Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
jfagoagas created a review comment on a pull request on prowler-cloud/prowler
We should bump this in master to `1.1.0` since now this introduces a feature.
jfagoagas pushed 1 commit to v3 prowler-cloud/prowler
- chore(deps): bump botocore from 1.35.76 to 1.35.80 (#6188) Signed-off-by: dependabot[bot] <[email protected]> Co-au... 1e7a6e1
jfagoagas closed a pull request on prowler-cloud/prowler
chore(deps): bump botocore from 1.35.76 to 1.35.80
Bumps [botocore](https://github.com/boto/botocore) from 1.35.76 to 1.35.80. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/boto/botocore/commit/fb7fcb4be8689431e93e54a2a4...
jfagoagas deleted a branch prowler-cloud/prowler
PRWLR-5726-finding-uid-is-not-unique-in-several-checks
jfagoagas closed an issue on prowler-cloud/prowler
finding_uid is not unique in backup_recovery_point_encrypted and route53_dangling_ip_subdomain_takeover, cloudtrail_multi_region_enabled_logging_management_events
### Steps to Reproduce prowler -s backup route53 cloudtrail The program output CSV file with the same finding_uid like that prowler-aws-backup_recovery_point_encrypted-<AWS_ACCOUNT_ID>-ap-so...
jfagoagas closed a pull request on prowler-cloud/prowler
fix(aws): set unique resource IDs
### Context Fix #6138 ### Description Set unique resource IDs in `backup_recovery_point_encrypted`, `route53_dangling_ip_subdomain_takeover` and `cloudtrail_multi_region_enabled_logging_m...
jfagoagas created a review on a pull request on prowler-cloud/prowler
I'm approving this but my concern is that this will trigger `new` findings since we are changing/fixing the UID format.
jfagoagas deleted a branch prowler-cloud/prowler
PRWLR-5697-fix-possible-sq-li-while-setting-the-tenant-id-for-rls
jfagoagas pushed 1 commit to master prowler-cloud/prowler
- fix(RLS): enforce config security (#6066) da4f9b8
jfagoagas closed a pull request on prowler-cloud/prowler
fix(RLS): enforce config security
### Context Protect the queries setting the `tenant_id` for RLS using parameters to prevent SQLi. Although the scenario to exploit this is difficult since the `tenant_id` comes from the token wh...
jfagoagas deleted a branch prowler-cloud/prowler
dependabot/github_actions/v4.6/trufflesecurity/trufflehog-3.86.1
jfagoagas pushed 1 commit to v4.6 prowler-cloud/prowler
- chore(deps): bump trufflesecurity/trufflehog from 3.85.0 to 3.86.1 (#6184) Signed-off-by: dependabot[bot] <support@g... 7f5ddcc
jfagoagas closed a pull request on prowler-cloud/prowler
chore(deps): bump trufflesecurity/trufflehog from 3.85.0 to 3.86.1
Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.85.0 to 3.86.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/t...
jfagoagas deleted a branch prowler-cloud/prowler
dependabot/github_actions/v3/trufflesecurity/trufflehog-3.86.1
jfagoagas pushed 1 commit to v3 prowler-cloud/prowler
- chore(deps): bump trufflesecurity/trufflehog from 3.85.0 to 3.86.1 (#6183) Signed-off-by: dependabot[bot] <support@g... 3f40502
jfagoagas closed a pull request on prowler-cloud/prowler
chore(deps): bump trufflesecurity/trufflehog from 3.85.0 to 3.86.1
Bumps [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.85.0 to 3.86.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/t...
jfagoagas created a comment on a pull request on prowler-cloud/prowler
@dependabot ignore this minor version
jfagoagas created a comment on a pull request on prowler-cloud/prowler
We are not compatible with Python 3.13 yet.
jfagoagas created a comment on a pull request on prowler-cloud/prowler
@dependabot ignore this minor version
jfagoagas closed a pull request on prowler-cloud/prowler
fix: dependabot syntax
### Description Use branch `v4.6` for v4 instead of `master` ### License By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.