Prowler Bot
|
0c79414c6f
|
chore(api): Update prowler dependency to v5.31 for release 5.31.0 (#11672)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
|
2026-06-23 14:30:02 +02:00 |
|
Josema Camacho
|
fb995a79bf
|
chore: modify changelogs for 5.31.0 release (#11671)
|
2026-06-23 14:09:52 +02:00 |
|
Josema Camacho
|
2375f1d962
|
fix(api): uvicorn worker keepalive (#11663)
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
2026-06-22 16:30:33 +02:00 |
|
abdou
|
30d737c7d7
|
fix(api): bound Celery worker concurrency to a configurable default (#11075)
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
|
2026-06-22 14:05:11 +02:00 |
|
Pepe Fagoaga
|
7f96d895bb
|
fix: API changelog from advisory merge (#11649)
|
2026-06-19 13:48:47 +02:00 |
|
Adrián Peña
|
bf3b5c2ba7
|
Merge commit from fork
* fix(saml): cross-tenant account takeover via SAML domain claiming
* chore(changelog): add PR #
* fix(api): bind SAML tokens to validated domain
- Reject SAML assertions with mismatched email domains
- Issue SAML tokens from the validated ACS tenant
- Add regression coverage for cross-tenant SAML token issuance
* fix(api): resolve SAML tenant inside RLS context
- Load the SAML tenant relation before leaving the RLS transaction
- Avoid lazy tenant lookups during the SAML ACS finish flow
---------
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-06-19 13:38:51 +02:00 |
|
Josema Camacho
|
6d8d553610
|
fix(api): set gunicorn keep-alive above the load balancer idle timeout to stop 502s (#11647)
|
2026-06-19 12:49:49 +02:00 |
|
Josema Camacho
|
99285d4656
|
fix(api): close DB connections per request to stop ASGI replica connection leak (#11640)
|
2026-06-18 17:42:19 +02:00 |
|
Adrián Peña
|
19629e9bb8
|
fix: simplify local dev launch workflow (#11641)
|
2026-06-18 16:51:02 +02:00 |
|
Adrián Peña
|
b89b427a86
|
feat: add Makefile local development stack (#11637)
|
2026-06-18 16:37:42 +02:00 |
|
Pedro Martín
|
c0ae8b9739
|
feat(compliance): add DORA compliance framework for Azure (#11551)
|
2026-06-18 08:56:04 +02:00 |
|
Josema Camacho
|
bae74b8181
|
fix(api): ignore RequestAborted from health-check probe disconnects in Sentry (#11632)
|
2026-06-17 16:20:17 +02:00 |
|
Josema Camacho
|
f1a30f706a
|
fix(api): raise Gunicorn worker timeout to 120s via GUNICORN_TIMEOUT (#11631)
|
2026-06-17 14:04:36 +02:00 |
|
Rubén De la Torre Vico
|
0463cd1559
|
fix(api): disable ASGI lifespan probe and tune SSE worker loop/connections (#11626)
|
2026-06-17 11:16:58 +02:00 |
|
Pepe Fagoaga
|
7b8ce51263
|
chore(changelog): v5.30.2 (#11624)
|
2026-06-17 09:27:14 +02:00 |
|
Adrián Peña
|
e4d5ca11b3
|
feat(api): add provider group filters (#11573)
|
2026-06-16 14:18:34 +02:00 |
|
Adrián Peña
|
181197177c
|
feat(api): only remap SAML user roles when the IdP sends userType (#11520)
|
2026-06-16 14:18:16 +02:00 |
|
Rubén De la Torre Vico
|
e1f20487ce
|
chore(api): align uv constraints with SDK deps (numpy, py-iam-expand, iamdata; drop awsipranges) (#11594)
|
2026-06-16 12:00:18 +02:00 |
|
Pedro Martín
|
e419771b04
|
perf(api): optimize scan-compliance-overviews task (#11591)
|
2026-06-16 10:48:55 +02:00 |
|
Rubén De la Torre Vico
|
28c064a9b7
|
feat(api): add Server-Sent Events (SSE) infrastructure (#11556)
|
2026-06-16 10:26:20 +02:00 |
|
Davidm4r
|
36fe48dbc5
|
fix(api): patch dependency and container CVEs (#11596)
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
2026-06-15 18:24:55 +02:00 |
|
Daniel Barranquero
|
566167489b
|
fix(sdk): patch container CVEs and suppress unfixable bookworm criticals (#11592)
|
2026-06-15 16:59:44 +02:00 |
|
Josema Camacho
|
ca443b8ff1
|
chore: prepare API and UI changelogs for 5.30.1 release (#11562)
|
2026-06-12 12:07:31 +02:00 |
|
Josema Camacho
|
a394c0fdf6
|
fix(api): drop_subgraph deletes relationships then nodes to cut Neo4j memory (#11557)
|
