Skip to content

v0.11.0

Compare
Choose a tag to compare
@github-actions github-actions released this 14 Jun 14:58
· 84 commits to main since this release
2eaad6d

Changelog for poutine v0.11.0 πŸš€

New Features 🌟

  • GitHub Actions Security: Added detection for the usage of GitHub Actions debug variables. (#88)
  • Vulnerability Scanning: Introduced provider-level vulnerability scanning. A draft version of Gitlab on-premise / GitHub Enterprise CVE checks. (#90)
  • GitHub Pages Documentation: Launched Hugo geekdoc theme and added rendering and deployment for GitHub Pages documentation. Documentation can be found at https://boostsecurityio.github.io/poutine/ (#91, #92)

Improvements πŸ”§

  • Enhanced --scm-base-url option to be more robust, more lenient to different formats. (#95)
  • Updated GitHub Action workflow configurations for improved path handling. (#96)
  • Improved documentation links to point to GitHub Pages and updated README. (#97, #103)
  • Enhanced enumeration in GetOrgRepos for more accurate GitHub organization repository listings. (#118)

Fixes πŸ› οΈ

  • Improved version range detection in CVE database. (#116)
  • Fixed issues with debug_enabled flag on steps and improved error handling. (#117)
  • Various improvements to Git error handling, including trimming whitespace and redacting tokens in errors. (#120, #121)

Dependency Updates ⬆️

  • Multiple dependencies have been updated to their latest versions, improving security and stability:
    • Actions and GitHub Integrations: Updated actions/create-github-app-token, actions/setup-go, goreleaser/goreleaser-action, github/codeql-action, and more. (PRs #104 to #108)
    • Go Libraries: Updated github.com/rs/zerolog, github.com/package-url/packageurl-go, github.com/hashicorp/go-version, github.com/schollz/progressbar/v3, github.com/open-policy-agent/opa, and others. (PRs #109 to #113, #111)

Contributions 🀝

Full Changelog πŸ“œ

For a detailed diff, see the full changelog.