Skip to content

v0.3.3
Compare
Choose a tag to compare
@github-actions github-actions released this 12 Mar 08:25
· 314 commits to main since this release
v0.3.3
094fb11

v0.3.3 (2024-03-12)

Chore

  • chore: updated numpy version (a299171)

Ci

  • ci: Add bandit cron workflow to trigger on push to main for resolved issues (90864bd)

  • ci: Updated cron time to test trigger (170c313)

  • ci: Enabled github token and modified cron UTC time (89c773f)

  • ci: Updated path settings (b02ed5b)

  • ci: Fix bandit cron workflow (faf897f)

  • ci: Disabled bandit level (4802bea)

  • ci: Added bandit SAST scanning (5ecd5da)

  • ci: fixed scanners option (ae1ceb4)

  • ci: Added exit code with limit sarif severities and always upload results (b105ac5)

  • ci: Updated codeql-action version (03e48ea)

  • ci: Removed failure condition for trivy scan to allow sarif upload (7b17253)

  • ci: Added githbu codeql sarif upload permissions (1bcd94b)

  • ci: Enabled trivy result upload to github codeql (e9afff0)

  • ci: separate pip audit (e93e002)

  • ci: add pip audit security workflow (b7a4db2)

Fix

  • fix: (security) Added timeout to requests (f5c0645)

Unknown

  • Merge pull request #162 from tattle-made/hotfix

Hotfix (9c7d06b)

  • Merge pull request #161 from duggalsu/add_requests_timeout

Add requests timeout (805e426)

  • Merge pull request #160 from tattle-made/hotfix

Hotfix (76d900e)

  • Merge pull request #159 from duggalsu/add_on_push_bandit_cron_workflow

Add on push bandit cron workflow (bb97334)

  • Merge pull request #158 from tattle-made/hotfix

Hotfix (7b29e51)

  • Merge pull request #157 from duggalsu/test_bandit_cron_workflow_2

Test bandit cron workflow 2 (5ef5baf)

  • Merge pull request #156 from tattle-made/hotfix

Hotfix (dc387bc)

  • Merge pull request #155 from duggalsu/test_bandit_cron_workflow

Test bandit cron workflow (bba6af8)

  • Merge pull request #154 from tattle-made/hotfix

Hotfix (9fca369)

  • Merge pull request #153 from duggalsu/fix_bandit_cron_workflow

Fix bandit cron workflow (d4f7e01)

  • Merge pull request #152 from tattle-made/hotfix

Hotfix (0605f12)

  • Merge pull request #151 from tattle-made/bandit_cron_job

Bandit cron job (453093d)

  • Create bandit.yml (f9f5e2b)

  • Merge pull request #150 from tattle-made/hotfix

Hotfix (5355a37)

  • Merge pull request #149 from duggalsu/add_ci_bandit

Add ci bandit (c899ab4)

  • Merge pull request #148 from tattle-made/hotfix

Hotfix (1001e92)

  • Merge pull request #147 from duggalsu/add_ci_trivy

Add ci trivy (0f7e440)

  • ci (security): Added IaC scan with Trivy (ac487f9)

  • fix (security): Renamed graviton dockerfiles for detection by trivy (bc2b01c)

  • fix (security): Harden dockerfiles

  • Added unprivileged python user
  • Created venv for all pip install
  • Added chown for all files and dirs
  • Added --no-install-recommends to apt-get install cmd
  • Fixed feluda core server.py import issue (a760d2e)
  • Merge pull request #146 from tattle-made/hotfix

Hotfix (adf12d0)

  • Merge pull request #145 from duggalsu/add_ci_pip_audit

Add ci pip audit (40f3ff6)

Assets 4
Loading