v1.27.1

Highlight

Today we add Beta support for PHP with 50 rules! We've also released both Python and Go as Alpha languages with 5 rules each. See our Language Page for more info.

Changelog

• c805626 chore: remove feature flags (#1336)
• 4fb39a7 docs(rules): some updates for new languages (#1342)
• 40b9c81 fix(classification): improve php datatype detections (#1340)
• b0cd69a fix(php): try catch anchoring (#1338)
• 1f4b733 fix: improve line number reported when datatype detected (#1337)

v1.27.0

Changelog

• 397d1c4 chore(deps): bump github.com/bits-and-blooms/bitset from 1.9.0 to 1.10.0
• d1c350a chore(deps): bump github.com/hhatto/gocloc from 0.5.1 to 0.5.2
• 56a33fa chore(deps): bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0
• 0b7267c chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0
• a2386ec chore(release): migrate to our own gon version (#1335)
• 418030e feat(golang): add beta support (#1314)
• bd221e8 feat(python): add initial support for Python (#1326)
• 3f9c112 feat: add string entropy greater than filter (#1334)
• 8711869 feat: remove useless it/s information in progressbar (#1321)
• fe2a98a feat: send found languages when using bearer cloud (#1318)
• 739cfd4 fix(php): lookup variables in echo/print (#1323)
• 115e5b2 fix(php): lookup variables in subscript indices (#1317)
• 6a53fa5 fix(php): make property names unanchored (#1316)
• 698cefb fix(php): support pattern variables for parameter types (#1319)
• 2ae8ce2 fix: add loc to found languages in saas meta (#1333)
• e2320cb fix: always force a diff scan (#1332)
• 9043f34 fix: cloud uploads on diff scans (#1327)
• a816913 fix: disable rules flag (#1325)
• 0615173 fix: don't use asterisk for non-literal strings (#1320)

v1.26.0

Changelog

• de47412 chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0
• b034d01 chore(deps): bump golang.org/x/mod from 0.12.0 to 0.13.0
• 2a9d1c6 chore(deps): bump golang.org/x/net from 0.15.0 to 0.16.0
• 0435d66 chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0
• deaeffc chore(deps-dev): bump postcss from 8.4.26 to 8.4.31 in /docs
• 7b8ead8 feat: allow diffscans to be sent to bearer cloud (#1304)
• fff5b74 fix(php): make named arguments unanchored in patterns (#1306)
• 792e7a7 fix(php): unanchor class name in new object expressions (#1305)
• 6689428 fix: typo (#1313)

v1.25.0

Changelog

• f5461b9 chore(deps): bump github.com/bits-and-blooms/bitset from 1.8.0 to 1.9.0
• 71efdc9 chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0
• 5ddfe16 chore(deps): bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.12.1
• cbaa13e chore(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0
• 4cf81d2 chore(deps): bump github.com/open-policy-agent/opa from 0.56.0 to 0.57.0
• 11c378c chore(deps): bump github.com/rs/zerolog from 1.30.0 to 1.31.0
• ffec023 chore(deps): bump github.com/shirou/gopsutil/v3 from 3.23.8 to 3.23.9
• 92b2534 feat: add flag to disable progress bar (#1289)
• 0222c49 feat: add php bindings for beta support (#1264)
• 6632e1d fix: avoid compiling privacy report twice (#1290)
• d4bfbfe fix: java and javascript since php changes (#1300)
• 6f6e6b9 fix: php fixes from writing rules (#1294)

v1.24.0

Changelog

• 3adeffd chore: generate stable rule indices (#1286)
• 088e299 feat(javascript): improve as_expression support (#1287)
• a684dcc fix: disabling of rules using comments (#1284)
• def5f02 fix: reporting of unsupported languages (#1285)
• 4f9beb1 fix: show warning when unsupported languages are detected (#1271)

v1.23.1

Changelog

• 44d7ebd chore(deps): bump aws-actions/configure-aws-credentials from 3 to 4
• 7388513 chore(deps): bump docker/build-push-action from 4 to 5
• 8e5b171 chore(deps): bump docker/login-action from 2 to 3
• ae1e52c chore(deps): bump goreleaser/goreleaser-action from 4 to 5
• 21480a5 fix: issue where in some cases messages where written as part of output (#1279)

v1.23.0

Highlights

• Improved scanning process - this should help with memory issues and overall speed when scanning larger files #1206
• Improved version check and rule downloading - we no longer depend directly on the GitHub API, so this should fix rate limiting issues experienced by some users #1249
• For our cloud users, ignored findings are now uploaded so, they can be managed centrally. See the updated documentation for more information

