Download Latest Version v2.8.0 source code.tar.gz (17.7 MB)
Email in envelope

Get an email when there's a new version of Horusec

Home / v2.8.0
Name Modified Size InfoDownloads / Week
Parent folder
horusec_win_x86.exe 2022-06-08 20.1 MB
0
checksums.txt.sig 2022-06-08 96 Bytes
0
horusec_linux_arm64.rpm.sig 2022-06-08 96 Bytes
0
horusec_linux_x86.deb.sig 2022-06-08 96 Bytes
0
horusec_mac_amd64 2022-06-08 23.3 MB
0
horusec_win_amd64_stand_alone.exe 2022-06-08 23.0 MB
0
horusec_linux_amd64.deb.sig 2022-06-08 96 Bytes
0
horusec_linux_amd64.rpm.sig 2022-06-08 96 Bytes
0
horusec_linux_amd64_stand_alone.sig 2022-06-08 96 Bytes
0
horusec_linux_arm64.deb.sig 2022-06-08 96 Bytes
0
horusec_linux_x86.rpm.sig 2022-06-08 96 Bytes
0
horusec_linux_amd64.sig 2022-06-08 96 Bytes
0
horusec_linux_arm64_stand_alone.sig 2022-06-08 96 Bytes
0
horusec_win_arm64_stand_alone.exe.sig 2022-06-08 96 Bytes
0
horusec_linux_x86_stand_alone.sig 2022-06-08 96 Bytes
0
horusec_mac_amd64_stand_alone.sig 2022-06-08 96 Bytes
0
horusec_mac_arm64.sig 2022-06-08 96 Bytes
0
horusec_mac_arm64_stand_alone.sig 2022-06-08 96 Bytes
0
horusec_linux_arm64.sig 2022-06-08 96 Bytes
0
horusec_linux_x86.sig 2022-06-08 96 Bytes
0
horusec_win_amd64.exe.sig 2022-06-08 96 Bytes
0
horusec_win_arm64.exe.sig 2022-06-08 96 Bytes
0
checksums.txt 2022-06-08 2.0 kB
0
horusec_mac_amd64.sig 2022-06-08 96 Bytes
0
horusec_win_amd64_stand_alone.exe.sig 2022-06-08 96 Bytes
0
horusec_win_x86.exe.sig 2022-06-08 96 Bytes
0
horusec_win_x86_stand_alone.exe.sig 2022-06-08 96 Bytes
0
horusec_linux_arm64.rpm 2022-06-08 6.5 MB
0
horusec_linux_x86.deb 2022-06-08 6.5 MB
0
horusec_linux_amd64.deb 2022-06-08 7.0 MB
0
horusec_linux_arm64.deb 2022-06-08 6.5 MB
0
horusec_linux_amd64.rpm 2022-06-08 7.0 MB
0
horusec_linux_x86.rpm 2022-06-08 6.6 MB
0
horusec_linux_amd64_stand_alone 2022-06-08 22.1 MB
0
horusec_win_arm64_stand_alone.exe 2022-06-08 23.2 MB
0
horusec_linux_amd64 2022-06-08 22.1 MB
0
horusec_linux_arm64_stand_alone 2022-06-08 22.3 MB
0
horusec_linux_x86_stand_alone 2022-06-08 19.0 MB
0
horusec_mac_amd64_stand_alone 2022-06-08 23.3 MB
0
horusec_mac_arm64 2022-06-08 25.2 MB
0
horusec_mac_arm64_stand_alone 2022-06-08 25.2 MB
0
horusec_linux_x86 2022-06-08 19.0 MB
0
horusec_win_arm64.exe 2022-06-08 23.2 MB
0
horusec_linux_arm64 2022-06-08 22.3 MB
0
horusec_win_amd64.exe 2022-06-08 23.0 MB
1 1 weekly downloads
cosign.pub 2022-06-08 178 Bytes
0
horusec_win_x86_stand_alone.exe 2022-06-08 20.1 MB
0
README.md 2022-06-08 8.5 kB
0
v2.8.0 source code.tar.gz 2022-06-08 17.7 MB
0
v2.8.0 source code.zip 2022-06-08 18.0 MB
0
Totals: 50 Items   432.3 MB 1

