Workflow

Prowler

Latest version: v4.2.4

Safety actively analyzes 641954 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 21 of 26

3.1.3

Not secure
Chores
* chore(readme): add prowler PyPi stats by sergargar in https://github.com/prowler-cloud/prowler/pull/1798
* chore(regions): Change feat to chore by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1805
* chore(regions_update): Changes in regions for AWS services. by github-actions in https://github.com/prowler-cloud/prowler/pull/1812
* chore(logs): improve check error logs by sergargar in https://github.com/prowler-cloud/prowler/pull/1818
* chore(audit metadata): retrieve audit metadata from execution by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1803
* build(deps-dev): bump pylint from 2.15.10 to 2.16.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/1815
* build(deps-dev): bump openapi-spec-validator from 0.5.2 to 0.5.4 by dependabot in https://github.com/prowler-cloud/prowler/pull/1821

Fixes
* fix(kms): add symmetric condition to kms_cmk_rotation_enabled check by sergargar in https://github.com/prowler-cloud/prowler/pull/1788
* fix(partition): add dynamic partition in CloudTrail S3 DataEvents checks by sergargar in https://github.com/prowler-cloud/prowler/pull/1787
* fix(metadata): use docs.aws.amazon.com like other aws checks, not docs.amazonaws.cn by ifduyue in https://github.com/prowler-cloud/prowler/pull/1790
* fix(allowlist): validate allowlist for any database format (file, dynamo, s3, etc) by pplu in https://github.com/prowler-cloud/prowler/pull/1792
* fix(accessanalyzer_enabled_without_findings): fixed status findings by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1799
* fix(iam_policy_no_administrative_privileges): check only *:* permissions by sergargar in https://github.com/prowler-cloud/prowler/pull/1802
* fix(iam_avoid_root_usage): correct date logic by sergargar in https://github.com/prowler-cloud/prowler/pull/1801
* fix(ec2_securitygroup_not_used): ignore default security groups by sergargar in https://github.com/prowler-cloud/prowler/pull/1800
* fix(accessanalyzer): no analyzers using pydantic by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1806
* fix(cloudtrail): improve cloudtrail_cloudwatch_logging_enabled status extended by sergargar in https://github.com/prowler-cloud/prowler/pull/1813
* fix(KeyError): handle service key errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1819
* fix(metadata) fixed typo in title for awslambda_function_not_publicly… by daftkid in https://github.com/prowler-cloud/prowler/pull/1826
* fix(KeyError): handle service key errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1831
* fix(cloudtrail): included advanced data events selectors by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1814
* fix(shub): update link to Security Hub documentation by sergargar in https://github.com/prowler-cloud/prowler/pull/1830
* fix(awslambda_function_no_secrets_in_code): Retrieve Code if set by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1833
* fix(action): Build from release branch by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1834
* fix(errors): solve different errors in KMS, EFS and Lambda by sergargar in https://github.com/prowler-cloud/prowler/pull/1835

New Contributors
* ifduyue made their first contribution in https://github.com/prowler-cloud/prowler/pull/1790
* pplu made their first contribution in https://github.com/prowler-cloud/prowler/pull/1792
* daftkid made their first contribution in https://github.com/prowler-cloud/prowler/pull/1826

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.1.2...3.1.3

3.1.2

Not secure
Chores
* chore(contrib): Enables a new CloudFormation of CodeBuild for v3 by sergargar in https://github.com/prowler-cloud/prowler/pull/1764
* chore(readme): Update pip package name, now `prowler` or `prowler-cloud` can be used to install Prowler by sergargar in https://github.com/prowler-cloud/prowler/pull/1768

Fixes
* fix(docs): Changed the azure subscription file text HSFDPMUW by Leon114m in https://github.com/prowler-cloud/prowler/pull/1749
* fix(inventory): update resource type for SQS and SNS by vabagaria in https://github.com/prowler-cloud/prowler/pull/1747
* fix(metadata): solve metadata replace by sergargar in https://github.com/prowler-cloud/prowler/pull/1755
* fix(iam): IAM status messages switched fail and pass text and some grammar by acknosyn in https://github.com/prowler-cloud/prowler/pull/1756
* fix(iam): handle credential report errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1765
* fix(json): close Json correctly when no findings by sergargar in https://github.com/prowler-cloud/prowler/pull/1773
* fix(apigatewayv2): correct apigatewayv2_access_logging_enabled check title by sergargar in https://github.com/prowler-cloud/prowler/pull/1769
* fix(IAM): remove duplicate list_policies function by sergargar in https://github.com/prowler-cloud/prowler/pull/1763
* fix(cloudtrail_multi_region_enabled): fixed region when no trails by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1774
* fix(severity): update severities for Security Hub, GuardDuty and NACL related checks by sergargar in https://github.com/prowler-cloud/prowler/pull/1775

