Workflow

Stacs-ci

Latest version: v0.1.6

Safety actively analyzes 688512 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

0.1.6

Overview

Upgrades to the latest STACS container. See the [STACS release notes](https://github.com/stacscan/stacs/releases/tag/0.4.5) for the new version for a list of changes in this container. Only changes to STACS-CI will be included below.

🛠️ **New Features**
* N/A

🍩 **Improvements**
* N/A

🐛 **Bug Fixes**
* N/A

0.1.5

Overview

**PLEASE NOTE**: There is a **potentially breaking change** as part of this update, as the Stripe rule has been relocated under `SaaS`. This modifies its reference to now be `CredentialSaaSStripeAPI`. Any previously suppressed findings for this rule will need to be updated to reflect this new identifier.

🛠️ **New Features**
* Upgrade to the [latest STACS rules](https://github.com/stacscan/stacs-rules/pull/6), which includes new rules for
* PyPI Token
* Slack Token
* User (`xoxp-...`)
* Bot (`xoxb-...`)
* NPM
* `authToken`
* `password`
* PKCS12 / PFX
* DER format RSA keys.
* Detects keys with exponents `3` / `65537`, and modulous sizes `64` / `128` / `256` / `512` / `1024`.

🍩 **Improvements**
* Minor changes to AWS rule.
* Simplify matching criteria for a number of rules.

🐛 **Bug Fixes**
* N/A

0.1.4

Overview

🛠️ **New Features**
* N/A

🍩 **Improvements**
* Pulls in latest STACS rules (r57ce3ce).

🐛 **Bug Fixes**
* Fix off-by-one edge case which caused Github pull-request annotation to fail.
* This was triggered when a new file was added in a pull-request containing a credential on the first line.

0.1.3

Overview

🛠️ **New Features**
* Upgrade to the latest version of STACS ([STACS 0.4.4](https://github.com/stacscan/stacs/releases/tag/0.4.4))

🍩 **Improvements**
* Tweak to STACS-CI deployment pipeline to simplify testing prior to release.

🐛 **Bug Fixes**
* N/A

0.1.2

Overview

🛠️ **New Features**
* Upgrade to the latest version of STACS ([STACS 0.4.3](https://github.com/stacscan/stacs/releases/tag/0.4.3))

🍩 **Improvements**
* N/A

🐛 **Bug Fixes**
* N/A

0.1.1

Overview

🛠️ **New Features**
* Upgrade to the latest version of STACS ([STACS 0.4.2](https://github.com/stacscan/stacs/releases/tag/0.4.2))

🍩 **Improvements**
* N/A

🐛 **Bug Fixes**
* Ensures that file with the finding appears in the change set.
* This prevents attempts to add a review comment for a file which is already in the target branch.
* In these cases a comment will be added instead.

Page 1 of 2

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.