Changelog

Features

  • f0df9f4ac0858526775e5ed0ef560cb4244eda05: docker:feature - Validate Docker version from the Docker API (#965) (@luiguip)
  • 522076a2c06f9279662f0964e482d02a9651dc20: cli:feat - add SARIF output support (#946) (@anthturner)
  • df2e20c65aa0fb2c8f987bf4bc3dca9f4ba9ea7e: hash:feature - new hash format and handle the future depreciations (#996) (@nathanmartinszup)
  • 578e88332c487e28f9a395b621f10bad9e1415c1: workflow:feat - Automating the release notes (#997) (@wiliansilvazup)
  • 6e052fb84436c5ab3da9521ec6012f4123a6d92b: java:feature - Add Rule for CVE-2022-21724 (#1033) (@wiliansilvazup)
  • 2c11096c3826d083ae4aa2cc2117394c61540540: rules:feat - adding rule to spring framework rce (#1053) (@nathanmartinszup)
  • a6153295bfe28c59f88735c7d50bdeaeaa597168: docs:feat - Security Policies (#1052) (@lucasbrunozup)

Bug fixes

  • 1bfe22367f47496110795051e5523376e596bada: install/sh:bugfix - updating install sh to install latest if more recent (#913) (@nathanmartinszup)
  • 9245d7d3412da67b9ba7ed3c0f1ab24a328fc9f1: bundler:fix - correctly parse output error (#921) (@matheusalcantarazup)
  • e263056bdc2406c652389c39cd4b110a27e08edb: formatters:fix - not show which tool generate the error (#932) (@matheusalcantarazup)
  • 0a2eceeab791341a3b9c11b61ad3871b151f8e87: trivy:bugfix - adding func to avoid hash changes in trivy formatter (#929) (@nathanmartinszup)
  • 73511f0a3be8b0f2d0748b572c3d5ba0ac94d231: engine/swift:bugfix - improving HS-SWIFT-24 rule to avoid false positives (#930) (@nathanmartinszup)
  • 18e8b89baf35b67d521470ea8128e24d96f299cc: formatters/tfsec:bugfix - vulnerabilities were being ignored due missing severity (#934) (@nathanmartinszup)
  • 87673d1c9064994e78f5023ec4457f8a0dfa706a: engine/leaks:bugfix - improving leaks rule 26 (#972) (@nathanmartinszup)
  • c4184c5846455f821cf9144e0296dd9b2d1ca3a4: engines/jvm:fix - false positives on base64 encode/decode (#974) (@matheusalcantarazup)
  • 22acb2b0bd6bea36cae7f60ddc4078e93ecd2630: dockerfile:fix - update and upgrade packages (#977) (@matheusalcantarazup)
  • 0c1e691e92a93d48ad8694e856cc418e617edee3: commitAuthors:bugfix - fix when pass invalid line to SetCommitAuthors and changed formatters error handling approach (#978) (@iancardosozup)
  • b6d92cda642b4918ad3bedb10ce6261d1c5e1c88: dockerfiles:bugfix - adding no cache flag (#982) (@nathanmartinszup)
  • 1b9673d86fcda3884f33c56ea70a0b83d64139f0: dockerfiles:bugfix - updating docker base image (#983) (@nathanmartinszup)
  • 6e4d0c16abe070ead9f432da85da2bcf2d2e7176: dockerfile:bugfix - updating dockerfiles docker base image (#989) (@nathanmartinszup)
  • f860773141b0224ab5bd86247ab58be44d8c7bf0: docs:fix - commit template message (#992) (@matheusalcantarazup)
  • 345c74875de2843cec9453e9c9f28e2bd6b31d4d: analyzer:bugfix - separate warnings from errors (#1013) (@nathanmartinszup)
  • 29c733029c283682b6f2aa68826619adbfd8d65e: gitleaks:bugfix - updating formatter to gitleaks v8 (#1010) (@nathanmartinszup)
  • 96fbcc838517abf522f69415744393cf202ec3b4: sarif:bugfix - removing version prefix (#1019) (@nathanmartinszup)
  • 8517c84e74eb08b4dcdc58852d1d9e49f5a87034: goreleaser:bugfix - adding release auto (#1027) (@nathanmartinszup)
  • 748d681d8e66fe8049e2d5d9fa58b8e682dba529: utils/file:fix - missing {HORUSEC_CLI} prefix and typo on log debug (#1025) (@matheusalcantarazup)
  • a0c13d2152148489e06833d40da92354a58b3a93: docker:fix - missing image name on debug log (#1026) (@matheusalcantarazup)
  • e8eb1ba8b9e67e4b0ec266ece0b1970a2ee5fe99: horusec:fix - Errors reported in v2.8.0-beta.1 (#1050) (@wiliansilvazup)
  • df32c1ce03d2de748cecb76cff383f2851e198c3: analyzer:fix - Fixing details wrong (#1054) (@wiliansilvazup)

