ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2025-12-19 05:17:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
594188f7edbc50d7a6e05a69b3a2b438cd8a2bad
prowler/api/CHANGELOG.md

21 KiB
Raw Blame History

Prowler API Changelog

All notable changes to the Prowler API are documented in this file.

[1.17.0] (Prowler UNRELEASED)

Added

  • New endpoint to retrieve and overview of the categories based on finding severities (#9529)
  • Endpoints GET /findings and GET /findings/latests can now use the category filter (#9529)
  • Account id, alias and provider name to PDF reporting table (#9574)

Changed

  • Endpoint GET /overviews/attack-surfaces no longer returns the related check IDs (#9529)
  • OpenAI provider to only load chat-compatible models with tool calling support (#9523)
  • Increased execution delay for the first scheduled scan tasks to 5 seconds(#9558)

Fixed

  • Made scan_id a required filter in the compliance overview endpoint (#9560)
  • Reduced unnecessary UPDATE resources operations by only saving when tag mappings change, lowering write load during scans (#9569)

[1.16.1] (Prowler v5.15.1)

Fixed

  • Race condition in scheduled scan creation by adding countdown to task (#9516)

[1.16.0] (Prowler v5.15.0)

Added

  • New endpoint to retrieve an overview of the attack surfaces (#9309)
  • New endpoint GET /api/v1/overviews/findings_severity/timeseries to retrieve daily aggregated findings by severity level (#9363)
  • Lighthouse AI support for Amazon Bedrock API key (#9343)
  • Exception handler for provider deletions during scans (#9414)
  • Support to use admin credentials through the read replica database (#9440)

Changed

  • Error messages from Lighthouse celery tasks (#9165)
  • Restore the compliance overview endpoint's mandatory filters (#9338)

[1.15.2] (Prowler v5.14.2)

Fixed

  • Unique constraint violation during compliance overviews task (#9436)
  • Division by zero error in ENS PDF report when all requirements are manual (#9443)

[1.15.1] (Prowler v5.14.1)

Fixed

  • Fix typo in PDF reporting (#9345)
  • Fix IaC provider initialization failure when mutelist processor is configured (#9331)
  • Match logic for ThreatScore when counting findings (#9348)

[1.15.0] (Prowler v5.14.0)

Added

  • IaC (Infrastructure as Code) provider support for remote repositories (#8751)
  • Extend GET /api/v1/providers with provider-type filters and optional pagination disable to support the new Overview filters (#8975)
  • New endpoint to retrieve the number of providers grouped by provider type (#8975)
  • Support for configuring multiple LLM providers (#8772)
  • Support C5 compliance framework for Azure provider (#9081)
  • Support for Oracle Cloud Infrastructure (OCI) provider (#8927)
  • Support muting findings based on simple rules with custom reason (#9051)
  • Support C5 compliance framework for the GCP provider (#9097)
  • Support for Amazon Bedrock and OpenAI compatible providers in Lighthouse AI (#8957)
  • Support PDF reporting for ENS compliance framework (#9158)
  • Support PDF reporting for NIS2 compliance framework (#9170)
  • Tenant-wide ThreatScore overview aggregation and snapshot persistence with backfill support (#9148)
  • Added metadata, details, and partition attributes to /resources endpoint & details, and partition to /findings endpoint (#9098)
  • Support for MongoDB Atlas provider (#9167)
  • Support Prowler ThreatScore for the K8S provider (#9235)
  • Enhanced compliance overview endpoint with provider filtering and latest scan aggregation (#9244)
  • New endpoint GET /api/v1/overview/regions to retrieve aggregated findings data by region (#9273)

Changed

  • Optimized database write queries for scan related tasks (#9190)
  • Date filters are now optional for GET /api/v1/overviews/services endpoint; returns latest scan data by default (#9248)

Fixed

  • Scans no longer fail when findings have UIDs exceeding 300 characters; such findings are now skipped with detailed logging (#9246)
  • Updated unique constraint for Provider model to exclude soft-deleted entries, resolving duplicate errors when re-deleting providers (#9054)
  • Removed compliance generation for providers without compliance frameworks (#9208)
  • Refresh output report timestamps for each scan (#9272)
  • Severity overview endpoint now ignores muted findings as expected (#9283)
  • Fixed discrepancy between ThreatScore PDF report values and database calculations (#9296)

