Commit Graph

370 Commits

Author SHA1 Message Date
Davidm4r 33efd72b97 chore(deps): bump authlib from 1.6.5 to 1.6.9 (#10579)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-07 13:31:59 +02:00
Josema Camacho 8bc03f8d04 fix(api): remove clear_cache from attack paths read-only query endpoints (#10586) 2026-04-07 12:46:51 +02:00
Pablo Fernandez Guerra (PFE) 961f9c86da feat(ui): Add tenant management (#10491)
Co-authored-by: Pablo Fernandez <pfe@NB0240.local>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: David <david.copo@gmail.com>
2026-04-06 10:31:30 +02:00
Adrián Peña ab8e83da3f fix(api,ui): dynamically fetch Jira issue types instead of hardcoding "Task" (#10534)
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
2026-04-01 14:37:49 +02:00
Alejandro Bailo af6198e6c2 feat(api): integrate Vercel provider into API layer (#10190)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-04-01 13:20:49 +02:00
Adrián Peña 2a8b6261e1 fix(api): false 404 and sorting on finding group resources endpoints (#10510) 2026-03-30 12:47:16 +02:00
Josema Camacho 94e234cefb fix(api): use raw FK ids in membership post_delete signal to avoid cascade lookup failures (#10497) 2026-03-27 16:16:28 +01:00
Josema Camacho 8bfeee238b feat(api): replace _provider_id property with label-based isolation and regex injection for custom queries (#10402) 2026-03-27 14:31:56 +01:00
Josema Camacho cc197ea901 feat(api): add periodic cleanup of stale Attack Paths scans with dead-worker detection (#10387) 2026-03-27 14:17:22 +01:00
Terry Franklin 0a11ca4a68 feat(celery): VALKEY_SCHEME environment variable (#10420)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-27 09:22:35 +01:00
Adrián Peña c953fa7e67 fix(api): resolve check_title filter to check_id for consistent finding-group counts (#10486) 2026-03-27 09:05:02 +01:00
Adrián Peña dd00d71a07 fix(api): fix finding groups muted filter, counters and reaggregation (#10477) 2026-03-26 10:35:21 +01:00
Davidm4r 2cf45c72b6 fix(api): remove MANAGE_ACCOUNT permission requirement for listing or create a tenant (#10468) 2026-03-26 09:41:16 +01:00
Adrián Peña 45f0909c3e chore(api): pin all unpinned dependencies to exact versions (#10469) 2026-03-25 13:27:04 +01:00
Davidm4r 9bf2a13177 fix: resolve 403 error for admin users listing tenants (#10460) 2026-03-25 10:13:54 +01:00
Josema Camacho d15e67e2e5 fix(api): filter neo4j.io defunct connection logs in Sentry before_send (#10452) 2026-03-25 09:55:12 +01:00
Adrián Peña aa3641718b fix(api): populate compliance data in check_metadata for findings (#10449) 2026-03-24 17:19:53 +01:00
Adrián Peña bb80797392 fix(api): support finding-group aggregated filters (#10428) 2026-03-24 16:39:26 +01:00
Josema Camacho 55ed7a0663 docs(CHANGELOG): cutting for 5.22.0 (#10437) 2026-03-24 12:15:44 +01:00
Josema Camacho 844efbd046 perf(api): deduplicate nodes before ProwlerFinding lookup in Attack Paths queries (#10424) 2026-03-23 17:16:15 +01:00
Josema Camacho d60b4f0f52 fix(api): Update Flask and Werkzeug to address vulnerabilities (#10430) 2026-03-23 16:59:03 +01:00
Adrián Peña 591f5a8603 fix(api): align finding-group latest aggregation (#10419) 2026-03-23 12:43:45 +01:00
Adrián Peña 3361393b7d chore: update changelog (#10400) 2026-03-19 17:55:18 +01:00
Sandiyo Christan 0b7a21a70c fix(api): [security] use defusedxml to prevent XML bomb DoS in SAML metadata parsing (#10165)
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Adrián Peña <adrianjpr@gmail.com>
2026-03-19 17:44:52 +01:00
Josema Camacho 872e6e239c perf(api): replace JOINs with pre-check in threat score aggregation query (#10394) 2026-03-19 17:30:06 +01:00
