Skip to content

DevGuard Scanner v1.0.0-rc.4

Choose a tag to compare

View all tags
@github-actions github-actions released this 05 Dec 12:06
· 1724 commits to main since this release
v1.0.0-rc.4
This tag was signed with the committer’s verified signature.
timbastin Tim Bastin
SSH Key Fingerprint: 2O6OxIHCqDNsw3RwrzteTRYMMQnVg3MdD5pSdustIcA
Verified
Learn about vigilant mode.
6294329
This commit was signed with the committer’s verified signature.
timbastin Tim Bastin
SSH Key Fingerprint: 2O6OxIHCqDNsw3RwrzteTRYMMQnVg3MdD5pSdustIcA
Verified
Learn about vigilant mode.

🚀 DevGuard Release v1.0.0-rc.4

Secure software supply chain scanning and security analysis toolkit

🔴 Critical CVE-2025-55182 / CVE-2025-66478 (React Server Components)

Version of DevGuard Web before v1.0.0-rc.4 are vulnerable to the CVE-2025-55182 (also numbered as CVE-2025-66478) that can cause a reverse shell. As DevGuard Web is published in a minimized container image, the impact is limited (utils like a shell does not exist in the image). Nevertheless, we recommend all users to update as soon as possible.

Current VeX: v1.0.0-rc.4

VeX of previous version: v1.0.0-rc.3

Fix commit: l3montree-dev/devguard-web@d8ce211

References

Release Assets

📱 Binaries

  • devguard-scanner-linux-amd64.tar.gz - Linux x64 binary
  • devguard-scanner-linux-arm64.tar.gz - Linux ARM64 binary
  • devguard-scanner-darwin-amd64.tar.gz - macOS x64 binary
  • devguard-scanner-darwin-arm64.tar.gz - macOS ARM64 (Apple Silicon) binary
  • devguard-scanner-windows-amd64.zip - Windows x64 binary
  • devguard-scanner-windows-arm64.zip - Windows ARM64 binary

🐳 Container Images

  • Registry:
    • ghcr.io/l3montree-dev/devguard:v1.0.0-rc.4 (Main platform)
    • ghcr.io/l3montree-dev/devguard-web:v1.0.0-rc.4 (Frontend of the platform)
    • ghcr.io/l3montree-dev/devguard/scanner:v1.0.0-rc.4 (Scanner tool)

Helm Charts

oci://ghcr.io/l3montree-dev/devguard-helm-chart/devguard (Main platform Helm chart)

helm install my-devguard oci://ghcr.io/l3montree-dev/devguard-helm-chart/devguard --version 1.0.0-rc.4

Quick Start

Download and Install

# Linux/macOS - Download and extract
curl -L https://github.com/l3montree-dev/devguard/releases/download/v1.0.0-rc.4/devguard-scanner-linux-amd64.tar.gz | tar -xz
chmod +x devguard-scanner-linux-amd64
sudo mv devguard-scanner-linux-amd64 /usr/local/bin/devguard-scanner

# Verify installation
devguard-scanner --version

Docker Usage

# Pull DevGuard Scanner from registry
docker pull ghcr.io/l3montree-dev/devguard/scanner:v1.0.0-rc.4

# Pull DevGuard Platform from registry
docker pull ghcr.io/l3montree-dev/devguard:v1.0.0-rc.4

Go Install

go install github.com/l3montree-dev/devguard/cmd/devguard-scanner@v1.0.0-rc.4

📖 Documentation: DevGuard Documentation
🐛 Report Issues: GitHub Issues
💬 Community: Discussions

Assets 9
Loading