From d66bc1b2a2d9e2a8805acae692de11c60e20fe82 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 19:21:31 +0000 Subject: [PATCH 1/6] chore(deps): update dependency semgrep to v1.149.0 (#341) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- docker/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/requirements.txt b/docker/requirements.txt index 92422597..4d57a1c2 100644 --- a/docker/requirements.txt +++ b/docker/requirements.txt @@ -5,7 +5,7 @@ bandit-sarif-formatter==1.1.1 # https://github.com/microsoft/bandit-sarif-forma # Semgrep # ---------------------------------------------------------------- -semgrep==1.145.1 # https://github.com/returntocorp/semgrep +semgrep==1.149.0 # https://github.com/returntocorp/semgrep # CryptoLyzer # ---------------------------------------------------------------- From 274c24de0a6ddc04b4a52acb886beeb6cdd66470 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 19:22:01 +0000 Subject: [PATCH 2/6] chore(deps): update dependency cryptolyzer to v1.0.2 (#343) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- docker/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/requirements.txt b/docker/requirements.txt index 4d57a1c2..98b5904b 100644 --- a/docker/requirements.txt +++ b/docker/requirements.txt @@ -9,7 +9,7 @@ semgrep==1.149.0 # https://github.com/returntocorp/semgrep # CryptoLyzer # ---------------------------------------------------------------- -CryptoLyzer==1.0.0 # https://gitlab.com/coroner/cryptolyzer +CryptoLyzer==1.0.2 # https://gitlab.com/coroner/cryptolyzer # Importer # ---------------------------------------------------------------- From df5f73eb4fd4c4c52431d05509d073f9be6a0d42 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 19:22:27 +0000 Subject: [PATCH 3/6] chore(deps): update dependency checkov to v3.2.499 (#344) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- docker/requirements_checkov.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/requirements_checkov.txt b/docker/requirements_checkov.txt index e2bff09f..1752e3ac 100644 --- a/docker/requirements_checkov.txt +++ b/docker/requirements_checkov.txt @@ -1,3 +1,3 @@ # Checkov # ---------------------------------------------------------------- -checkov==3.2.495 # https://github.com/bridgecrewio/checkov +checkov==3.2.499 # https://github.com/bridgecrewio/checkov From 39d487ef04da1f5eb09fd2f895e00e7ba46f5965 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 19:22:47 +0000 Subject: [PATCH 4/6] chore(deps): update golang docker tag to v1.25.6 (#345) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index c212d865..b805ef57 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -12,7 +12,7 @@ COPY docker/requirements_checkov.txt . RUN pip wheel --wheel-dir /usr/src/app/wheels_checkov -r ./requirements_checkov.txt # Go build stage for KICS -FROM golang:1.25.5-alpine AS go-build-stage +FROM golang:1.25.6-alpine AS go-build-stage ARG KICS_VERSION=2.1.17 From b139e29058333d2718b065da8d59095e381b4db4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 19:23:08 +0000 Subject: [PATCH 5/6] chore(deps): update dependency bandit to v1.9.3 (#346) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- docker/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/requirements.txt b/docker/requirements.txt index 98b5904b..598401ff 100644 --- a/docker/requirements.txt +++ b/docker/requirements.txt @@ -1,6 +1,6 @@ # Bandit # ---------------------------------------------------------------- -bandit==1.9.2 # https://github.com/PyCQA/bandit +bandit==1.9.3 # https://github.com/PyCQA/bandit bandit-sarif-formatter==1.1.1 # https://github.com/microsoft/bandit-sarif-formatter # Semgrep From d1dfb14f5783132cbe4baa5215c4ca44592c825c Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Tue, 