Docs
* docs(grammar): Improved grammar in the Documentation paragraph by Ozan-Ekinci in https://github.com/prowler-cloud/prowler/pull/1776
* docs(grammar): Improved grammar in the AZ CLI / Browser / Managed Identity authentication paragraph by Ozan-Ekinci in https://github.com/prowler-cloud/prowler/pull/1745

New Contributors
* vabagaria made their first contribution in https://github.com/prowler-cloud/prowler/pull/1747

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.1.1...3.1.2

3.1.1

Not secure
Chores
* chore(release): add PyPi GitHub Action by sergargar in https://github.com/prowler-cloud/prowler/pull/1724
* chore(regions_update): Changes in regions for AWS services. by github-actions in https://github.com/prowler-cloud/prowler/pull/1730
* chore(dispatch): dispatch triggered actions by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1739
* chore(code-ql): Include security linter by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1703

Fixes
* fix(arguments): improve quiet option by sergargar in https://github.com/prowler-cloud/prowler/pull/1723
* fix(allowlist): add yaml structure validator by sergargar in https://github.com/prowler-cloud/prowler/pull/1735
* fix(pipeline): fixed typo in main pipeline by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1740
* fix(rds): remove DocumentDB from RDS by sergargar in https://github.com/prowler-cloud/prowler/pull/1737
* fix(actions): Exclude docs folder in action by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1743
* fix(IAM): add missing permissions for Prowler by sergargar in https://github.com/prowler-cloud/prowler/pull/1731
* fix(allowlist): remove re.escape by sergargar in https://github.com/prowler-cloud/prowler/pull/1734
* fix(lambda): solve lambda errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1732
* fix(pypi): replicate package to have Prowler in PyPi by sergargar in https://github.com/prowler-cloud/prowler/pull/1727

Docs
* docs(mapping): add mapping of v2 to v3 checks and update pip package name by toniblyx in https://github.com/prowler-cloud/prowler/pull/1742

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.1.0...3.1.1

3.1.0

Not secure
_"The swords of scorn divide,
Take not thy thunder from us,
But take away our pride."_

[_Revelations_](https://www.youtube.com/watch?v=C3pF-b1tXR0) is the second song of the _Peace of Mind_ album of _Iron Maiden_ that was written by Bruce Dickinson.

This last month has been a real revelation for us and we realize how big is our community and how well accepted has been version 3. We have passed the number of 2 Million of downloads 🚀 since the project started (not counting forks). As a reference see **OSS Insight** stats in the last month https://ossinsight.io/collections/security-tool, we became the Top 1 tool thanks to all of you!

What's Changed:

New AWS check iam_role_cross_service_confused_deputy_prevention:
Ensure IAM Service Roles prevents against a cross-service confused deputy attack. Use the `aws:SourceArn` and `aws:SourceAccount` global condition context keys in trust relationship policies to limit the permissions that a service has to a specific resource. More information at https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html#cross-service-confused-deputy-prevention.

* feat(check): add iam_role_cross_service_confused_deputy_prevention check by Fennerr and sergargar in https://github.com/prowler-cloud/prowler/pull/1710
* feat(report): Support to custom report interface by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1702
* feat(ecs_task_definitions_no_environment_secrets): Update resource_id by Fennerr in https://github.com/prowler-cloud/prowler/pull/1665
* feat(iam): Add IAM Role Class by sergargar in https://github.com/prowler-cloud/prowler/pull/1709
* feat(only_logs): New logging flag to only show execution logs by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1708
* feat(regions_update): Changes in regions for AWS services by github-actions

Fixes:

