Versions
#
2023.9.0Release date | September 21, 2023 |
---|---|
KOTS version validated | v1.102 |
Kubernetes minimal version | 1.24 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Secret detection engine: upgrade to version 2.96 with the addition of four new detectors:
- Databricks Authentication Token With Hostname,
- Hashicorp Vault Token,
- Generic Terraform Variable Secret,
- CARTO API Access Token,
and the improvement of 2 detectors: - Generic Password,
- Base64 Basic Authentication.
- Custom detectors: self-hosted users can now extend GitGuardian's secrets detection engine to support secrets specific to their organization.
- Incident details: the public sharing is now a workspace setting.
#
Bug fixes- Incidents: fixed the sorting of incidents by severity when some severities are automatically set.
- Incidents: fixed wrong occurrence count on incident page.
- Incidents: the tooltip displaying the sources is now displayed correctly.
- Custom webhook: fixed duplicate notifications being sent when setting incident severity using a bulk action.
- API: fixed invalid link in personal access token expiration email notification.
- Custom detectors: update the message when a custom detector request cannot be edited due to its current status.
- Incident details: fixed a bug causing the absence of an expiration date on public share links generated by the Auto-healing playbook.
- Health check: prevent UI from crashing on unknown Health check error code.
- API: fix timeout issues on the
/occurrences/secrets
endpoint when using a date filter. - SSO: fix conflict happening when signing up via SSO while having a pending invitation.
#
2023.8.0Release date | August 22, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Incidents: addition of the
Default branch
tag to secret incidents that occurred on the default git branch of a repository. - Incident details: filters have been added to the occurrences table.
- Incident details: the public sharing toggle has been moved to the "Grant access" modal, which has been renamed to the "Share" modal. For a more detailed explanation, please refer to our collaboration and sharing documentation.
- Integrations: modification of the Integrations and Settings/Integrations pages.
- Secret detection engine: upgrade to version 2.94 with the addition of four new detectors:
- Azure Active Directory API Keys,
- Docusign API Key,
- Pinecone API Key,
- Pinecone API Key and environment
and the improvement of two detectors: - Generic Password,
- Coveralls Personal Token.
- Cluster management: port for applicative metrics exposure changed from 8082 to 9808.
#
Bug fixes- API: fix an error preventing the creation of an invitation when the role was not specified.
- Personal access tokens: personal access tokens can now be searched by name, and ordering by name now works correctly.
#
Deprecation- Custom webhook v1: the feature has been replaced by the event-based custom webhooks. More information in the documentation here.
#
2023.7.1Release date | July 17, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Bug fixes- Custom webhook: fix notifications for when a bulk action is performed. Previously, only one notification would be sent for the first incident affected by the bulk action. However, now notifications are sent for each incident that is modified by the bulk action.
#
2023.7.0 - RequiredRelease date | July 17, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Automated severity scoring: managers and workspace owners can now activate the automated severity scoring feature for Self-Hosted environments in order to automatically score incidents with a severity.
- Custom severity rules: the severity ruleset used by the automated severity scoring is now customizable to maximize the coverage of automatically scored incidents.
- Incident details: feedback about the incident can now be submitted in a standardized way through a form that is available on the incident's page.
Refer to this page for more information on how to use this form effectively and involve your developer population during the remediation process. - Incidents: addition of new filter to select the incidents that are publicly shared.
- Teams: team owners with the Member role can now invite brand new users to the workspace when adding teammates to their team. This feature can be deactivated.
For more details, please refer to this page. - Grant access: users with Full access incident permissions can now invite brand new users to the workspace when granting access to an incident.
For more details, please refer to this page. - Secret detection engine: upgrade to version 2.93 with the addition of four new detectors:
- API: managers can now enforce a maximum lifetime for personal access tokens generated on their workspace.
#
Bug fixes- Emails: button URLs are now hardcoded to prevent a bad user experience when the button is not visible due to HTML-escaping by email providers.
- PagerDuty Integration: title update in PagerDuty incidents to eliminate confusion regarding the number of occurrences.
- Cluster management: fix an issue on proxy configuration that was not correctly propagated for some integrations, causing network requests time out.
#
2023.6.0Release date | June 12, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Cluster management: you can now install GitGuardian Self-Hosted using Helm Charts. This feature is currently in Beta. More information is available in the installation documentation.