27 Jan 2026 19:34:48 +0000 Subject: [PATCH 6/6] chore: prepare for release 2026_01 (#347) --- actions/DAST/cryptolyzer/action.yaml | 2 +- actions/DAST/drheader/action.yaml | 2 +- actions/DAST/zap/action.yaml | 2 +- actions/SAST/bandit/action.yaml | 2 +- actions/SAST/checkov/action.yaml | 2 +- actions/SAST/eslint/action.yaml | 2 +- actions/SAST/kics/action.yaml | 2 +- actions/SAST/semgrep/action.yaml | 2 +- actions/SAST/tfsec/action.yaml | 2 +- actions/SAST/trivy_config/action.yaml | 2 +- actions/SCA/grype_image/action.yaml | 2 +- actions/SCA/grype_sbom/action.yaml | 2 +- actions/SCA/trivy_filesystem/action.yaml | 2 +- actions/SCA/trivy_image/action.yaml | 2 +- actions/check_security_gate/action.yaml | 2 +- actions/importer/action.yaml | 2 +- actions/secrets/gitleaks/action.yaml | 2 +- actions/secrets/trivy_filesystem_secrets/action.yaml | 2 +- actions/secrets/trivy_image_secrets/action.yaml | 2 +- actions/upload_observations/action.yaml | 2 +- actions/upload_sbom/action.yaml | 2 +- actions/vulnerability_scanner/action.yaml | 2 +- docker/Dockerfile | 8 ++++---- templates/DAST/cryptolyzer.yml | 2 +- templates/DAST/drheader.yml | 2 +- templates/DAST/zap.yml | 2 +- templates/SAST/bandit.yml | 2 +- templates/SAST/checkov.yml | 2 +- templates/SAST/eslint.yml | 2 +- templates/SAST/kics.yml | 2 +- templates/SAST/semgrep.yml | 2 +- templates/SAST/tfsec.yml | 2 +- templates/SAST/trivy_config.yml | 2 +- templates/SCA/grype_image.yml | 2 +- templates/SCA/grype_sbom.yml | 2 +- templates/SCA/trivy_filesystem.yml | 2 +- templates/SCA/trivy_image.yml | 2 +- templates/check_security_gate.yml | 2 +- templates/importer.yml | 2 +- templates/secrets/gitleaks.yml | 2 +- templates/secrets/trivy_filesystem_secrets.yml | 2 +- templates/secrets/trivy_image_secrets.yml | 2 +- templates/upload_observations.yml | 2 +- templates/upload_sbom.yml | 2 +- templates/vulnerability_scanner.yml | 2 +- 45 files changed, 48 insertions(+), 48 deletions(-) diff --git a/actions/DAST/cryptolyzer/action.yaml b/actions/DAST/cryptolyzer/action.yaml index 6e893b4f..326b36e6 100644 --- a/actions/DAST/cryptolyzer/action.yaml +++ b/actions/DAST/cryptolyzer/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_cryptolyzer.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/DAST/drheader/action.yaml b/actions/DAST/drheader/action.yaml index d6bf7662..37dbd280 100644 --- a/actions/DAST/drheader/action.yaml +++ b/actions/DAST/drheader/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_drheader.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/DAST/zap/action.yaml b/actions/DAST/zap/action.yaml index 4c62ac09..67af0a69 100644 --- a/actions/DAST/zap/action.yaml +++ b/actions/DAST/zap/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners-zap:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners-zap:2026_01' entrypoint: '/entrypoints/entrypoint_zap.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/bandit/action.yaml b/actions/SAST/bandit/action.yaml index 996fca9d..97d71c29 100644 --- a/actions/SAST/bandit/action.yaml +++ b/actions/SAST/bandit/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_bandit.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/checkov/action.yaml b/actions/SAST/checkov/action.yaml index b85a79bf..05c6586d 100644 --- a/actions/SAST/checkov/action.yaml +++ b/actions/SAST/checkov/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_checkov.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/eslint/action.yaml b/actions/SAST/eslint/action.yaml index a23369ff..d4346840 100644 --- a/actions/SAST/eslint/action.yaml +++ b/actions/SAST/eslint/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_eslint.