11176 )
2026-05-14 13:07:06 +02:00
Alejandro Bailo
3d65208fd3
fix(ui): update vulnerable npm packages ( #11173 )
2026-05-14 12:55:29 +02:00
Adrián Peña
7d3ed62e90
chore(sdk): migrate from poetry to uv ( #11162 )
2026-05-14 12:51:57 +02:00
lydiavilchez
5f92989492
fix(googleworkspace): use per-service resources for Calendar and Drive ( #11161 )
2026-05-14 12:43:29 +02:00
Hugo Pereira Brito
6befa78978
fix(cloudflare): plan-aware WAF FAIL hints for zones ( #9896 )
2026-05-14 12:27:47 +02:00
lydiavilchez
78af0c24fe
fix(googleworkspace): use per-service resources for Gmail ( #11169 )
2026-05-14 12:01:07 +02:00
Andoni Alonso
1bb547e5e1
docs(cloudflare): add pre-configured token creation links ( #11156 )
2026-05-14 11:58:00 +02:00
June
1f39b01fb2
feat(sagemaker): add sagemaker_domain_sso_configured check ( #11094 )
...
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-05-14 11:42:30 +02:00
AOrps
fb0ef391f2
ci(api): replace poetry with uv (api) ( #10775 )
...
Signed-off-by: AOrps <aorbeandrews@gmail.com >
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com >
2026-05-14 11:17:17 +02:00
Pablo Fernandez Guerra (PFE)
f2e6a3264d
chore(ui): scope prek pre-commit to staged files, drop legacy husky ( #11118 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-14 11:12:25 +02:00
Hugo Pereira Brito
9bd4e4b65c
fix(ui): enforce 100-char limit on mute rule name input ( #11158 )
2026-05-14 09:13:36 +01:00
Hugo Pereira Brito
68ffb2b219
docs(sdk): update Scanning Unused Services tutorial ( #11151 )
2026-05-14 08:26:29 +01:00
Hugo Pereira Brito
739be07077
chore(aws): skip unattached IAM policies unless --scan-unused-services ( #11150 )
2026-05-14 08:10:20 +01:00
Alejandro Bailo
0abbb7fc59
feat(mcp): add finding groups tools ( #11140 )
2026-05-13 18:11:32 +02:00