Skip to main content

November 2024

This release brings major enhancements, including new integrations with ServiceNow, offering seamless ticketing capabilities to streamline incident tracking and resolution, and Confluence Data Center, enabling real-time secret scanning and honeytoken detection to safeguard your documentation and collaboration tools. Explore these updates and more below.

As always, we encourage you to update to the latest version to take full advantage of these enhancements. Detailed instructions for the update process are available in our documentation.

MinimumRecommended
KOTS Version1.117.3 ⚠️latest
Kubernetes Version1.251.30
PostgreSQL Version1316
Redis Version67

📋 Check out the Helm values file changes from the previous version.

2024.11.0

calendar icon   Release Date: November 18, 2024

secrets icon   Secrets Detection

  • Secrets detection engine upgrade to version 2.125.0: Expanded the range of detectable secrets with new detectors and improved the accuracy of existing ones.

    • New detectors:

      • BitBucket App Password: Identifies passwords used to authenticate BitBucket applications, ensuring security. Learn more
      • Cloudflare Tunnel Credentials: Detects credentials for Cloudflare Tunnels to prevent unauthorized access. Learn more
      • InfluxDB Token: Recognizes tokens for InfluxDB, protecting sensitive database access. Learn more
      • InfluxDB Token with Host: Detects InfluxDB tokens combined with host information, providing an additional layer of security. Learn more
      • Rails Master Key Assignment: Identifies Rails master key assignments to secure critical application keys. Learn more

    • Updated detectors:

      • Generic CLI Option Secret: Improved to better identify secrets passed as CLI options, increasing reliability. Learn more
      • MongoDB CLI Credentials: Enhanced to detect MongoDB credentials used via the command line with greater accuracy. Learn more
      • MySQL CLI Credentials: Improved to identify MySQL CLI credentials, strengthening database security. Learn more
      • PostgreSQL CLI Credentials: Updated to better detect PostgreSQL credentials supplied via the CLI. Learn more
      • Redis CLI Password: Enhanced to identify Redis server passwords passed through the command line. Learn more

  • Confluence Data Center integration: Confluence Data Center integration is now supported for real-time secret detection and honeytoken detection. For more details, refer to the documentation here.

    Confluence Integration

platform icon   Platform

  • ServiceNow integration: This new issue tracking integration allows to create ServiceNow issues from GitGuardian incidents. The feature includes the following:

    • possibility to create a ServiceNow issue directly from a GitGuardian incident;
    • possibility to automate the creation of a ServiceNow issue for any new GitGuardian incident;
    • auto-resolve setting to mark the incident as resolved in your dashboard when the issue is closed in ServiceNow.

    Follow our documentation to configure the integration.

    ServiceNow Integration

  • Check runs: GitHub's custom properties can now be leveraged to override the GitGuardian global configuration of check runs. This allows customization at both the repository and organization levels. For more details, please refer to our dedicated documentation.

  • Historical Scan: New "Bulk Historical Scans Management" page for easy tracking, filtering, and detailed insights on all scans.

  • Members: You now have the option to deactivate a member instead of deleting them. For more details, refer to our documentation.

  • API:

    • A new endpoint has been introduced to programmatically update a source's attributes, its monitoring status and business criticality. This endpoint is accessible only when the API key used has the new sources:write scope.
    • A new parameter, send_email: true|false, is now available on endpoints that trigger an email notification, such as when an invitation is created. This allows you to determine whether an email should be sent when using these endpoints. By default, if the parameter is not specified, the email will be sent.
self-hosted icon   Self-Hosted

  • Health Check: Distribute health checks over time rather than executing them simultaneously. This reduces system load, avoids bottlenecks, and enhances monitoring accuracy.

    ⚠️ The settings.healthCheck.periodicInterval in the Helm chart is now deprecated and replaced by spread_periodic_range_minutes in the admin area.

  • Applicative Metrics: If you are using Prometheus to export GitGuardian metrics or to leverage our autoscaling capabilities, and your installation type is KOTS, ensure that you update the Kubernetes Application RBAC by adding the patch permission to the servicemonitors resource.

Fixes icon   Fixes
  • Incidents: Notify team leaders only when a valid secret is intentionally ignored.
  • Perimeter: Fixed inaccurate historical scanning statistics displayed on the side panel of the perimeter page.
  • Historical Scans:
    • Fixed UI count on the perimeter page so that "sources successful" now shows the total count of monitored sources, regardless of failed or unscanned sources.
    • Standardized the date format for start and end dates in the status tooltip.
    • Corrected the repo size display in the status tooltip.
  • API: Resolved an issue where an error was raised if the IP address could not be found, even when the IP allowlist setting was disabled. This occurred in an on-premises instance, causing the PAT endpoint of the public API to become non-functional.
  • Proxy: Support HTTP proxy when customCA is used for the Replicated SDK used for license management and telemetry collection. Nothing to do if you are using KOTS, if you are using helm, set isAirgap to false and configure your HTTP proxy following the example.
security icon   Security fixes

2024.11.1

calendar icon   Release Date: November 20, 2024

Fixes icon   Fixes

  • Historical Scan: Resolved an issue where historical scans failed due to the repository size being represented as a float instead of an integer.
  • Licence: Resolved an issue with the Replicated license (impact limited to GitGuardian internal operations).

2024.11.2

calendar icon   Release Date: November 28, 2024

Fixes icon   Fixes

  • Performance: Fixed an issue to retrieve the memberships, which sometimes lead to "504 Gateway Time-out" errors.
  • Tasks Management: Fixed an issue in Celery where database connection errors were not properly handled, leading to errors while handling tasks in rare cases.

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status