César Arroba
|
a679865cce
|
ci: always run container and dependency vulnerability scans on PRs (#11582)
|
2026-06-15 10:38:28 +02:00 |
|
dependabot[bot]
|
c660b35ed6
|
chore(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 (#11267)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-05-21 09:33:57 +02:00 |
|
dependabot[bot]
|
f210c26c2f
|
chore(deps): bump tj-actions/changed-files from 47.0.5 to 47.0.6 (#10963)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-05-21 09:09:43 +02:00 |
|
dependabot[bot]
|
6ef70484c7
|
chore(deps): bump step-security/harden-runner from 2.16.0 to 2.19.1 (#10953)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-05-21 08:32:05 +02:00 |
|
Adrián Peña
|
37aa290d1c
|
feat(api): add health/live and health/ready probe endpoints (#11200)
|
2026-05-18 16:28:36 +02:00 |
|
Pepe Fagoaga
|
3410fc927a
|
chore(security): replace safety with osv-scanner (#11167)
|
2026-05-14 14:35:09 +02:00 |
|
AOrps
|
fb0ef391f2
|
ci(api): replace poetry with uv (api) (#10775)
Signed-off-by: AOrps <aorbeandrews@gmail.com>
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
|
2026-05-14 11:17:17 +02:00 |
|
César Arroba
|
98277689f5
|
ci: reduce GitHub Actions consumption across CI workflows (#11007)
|
2026-05-05 17:08:34 +02:00 |
|
Pepe Fagoaga
|
c27cb28a2a
|
chore(safety): define policy for high and critical (#10845)
|
2026-04-22 13:28:59 +02:00 |
|
stepsecurity-app[bot]
|
96e7d6cb3a
|
feat(security): security best practices from StepSecurity (#10682)
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-04-14 15:13:12 +02:00 |
|
Josema Camacho
|
51591cb8cd
|
build: bump poetry to 2.3.4 and consolidate SDK workflows (#10681)
|
2026-04-14 13:32:46 +02:00 |
|
Adrián Peña
|
c6d5f44c5e
|
chore: update pyjwt (#10661)
|
2026-04-13 14:09:37 +02:00 |
|
dependabot[bot]
|
c21cf0ac20
|
chore(deps): bump tj-actions/changed-files from 47.0.4 to 47.0.5 (#10552)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-04-09 10:19:28 +02:00 |
|
Pepe Fagoaga
|
417be55604
|
feat(security): block mode for hardened runners (#10482)
|
2026-03-27 13:08:59 +01:00 |
|
stepsecurity-app[bot]
|
716c130140
|
feat(security): security best practices from StepSecurity (#10480)
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-03-26 13:58:19 +01:00 |
|
Josema Camacho
|
b311456160
|
fix(security): Ignore cryptography vulnerability until we can upgrade it (#10345)
|
2026-03-16 13:19:37 +01:00 |
|
dependabot[bot]
|
41a7b19c7d
|
build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#9936)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-03-13 09:46:40 +01:00 |
|
dependabot[bot]
|
f55e87d659
|
build(deps): bump tj-actions/changed-files from 47.0.1 to 47.0.4 (#10203)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-03-13 09:40:31 +01:00 |
|
Pepe Fagoaga
|
8af9b333c9
|
ci: restore persist credentials when no output is generated (#10211)
|
2026-03-02 09:14:02 +01:00 |
|
Andoni Alonso
|
8be218b29f
|
fix(ci): harden GitHub Actions workflows against expression injection (#10200)
|
2026-03-01 19:58:43 +01:00 |
|
Josema Camacho
|
a9c7351489
|
fix(api): upgrade cartography to 0.129.0 and neo4j driver to 6.x (#10110)
|
2026-02-18 16:28:24 +01:00 |
|
Josema Camacho
|
bb34f6cc3d
|
refactor(api): remove graph_database and is_graph_database_deleted from AttackPathsScan (#10077)
|
2026-02-16 12:46:49 +01:00 |
|
Josema Camacho
|
d1a7eed5fa
|
chore(security): update filelock dep to solve vulnerability 82754 (#9816)
|
2026-01-20 13:26:59 +01:00 |
|
Josema Camacho
|
032499c29a
|
feat(attack-paths): The complete Attack Paths feature (#9805)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: César Arroba <19954079+cesararroba@users.noreply.github.com>
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
Co-authored-by: Rubén De la Torre Vico <ruben@prowler.com>
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Chandrapal Badshah <Chan9390@users.noreply.github.com>
Co-authored-by: Chandrapal Badshah <12944530+Chan9390@users.noreply.github.com>
Co-authored-by: Adrián Peña <adrianjpr@gmail.com>
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
Co-authored-by: KonstGolfi <73020281+KonstGolfi@users.noreply.github.com>
Co-authored-by: lydiavilchez <114735608+lydiavilchez@users.noreply.github.com>
Co-authored-by: Prowler Bot <bot@prowler.com>
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
Co-authored-by: StylusFrost <43682773+StylusFrost@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: Víctor Fernández Poyatos <victor@prowler.com>
Co-authored-by: bota4go <108249054+bota4go@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: mchennai <50082780+mchennai@users.noreply.github.com>
Co-authored-by: Ryan Nolette <sonofagl1tch@users.noreply.github.com>
Co-authored-by: Ulissis Correa <123517149+ulissisc@users.noreply.github.com>
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Lee Trout <ltrout@watchpointlabs.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Alan-TheGentleman <alan@thegentleman.dev>
|
2026-01-16 13:37:09 +01:00 |
|
Alan Buscaglia
|
c8fab497fd
|
feat(skills): sync AGENTS.md to AI-specific formats (#9751)
Co-authored-by: Alan-TheGentleman <alan@thegentleman.dev>
Co-authored-by: pedrooot <pedromarting3@gmail.com>
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
|
2026-01-13 11:44:44 +01:00 |
|
Pepe Fagoaga
|
9ee77c2b97
|
chore(security): Remove safety check ignores as they are fixed (#9752)
|
2026-01-12 12:02:22 +01:00 |
|
dependabot[bot]
|
73375ee289
|
build(deps): bump tj-actions/changed-files from 47.0.0 to 47.0.1 (#9711)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-01-08 13:30:41 +01:00 |
|
dependabot[bot]
|
3cf7f7845e
|
build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#9397)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-12-23 09:20:19 +01:00 |
|
César Arroba
|
166ab1d2c1
|
chore(github): fix actions paths (#9154)
|
2025-11-04 12:27:34 +01:00 |
|
César Arroba
|
2c28d74598
|
chore(github): separate api pr jobs in different actions (#9078)
|
2025-10-30 10:02:53 +01:00 |
|