v1.3.1

Added

+112 new queries
+33 unit tests
+11 E2E tests

Changed

chore(deps): bump github.com/rs/zerolog from 1.21.0 to 1.22.0 (#3311)
docs(integrations): update integrations docs (#3252)

Fixed

fix 8 FN queries
fix(parser): Fixed Bug with invalid terraform returning panic #3304 #3305
fix(report): corrected report directory generation (#3201)
fix(logs): log-format JSON printing to console without 'verbose' flag (#3208)
fix(logs): Fix invalid log path not returning error #3155 #3290
fix(docs): Update architecture documentation image #3254 (#3308)

v1.3.0

Added

+46 new queries
feat(engine): multiple paths on --path flag (#3017)
feat(telemetry): opt-out telemetry and fix sentry dsn provisioning (#3041)
feat(cli): parametrizing query execution timeout (#3047) (#3048)
feat(metrics) print CPU and Memory usage in logs (#2379) (#2961)
feat(parser): support ssl certificates and swagger files set as attributes for Ansible and Terraform (#2958) (#2960)
docs(integrations): Jenkinsfile documentation and examples (#3038)
docs(integrations): add CircleCI integration example (#3086)

Changed

BREAKING CHANGE: feat(cli): KICS does not execute scan command as default anymore (#3030)
BREAKING CHANGE: feat(engine): semantic exit code based on results (#2400) (#1721) (#2726)

refactor(query): optimized passwords and secrets query (#3059)
feat(engine): Add file checking to filter unwanted files to be parsed (#2506) (#3045)
feat(performance): concurrent engine scans by parser (#3085) (#3061)
chore(deps): bump github.com/moby/buildkit from 0.8.2 to 0.8.3 (#3051)
chore(deps): bump github.com/open-policy-agent/opa from 0.27.1 to 0.28.0 (#3028)

Fixed

fix(similarity-id): scan is not computing the Similarity ID for file path (#3087)
fix(sast): unhandled errors flagged by cxSAST (#3095)
fix(log): should not print, if printer is not ready
fix(log): unwanted json log when using unknown flag/command (#2967) (#2983)

v1.2.4

Changelog

Added

• Added Open API 3.0 support and query example (#2796) (#2810) +37 queries
• Added +6 new queries
• Generate Homebrew tap with goreleaser (#2667)
• Added --log-format and json logs (#2776)
• Setup E2E tests (#2848) (#2849)
• Added linters for OpenAPI samples (#2831) (#2832)
• Added Darwin and Linux arm64 binaries to release assets

Changed

• Updated queries catalog with OpenAPI 3.0
• Bumping external dependencies (#2794) (#2781) (#2792)
• CI/CD refactoring and improvements.

Fixes

• Fixed GoReport card issues (#2298)
• Fixed detect line bug with ExtractLineFragment (#2933) (#2934)
• Fixed query with the wrong platform in metadata, adding a unit test for it (#2902) (#2903)
• Fixed Kubernetes query 'Service Does Not Target Pod' (#2793) (#2881)
• Printing issues from INFO to HIGH on stdout (#2787)
• CxSAST: Added log when terraform.tfvars not found (#2782)
• Fix bugs with tracker counters (#2767)
• Fix new line missing in 'generate-id' command output (#2941)

v1.2.3

Changelog

maintenance version

Added

• Versioned documentation in https://docs.kics.io/

Fixes

• Fix KICS not rendering Helm chart bug #2761 (#2762)
• Fix malformed files not reporting error #1930 (#2754)

v1.2.2

Changelog

Added

• Add support to terraform vars (#2675)
• Added --log-level flag that determines log verbosity
• Added --log-path flag that determines the log file location
• Added --ci flag that print only logs in stdout (no CLI UI output)

Changed

• Updated documentation
• Bumping external dependencies (#2722)

Fixes

• Fixing gosec issues (#2694)
• Missing log on fail to parse invalid YAML (#2698)
• The flag --no-color should remove color from log messages to console (#2692)
• Fixed bug that panics KICS when --queries-path not exists (#2732)

v1.2.1

Changelog

Added

Helm Support
HTML results output format
One-line install script​
New functions to queries' library
New queries

Changed

Queries improved to reduce FPs
Removed unused 'value' field in queries result

Fixed

Filesystem couldn't close file #2270

v1.2.0

Changelog

Added

SARIF results output format
Flag --exclude-queries to enable to exclude specific queries from the results
Flag --no-color to specify if CLI should have color codes enabled
Flag --minimal-ui to revert to minimal results output
Flag --report-formats to specify in which format to output the results (json, sarif)
Command list-platforms to list all supported platforms (names to use when filtering with --type flag)

Changed

CLI UI major revamp
Updated Go version to v1.16
All queries categories revised
Updated queries to remove FPs and improve accuracy

Fixed

Flag --type passed as empty #2137
KICS config file arrays #2140

v1.1.4

Changelog

Added

Support JSON files for AWS CloudFormation
Configuration file to handle all KICS flags
Query category and description to result output
Flag exclude-results to enable excluding unwanted results from the output

Changed

Improved several queries across all platforms to improve accuracy

Fixed

Type flag is now case insensitive #2092

v1.1.3

Changelog

Added

MacOS binaries in the release
Common query - Password and Secrets in Infrastructure as Code
Platform field to query in metadata.json and results JSON
Progress bar in CLI
Type flag to select type to scan (e.g. Terraform, Dockerfile, etc.)
Exclude-paths flag to enable excluding unwanted folders/files from being scanned
Config flag added to enable passing a .json/yaml config file that contains all flags configured
Added support for multiple unit tests samples in queries
Printing location of generated output file

Fixed

SimilarityID bug when computing with absolute file path (#1977)
KICS failing to scan when queries path is not in same context as kics execution (#1964)

v1.1.2

Changelog

Added

Rego Generic Functions
SimilarityID for each result (a unique identifier for each vulnerability)
Scan duration in output and log
Improved log to display queries that failed during scan
Added version command

Changed

generate-id now a command instead of flag -g

Fixed

Codacy code issues