Commit Graph

  • ad3b57d405 feat(image): add image provider API support with registry scan mode feat/PROWLER-940-stage-2-a-image-provider-api-support Andoni A. 2026-02-18 18:21:20 +01:00
  • 404687b7e1 chore(api): Bump version to v1.19.4 (#10115) Prowler Bot 2026-02-18 16:43:36 +01:00
  • 56adb0b2d4 chore(release): Bump version to v5.18.4 (#10113) Prowler Bot 2026-02-18 16:43:26 +01:00
  • 9d2352879f docs: Update version to v5.18.3 (#10114) Prowler Bot 2026-02-18 16:43:15 +01:00
  • a9c7351489 fix(api): upgrade cartography to 0.129.0 and neo4j driver to 6.x (#10110) Josema Camacho 2026-02-18 16:28:24 +01:00
  • 293a416e0d chore(image): remove test notebooks Andoni A. 2026-02-18 16:00:19 +01:00
  • b9620a80af Merge branch 'master' into feat/PROWLER-1091-create-new-stepper-implement-aws-organizations-endpoints alejandrobailo 2026-02-18 15:37:18 +01:00
  • 0449c4d466 chore: update changelogs for v5.18.3 5.18.3 César Arroba 2026-02-18 15:14:41 +01:00
  • 6be6f558c1 refactor(image): make image the resource instead of individual findings Andoni A. 2026-02-18 14:47:37 +01:00
  • 987fad3aaf fix(ui): replace HeroUI dropdowns with shadcn selects (#10111) Prowler Bot 2026-02-18 13:55:15 +01:00
  • 5f2e4eb2a6 fix(ui): replace HeroUI dropdowns with shadcn selects (#10097) Alejandro Bailo 2026-02-18 13:46:57 +01:00
  • acbfdfa4b2 fix(image): address PR review items for image provider Andoni A. 2026-02-18 12:24:35 +01:00
  • b6c7e24856 fix(api): gcp project id validation for legacy projects (#10109) Prowler Bot 2026-02-18 11:31:21 +01:00
  • 639333b540 feat(ui): setup vitest with react testing library and TDD workflow (#9925) Alan Buscaglia 2026-02-18 11:25:50 +01:00
  • 7bd13cdf39 fix(image): set custom User-Agent to avoid Cloudflare bot blocking Andoni A. 2026-02-18 11:08:33 +01:00
  • b732cf4f06 feat(docker): ulimits to worker services to prevent exhaustion (#10107) Pedro Martín 2026-02-18 10:23:02 +01:00
  • 34cbacc105 feat(image): add IMAGE scan path with per-image progress Andoni A. 2026-02-18 10:19:12 +01:00
  • be3be3eb62 fix(api): clean up temp Neo4j databases on scan failure and provider deletion (#10101) Josema Camacho 2026-02-18 10:18:34 +01:00
  • 12f1a4f3bb fix(image): add 5xx retry and better diagnostics for Docker Hub auth Andoni A. 2026-02-18 10:16:41 +01:00
  • 338d514197 fix(api): gcp project id validation for legacy projects (#10078) Daniel Barranquero 2026-02-18 10:11:07 +01:00
  • 9a5fe3a809 fix(compliance): remove account_id and location for manual reqs (#10106) Prowler Bot 2026-02-18 09:58:08 +01:00
  • fec86754d8 fix(compliance): remove account_id and location for manual reqs (#10105) Pedro Martín 2026-02-18 09:46:19 +01:00
  • 923ee82830 chore(api): bump Trivy to 0.69.1 Andoni A. 2026-02-18 09:42:18 +01:00
  • 313da7ebf5 feat(ui): add CSV and PDF download buttons to compliance views (#10093) Pedro Martín 2026-02-18 09:36:54 +01:00
  • a5e5217e60 fix(image): use Trivy native auth instead of docker login/pull Andoni A. 2026-02-18 09:24:43 +01:00