Adrián Peña 2fe92cfce3 feat(api): add check title search for finding groups (#10377) 2026-03-19 16:48:26 +01:00
Pepe Fagoaga 8317eff67b chore(changelog): prepare for v5.21.0 (#10380) 2026-03-19 11:09:51 +01:00
Josema Camacho 1da10611e7 perf(attack-paths): reduce sync and findings memory usage with smaller batches and cursor iteration (#10359) 2026-03-18 10:08:30 +01:00
Josema Camacho f5f1f1ab2d fix(attack-paths): recover graph_data_ready when scan fails during graph swap (#10354) 2026-03-18 09:49:45 +01:00
Sandiyo Christan 88ce188103 fix(api): [security] use psycopg2.sql to safely compose DDL in PostgresEnumMigration (#10166)
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Adrián Peña <adrianjpr@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-17 13:24:24 +01:00
Zakir Jiwani 887a20f06e feat: CORS_ALLOWED_ORIGINS configurable via environment variable (#10355)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-17 09:55:06 +01:00
Josema Camacho 6a4278ed4d fix(docs): setting a couple of API PRs in the next release instead of 5.20 (#10357) 2026-03-17 09:00:56 +01:00
Josema Camacho 787a339cd9 feat(attack-paths): scans add tenant and provider related labels to nodes (#10308) 2026-03-16 16:31:15 +01:00
Josema Camacho ad02801c74 refactor(attack-paths): complete migration to private graph labels and properties (phase 2) (#10268) 2026-03-16 12:34:58 +01:00
Josema Camacho 97a91bfaaa docs(changelog): fix formatting for v5.20.0 release (#10316) 2026-03-12 12:58:02 +01:00
Josema Camacho 4dc3765670 fix(api): add security hardening for Attack Paths custom query endpoint (#10238) 2026-03-12 10:46:29 +01:00
Josema Camacho 57bcb74d0d fix(api): upgrade Cartography to 0.132.0 to fix exposed_internet on ELB/ELBv2 nodes (#10272)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-11 18:12:43 +01:00
lydiavilchez 65a7098104 feat(api): add Google Workspace provider API integration (#10247) 2026-03-11 12:06:30 +01:00
Josema Camacho 57f3920e66 refactor(api): migrate Attack Paths network exposure queries from APOC to openCypher (#10266) 2026-03-10 16:48:16 +01:00
Josema Camacho 3288a4a131 fix(api): add missing logging for Attack Paths query execution and scan error handling (#10269) 2026-03-10 16:47:53 +01:00
Pepe Fagoaga d3213e9f1e chore(providers): Return 409 on conflict (#10293)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-10 10:54:09 +01:00
Pedro Martín 86daf7bc05 fix(pdf): align ENS report requirement status (#10270) 2026-03-06 12:36:50 +01:00
Pepe Fagoaga c71ae75c70 chore(changelog): release v5.19.0 (#10180) 2026-03-02 13:24:03 +01:00
Andoni Alonso 8adb4f43ad chore: bump Trivy to 0.69.2 (#10210) 2026-03-02 09:54:34 +01:00
Josema Camacho b3a67fa1a0 feat(api): add accept header text/plain to attack paths query endpoints for support llm-friendly output (#10162)
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
2026-02-26 12:53:58 +01:00
Adrián Peña 902558f2d4 feat(api): block attack-paths-scans custom queries and schema endpoints (#10177) 2026-02-26 12:27:52 +01:00
Adrián Peña eacb3430cb fix(api): recalc tenant compliance summary after provider deletion (#10172) 2026-02-26 11:18:15 +01:00
Adrián Peña e47f2b4033 fix(api): harden security hub retries (#10144) 2026-02-25 11:34:41 +01:00
Josema Camacho 247bde1ef4 feat(attack-paths): add custom query and cartography schema endpoints (#10149) 2026-02-24 15:49:50 +01:00
Andoni Alonso c159181d27 feat(api): add Image provider support for container image scanning (#10128) 2026-02-24 13:06:34 +01:00