Commit Graph

  • 1d43885230 docs: update architecture diagram (#10604) Pepe Fagoaga 2026-04-08 11:05:28 +02:00
  • e6aedcb207 feat(api): support sort by delta on finding-groups endpoints (#10606) Adrián Peña 2026-04-08 11:04:57 +02:00
  • 89fe867944 fix(aws): recognize service-specific condition keys as restrictive in is_policy_public (#10600) Kay Agahd 2026-04-08 10:55:55 +02:00
  • 2be2753c55 fix(codeartifact): only retrieve the latest version from a package (#10243) Pepe Fagoaga 2026-04-08 09:21:19 +02:00
  • 283259f34c fix(sdk): resolve empty-set bug in _enabled_regions causing 36-region client creation and CI timeouts (#10598) Josema Camacho 2026-04-08 08:40:58 +02:00
  • abaacd7dbf feat(api): finding group first_seen_at semantics and resource delta (#10595) Adrián Peña 2026-04-07 16:41:08 +02:00
  • 6451740b27 fix(sdk): preserve entra platform condition compatibility Hugo P.Brito 2026-04-07 15:28:49 +01:00
  • 5e1e4bd8e4 fix(oci): Mutelist support (#10566) rchotacode 2026-04-07 08:23:51 -04:00
  • 33efd72b97 chore(deps): bump authlib from 1.6.5 to 1.6.9 (#10579) Davidm4r 2026-04-07 13:31:59 +02:00
  • b2788df8cc chore(issues): automate conversation lock on issue close (#10596) Pepe Fagoaga 2026-04-07 13:07:02 +02:00
  • b1b361af8b chore(ci): update Pablo user for labeling purposes (#10594) Andoni Alonso 2026-04-07 12:54:04 +02:00
  • 8bc03f8d04 fix(api): remove clear_cache from attack paths read-only query endpoints (#10586) Josema Camacho 2026-04-07 12:46:51 +02:00
  • 09b04f6c9f fix(celery): resolve changelog merge conflict with master fix/celery-redis-keepalive César Arroba 2026-04-07 12:14:02 +02:00
  • 049a7703a5 fix(celery): add changelog entry for Redis broker keepalive fix César Arroba 2026-04-07 12:05:49 +02:00
  • ca03d9c0a9 docs: add Google Workspace SAML SSO configuration guide (#10564) Andoni Alonso 2026-04-07 12:03:21 +02:00
  • 2413626242 fix(celery): add Redis broker keepalive to prevent workers stalling after long tasks César Arroba 2026-04-07 12:01:46 +02:00
  • 8985280621 fix(azure): create distinct report per key/secret in keyvault checks (#10332) Kay Agahd 2026-04-07 10:36:48 +02:00
  • b7ee2b9690 chore: rename UI tab regarding the environment (#10588) Pepe Fagoaga 2026-04-07 10:30:01 +02:00
  • 6b2d9b5580 feat(ui): add Vercel provider (#10191) Alejandro Bailo 2026-04-07 10:13:18 +02:00
  • c99ed991b7 fix: show all checks including threat-detection in --list-checks (#10578) kaiisfree 2026-04-06 21:55:15 +06:00
  • 7c0034524a fix(sdk): add missing __init__.py for codebuild GitHub orgs check (#10584) Hugo Pereira Brito 2026-04-06 16:40:04 +01:00
  • 749110de75 chore(sdk): bump cryptography to 46.0.6, oci to 2.169.0, and alibabacloud-tea-openapi to 0.4.4 (#10535) Josema Camacho 2026-04-06 15:09:33 +02:00
  • 5fff3b920d fix(api): exclude spurious retrieve from Jira docs and add known limitations (#10580) Adrián Peña 2026-04-06 14:30:38 +02:00
  • d39e0f4f74 fix(deps): upgrade authlib to 1.6.9 to fix CVE-2026-28802 fix/authlib-cve-2026-28802 Adrián Jesús Peña Rodríguez 2026-04-06 14:09:44 +02:00
  • 46e741103f feat(aws): update regions for AWS services aws-regions-update-180 prowler-bot 2026-04-06 09:25:12 +00:00