Changelog

• cb56309 build(notarization): fix osx build failures (#1270)
• 835ca7e chore(deps): bump actions/checkout from 3 to 4 (#1251)
• a91913f chore(deps): bump golang.org/x/net from 0.14.0 to 0.15.0 (#1253)
• caad6bf chore(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#1252)
• b68a392 chore: update binary help message (#1263)
• a096d3a feat: improve version check and rule download cache (#1249)
• 1472058 feat: move log level and debug flags to General (#1257)
• dd34532 feat: send ignored findings to cloud (#1194)
• d047766 fix: add new line to ignore pull messaging (#1268)
• 99c28a3 fix: add toString to js reflexive calls (#1277)
• 3665a73 fix: bearer ignore path when target is a file (#1260)
• bf59e80 fix: default ignore file value (#1269)
• 08da11c fix: hide stale ignore fingerprint warning when running diff scan (#1243)
• b7318ce fix: ignore commands no default file value (#1266)
• 153ea3d fix: ignoring of minified files (#1265)
• 011f6b8 fix: nil client segfault (#1258)
• 9810c01 fix: send status for new ignore file additions (#1267)
• 2c6da6c fix: show cloud notices for any report (#1255)
• 058d751 fix: stale ignores json key (#1262)
• c7c31f8 fix: use local ignores for first scan (#1259)
• 5e0772d perf: remove tree sitter walking (#1206)

v1.22.0

Changelog

• 5966b0b chore(deps): bump github.com/open-policy-agent/opa from 0.55.0 to 0.56.0 (#1238)
• e81aa6b chore(deps): bump github.com/shirou/gopsutil/v3 from 3.23.7 to 3.23.8 (#1239)
• db3b73e feat: add false positive status to bearer ignores (#1233)
• d723dbb feat: add severity computation details (#1195)
• dc4adbc fix: report failure data was incorrect (#1240)

v1.21.0

Highlights

• After user feedback we have improved ignoring findings run bearer ignore to find out more.
• Fixed a long standing bug where the exit code was not set correctly for some report formats. You can override this fixed behaviour using --exit-code=0 if needed.

Changelog

• 57bacfd chore(deps): bump aws-actions/configure-aws-credentials from 2 to 3 (#1214)
• 4ce64d4 chore(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 (#1216)
• 4678aef chore(deps): bump github.com/zricethezav/gitleaks/v8 from 8.17.0 to 8.18.0 (#1215)
• 9ff5985 feat: add CSV format flag (#1208)
• a21804b feat: add ignore command (#1180)
• 063492b feat: add ignore remove command (#1221)
• d88b1de feat: add path flag for ignore file (#1213)
• 7d3a1b4 feat: check command docs are up to date (#1219)
• 31f75f7 feat: improve ux of add ignore command (#1227)
• e674387 feat: read from config file for ignore migrate (#1223)
• e1d001a feat: show all ignores (#1220)
• 2e4159c fix: add remove subcommand to ignore usage (#1225)
• 911c5c1 fix: bearer-ignore-flag not loaded for scan (#1222)
• 1601958 fix: handle empty list to scan for orchestrator (#1209)
• 2df8353 fix: ignore command CLI interface (#1211)
• 06b5f95 fix: ignore show --all formatting (#1226)
• f024b67 fix: improve output from ignore commands (#1212)
• a8d6567 fix: increase log level for getMeta related functions (#1197)
• 0c3429a fix: privacy formatter (#1224)
• 653d64c fix: remove cold from flu patterns (#1193)
• f5975b1 fix: report passed not being calculated correctly (#1187)
• 5073de8 fix: saas file list (#1188)
• e51e018 refactor: extract report data object and formatters (#1202)

v1.19.2

Changelog

• 4408f5e fix: hashing of scanners in scan id (#1186)