Releases: hawkeyesec/scanner-cli
Improvement Release
With v1.8.0, the Hawkeye Scanner CLI moved its base image from CentOS to alpine. The image now clocks in at ~546 MB, most of which is the OWASP Dependency Scanner's feeds. This should significantly speed up a whole bunch of CI scans out there! A shout out to @CzarScar @z0u and @haohaolee
While we were at it, we've upgraded a bunch of tools:
- OWASP Dependency Scanner was upgraded to v5.3.0
- Find-Sec-Bugs was upgraded to v1.10.1
- Moved to alpine's builtins for node, npm, yarn, ruby, and python, as they are less maintenance overhead.
Bugfix Release
Feature Release
FEATURE: Rust support
FEATURE: Check for outdated mvn packages
FIX: Hawkeye scanner does not run on Windows
FIX: OWASP Dependency Checker scans the whole file tree instead of the relevant stuff
All thanks goes to the people who have made this possible:
Service Update
- Update OWASP dependency check and bundle-audit at build time, no updates at runtime
- Remove the superfluous
node-crossenvmodule - Use temporary file for brakeman report instead of spamming the target folder
- Use temporary file for findsecbugs report instead of spamming the target folder
- Remove floating ruby dependencies
Service Update
Yarn support
This release adds support for yarn projects, identified by both package.json and yarn.lock files being present in the project root.
Maintenance Release
This release fixes the behavior of the node modules when no dependencies were added to the package.json file.
Also allows node versions starting with Carbon LTS to run hawkeye when installing locally as an npm dependency.
Security Release
This release removes the dependency on the vulnerable event-stream package (report here) that was ingested via multiple packages.
Further information: