October 2024
This release introduces significant enhancements, including a Visual Studio Code extension that empowers you to "shift left" even further. Learn more about this and other updates below.
As always, we encourage you to update to the latest version to take full advantage of these enhancements. Detailed instructions for the update process are available in our documentation.
| Minimum | Recommended | |
|---|---|---|
| KOTS Version | 1.117.3 ⚠️ | latest |
| Kubernetes Version | 1.25 | 1.30 |
| PostgreSQL Version | 13 | 16 |
| Redis Version | 6 | 7 |
📋 Check out the Helm values file changes from the previous version.
Important: This is a required release and cannot be skipped.
2024.10.0
Release Date: October 21, 2024
Secrets Detection
- Secrets detection engine upgrade to version 2.122.1: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.
- New detectors:
- Atlassian Access Token: Detects tokens used for secure access to Atlassian services. Learn more
- Bitbucket Access Token: Identifies Bitbucket access tokens used for API interactions and repository access. Learn more
- Mistral AI API Key: Detects API keys for Mistral AI, ensuring secure access to Mistral services. Learn more
- Modified detector:
- Base64 Generic High Entropy Secret: Enhanced to detect high-entropy Base64-encoded secrets, increasing security coverage. Learn more
- New detectors:
- VSCode extension: We are excited to announce the release of GitGuardian CLI (ggshield) as a VS Code extension! Files are now automatically scanned upon saving, with detected secrets highlighted in your code and listed as warnings. Additionally, custom remediation messages are provided within your IDE to guide you in resolving any issues efficiently. Download from the marketplace
Platform
- Filepath exclusion: File path exclusions are now applicable to one or more repositories. By targeting file path exclusions to specific repositories, users can significantly reduce the number of irrelevant incidents, enabling more accurate incident management. Learn more.
- Saved views: Saved views can now be created in the Honeytoken module.
Self-Hosted
- Certificate-based authentication: Introduced support for multi-authentication alongside certificate-based authentication and Certificate Revocation List (CRL). For more details, see the documentation here.
- New Embedded Cluster Install (Early Access): Installation is now 4x faster, improving the proof-of-concept experience. Simplified management of Kubernetes, KOTS, and app updates streamlines maintenance. More information in the Embedded cluster V2 page.
- Cluster Management:
- ⚠️ Before upgrading GitGuardian, you must upgrade to KOTS version 1.117.3 or later for optimal performance and compatibility.
- Removed resources limits for Postgres and Redis on the Embedded cluster installation.
- Added two new worker types
long-ods(Productivity tools such as Slack, Jira Cloud, Confluence, ...) andlong-ods-io(long tasks specialized in Input/Output).
- Historical Scan: Added
minutes_between_scans_per_sourcein the preference table. - Teams: Added
max_teamsin the preference table.
Fixes
- Personal access token: Resolved a bug to ensure the lifetime of a newly generated personal access token is strictly less than the maximum permissible duration.
- Validity check: Fixed GitLab checker wrongly marking some secrets as valid by improving token validation (impacting custom host validity checks).
Security fixes
- CVE: Updated packages to resolve CVE-2024-34158, CVE-2024-34156 with high severity.
2024.10.1
Release Date: October 25, 2024
Fixes
- Secrets detection engine: Resolved an issue where GitLab keys for disabled accounts were incorrectly flagged as valid.
2024.10.2 - Required
Release Date: October 31, 2024
Fixes
- Cluster Management: Added an option to disable server side Postgres cursors (for better PGBouncer compatibility).