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/kics/action.yaml b/actions/SAST/kics/action.yaml index 91dd303a..a972326c 100644 --- a/actions/SAST/kics/action.yaml +++ b/actions/SAST/kics/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_kics.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/semgrep/action.yaml b/actions/SAST/semgrep/action.yaml index 276db19b..ccbd5b02 100644 --- a/actions/SAST/semgrep/action.yaml +++ b/actions/SAST/semgrep/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_semgrep.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/tfsec/action.yaml b/actions/SAST/tfsec/action.yaml index 883af265..f7dbea1b 100644 --- a/actions/SAST/tfsec/action.yaml +++ b/actions/SAST/tfsec/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_tfsec.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/trivy_config/action.yaml b/actions/SAST/trivy_config/action.yaml index aa950c6e..839ef956 100644 --- a/actions/SAST/trivy_config/action.yaml +++ b/actions/SAST/trivy_config/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_trivy_config.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/grype_image/action.yaml b/actions/SCA/grype_image/action.yaml index daab94dd..903d6435 100644 --- a/actions/SCA/grype_image/action.yaml +++ b/actions/SCA/grype_image/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_grype_image.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/grype_sbom/action.yaml b/actions/SCA/grype_sbom/action.yaml index 6c369dfd..ef8ae6e1 100644 --- a/actions/SCA/grype_sbom/action.yaml +++ b/actions/SCA/grype_sbom/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_grype_sbom.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/trivy_filesystem/action.yaml b/actions/SCA/trivy_filesystem/action.yaml index 07ff8c93..67b5e7aa 100644 --- a/actions/SCA/trivy_filesystem/action.yaml +++ b/actions/SCA/trivy_filesystem/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_trivy_filesystem.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/trivy_image/action.yaml b/actions/SCA/trivy_image/action.yaml index 22d828cc..84aef84a 100644 --- a/actions/SCA/trivy_image/action.yaml +++ b/actions/SCA/trivy_image/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_trivy_image.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/check_security_gate/action.yaml b/actions/check_security_gate/action.yaml index 0efe493c..6759eb58 100644 --- a/actions/check_security_gate/action.yaml +++ b/actions/check_security_gate/action.yaml @@ -15,7 +15,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: 'check_security_gate.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/importer/action.yaml b/actions/importer/action.yaml index f2c7a2a1..cb26b9dc 100644 --- a/actions/importer/action.yaml +++ b/actions/importer/action.yaml @@ -41,7 +41,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: 'file_upload_observations.sh' env: SO_UPLOAD: ${{ inputs.so_upload }} diff --git a/actions/secrets/gitleaks/action.yaml b/actions/secrets/gitleaks/action.yaml index 3a7ebdbd..95b00480 100644 --- a/actions/secrets/gitleaks/action.yaml +++ b/actions/secrets/gitleaks/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_gitleaks.sh' env: REPORT_NAME: ${{ inputs.report_name }} diff --git a/actions/secrets/trivy_filesystem_secrets/action.yaml b/actions/secrets/trivy_filesystem_secrets/action.yaml index b030ec34..cd20b42e 100644 --- a/actions/secrets/trivy_filesystem_secrets/action.yaml +++ b/actions/secrets/trivy_filesystem_secrets/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_trivy_filesystem_secrets.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/secrets/trivy_image_secrets/action.yaml b/actions/secrets/trivy_image_secrets/action.yaml index 2464817e..3653f6af 100644 --- a/actions/secrets/trivy_image_secrets/action.yaml +++ b/actions/secrets/trivy_image_secrets/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_trivy_image_secrets.