Security

[1.14.1] (Prowler v5.13.1)

Fixed

  • /api/v1/overviews/providers collapses data by provider type so the UI receives a single aggregated record per cloud family even when multiple accounts exist (#9053)
  • Added retry logic to database transactions to handle Aurora read replica connection failures during scale-down events (#9064)
  • Security Hub integrations stop failing when they read relationships via the replica by allowing replica relations and saving updates through the primary (#9080)

[1.14.0] (Prowler v5.13.0)

Added

  • Default JWT keys are generated and stored if they are missing from configuration (#8655)
  • compliance_name for each compliance (#7920)
  • Support C5 compliance framework for the AWS provider (#8830)
  • Support for M365 Certificate authentication (#8538)
  • API Key support (#8805)
  • SAML role mapping protection for single-admin tenants to prevent accidental lockout (#8882)
  • Support for passed_findings and total_findings fields in compliance requirement overview for accurate Prowler ThreatScore calculation (#8582)
  • PDF reporting for Prowler ThreatScore (#8867)
  • Database read replica support (#8869)
  • Support Common Cloud Controls for AWS, Azure and GCP (#8000)
  • Add provider_id__in filter support to findings and findings severity overview endpoints (#8951)

Changed

  • Now the MANAGE_ACCOUNT permission is required to modify or read user permissions instead of MANAGE_USERS (#8281)
  • Now at least one user with MANAGE_ACCOUNT permission is required in the tenant (#8729)

Security

[1.13.2] (Prowler v5.12.3)

Fixed

  • 500 error when deleting user (#8731)

[1.13.1] (Prowler v5.12.2)

Changed

  • Renamed compliance overview task queue to compliance (#8755)

Security

  • Django updated to the latest 5.1 security release, 5.1.12, due to problems with potential SQL injection in FilteredRelation column aliases (#8693)

[1.13.0] (Prowler v5.12.0)

Added

  • Integration with JIRA, enabling sending findings to a JIRA project (#8622), (#8637)
  • GET /overviews/findings_severity now supports filter[status] and filter[status__in] to aggregate by specific statuses (FAIL, PASS)(#8186)
  • Throttling options for /api/v1/tokens using the DJANGO_THROTTLE_TOKEN_OBTAIN environment variable (#8647)

[1.12.0] (Prowler v5.11.0)

Added

  • Lighthouse support for OpenAI GPT-5 (#8527)
  • Integration with Amazon Security Hub, enabling sending findings to Security Hub (#8365)
  • Generate ASFF output for AWS providers with SecurityHub integration enabled (#8569)

Fixed

  • GitHub provider always scans user instead of organization when using provider UID (#8587)

[1.11.0] (Prowler v5.10.0)

Added

  • Github provider support (#8271)
  • Integration with Amazon S3, enabling storage and retrieval of scan data via S3 buckets (#8056)

Fixed

  • Avoid sending errors to Sentry in M365 provider when user authentication fails (#8420)

[1.10.2] (Prowler v5.9.2)

Changed

  • Optimized queries for resources views (#8336)

[v1.10.1] (Prowler v5.9.1)

Fixed

  • Calculate failed findings during scans to prevent heavy database queries (#8322)

[v1.10.0] (Prowler v5.9.0)

Added

  • SSO with SAML support (#8175)
  • GET /resources/metadata, GET /resources/metadata/latest and GET /resources/latest to expose resource metadata and latest scan results (#8112)

Changed

  • /processors endpoints to post-process findings. Currently, only the Mutelist processor is supported to allow to mute findings.
  • Optimized the underlying queries for resources endpoints (#8112)
  • Optimized include parameters for resources view (#8229)
  • Optimized overview background tasks (#8300)

Fixed

  • Search filter for findings and resources (#8112)
  • RBAC is now applied to GET /overviews/providers (#8277)

Changed

  • POST /schedules/daily returns a 409 CONFLICT if already created (#8258)

Security

  • Enhanced password validation to enforce 12+ character passwords with special characters, uppercase, lowercase, and numbers (#8225)

[v1.9.1] (Prowler v5.8.1)

Added

  • Custom exception for provider connection errors during scans (#8234)

Changed

  • Summary and overview tasks now use a dedicated queue and no longer propagate errors to compliance tasks (#8214)