- Cluster management: allow self-hosted instances to use a specific Redis instance for the commit cache. More information is available in our documentation
#
Bug fixes- Authentication: fix broken email confirmation link when registering with email and password.
#
2023.05.1Release date | May 29, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Bug fixes- Cluster management: fix an issue on Redis Sentinel that failed to start, blocking GitGuardian's launch.
#
2023.05.0Release date | May 15, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- API: secret detectors are now exposed in the API.
- Incidents: filepaths can now be searched in the free text search of the secret incidents table.
- Secret detection engine: upgrade to version 2.89 with the addition of seven new detectors:
#
Bug fixes- Custom severity rule: fix wrong timeline when setting a manual severity to an incident having only an automatic severity.
- Grant access: copy-pasting now works correctly.
- Incidents: performance for loading secret incidents has been improved for workspaces with a large number of incidents.
- Loader: fix loader size in incident and Perimeter pages.
- API: comment field is now required on incident note creation endpoint.
#
2023.04.0Release date | April 17, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Custom remediation workflow: remediation workflow is now 100% customizable thanks to the deletion of the last static step.
- Secrets detection engine: upgrade to version 2.87 with the addition of a new detector (Keycloak API Keys).
- API: new endpoints are added for API tokens management (personal access tokens and service accounts).
- API: new fields
resolver_id
andignorer_id
are available in the secret incident payload.
#
Bug fixes- Members: fix invitation link for new members.
- Jira integration: Jira ticket creation CTAs are hidden for workspaces without a single Jira site installed.
- Jira integration: fix permission issues by disabling the configure button for users without a Manager role and allowing users with the Restricted role and Can edit permissions to create a Jira ticket.
- Detectors list: when the validity checks are disabled, the detectors are sorted by status.
- Notifications: fix empty emails being sent after an occurrence was found during real time scan.
- Personal access tokens:
Restricted
users now only see the scan scope in the personal access token form. - Cluster management: fix password issue that was blocking application initialization during GitGuardian installation.
#
2023.03.1Release date | March 27, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Bug fixes- Cluster management: suppression of preflight checks that were failing for new installation with embedded air-gapped configuration with PostgreSQL 13.
#
2023.03.0 - RequiredRelease date | March 13, 2023 |
---|---|
KOTS version validated | v1.94 |
Kubernetes minimal version | 1.23 |
PostgreSQL supported version | 13 |
Redis supported version | 6 |
#
Features & improvements- Azure Repos: addition of a loader and notifications when an organization is being installed.
- API: add filters to multiple endpoints.
- Cluster management: Embedded clusters now use PostgreSQL 13. Refer to this procedure to migrate from on older version of PostgreSQL.
- Cluster management: self-hosted GitGuardian environments are now supporting Redis version 6 and Kubernetes version 1.23.
#
Bug fixes- ggshield:
ggshield auth login
flow now expires after 5 minutes. - Incidents: performances when filtering incidents on a detector are improved.
- VCS integrations: fix broken links to documentation.
- GitHub: fix the integration of a GitHub installation with a large number of repositories
- GitHub: fix check-runs running forever by enforcing a timeout.
#
2023.02.1 - RequiredRelease date | February 24, 2023 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.21 |
PostgreSQL supported version | 13 |
Redis supported version | 5 |
#
Bug fixes- Cluster management: self-hosted GitGuardian can now be deployed on OpenShift with default security settings.
- Cluster management: self-hosted GitGuardian is now compatible with Redis Sentinel.
- Historical scans: corrections on scans that can be automatically launched.
- Custom Certificates for Cluster Management: correction of regression on custom Certificates Authorities.
#
2023.02.0Release date | February 13, 2023 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.21 |
PostgreSQL supported version | 13 |
Redis supported version | 5 |
#
Features & improvements- Azure Repos: the native integration is now available. You can scan your Azure Repos repositories for secret detection and policy breaks.
- API: specify missing scopes in error message when the API token being used doesn't include the appropriate scopes.
- Custom remediation workflow: remediation workflow can now be customized in the settings.
#
Bug fixes- Health Check: on self-hosted environments, pods are no longer crashing because of integrations' health checks.
#
2023.01.1Release date | January 25, 2023 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.21 |
PostgreSQL supported version | 13 |
Redis supported version | 5 |
#
Bug fixes- Cluster management: Self-hosted GitGuardian containers are now running with non-root security context.