  • 961f9c86da feat(ui): Add tenant management (#10491) Pablo Fernandez Guerra (PFE) 2026-04-06 10:31:30 +02:00
  • 0f1da703d1 docs(image): add Prowler App documentation and authentication guide (#10527) Andoni Alonso 2026-04-06 09:59:56 +02:00
  • 07f3416493 feat(mcp): Add resource events tool (#10412) Pepe Fagoaga 2026-04-06 08:42:04 +02:00
  • 5bf816ee42 fix(sdk): handle empty message and helpUri in SARIF output poc-gha-iac Andoni A. 2026-04-02 16:06:11 +02:00
  • 42ab40d079 fix(sdk): drop partialFingerprints from SARIF output Andoni A. 2026-04-02 15:48:43 +02:00
  • 2ce706e474 feat(sdk): add SARIF 2.1.0 output format for GitHub Code Scanning Andoni A. 2026-04-02 14:51:38 +02:00
  • 509ec74c3d fix(ui): findings groups improvements — security fixes, code quality, and UX feedback (#10513) Alan Buscaglia 2026-04-01 15:54:46 +02:00
  • ab8e83da3f fix(api,ui): dynamically fetch Jira issue types instead of hardcoding "Task" (#10534) Adrián Peña 2026-04-01 14:37:49 +02:00
  • 6ac90eb1b5 chore(ui): add pnpm supply chain security protections (#10471) Pablo Fernandez Guerra (PFE) 2026-04-01 14:10:01 +02:00
  • af6198e6c2 feat(api): integrate Vercel provider into API layer (#10190) Alejandro Bailo 2026-04-01 13:20:49 +02:00
  • dfe06a1077 fix(ui): allow selecting failed scans when graph data is available (#10531) Josema Camacho 2026-04-01 11:08:34 +02:00
  • 9ad98ed47e fix(ui): code quality improvements for findings grouped view (#10515) fix/ui-findings-groups-security-fixes Alan Buscaglia 2026-03-31 17:07:50 +02:00
  • 5306bb1133 fix(ui): security and crash fixes for findings grouped view (#10514) Alan Buscaglia 2026-03-31 17:04:56 +02:00
  • 113d85803c fix(ui): render categories as badges instead of comma-separated text fix/ui-findings-groups-pepe-ux alejandrobailo 2026-03-31 17:00:14 +02:00
  • 9dcb0dd1b7 fix(ui): strip markdown code fences and incorrect $ prefix from remediation alejandrobailo 2026-03-31 17:00:09 +02:00
  • 674de89a80 fix(ui): restore Enter-only search for uncontrolled mode in all tables alejandrobailo 2026-03-31 16:45:50 +02:00
  • 8e7b310794 test(ui): replace vacuous assertions in findings-group-table tests alejandrobailo 2026-03-31 16:44:01 +02:00
  • a8ea78e7ed fix(ui): scope Enter-only search to controlled mode, restore uncontrolled debounce alejandrobailo 2026-03-31 16:43:55 +02:00
  • 4f86667433 feat(sdk): add Vercel provider with 30 security checks (#10189) Alejandro Bailo 2026-03-31 16:21:22 +02:00
  • 4bb1e5cff7 fix(sdk): redact sensitive CLI flags in HTML output (#10518) Andoni Alonso 2026-03-31 15:01:09 +02:00
  • 99b80ebbd9 chore(actions): add pr-check-compliance-mapping action (#10526) Pedro Martín 2026-03-31 13:38:20 +02:00
  • 796f2e1976 fix(oci): fix identity clients (#10524) v5.22 Prowler Bot 2026-03-31 09:52:29 +02:00
  • d18c5a8974 fix(oci): fix identity clients (#10520) rchotacode 2026-03-31 03:42:19 -04:00
  • 917f9252d2 chore: trigger CI re-run Alan Buscaglia 2026-03-30 18:19:15 +02:00
  • f43274097b fix(ui): fix Lighthouse AI button contrast — dark text on light gradient Alan Buscaglia 2026-03-30 18:01:56 +02:00
  • c086e3a8d0 fix(ui): always show search input — remove collapse/expand animation Alan Buscaglia 2026-03-30 17:59:59 +02:00
