Skip to content

Releases: ExtensionEngine/pipeline-security-orb

v2.0.0

07 Nov 12:26
@droguljic droguljic
v2.0.0
a3e9a85
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0.0 Latest
Latest

What's Changed

  • chore: update dependencies of the sample project by @droguljic in #22
  • feat: base secret detection on the detect_secrets command by @droguljic in #23
  • feat: base the code analysis on the analyze_code command by @droguljic in #24
  • docs: update the sast example by @droguljic in #25
  • feat: remove the source pathfrom the detect_secrest_git job by @droguljic in #26
  • refactor: rename base branch param to env assignment by @droguljic in #27
  • refactor: change verbosity of the detect secrets scripts by @droguljic in #28
  • feat: replace the scan_dependencies job with the command by @droguljic in #29
  • refactor: standardize env variable handling by @droguljic in #30
  • feat: add scan_dockerfile command by @droguljic in #31
  • feat: change the source path usage for secrets detection by @droguljic in #32
  • feat: remove the checkout step from the dependency scanning by @droguljic in #33
  • ci: add the scan_dockerfile as the requirement for publishing by @droguljic in #34
  • docs: add Dockerfiles scanning to the README by @droguljic in #35
  • feat: enable debug mode for custom dependencies scan by @droguljic in #36
  • style: format sh files by @droguljic in #37
  • feat: add node executor by @droguljic in #38
  • build: update studion/core to v2.0.1 by @droguljic in #39
  • feat: replace other executors with the node executor by @droguljic in #40

Full Changelog: v1.0.0...v2.0.0

Contributors

droguljic
Assets 2
Loading

v1.0.0

18 Jun 12:42
@droguljic droguljic
v1.0.0
ceada44
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0

What's Changed

  • chore: add orb info by @droguljic in #1
  • feat: add scan_dependencies job by @droguljic in #2
  • chore: remove template artifacts by @droguljic in #3
  • ci: update publish requirements by @droguljic in #4
  • feat: add detect_secrets_(git|dir) jobs by @droguljic in #5
  • fix: typo in param name in scan-deps script command call by @MiroDojkic in #7
  • docs: fix typo in scan_dependencies job parameter description by @MiroDojkic in #6
  • build: update studion/core to v1.0.0 by @droguljic in #8
  • feat: explicitly ensure package manager in scan_dependencies by @droguljic in #9
  • refactor: set medium resource class for gitleaks executor by @droguljic in #10
  • fix: check lockfile before scanning dependencies by @droguljic in #11
  • feat: add analyze_code job by @droguljic in #12
  • docs: update docs across jobs, executors, and examples by @droguljic in #13
  • refactor: export git branches by @droguljic in #14
  • docs: add a note about Semgrep's strange behavior by @droguljic in #15
  • docs: fix typo in base_revision parameter description by @droguljic in #16
  • feat: remove reporting to file for detecting secrets jobs by @droguljic in #17
  • fix: echo correct target of detect_secrets_git job by @droguljic in #18
  • chore: add organization to license by @droguljic in #19
  • docs: add description and usage by @droguljic in #20
  • style: ensure only one empty line at EOF by @droguljic in #21

New Contributors

Full Changelog: https://github.com/ExtensionEngine/pipeline-security-orb/commits/v1.0.0

Contributors

droguljic and MiroDojkic
Assets 2
Loading