v1.11.0

Changelog

• f66e303 chore(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#1031)
• c47378f chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1032)
• 3d28318 feat(output): add reviewdog output format for security report (#1028)
• b612a19 feat: add data types to saas report (#1030)
• ba142fa fix(recipe): type processed incorrectly (#1038)
• 5ec7c12 fix: add import_specifier to js match node containers (#1029)
• 0cc1d54 fix: switch back to yaml v3 for report (#1036)
• 7a95485 fix: use new package name for reviewdog (#1033)

v1.10.0

Highlights

• Performance improvements - Bearer is now about 4x as fast! #1017 #1025
• Improved import detection in JS - This will allow us to more accurately detected loaded libs #1027

Changelog

• 179ccae chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#1013)
• c466049 chore(deps): bump github.com/open-policy-agent/opa from 0.52.0 to 0.53.0 (#1014)
• 6079ebd feat: add exclude-fingerprints flag (#1018)
• 37f23e3 feat: add fingerprint to report and move skip rule to docs (#1023)
• 9c987ec feat: add no-color flag (#1015)
• 7f7a438 feat: ignore minified JS files (#1025)
• 5d5073b feat: javascript import support (#1027)
• a90388c feat: worker per file (#1017)
• 4d3f86b fix: prefer fingerprint to fingerprints to match other flags (#1022)
• 077a311 fix: result scope following testing (#1024)
• 5e3dfcb fix: ruby element reference query (#1019)

v1.9.0

Highlights

• SARIF / Gitlab SAST Support - usable in github and gitlab see #984 for details
• New rule enhancements

Changelog

• 3990de3 feat(output): add Sarif / Gitlab support (#984)
• 45d1835 feat: add scope detection filter option (#1008)
• ada6e82 fix: allow calls to be traversed with result scope (#1011)

v1.8.1

Changelog

• 8253c6d fix: allow metadata to be set when incorrect (#1009)

v1.8.0

Changelog

• e26daaf chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1000)
• df09779 feat: improve error feedback for bearer cloud api upload (#1003)
• 4a39040 feat: official support for shared rules (#995)
• 814937f fix: shared rule changes (#996)

v1.7.0

Highlights

• Improvements to classifcation and rules engine - You can now match TypeScript types in javascript patterns and use a rule to sanitize another rule!

Changelog

• b15f791 chore(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3 (#980)
• 0609eda chore(deps): bump github.com/hhatto/gocloc from 0.4.3 to 0.5.0 (#968)
• bbf6cc4 chore(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (#983)
• 1c60a3a feat(data classification): improve classification (#978)
• 5106a9f feat: match types in javascript patterns (#977)
• 51dcf1b feat: sanitizer rules (#986)
• 0fbb5db fix(workers): increase TimeoutFileBytesPerSecond (#975)
• 5fb1a51 fix: don't match patterns with unknown filters (#985)
• ada7951 fix: handle flow correctly for sanitizer rules (#991)

v1.6.1

Highlights

• New filter for filenames in rules #964 to support our upcomming efforts to improve rules in ruby Bearer/bearer-rules#46

Changelog

• 889ebd7 chore: clean up old battle tests (#960)
• 5abc8b8 feat: add filename filter (#964)
• bd0c2b0 fix: remove accidental log (#965)
• 37f0691 fix: secrets rules (#962)

v1.5.1

Highlights

• Intial Java support - rules are still under development but the binary now supports the language.
• Detection improvements and expanded filters.
• Version check can now be disabled using --disable-version-check to speedup boot time.

Changelog

• 29c6617 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.244 to 1.44.253 (#948)
• e29c48d chore(deps): bump github.com/open-policy-agent/opa from 0.51.0 to 0.52.0 (#946)
• 80be0b1 chore(deps): bump github.com/zricethezav/gitleaks/v8 from 8.16.2 to 8.16.3 (#930)
• 1c9df1b chore(deps): bump google.golang.org/api from 0.118.0 to 0.120.0 (#947)
• 74c2190 chore(deps): bump nunjucks from 3.2.3 to 3.2.4 in /docs (#926)
• b99a554 feat: add flag to disable version check (#938)
• 72ee80b feat: add length_less_than filter (#949)
• 03876b8 feat: add string regex filter (#958)
• 22506c9 feat: ignore local 'insecure' URLs (#951)
• aa224f8 feat: java language support (#919)
• a914130 fix(docs): update command to update using homebrew to brew upgrade (#957)
• 3889465 fix: check if object is nil (#954)
• bac4f51 fix: list all detected data types in privacy report (#939)
• 3b25619 fix: order raw output rather than CSV format only (#950)
• e2e7975 fix: produce a single property for java classes (#959)

v1.4.0

Changelog

• 2988a87 build: fix linux libc issues (#921)
• c6aad11 build: fix linux performance regression (#925)
• 353444b build: use ubuntu as base of docker image (#932)
• 6a122a4 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.239 to 1.44.244 (#908)
• 224958a chore(deps): bump github.com/rs/zerolog from 1.29.0 to 1.29.1 (#909)
• 76e8df6 chore(deps): bump google.golang.org/api from 0.116.0 to 0.118.0 (#907)
• 1e6700c docs(installation): update installation following segmentation issue (#911)
• cad5fcd feat(kpi): add bearer and bearer rules version to client meta (#913)
• 26a8b35 feat(openai): enhance openai classification in dependencies (#915)
• 140d950 fix: calculate fingerprint locally (#928)
• 924fe0a fix: improve classification and arguments (#901)
• c13fec6 fix: rule caching and language support (#916)

v1.3.1

Changelog

• 166c7db fix: caching with multi-lang repos (#904)