  • bba2f274b8 fix(ui): search commits on Enter only in all tables (uncontrolled mode) Alan Buscaglia 2026-03-30 17:57:55 +02:00
  • d717add78a fix(ui): trigger refresh imperatively on search commit instead of useEffect Alan Buscaglia 2026-03-30 17:56:03 +02:00
  • b129abe42e fix(ui): suppress misleading spinner in commit-on-Enter search mode Alan Buscaglia 2026-03-30 17:34:09 +02:00
  • ab00c2dce1 feat(m365): add entra_conditional_access_policy_block_elevated_insider_risk security check (#10234) Hugo Pereira Brito 2026-03-30 16:27:00 +01:00
  • 765f9c72f2 docs: add missing pre-commit hooks setup for TruffleHog, Safety and Hadolint (#10448) Pablo Fernandez Guerra (PFE) 2026-03-30 16:43:32 +02:00
  • 5a85752839 fix(ui): UX improvements for findings grouped view — Pepe's feedback Alan Buscaglia 2026-03-30 16:34:07 +02:00
  • f759933253 fix(ui): FAIL-first sort, FAIL-only filter, and mute scope for findings drill-down fix/ui-findings-groups-pepe-blockers Alan Buscaglia 2026-03-30 16:08:49 +02:00
  • 1bf13bf567 fix(ui): code quality improvements for findings grouped view Alan Buscaglia 2026-03-30 15:45:01 +02:00
  • de5bb94ff6 fix(image): pass registry arguments through init_global_provider (#10470) Erich Blume 2026-03-30 06:19:01 -07:00
  • 9c1dba9295 fix(ui): security and crash fixes for findings grouped view Alan Buscaglia 2026-03-30 15:10:04 +02:00
  • c009a2128a feat(google-workspace): add CISA SCuBA Baselines compliance (#10466) lydiavilchez 2026-03-30 14:33:38 +02:00
  • a7f18ec41f chore: init feature branch for findings groups improvements Alan Buscaglia 2026-03-30 13:53:46 +02:00
  • 50556df713 feat(ui): add findings grouped view (#10425) Alejandro Bailo 2026-03-30 14:17:36 +02:00
  • 3b875484b0 feat(m365): add device registration MFA and harden Intune enrollment CA check (#10222) Hugo Pereira Brito 2026-03-30 12:36:05 +01:00
  • 442b379777 feat(google-workspace): add CIS Foundations Benchmark v1.3.0 compliance (#10462) lydiavilchez 2026-03-30 12:57:12 +02:00
  • 2a8b6261e1 fix(api): false 404 and sorting on finding group resources endpoints (#10510) Adrián Peña 2026-03-30 12:47:16 +02:00
  • 6df74529d6 refactor(ui): remove "Clear all" button from filter pills strip (#10481) Alan Buscaglia 2026-03-30 12:26:01 +02:00
  • 6f6d62f51f fix(ci): remove DOCKER_HUB_REPOSITORY secret and add toniblyx mirror push (#10512) César Arroba 2026-03-30 11:53:04 +02:00
  • 7148086410 feat(m365): add entra_conditional_access_policy_block_o365_elevated_insider_risk security check (#10232) Hugo Pereira Brito 2026-03-30 10:49:29 +01:00
  • cd47fbbd3d feat(aws): update regions for AWS services aws-regions-update-179 prowler-bot 2026-03-30 09:26:14 +00:00
  • 4ef0b1bf2c fix(ui): fix pre-commit hook skipping lint, tests, and build (#10494) Alan Buscaglia 2026-03-30 10:44:59 +02:00
  • de492a770c fix(ci): remove DOCKER_HUB_REPOSITORY secret from sdk container workflow (#10509) César Arroba 2026-03-30 10:20:38 +02:00
  • e9009f783b fix(ci): remove setup-buildx-action from create-manifest jobs (#10508) César Arroba 2026-03-30 10:01:32 +02:00
  • b7f1ba8e21 feat(security): add missing endpoints to allowlist chore/fix-step-security pedrooot 2026-03-30 09:49:15 +02:00