  • 707b3b484e chore(api): update poetry.lock for image provider SDK branch Andoni A. 2026-02-18 08:59:45 +01:00
  • 348808b37f feat(image): add image provider scan support to Scan class and API layer Andoni A. 2026-02-18 08:59:13 +01:00
  • 7698cdce2e feat(attack-paths): add graph_data_ready field to decouple query availability from scan state (#10089) Josema Camacho 2026-02-17 17:29:36 +01:00
  • c08d42036c fix(ui): changes for update credetials for AliababaCloud provider (#10099) Prowler Bot 2026-02-17 16:30:20 +01:00
  • ff25d6a8c2 fix(ui): changes for update credetials for AliababaCloud provider (#10098) Pedro Martín 2026-02-17 15:50:02 +01:00
  • 04b43b20ae chore(azure): enhance metadata for vm service (#9629) Rubén De la Torre Vico 2026-02-17 13:30:27 +01:00
  • 7d8de1d094 chore(azure): enhance metadata for entra service (#9619) Rubén De la Torre Vico 2026-02-17 12:53:27 +01:00
  • 2c2881b351 fix(oss): use defusedxml to prevent XXE vulnerabilities (#9999) Sandiyo Christan 2026-02-17 16:51:30 +05:30
  • e1ba7bce57 fix(api): align cron validator with celery parser PROWLER-1100-api-crud-endpoints PROWLER-1099-api-scan-schedule-model-provider-fk-migration Víctor Fernández Poyatos 2026-02-17 12:03:59 +01:00
  • f8d0be311c chore(azure): enhance metadata for keyvault service (#9621) Rubén De la Torre Vico 2026-02-17 11:57:27 +01:00
  • 4d44140ab1 fix(api): harden cron validator and migration backfill Víctor Fernández Poyatos 2026-02-17 11:45:25 +01:00
  • 15557b9f6c test(image): add tests for SSRF, credential redaction, empty tokens, and DockerHub enumeration Andoni A. 2026-02-17 11:26:37 +01:00
  • a692351f93 fix(image): harden registry adapter layer against SSRF, credential leaks, and edge cases Andoni A. 2026-02-17 11:25:38 +01:00
  • ed97fcd059 fix(image): add None guard, top-level import, and 401-retry to registry adapters Andoni A. 2026-02-17 10:59:49 +01:00
  • 8438a94203 chore: enhance github documentation and ui placeholder (#9830) Hugo Pereira Brito 2026-02-17 10:48:53 +01:00
  • b9060bebb0 style(image): apply black formatting to image provider files Andoni A. 2026-02-17 10:33:48 +01:00
  • e8ab331dff refactor(image): remove dead code from registry adapter layer Andoni A. 2026-02-17 10:17:46 +01:00
  • d9e451489d fix(image): harden registry adapter layer Andoni A. 2026-02-17 10:01:35 +01:00
  • e8c48b7827 feat(reporting): support CSA CCM PDF reports (#10088) Pedro Martín 2026-02-17 09:48:45 +01:00
  • 9d9067c9e6 docs(ui): add AWS Organizations implementation docs alejandrobailo 2026-02-17 09:46:42 +01:00
  • ea5ab2429c feat(ui): integrate Organizations flow into provider add workflow alejandrobailo 2026-02-17 09:46:37 +01:00
  • 83bceab584 feat(ui): add discovery, account selection, and connection test steps alejandrobailo 2026-02-17 09:46:30 +01:00
  • 689d044d92 feat(ui): add Organizations wizard modal with stepper alejandrobailo 2026-02-17 09:46:22 +01:00
  • d3b0c3c393 feat(ui): add RadioCard and AWS method selector components alejandrobailo 2026-02-17 09:46:16 +01:00
  • de81f6384e feat(ui): add AWS Organizations server actions and adapters alejandrobailo 2026-02-17 09:46:09 +01:00