* fix(trustedadvisor_errors_and_warnings): add region by sergargar in https://github.com/prowler-cloud/prowler/pull/1662
* fix(docs): Include a comma in the permissions paragraph HSFDPMUW by Leon114m in https://github.com/prowler-cloud/prowler/pull/1668
* fix(s3): Add S3 ResourceArn by gabrielsoltz in https://github.com/prowler-cloud/prowler/pull/1666
* fix(shub): associate resource_arn as resourceId in Security Hub by sergargar in https://github.com/prowler-cloud/prowler/pull/1672
* fix(compliance): Security Hub working with compliance by sergargar in https://github.com/prowler-cloud/prowler/pull/1673
* fix(config): path error in Windows environment by sergargar in https://github.com/prowler-cloud/prowler/pull/1684
* docs: Edit troubleshooting page by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1685
* fix: remove unnecessary print by sergargar in https://github.com/prowler-cloud/prowler/pull/1686
* fix(services): Handle KeyErrors from AWS by sergargar in https://github.com/prowler-cloud/prowler/pull/1690
* fix(path): aws_regions_by_service.json: FileNotFoundError[13] by sergargar in https://github.com/prowler-cloud/prowler/pull/1689
* fix: deleted test exclusion in name loading checks by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1694
* fix(docs): Add security section and solve images location by sergargar in https://github.com/prowler-cloud/prowler/pull/1696
* fix(cloudwatch_service): set default region in CloudWatch by sergargar in https://github.com/prowler-cloud/prowler/pull/1693
* fix: VPC Key Error by sergargar in https://github.com/prowler-cloud/prowler/pull/1695
* fix: Solve IAM policy Errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1692
* fix(quick_inventory): Prowler quick inventory for US GovCloud and China by toniblyx in https://github.com/prowler-cloud/prowler/pull/1698
* fix(docs): correct permissions links by sergargar in https://github.com/prowler-cloud/prowler/pull/1701
* fix(docs): Include a new comma in the Basic Usage paragraph HSFDPMUW by Leon114m in https://github.com/prowler-cloud/prowler/pull/1705
* fix(docs): Include multiple commas in the troubleshooting file HSFDPMUW by Leon114m in https://github.com/prowler-cloud/prowler/pull/1706
* fix(apigateway): Add ApiGateway ResourceArn and check fixes by gabrielsoltz in https://github.com/prowler-cloud/prowler/pull/1707
* fix(ec2_elastic_ip_unassgined): Incorrect ResourceType for check ec2_elastic_ip_unassgined by gabrielsoltz in https://github.com/prowler-cloud/prowler/pull/1711
* fix(action): add permissions to Github action by sergargar in https://github.com/prowler-cloud/prowler/pull/1712
* fix(fill_html_overview_statistics): Handle if file exists by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1718
* fix(error): ecr_repositories_scan_vulnerabilities_in_latest_image report not found by sergargar in https://github.com/prowler-cloud/prowler/pull/1719
* build(deps-dev): bump pytest from 7.2.0 to 7.2.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/1715
* build(deps-dev): bump pylint from 2.15.9 to 2.15.10 by dependabot in https://github.com/prowler-cloud/prowler/pull/1676
* build(deps-dev): bump moto from 4.0.13 to 4.1.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/1675
* build(deps-dev): bump coverage from 7.0.3 to 7.0.4 by dependabot in https://github.com/prowler-cloud/prowler/pull/1678
* build(deps-dev): bump vulture from 2.6 to 2.7 by dependabot in https://github.com/prowler-cloud/prowler/pull/1677
* build(deps-dev): bump coverage from 7.0.4 to 7.0.5 by dependabot in https://github.com/prowler-cloud/prowler/pull/1688
* build(deps-dev): bump openapi-spec-validator from 0.5.1 to 0.5.2 by dependabot in https://github.com/prowler-cloud/prowler/pull/1716
* docs: Placed a comma in the Service Principal authentication paragraph by Ozan-Ekinci in https://github.com/prowler-cloud/prowler/pull/1713
* docs(SECURITY.md): Include Security Policy by toniblyx in https://github.com/prowler-cloud/prowler/pull/1697

New Contributors:
* Leon114m made their first contribution in https://github.com/prowler-cloud/prowler/pull/1668
* Ozan-Ekinci made their first contribution in https://github.com/prowler-cloud/prowler/pull/1713
* Fennerr made their first contributions in in https://github.com/prowler-cloud/prowler/pull/1665 and https://github.com/prowler-cloud/prowler/pull/1710

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.0.2...3.1.0

3.0.2

Features
* feat(regions_update): changes in regions for AWS services. by github-actions in https://github.com/prowler-cloud/prowler/pull/1629 and https://github.com/prowler-cloud/prowler/pull/1646
* feat(aws-regions): update refresh regions action by sergargar in https://github.com/prowler-cloud/prowler/pull/1641
* feat(ec2): add ResourceArn by gabrielsoltz in https://github.com/prowler-cloud/prowler/pull/1649
* feat(ecs_task_definitions_no_environment_secrets): update recommendation by Fennerr in https://github.com/prowler-cloud/prowler/pull/1658
* feat(ecs_task_definitions_no_environment_secrets): add ECS task revision number by Fennerr in https://github.com/prowler-cloud/prowler/pull/1657