Fixed

  • Scan with no resources will not trigger legacy code for findings metadata (#8183)
  • Invitation email comparison case-insensitive (#8206)

Removed

  • Validation of the provider's secret type during updates (#8197)

[v1.9.0] (Prowler v5.8.0)

Added

  • Support GCP Service Account key (#7824)
  • GET /compliance-overviews endpoints to retrieve compliance metadata and specific requirements statuses (#7877)
  • Lighthouse configuration support (#7848)

Changed

  • Reworked GET /compliance-overviews to return proper requirement metrics (#7877)
  • Optional user and password for M365 provider (#7992)

Fixed

  • Scheduled scans are no longer deleted when their daily schedule run is disabled (#8082)

[v1.8.5] (Prowler v5.7.5)

Fixed

  • Normalize provider UID to ensure safe and unique export directory paths (#8007).
  • Blank resource types in /metadata endpoints (#8027)

[v1.8.4] (Prowler v5.7.4)

Removed

  • Reverted RLS transaction handling and DB custom backend (#7994)

[v1.8.3] (Prowler v5.7.3)

Added

  • Database backend to handle already closed connections (#7935)

Changed

  • Renamed field encrypted_password to password for M365 provider (#7784)

Fixed

  • Transaction persistence with RLS operations (#7916)
  • Reverted the change get_with_retry to use the original get method for retrieving tasks (#7932)

[v1.8.2] (Prowler v5.7.2)

Fixed

  • Task lookup to use task_kwargs instead of task_args for scan report resolution (#7830)
  • Kubernetes UID validation to allow valid context names (#7871)
  • Connection status verification before launching a scan (#7831)
  • Race condition when creating background tasks (#7876)
  • Error when modifying or retrieving tenants due to missing user UUID in transaction context (#7890)

[v1.8.1] (Prowler v5.7.1)

Fixed

  • Added database index to improve performance on finding lookup (#7800)

[v1.8.0] (Prowler v5.7.0)

Added

  • Huge improvements to /findings/metadata and resource related filters for findings (#7690)
  • Improvements to /overviews endpoints (#7690)
  • Queue to perform backfill background tasks (#7690)
  • New endpoints to retrieve latest findings and metadata (#7743)
  • Export support for Prowler ThreatScore in M365 (7783)

[v1.7.0] (Prowler v5.6.0)

Added

  • M365 as a new provider (#7563)
  • compliance/ folder and ZIPexport functionality for all compliance reports (#7653)
  • API endpoint to fetch and download any specific compliance file by name (#7653)

[v1.6.0] (Prowler v5.5.0)

Added

  • Support for developing new integrations (#7167)
  • HTTP Security Headers (#7289)
  • New endpoint to get the compliance overviews metadata (#7333)
  • Support for muted findings (#7378)
  • Missing fields to API findings and resources (#7318)

[v1.5.4] (Prowler v5.4.4)

Fixed

  • Bug with periodic tasks when trying to delete a provider (#7466)

[v1.5.3] (Prowler v5.4.3)

Fixed

  • Duplicated scheduled scans handling (#7401)
  • Environment variable to configure the deletion task batch size (#7423)

[v1.5.2] (Prowler v5.4.2)

Changed

  • Refactored deletion logic and implemented retry mechanism for deletion tasks (#7349)

[v1.5.1] (Prowler v5.4.1)

Fixed

  • Handle response in case local files are missing (#7183)
  • Race condition when deleting export files after the S3 upload (#7172)
  • Handle exception when a provider has no secret in test connection (#7283)

[v1.5.0] (Prowler v5.4.0)

Added

  • Social login integration with Google and GitHub (#6906)
  • API scan report system, now all scans launched from the API will generate a compressed file with the report in OCSF, CSV and HTML formats (#6878)
  • Configurable Sentry integration (#6874)

Changed

  • Optimized GET /findings endpoint to improve response time and size (#7019)

[v1.4.0] (Prowler v5.3.0)

Changed

  • Daily scheduled scan instances are now created beforehand with SCHEDULED state (#6700)
  • Findings endpoints now require at least one date filter (#6800)
  • Findings metadata endpoint received a performance improvement (#6863)
  • Increased the allowed length of the provider UID for Kubernetes providers (#6869)
Reference in New Issue View Git Blame Copy Permalink