  • 6648212369 feat(ui): add AWS Organizations types and Zustand store alejandrobailo 2026-02-17 09:46:03 +01:00
  • b00c76acf2 test(image): update mock patch targets after base class refactor Andoni A. 2026-02-17 09:41:15 +01:00
  • 46e55a3351 test(image): add --registry-list validation tests and factory comment Andoni A. 2026-02-17 09:39:52 +01:00
  • 103f71c215 fix(image): use correct singular/plural in registry listing output Andoni A. 2026-02-17 09:39:29 +01:00
  • 310a32e391 refactor(image): deduplicate retry logic into registry adapter base class Andoni A. 2026-02-17 09:39:15 +01:00
  • 402b33516b Merge branch 'master' into feat/PROWLER-939-stage-2-registry-auth Andoni Alonso 2026-02-17 09:17:03 +01:00
  • 5e2ed6a37c docs(image): remove redundant version badges from subsections Andoni A. 2026-02-17 09:10:06 +01:00
  • 8ef231faae docs(image): update docs and changelog for public Docker Hub support Andoni A. 2026-02-17 09:06:38 +01:00
  • 304fa25f25 feat(image): support public Docker Hub registry scan without credentials Andoni A. 2026-02-17 08:40:28 +01:00
  • ffeaeb760e docs(image): document registry scan mode and --registry-list flag Andoni A. 2026-02-17 08:02:41 +01:00
  • 876702fd22 feat(image): add --registry-list flag for image discovery Andoni A. 2026-02-17 07:44:41 +01:00
  • deb17f4900 test(api): add cron expression validator tests Víctor Fernández Poyatos 2026-02-16 18:09:00 +01:00
  • b49e3f59ae feat(api): add cron-based scan schedule data layer Víctor Fernández Poyatos 2026-02-16 18:08:22 +01:00
  • 326def4a17 fix(image): handle Basic auth challenge and pre-encoded ECR credentials Andoni A. 2026-02-16 17:50:05 +01:00
  • aa284b8b24 test(image): add comprehensive registry scan mode unit tests Andoni A. 2026-02-16 15:42:02 +01:00
  • ace36fe76e feat(image): add registry scan mode with OCI, Docker Hub, and ECR support Andoni A. 2026-02-16 15:35:55 +01:00
  • df8a7220ff feat(oraclecloud): Update commercial regions (#10082) PROWLER-1098-cron-based-scan-scheduling Prowler Bot 2026-02-16 14:23:28 +01:00
  • a106cdf4c9 fix: oci regions actions labels (#10083) Daniel Barranquero 2026-02-16 14:23:17 +01:00
  • a86f0b95bc fix(oci): update regions script to handle raw credentials (#10081) Daniel Barranquero 2026-02-16 14:03:27 +01:00
  • 88a2042b80 feat(workflow): Use AGENTS.md as source of truth Pepe Fagoaga 2026-02-16 13:57:08 +01:00
  • bb34f6cc3d refactor(api): remove graph_database and is_graph_database_deleted from AttackPathsScan (#10077) Josema Camacho 2026-02-16 12:46:49 +01:00
  • be516f1dfc feat(openstack): Add 7 New Compute Security Checks (#9944) Daniel Barranquero 2026-02-16 11:46:48 +01:00
  • c1244ea9b8 fix(kms): detect public access for any KMS action, not just kms:* (#10075) Prowler Bot 2026-02-16 10:42:13 +01:00
  • 90e317d39f fix(kms): detect public access for any KMS action, not just kms:* (#10071) Copilot 2026-02-16 10:12:29 +01:00
  • 21bdbacdfb chore(readme): update and add skill (#10067) Pedro Martín 2026-02-16 09:31:21 +01:00