  • db1edf5ca7 feat(aws): add internet-exposed category to 13 checks (#10502) Raajhesh Kannaa Chidambaram 2026-03-30 02:59:29 -04:00
  • 5afc54e27a fix(oci): Add multi region filtering argument support (#10505) Prowler Bot 2026-03-30 08:50:05 +02:00
  • 82d3ccec18 fix(oci): Add multi region filtering argument support (#10473) rchotacode 2026-03-30 02:45:16 -04:00
  • 391e99d788 fix(oci): Fix service region support (#10504) Prowler Bot 2026-03-30 08:23:19 +02:00
  • ff46281f64 fix(oci): Fix service region support (#10472) rchotacode 2026-03-30 02:19:32 -04:00
  • 7ceee1ee74 feat(security): security best practices from StepSecurity chore/GHA-271823-stepsecurity-remediation stepsecurity-app[bot] 2026-03-27 18:23:28 +00:00
  • 94e234cefb fix(api): use raw FK ids in membership post_delete signal to avoid cascade lookup failures (#10497) Josema Camacho 2026-03-27 16:16:28 +01:00
  • 8267fc4813 fix(step_security): keep notify in audit mode (#10496) Pepe Fagoaga 2026-03-27 15:01:24 +00:00
  • 8bfeee238b feat(api): replace _provider_id property with label-based isolation and regex injection for custom queries (#10402) Josema Camacho 2026-03-27 14:31:56 +01:00
  • cc197ea901 feat(api): add periodic cleanup of stale Attack Paths scans with dead-worker detection (#10387) Josema Camacho 2026-03-27 14:17:22 +01:00
  • 2b5d015e09 feat(security): add missing endpoints to allowlist (#10495) Pepe Fagoaga 2026-03-27 12:53:52 +00:00
  • 73e0ac6892 chore: update dependencies (#10492) Adrián Peña 2026-03-27 13:13:47 +01:00
  • 700b51ddad chore: update Python version references from 3.9 to 3.10 (#10493) Adrián Peña 2026-03-27 13:13:36 +01:00
  • 417be55604 feat(security): block mode for hardened runners (#10482) Pepe Fagoaga 2026-03-27 12:08:59 +00:00
  • f75ce7b4dd feat(ui): add OpenCypher query editor (#10445) Hugo Pereira Brito 2026-03-27 10:58:48 +00:00
  • 269d9dfe41 feat(cli): add --resource-group flag to filter checks by resource group (#10479) Hugo Pereira Brito 2026-03-27 10:55:28 +00:00
  • 7b0ce7842b fix: remove return statements from finally blocks (#10102) Apoorv Darshan 2026-03-27 13:53:15 +05:30
  • 0a11ca4a68 feat(celery): VALKEY_SCHEME environment variable (#10420) Terry Franklin 2026-03-27 18:22:35 +10:00
  • c953fa7e67 fix(api): resolve check_title filter to check_id for consistent finding-group counts (#10486) Adrián Peña 2026-03-27 09:05:02 +01:00
  • 73907db856 fix(trivy-scan): don't comment if PR from fork (#10490) Pepe Fagoaga 2026-03-27 07:37:19 +00:00
  • e3046f8644 feat(security): security best practices from StepSecurity chore/GHA-261831-stepsecurity-remediation stepsecurity-app[bot] 2026-03-26 18:31:14 +00:00
  • 041f95b3df feat(ec2): add check for SG ingress from public IPs to any port (#10335) Raajhesh Kannaa Chidambaram 2026-03-26 12:21:16 -04:00
  • 716c130140 feat(security): security best practices from StepSecurity (#10480) stepsecurity-app[bot] 2026-03-26 13:58:19 +01:00
  • c651f60e3a feat(m365): add entra_conditional_access_policy_mdm_compliant_device_required check (#10220) Hugo Pereira Brito 2026-03-26 10:36:30 +00:00
  • dd00d71a07 fix(api): fix finding groups muted filter, counters and reaggregation (#10477) Adrián Peña 2026-03-26 10:35:21 +01:00