Chores

  • f2c500de570df694e84cca451bdd622e2d0be4dc: yarnaudit:chore - improve tests and code cleaning (#910) (@matheusalcantarazup)
  • 0df35e4b4fbcd78899f26ba7ce5bf81907280a2a: analyzer:chore - split analyzer implementation into runner (#909) (@matheusalcantarazup)
  • d3018a8f6e5e44be5469f0c31767d35ea2281d12: workflow/security:chore - updating security workflow to use latest rc (#911) (@nathanmartinszup)
  • 802f0c4b8a81c36160eac5632de5e102f961c0ce: formatters:chore - remove unused methods from IService (#912) (@matheusalcantarazup)
  • 04f682e508b6a121f9a206f27450181f403ca6e8: formatter:chore - replace strings.Replace to fmt.Sprintf (#914) (@matheusalcantarazup)
  • d0f5f5212dfc2e043e1f7a5bc42ceb04a4c5ef4b: nancy:chore - remove logs when running without GITHUB_TOKEN env (#922) (@matheusalcantarazup)
  • c43d93c591a5d178afc3fb68ed7279fb0ac248d7: engine/java:chore - add CVE-2021-44832 detail to the description of the HS-JAVA-150 rule (#916) (@dearrudam)
  • bfb07e6b03c71370a14b6eb216c1c16fe5ad46ff: workflows:chore - removing old release file to avoid confusion (#924) (@nathanmartinszup)
  • 112e82e8728b725c72dacf57f9dfa55d50d7d8b9: bundler:chore - improve tests and code cleaning (#925) (@matheusalcantarazup)
  • 5d8b435b8298ea37c82e4139f26a9fbb58b942c5: phpcs:chore - Update PHP_CodeSniffer to show severity and code (#935) (@wiliansilvazup)
  • 3d9f22ab0939e4deeae5cfe1770917e39a59c7d4: engine:chore - update to new engine (#923) (@iancardosozup)
  • a175361a874ea8efe2ed805985bcddc1c3ee0143: sonarqube:chore - merge entities/sonarqube with services/sonarqube pkg (#947) (@matheusalcantarazup)
  • ae31579624f0a241301bcf6494210b1ef9502afd: git:chore - move CommitAuthor declaration to git pkg (#948) (@matheusalcantarazup)
  • 886da4c259689f16cad6daee755a04635ff11b82: makefile:chore - bump gci tool (#970) (@matheusalcantarazup)
  • 43c551d38a2cd6cadd5d075537caa9a1ddeece97: swift:chore - Improvements Tests of all Swift Rules (#953) (@wiliansilvazup)
  • 6b630c1cf7a89c66f33af310d66b14bb3ecefe6a: kubernetes:chore - Improvements Tests of all Kubernetes Rules (#961) (@wiliansilvazup)
  • aadaaed08d1df6aa3551c0dc5bec57652a064a61: enums:chore - remove unused enums/engine pkg (#979) (@matheusalcantarazup)
  • 9f7dd644eb337bb66a85f3418a7536dc7e0278e3: checkov:chore - removing pborman/ansi dependency (#975) (@iancardosozup)
  • 6abcc37575b0222a2f0373dd7c66c6c082e731c2: engine/java:chore - updating log4j rule to avoid false positives (#980) (@nathanmartinszup)
