v1.8.1

What's Changed

• fix(bundle): Correctly add compliance checks into the bundle by @simar7 in #376

Full Changelog: v1.8.0...v1.8.1

v1.8.0

What's Changed

• test: run integration tests across multiple Trivy versions by @nikpivkin in #343
• refactor(repo): Simplify structure by @simar7 in #308
• chore: use examples field by @nikpivkin in #351
• chore: update aws apigateway, anthena, cloudfront, cloudtrail examples by @nikpivkin in #356
• refactor: specify metadata in annotations instead of rule in KSV107 by @nikpivkin in #355
• refactor(deps): Use OPA v1 by @simar7 in #358
• feat(aws): Add check for malicious AMI detection by @simar7 in #352
• fix: not to check DB instances in AVD-AWS-0022 by @nikpivkin in #360
• feat: support Policy-Min-TLS-1-2-PFS-2023-10 in AVD-AWS-0126 by @nikpivkin in #367
• chore(deps): bump the common group across 1 directory with 2 updates by @dependabot in #361
• ci: bump Go to 1.24 by @nikpivkin in #363
• refactor: use OPA to retrieve checks metadata by @nikpivkin in #354
• refactor: simplify AVD-AWS-0038 by @nikpivkin in #364
• chore: update aws ec2, ecr, ecs, efs examples by @nikpivkin in #362
• feat(checks): Add checks for IngressNightmare by @simar7 in #374
• chore(deps): bump the common group with 2 updates by @dependabot in #370
• chore(deps): bump the go_modules group with 2 updates by @dependabot in #372
• chore(deps): bump the go_modules group with 2 updates by @dependabot in #375

Full Changelog: v1.7.1...v1.8.0

v1.7.1

What's Changed

• ci: grant permission to release workflow by @nikpivkin in #347

Full Changelog: v1.7.0...v1.7.1

v1.7.0

What's Changed

• lint: validate avd_id by @nikpivkin in #331
• chore: remove unused pkg by @nikpivkin in #335
• chore: Fix title on s3 acl check by @owenrumney in #334
• chore(deps): bump the common group with 2 updates by @dependabot in #333
• fix: avoid reference to input.metadata.namespace by @nikpivkin in #338
• docs: clean up documentation before generation by @nikpivkin in #337
• chore: fix metadata for AVD-KSV-0123 by @toVersus in #336
• fix: DS001 should not trigger for an empty image by @nikpivkin in #339
• fix(misconf): make protocol checks case-insensitive and convert numeric protocols to strings by @nikpivkin in #345
• chore(deps): bump github.com/owenrumney/squealer from 1.2.10 to 1.2.11 in the common group by @dependabot in #340
• chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 in the go_modules group by @dependabot in #341
• refactor: move k8s cloud checks to checks/cloud by @nikpivkin in #344
• refactor: move builtin functions to internal package by @nikpivkin in #346
• ci: add nightly release workflow for automated builds by @nikpivkin in #342

New Contributors

• @owenrumney made their first contribution in #334
• @toVersus made their first contribution in #336

Full Changelog: v1.6.1...v1.7.0

v1.6.1

What's Changed

• lint: require input field of Rego metadata by @nikpivkin in #330

Full Changelog: v1.6.0...v1.6.1

v1.6.0

What's Changed

• fix(checks): check no-cache flag only with add command in DS025 by @nikpivkin in #323
• ci: add MS Teams notification by @nikpivkin in #324
• ci: bump Go to 1.23 by @nikpivkin in #325
• feat: add examples for dockerfile and kubernetes checks by @nikpivkin in #300
• feat: gatekeeper repo ambiguous prefix by @itaysk in #327
• ci: add lint for checks metadata by @nikpivkin in #328
• fix(checks): improve argument handling in AVD-DS-0001 by @nikpivkin in #326
• chore(deps): bump the common group with 3 updates by @dependabot in #329

Full Changelog: v1.5.3...v1.6.0

v1.5.3

What's Changed

• fix(github): fix oras setup by @simar7 in #322

Full Changelog: v.1.5.2...v1.5.3

v1.5.1

What's Changed

• fix(ci): setup oras by @nikpivkin in #320

Full Changelog: v1.5.0...v1.5.1

v1.5.0

What's Changed

• feat: setup tests for examples of checks by @nikpivkin in #297
• fix checks related to security groups by @nikpivkin in #298
• fix: do not check unmanaged resources by @nikpivkin in #299
• refactor(checks): Deprecate AVD-DS-0024 by @simar7 in #301
• chore(deps): bump the go_modules group with 3 updates by @dependabot in #309
• fix: use container as cause in KSV104 check by @nikpivkin in #304
• chore(deps): bump golang.org/x/crypto from 0.22.0 to 0.31.0 in /scripts in the go_modules group across 1 directory by @dependabot in #302
• chore: add removed Go checks as deprecated by @nikpivkin in #303
• refactor(checks): upgrade Rego to v1 by @nikpivkin in #310
• ci: init Rego linting by @nikpivkin in #313
• ci: add Trivy 0.57.1 and 0.58.1 to bundle testing by @nikpivkin in #311
• ci: use custom OPA to format Rego by @nikpivkin in #312
• chore(deps): bump github.com/aws-cloudformation/rain from 1.19.0 to 1.21.0 in the common group across 1 directory by @dependabot in #314
• test: add assertions to AVD-AWS-0179 test cases by @nikpivkin in #317
• fix(test): add testcases for AVD-OPNSTK-0003 and AVD-OPNSTK-0004 by @nikpivkin in #318
• fix(checks): respect PodSecurityContext for containers by @nikpivkin in #315
• fix(checks): dedupe KSV030 results by @nikpivkin in #316
• ci: enable strict mode by default in opa check by @nikpivkin in #319
• fix: align CIDR check rules with their title by @nikpivkin in #307

Full Changelog: v1.4.0...v1.5.0

v.1.5.2

Full Changelog: v1.5.1...v.1.5.2