  • dd82135789 chore: improve agent triage Pepe Fagoaga 2026-02-15 17:38:24 +01:00
  • 8ec1136775 security(workflow): Increase security validation Pepe Fagoaga 2026-02-15 10:17:30 +01:00
  • 77fd7e7526 feat(skills): Github Agentic Workflow Pepe Fagoaga 2026-02-14 21:44:18 +01:00
  • da5328985a feat(ci): add AI-powered issue triage agentic workflow Pepe Fagoaga 2026-02-14 21:27:06 +01:00
  • cebe6cf8e2 fix: add warning log for exception in update_check_metadata copilot/fix-return-in-finally-block copilot-swe-agent[bot] 2026-02-14 08:48:08 +00:00
  • eaa746f7b9 fix: remove return statements from finally blocks to avoid swallowing exceptions copilot-swe-agent[bot] 2026-02-14 08:47:18 +00:00
  • 57222f6e0b Initial plan copilot-swe-agent[bot] 2026-02-14 08:39:45 +00:00
  • 75ee07c6e1 chore(gcp): enhance metadata for logging service (#9648) Rubén De la Torre Vico 2026-02-13 16:37:07 +01:00
  • ddc5d879e0 chore(gcp): enhance metadata for kms service (#9647) Rubén De la Torre Vico 2026-02-13 16:32:26 +01:00
  • 006c2dc754 chore(gcp): enhance metadata for iam service (#9646) Rubén De la Torre Vico 2026-02-13 16:24:52 +01:00
  • 4981d3fc38 chore(gcp): enhance metadata for gke service (#9645) Rubén De la Torre Vico 2026-02-13 16:14:14 +01:00
  • efc9bc61fd fix(sdk): update openstacksdk to fix pip install on systems without C compiler (#10062) Prowler Bot 2026-02-13 16:05:36 +01:00
  • cceaf1ea54 chore(gcp): enhance metadata for gcr service (#9644) Rubén De la Torre Vico 2026-02-13 15:55:00 +01:00
  • b436da27c8 chore(gcp): enhance metadata for dns service (#9643) Rubén De la Torre Vico 2026-02-13 15:47:30 +01:00
  • 82be83c668 chore(gcp): enhance metadata for dataproc service (#9642) Rubén De la Torre Vico 2026-02-13 14:57:33 +01:00
  • f6caf51fa0 chore(gcp): update Artifact Registry service metadata to new format review_metadata_gcp_artifacts HugoPBrito 2026-02-13 14:48:07 +01:00
  • 0d9f397bba Merge remote-tracking branch 'origin/master' into review_metadata_gcp_artifacts HugoPBrito 2026-02-13 14:47:19 +01:00
  • 4f18bfc33c feat(iam): add ECS Exec privilege escalation detection (ECS-006) (#10066) Andoni Alonso 2026-02-13 14:45:33 +01:00
  • 941f9b7e0b chore(gcp): enhance metadata for compute service (#9641) Rubén De la Torre Vico 2026-02-13 14:29:38 +01:00
  • 9da0b0c0b1 feat(github): add organization domain verification check (#10033) kushpatel321 2026-02-13 07:41:17 -05:00
  • 8c1da0732d chore(gcp): enhance metadata for cloudsql service (#9639) Rubén De la Torre Vico 2026-02-13 13:35:34 +01:00
  • 3a2960fd09 Merge remote-tracking branch 'origin/master' into feat/PROWLER-939-stage-2-registry-auth Andoni A. 2026-02-13 13:31:17 +01:00
  • 02b58d8a31 fix(api): mark attack paths scan as failed when celery task fails (#10065) Josema Camacho 2026-02-13 13:20:38 +01:00
  • 3defbcd386 chore(gcp): enhance metadata for cloudstorage service (#9640) Rubén De la Torre Vico 2026-02-13 13:17:58 +01:00
  • 6b0a139361 Merge remote-tracking branch 'origin/master' into feat/PROWLER-939-stage-2-registry-auth Andoni A. 2026-02-13 12:23:57 +01:00