  • 8659ee7bdb5ca0c82a2eff563523947398c46d63: formatters:chore - add missing RuleIDs (#967) (@anthturner)
  • d7fcbe381f2c2c4d8672394b91e37ee955a509e6: lint:chore - Fix lint, format and Horusec API tests (#1004) (@wiliansilvazup)
  • 0bd4d4d06a595c499c0cd03c65f735357d49ea25: formatters:chore - normalize not found files warn message (#1023) (@matheusalcantarazup)
  • 649b267f6b22d5e605a4a8a4b0cdc1c3f56a64de: formatters/ruby:chore - removing unnecessary error messages (#1024) (@nathanmartinszup)
  • 763a79621cc6ae13d8df5d1f8db78d6e25e265b4: custom_rules:chore - Refactored tests for custom_rules to table tests (#1049) (@Adam88morris)
  • 013b22e5ca65186988f4d934d229d070ca98eff0: javascript::chore - Adding improvements on javascript rules (#1043) (@wiliansilvazup)
  • 40d4191c2f81461f4af38f87550d71d384cff846: csharp:chore - Improvements on safe and unsafe code in csharp (#1037) (@wiliansilvazup)
  • cf7b1bf032860385a013fcc5e45e0ab6b5236ea1: dart:chore - Adding improvements on dart rules (#1038) (@wiliansilvazup)
  • 6a4dd9381e5ff0c41fd692598daba7d094e88595: k8s:chore - Adding improvements on k8s rules (#1039) (@wiliansilvazup)
  • 841c343b01309392234c425343e5d431f4bb1f66: leaks:chore - Adding improvements on leaks rules (#1040) (@wiliansilvazup)
  • 229df8b506337feadadaed1f32e86a434b9ff2c6: swift:chore - Adding improvements on swift rules (#1042) (@wiliansilvazup)
  • c6f20fe82d0d96ad2b81001607d39243504a3120: nginx:chore - Adding improvements on nginx rules (#1041) (@wiliansilvazup)

Others

  • f14f9104d6851a2b705dd22a9363686e22509824: fix:semgrep - Disable collect metrics and fix log message (#968) (@wiliansilvazup)
  • 0f24a9e5fd5792d14c8cf917e0e2c96cd2192be8: chore:workflow - Added new workflow to validate release workflows (#988) (@wiliansilvazup)
  • 51a700664305f668f6a447341520424711dafd31: docs: add issues section (#991) (@HenriqueZup)
  • 2aa2c5bc95fd3d42d9dc8836493ae05996604034: release:build - Removing GPG and sign images from build.yaml (#1018) (@wiliansilvazup)
  • ac6405afdd492163cf04f11ed255e6b2de48c348: scs: bugfix - att outdated chsharp sdk on horusec-engine-csharp (#1022) (@iancardosozup)
  • cce34ce250c854b3c0ad5f06e6e5bde1794a2fe6: This commit implements vulnerable and safe samples for the javascript rules. (#1051) (@lucasbrunozup)

Docker images

  • docker pull horuszup/horusec-cli:v2.8.0

Full Changelog: https://github.com/ZupIT/horusec/compare/v2.7.1...v2.8.0

Source: README.md, updated 2022-06-08