Fixes
* fix(typo): Prowler for Azure by cclauss in https://github.com/prowler-cloud/prowler/pull/1619
* fix(output_filename): Use custom output filename when set by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1632
* fix(iam_user_mfa_enabled_console_access): password enabled issues by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1634
* fix(security-hub): apply -q to security hub by sergargar in https://github.com/prowler-cloud/prowler/pull/1637
* fix(security): update pipfile.lock by sergargar in https://github.com/prowler-cloud/prowler/pull/1639
* fix(dockerfile): Remove additional `apk update` in Dockerfile by PeterDaveHello in https://github.com/prowler-cloud/prowler/pull/1617
* fix(actions): add Github Action `contents: write` permission by sergargar in https://github.com/prowler-cloud/prowler/pull/1643
* fix(actions): add GH Action `pull-requests: write` permissions by sergargar in https://github.com/prowler-cloud/prowler/pull/1644
* fix(codeartifact): set Namespace attribute as optional by sergargar in https://github.com/prowler-cloud/prowler/pull/1648
* fix(assume-role): Refresh credentials when assuming role by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1636
* fix(glacier): handle no vault policy error by sergargar in https://github.com/prowler-cloud/prowler/pull/1650
* fix(contrib): update contrib folder by sergargar in https://github.com/prowler-cloud/prowler/pull/1635

Docs
* docs(AWS-Role): fixed typo by eltociear in https://github.com/prowler-cloud/prowler/pull/1610
* docs(installation): add multiple ways to install prowler in tabs by toniblyx in https://github.com/prowler-cloud/prowler/pull/1627

New Contributors
* eltociear made their first contribution in https://github.com/prowler-cloud/prowler/pull/1610
* cclauss made their first contribution in https://github.com/prowler-cloud/prowler/pull/1619
* PeterDaveHello made their first contribution in https://github.com/prowler-cloud/prowler/pull/1617

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.0.1...3.0.2

3.0.1

Fixes
* fix(logs): add check_name to logs by sergargar in https://github.com/prowler-cloud/prowler/pull/1574
* test(credential_report): Improve credential report tests by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1579
* build(deps-dev): bump coverage from 6.5.0 to 7.0.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/1568
* docs(links): Update broken links to permissions folder by JonoB in https://github.com/prowler-cloud/prowler/pull/1584
* build(deps-dev): bump moto from 4.0.11 to 4.0.12 by dependabot in https://github.com/prowler-cloud/prowler/pull/1570
* build(deps-dev): bump pylint from 2.15.8 to 2.15.9 by dependabot in https://github.com/prowler-cloud/prowler/pull/1569
* fix(errors): handle S3 errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1585
* fix(ECR): handle ECR errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1586
* fix(iam): handle NoSuchEntity error by sergargar in https://github.com/prowler-cloud/prowler/pull/1589
* fix(vpc): endpoint policy error by sergargar in https://github.com/prowler-cloud/prowler/pull/1588
* fix(list services): Solve list services issue by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1587
* fix(shub): Handle Security Hub InvalidAccessException error by sergargar in https://github.com/prowler-cloud/prowler/pull/1590
* fix(efs): handle PolicyNotFound error by sergargar in https://github.com/prowler-cloud/prowler/pull/1591
* fix(aws-cn partition): solve aws-cn partition errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1576
* feat(errors): prettify unknown service errors by sergargar in https://github.com/prowler-cloud/prowler/pull/1592
* fix(sqs): get sqs encryption by sergargar in https://github.com/prowler-cloud/prowler/pull/1596
* fix(refresh-aws-regions): Change branch by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1598
* fix(check_report): Init status field and fix stats output by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1580
* fix(send to s3): fixed send to s3 feature by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1599
* docs: Include Azure requirements in README by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1600
* fix(global_services): handle global regions correctly by sergargar in https://github.com/prowler-cloud/prowler/pull/1594
* fix(output-filename): Handle argument by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1604

New Contributors
* JonoB made their first contribution in https://github.com/prowler-cloud/prowler/pull/1584

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/3.0.0...3.0.1

Page 21 of 26

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.