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/upload_observations/action.yaml b/actions/upload_observations/action.yaml index 68920ceb..e54015e2 100644 --- a/actions/upload_observations/action.yaml +++ b/actions/upload_observations/action.yaml @@ -30,7 +30,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: 'file_upload_observations.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/upload_sbom/action.yaml b/actions/upload_sbom/action.yaml index 1f0d9d7a..7bd6b75a 100644 --- a/actions/upload_sbom/action.yaml +++ b/actions/upload_sbom/action.yaml @@ -24,7 +24,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: 'file_upload_observations.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/vulnerability_scanner/action.yaml b/actions/vulnerability_scanner/action.yaml index 239a78b5..193cb75b 100644 --- a/actions/vulnerability_scanner/action.yaml +++ b/actions/vulnerability_scanner/action.yaml @@ -12,7 +12,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2026_01' entrypoint: '/entrypoints/entrypoint_vulnerability_scanner.sh' env: SO_CONFIGURATION: ${{ inputs.so_configuration }} diff --git a/docker/Dockerfile b/docker/Dockerfile index b805ef57..1198de62 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -14,7 +14,7 @@ RUN pip wheel --wheel-dir /usr/src/app/wheels_checkov -r ./requirements_checkov. # Go build stage for KICS FROM golang:1.25.6-alpine AS go-build-stage -ARG KICS_VERSION=2.1.17 +ARG KICS_VERSION=2.1.19 # Install kics from GitHub WORKDIR /usr/local/kics @@ -27,9 +27,9 @@ RUN wget --no-verbose https://github.com/Checkmarx/kics/archive/refs/tags/v${KIC FROM python:3.13-alpine AS python-run-stage ARG GITLEAKS_VERSION=8.30.0 -ARG GRYPE_VERSION=0.104.2 -ARG KICS_VERSION=2.1.17 -ARG TRIVY_VERSION=0.68.1 +ARG GRYPE_VERSION=0.106.0 +ARG KICS_VERSION=2.1.19 +ARG TRIVY_VERSION=0.68.2 ARG TFSEC_VERSION=1.28.14 ARG CREATED diff --git a/templates/DAST/cryptolyzer.yml b/templates/DAST/cryptolyzer.yml index 1b0c794f..2b55c83d 100644 --- a/templates/DAST/cryptolyzer.yml +++ b/templates/DAST/cryptolyzer.yml @@ -1,6 +1,6 @@ .cryptolyzer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/DAST/drheader.yml b/templates/DAST/drheader.yml index bd85cb0d..82fdad67 100644 --- a/templates/DAST/drheader.yml +++ b/templates/DAST/drheader.yml @@ -1,6 +1,6 @@ .drheader: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/DAST/zap.yml b/templates/DAST/zap.yml index 322b2d3b..805d1281 100644 --- a/templates/DAST/zap.yml +++ b/templates/DAST/zap.yml @@ -1,6 +1,6 @@ .zap: image: - name: ghcr.io/secobserve/secobserve-scanners-zap:2025_12 + name: ghcr.io/secobserve/secobserve-scanners-zap:2026_01 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/SAST/bandit.yml b/templates/SAST/bandit.yml index 638c50c4..29d87f60 100644 --- a/templates/SAST/bandit.yml +++ b/templates/SAST/bandit.yml @@ -1,6 +1,6 @@ .bandit: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/checkov.yml b/templates/SAST/checkov.yml index ed932e68..cf98a21f 100644 --- a/templates/SAST/checkov.yml +++ b/templates/SAST/checkov.yml @@ -1,6 +1,6 @@ .checkov: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/eslint.yml b/templates/SAST/eslint.yml index f9ae5661..75afadf0 100644 --- a/templates/SAST/eslint.yml +++ b/templates/SAST/eslint.yml @@ -1,6 +1,6 @@ .eslint: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/kics.yml b/templates/SAST/kics.yml index 296132c9..0a39a87b 100644 --- a/templates/SAST/kics.yml +++ b/templates/SAST/kics.