v1.20.0

What's Changed

• fix: document all format options by @allcloud-jonathan in #1709
• docs: fix branch names in sarif github action by @gmarmstrong in #1701
• feat: Add syntax highlighting and clean up output by @liamg in #1714

New Contributors

• @allcloud-jonathan made their first contribution in #1709
• @gmarmstrong made their first contribution in #1701

Full Changelog: v1.19.1...v1.20.0

v1.19.1

What's Changed

• fix: Always load embedded rego libraries by @liamg in #1700
• fix: foreach key by @owenrumney in #1703

Full Changelog: v1.19.0...v1.19.1

v1.19.0

What's Changed

• feat(flag): Add var-file flag in to duplicate tfvar-file by @owenrumney in #1683
• docs: Add link to Rego documentation by @atombrella in #1686
• feat(defsec): Add support for applying rego rules to IAM policies by @liamg in #1676
• chore(deps): bump actions/stale from 4 to 5 by @dependabot in #1673
• chore(deps): bump actions/setup-go from 2 to 3 by @dependabot in #1672
• feat: Use new defsec options and improve path handling by @liamg in #1696
• chore(deps): bump crazy-max/ghaction-import-gpg from 4.3.0 to 4.4.0 by @dependabot in #1697
• chore(deps): bump defsec version by @owenrumney in #1699
• test: add tests for aws redshift tf adapters by @vanesasejdiu in aquasecurity/defsec#527
• fix(rule): GCP dnssec not applicable for private zones by @owenrumney in aquasecurity/defsec#539
• test: add tests for aws lambda tf adapters by @vanesasejdiu in aquasecurity/defsec#529

Full Changelog: v1.18.0...v1.19.0

v1.18.0

What's Changed

• fix: remove duplication of checksum by @owenrumney in #1665
• feat(rego): Add --rego-only flag to run rego policies exclusively by @liamg in #1667
• fix(rego): Fix code highlighting for rego detections by @liamg in #1668

Full Changelog: v1.17.0...v1.18.0

v1.17.0

What's Changed

Changes to tfsec

• chore(defsec): Update defsec to v0.34.0 by @liamg in #1666

Changes to defsec

• build(actions): Add cache action to speed up builds by @liamg in aquasecurity/defsec#487
• fix(cloudformation): Fix margin removal for empty lines by @liamg in aquasecurity/defsec#490
• fix(azurerm): Fix false positive on key vault secret expiration by @liamg in aquasecurity/defsec#494
• fix(check): Fix false positive for azure network security rules by @liamg in aquasecurity/defsec#498
• fix(avd): Fix avd docs generation by @liamg in aquasecurity/defsec#499
• test(avd): Add test to ensure all avd docs are generated by @liamg in aquasecurity/defsec#500
• fix(google): Fix GKE legacy endpoint use detection by @liamg in aquasecurity/defsec#497
• feat(cf): Add support for AES256 enryption for s3 bucket in cloudformation by @liamg in aquasecurity/defsec#496
• fix(check): Fix false positive for api gateway cache encryption by @liamg in aquasecurity/defsec#495
• feat(azurerm): Add support for container logging via changes in latest azurerm terraform provider by @liamg in aquasecurity/defsec#492
• feat(check): Add separate check for SNS encryption with CMK by @liamg in aquasecurity/defsec#493
• feat(check): Add separate check for SQS CMK use by @liamg in aquasecurity/defsec#491

Full Changelog: v1.16.3...v1.17.0

v1.16.3

What's Changed

• fix: Fixes for multiple issues identified by adding flag tests by @liamg in #1662
• fix(config): Fix minimum_severity in yaml config files by @liamg in #1664

Full Changelog: v1.16.2...v1.16.3

v1.16.2

What's Changed

• fix: Paths/modules on Windows by @liamg in #1656

Full Changelog: v1.16.1...v1.16.2

v1.16.1

What's Changed

• fix: Fix Windows build by @liamg in #1655

Full Changelog: v1.16.0...v1.16.1

v1.16.0

What's Changed

• feat: Add fs.FS based scanning functionality and module handling by @liamg in #1649
• fix(defsec): Update defsec to v0.31.0 to fix multiple missing metadata issues by @liamg in #1652

Full Changelog: v1.15.4...v1.16.0

v1.15.4

What's Changed

• fix: correct image path by @owenrumney in #1646

Full Changelog: v1.15.3...v1.15.4