2026-06-11 18:32:35 +02:00 |
|
Pedro Martín
|
20eca78767
|
fix(compliance): resolve provider from scan in attributes endp (#11546)
|
2026-06-11 18:00:36 +02:00 |
|
Hugo Pereira Brito
|
65f00a197b
|
fix(api): normalize OCI scan region credentials (#11558)
|
2026-06-11 17:32:28 +02:00 |
|
Pedro Martín
|
610febb5d5
|
fix(api): bump prowler SDK lock to v5.30.0 for okta_idaas_stig (#11553)
|
2026-06-11 15:53:44 +02:00 |
|
Prowler Bot
|
c4378d5992
|
chore(release): Bump versions to v5.31.0 (#11548)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
|
2026-06-11 15:28:25 +02:00 |
|
Pepe Fagoaga
|
285974b7d4
|
chore(changelog): v5.30.0 (#11540)
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
|
2026-06-11 09:08:25 +02:00 |
|
Pedro Martín
|
75f95559d6
|
fix(api): warm compliance caches when starting the worker (#11530)
|
2026-06-10 19:04:40 +02:00 |
|
Pedro Martín
|
61cd4aea3f
|
feat(compliance): add Okta IDaaS STIG V1R2 framework (#11428)
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-10 11:22:42 +02:00 |
|
Pedro Martín
|
4a5a49b5bb
|
fix(api): store and refresh Resource.name on every scan (#11476)
Co-authored-by: Josema Camacho <josema@prowler.com>
|
2026-06-10 10:55:31 +02:00 |
|
César Arroba
|
b2d74711d9
|
chore(deps): bump dulwich to 1.2.5 and pyjwt to 2.13.0 for osv-scanner (#11499)
|
2026-06-09 13:01:46 +02:00 |
|
Adrián Peña
|
1f7caa6394
|
feat(api): make orphan-task recovery configurable and drop the Jira idempotency table (#11472)
|
2026-06-09 09:16:48 +02:00 |
|
César Arroba
|
061fbaa7bb
|
feat(api): label Postgres connections with application_name per component and alias (#11494)
|
2026-06-08 13:45:06 +02:00 |
|
Josema Camacho
|
28b045302f
|
fix(api): create Neo4j driver lazily so an outage can't block API startup (#11491)
|
2026-06-08 13:30:18 +02:00 |
|
Pedro Martín
|
f7f8747512
|
feat(compliance): add DORA framework for AWS (#11131)
|
2026-06-03 11:43:55 +02:00 |
|
Adrián Peña
|
cf9beb8234
|
feat(api): recover orphaned background tasks and make task re-runs idempotent (#11416)
|
2026-06-02 14:00:17 +02:00 |
|
Davidm4r
|
7f67eac1bf
|
perf(api): avoid N+1 query loading finding resource tags (#11420)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-06-02 13:19:21 +02:00 |
|
Pedro Martín
|
a652e28b4a
|
fix(api): clean up scan tmp output failure to avoid disk fill (#11421)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-06-02 11:37:05 +02:00 |
|
Prowler Bot
|
c2cef99b33
|
chore(release): Bump versions to v5.30.0 (#11418)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
|
2026-06-01 18:37:51 +02:00 |
|
Pepe Fagoaga
|
9422eff8ab
|
chore: changelog v5.29.0 (#11390)
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
2026-05-29 17:29:52 +02:00 |
|
Adrián Peña
|
81226cd837
|
perf(api): use literal scan_ids in finding-groups /latest aggregation (#11380)
|
2026-05-28 13:46:15 +02:00 |
|
Pablo Fernandez Guerra (PFE)
|
ad1261ce54
|
ci(docs): add markdownlint foundation (prek + CI) (#11210)
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
2026-05-27 16:42:01 +02:00 |
|
Adrián Peña
|
329dfdf8e6
|
perf(api): reduce DB load in scan hot loop by 13x (#11249)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-05-25 19:09:28 +02:00 |
|
Pepe Fagoaga
|
546eb2d85a
|
chore: changelog v5.28.1 (#11347)
|
2026-05-25 10:18:42 +02:00 |
|
Josema Camacho
|
528d32601b
|
perf(api): speed up finding-groups endpoint for finding-level filters (#11326)
|
2026-05-22 13:59:05 +02:00 |
|
Prowler Bot
|
56b3044aae
|
chore(release): Bump versions to v5.29.0 (#11332)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
|
2026-05-22 13:34:30 +02:00 |
|
Pepe Fagoaga
|
13e2ede763
|
chore(changelog): prepare for v5.28.0 (#11321)
|
2026-05-22 09:33:40 +02:00 |
|
Pedro Martín
|
dbbefd0558
|
feat(compliance): add resource metadata tab inside req find (#11187)
|
2026-05-21 15:09:43 +02:00 |
|