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/semgrep.yml b/templates/SAST/semgrep.yml index bbd949b7..5c8cecf6 100644 --- a/templates/SAST/semgrep.yml +++ b/templates/SAST/semgrep.yml @@ -1,6 +1,6 @@ .semgrep: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/tfsec.yml b/templates/SAST/tfsec.yml index d93f5dc0..3c5740b2 100644 --- a/templates/SAST/tfsec.yml +++ b/templates/SAST/tfsec.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/trivy_config.yml b/templates/SAST/trivy_config.yml index 853b9ebf..630623e4 100644 --- a/templates/SAST/trivy_config.yml +++ b/templates/SAST/trivy_config.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/grype_image.yml b/templates/SCA/grype_image.yml index afb7e9ba..1f44e617 100644 --- a/templates/SCA/grype_image.yml +++ b/templates/SCA/grype_image.yml @@ -1,6 +1,6 @@ .grype_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: GIT_STRATEGY: none diff --git a/templates/SCA/grype_sbom.yml b/templates/SCA/grype_sbom.yml index cb22b07a..b9e418a7 100644 --- a/templates/SCA/grype_sbom.yml +++ b/templates/SCA/grype_sbom.yml @@ -1,6 +1,6 @@ .grype_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/trivy_filesystem.yml b/templates/SCA/trivy_filesystem.yml index 333832b1..390c76a3 100644 --- a/templates/SCA/trivy_filesystem.yml +++ b/templates/SCA/trivy_filesystem.yml @@ -1,6 +1,6 @@ .trivy_filesystem: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/trivy_image.yml b/templates/SCA/trivy_image.yml index 8fa7f402..aef9232b 100644 --- a/templates/SCA/trivy_image.yml +++ b/templates/SCA/trivy_image.yml @@ -1,6 +1,6 @@ .trivy_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: GIT_STRATEGY: none diff --git a/templates/check_security_gate.yml b/templates/check_security_gate.yml index ce2cc85a..593b9e96 100644 --- a/templates/check_security_gate.yml +++ b/templates/check_security_gate.yml @@ -1,6 +1,6 @@ .check_security_gate: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: post_test variables: GIT_STRATEGY: none diff --git a/templates/importer.yml b/templates/importer.yml index c23161e9..dc53eca4 100644 --- a/templates/importer.yml +++ b/templates/importer.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/secrets/gitleaks.yml b/templates/secrets/gitleaks.yml index ffff49ec..d811990e 100644 --- a/templates/secrets/gitleaks.yml +++ b/templates/secrets/gitleaks.yml @@ -1,6 +1,6 @@ .gitleaks: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/secrets/trivy_filesystem_secrets.yml b/templates/secrets/trivy_filesystem_secrets.yml index 921e1f7d..b148254f 100644 --- a/templates/secrets/trivy_filesystem_secrets.yml +++ b/templates/secrets/trivy_filesystem_secrets.yml @@ -1,6 +1,6 @@ .trivy_filesystem_secrets: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/secrets/trivy_image_secrets.yml b/templates/secrets/trivy_image_secrets.yml index ba5d111f..c39b1320 100644 --- a/templates/secrets/trivy_image_secrets.yml +++ b/templates/secrets/trivy_image_secrets.yml @@ -1,6 +1,6 @@ .trivy_image_secrets: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: test variables: GIT_STRATEGY: none diff --git a/templates/upload_observations.yml b/templates/upload_observations.yml index 9b3e3e16..53304895 100644 --- a/templates/upload_observations.yml +++ b/templates/upload_observations.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/upload_sbom.yml b/templates/upload_sbom.yml index a5ff38b2..25ca33a7 100644 --- a/templates/upload_sbom.yml +++ b/templates/upload_sbom.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/vulnerability_scanner.yml b/templates/vulnerability_scanner.yml index 81705924..72cf7749 100644 --- a/templates/vulnerability_scanner.yml +++ b/templates/vulnerability_scanner.yml @@ -1,6 +1,6 @@ .vulnerability_scanner: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_12 + name: ghcr.io/secobserve/secobserve-scanners:2026_01 script: - /entrypoints/entrypoint_vulnerability_scanner.sh interruptible: true