v1.1.0
版本发布时间: 2023-03-21 22:43:53
Bearer/bearer最新发布版本:v1.46.1(2024-08-12 22:08:37)
Highlights
- Reduced false positives in rules.
- Improved JS detections object deconstructing.
- New express JS rule for session information leaked via cached static assets #763
- Skip rules with code comments
Breaking Changes
- Custom rule syntax for triggers has changed - see the upgrade documentation here.
Changelog
- de801a21 chore(deps): bump Apple-Actions/import-codesign-certs from 1 to 2 (#777)
- 589ad0ff chore(deps): bump actions/deploy-pages from 1 to 2 (#800)
- 46c8103c chore(deps): bump actions/setup-go from 3 to 4 (#801)
- 73adae37 chore(deps): bump aws-actions/configure-aws-credentials from 1 to 2 (#776)
- bd1954e1 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.214 to 1.44.219 (#778)
- 2a12dd09 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.219 to 1.44.224 (#803)
- 27a35480 chore(deps): bump github.com/fatih/color from 1.14.1 to 1.15.0 (#780)
- 165a4287 chore(deps): bump github.com/go-git/go-git/v5 from 5.6.0 to 5.6.1 (#806)
- 38588e51 chore(deps): bump github.com/open-policy-agent/opa from 0.49.2 to 0.50.0 (#779)
- 4dc4aa6d chore(deps): bump github.com/open-policy-agent/opa from 0.50.0 to 0.50.1 (#804)
- 27eff32f chore(deps): bump github.com/schollz/progressbar/v3 from 3.13.0 to 3.13.1 (#805)
- 79befed0 chore(deps): bump github.com/zricethezav/gitleaks/v8 from 8.16.0 to 8.16.1 (#802)
- ea82c51c chore(deps): bump google.golang.org/api from 0.111.0 to 0.112.0 (#781)
- a72192db chore(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 (#807)
- ab277176 docs(fix): JS rules formatting (#775)
- cf39059b feat(JS rules): rule for express session for static assets (#763)
- 27399109 feat(Ruby Rails rules): add or remove Resource TODOs (#787)
- 7f4b0862 feat(Ruby rules): add or remove Resource TODOs (#786)
- 092a0a6d feat(Ruby rules): improve remediation messages (#783)
- b614f508 feat(Ruby rules): improve third party docs (#785)
- af2976df feat(rules): update trigger attributes (#797)
- 675ed2b4 feat: add support for object deconstructing. (#789)
- 812ac7cb feat: skip rules with comments in code (#794)
- 5729db4f fix(JS Express rules): improve default cookie rule (#754)
- bf2045de fix(JS Express rules): tighten path traversal rule (#759)
- 1d5c57d7 fix(JS rules): fix typo in JS AWS lambda rule (#784)
- 49cea66f fix(Ruby rules): remove duplicate devise rule (#772)
- 4c24ccf2 fix(Ruby rules): tighten ruby hardcoded secret rule pattern (#771)
- 787a1116 fix(rules): fix typo in rule description (#798)
- 9258f6f4 fix: fix remediation message indentation (#770)
- 3d1ce4cf fix: improve error messaging for custom detector failures (#791)
- 992169fc fix: remove old integration test workflow (#769)
- 3766bf8a fix: split integration tests (#767)
1、 bearer_1.1.0_darwin_amd64.tar.gz 13.88MB
2、 bearer_1.1.0_darwin_arm64.tar.gz 13.1MB
3、 bearer_1.1.0_linux-386.deb 13.67MB
4、 bearer_1.1.0_linux-386.pkg.tar.zst 12.29MB
5、 bearer_1.1.0_linux-386.rpm 13.71MB
6、 bearer_1.1.0_linux-amd64.deb 14.2MB
7、 bearer_1.1.0_linux-amd64.pkg.tar.zst 12.82MB
8、 bearer_1.1.0_linux-amd64.rpm 14.21MB
9、 bearer_1.1.0_linux_386.tar.gz 13.1MB
10、 bearer_1.1.0_linux_amd64.tar.gz 13.58MB
11、 checksums.txt 972B