#
2023.01.0Release date | January 16, 2023 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.21 |
PostgreSQL supported version | 13 |
Redis supported version | 5 |
#
Features & improvements- Teams: addition of a description field for your teams.
- Teams: the "all-incidents" team is now visible in the Members table.
- Perimeter: improve the display of the historical scan's last status information.
- Playbooks: new Auto-resolution playbook to automatically close incidents that have once been valid and that become invalid.
- Secret incident: prevent valid secrets from being "marked as revoked".
- Cluster management: Self-hosted GitGuardian environments are now supporting PostgreSQL version 13. Support for PG version 12 is deprecated as of this release.
#
Bug fixes- SSO: Fix the "sign in" redirection for SSO connection.
#
2022.12.1Release date | December 20, 2022 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.19 |
PostgreSQL supported version | 12 |
Redis supported version | 5 |
#
Bug fixes- Incident detail: fix misplaced secret in the commit patch when detected by a historical scan and in real-time. Please contact the Support team if you have occurrences impacted in your environment.
#
2022.12.0Release date | December 12, 2022 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.19 |
PostgreSQL supported version | 12 |
Redis supported version | 5 |
#
Features & improvements- Historical scan: increase the maximum size of the historical scan from 1 GB to 12 GB.
- Historical scan: new email template for historical scan report.
- API: expose
external_id
representing the VCS id of asource
in API source payload.
#
Bug fixes- GitLab integration: handle timeout errors when setting up a new instance.
- Playbooks: fix incorrect default permission
can view
applied with auto-access playbook instead of correctcan edit
. - Filepath exclusions: ignore hidden occurrences in the auto-access playbook and notifications.
- Custom webhooks: fix incorrect event names.
- Historical scan: reduce errors during scans of large repositories and optimize memory usage on large patch sizes.
- Members: fix the sorting when navigating through pages.
#
2022.11.3Release date | November 30, 2022 |
---|---|
KOTS version validated | v1.90 |
Kubernetes minimal version | 1.19 |
PostgreSQL supported version | 12 |
Redis supported version | 5 |
#
Features & improvements- Cluster Management: integrate memory limits for Kubernetes pods. You can configure them on the Admin Console's configuration page.
#
Bug fixes- RBAC: prevent users from receiving email notifications for already existing incidents.
#
2022.11.2 - Required- Released on November 21, 2022.
- Validated for KOTS v1.90.
- Kubernetes minimal version: 1.19.
#
Features & improvements- Teams: introducing team management within a workspace and granular
incident permissions (
can view
,can edit
,full access
). You can activate the feature on the Admin Area's preference page. - Custom webhooks: update the
action
field with more user-friendly messages. - Perimeter page: update the information displayed in the Protection section.
- Analytics: add all ggshield modes to the Analytics section.
- Custom Certificates for Cluster Management: integrate custom Certificates Authorities for integrations. This feature was in beta and is now stabilized. More information is available in the dedicated documentation.
- API: add the API URL to the dashboard, in the section API >> Quota. The URL is also updated in the API documentation of those environments.
#
Bug fixes- Check runs: When deactivating a check run, finish the processing if it was already in progress.
- Check runs: Check runs are functional for forked repositories.
- Custom webhooks: Remove
matches
from webhooks' new occurrence. - GitHub: fix display latency observed for big GitHub organizations.
#
2022.10.1- Released on October 26, 2022.
- Validated for KOTS v1.88.
- Kubernetes minimal version: 1.19.
#
Bug fixes- Bitbucket Integration: when you create a branch on a monitored repository, the event now triggers a scan of the branch commits only, and not of the whole repository.
#
2022.10.0- Released on October 10, 2022.
- Validated for KOTS v1.86.1.
- Kubernetes minimal version: 1.19.
#
Features & improvements- Members: Notification is sent to users who are removed from a Workspace.
#
Bug fixes- Check Runs: check runs are functional again for forked repositories.
- Incidents: provide a more user-friendly error message when a bulk action can't be applied to the selected incidents.
#
2022.09.1- Released on September 21, 2022.
- Validated for KOTS v1.85.
- Kubernetes minimal version: 1.19.
#
Bug fixes- API: fix a broken link on the Settings page.
- Redis: we fixed a bug where the database memory could get filled.
#
2022.09.0- Released on September 5, 2022.
- Validated for KOTS v1.82.
- Kubernetes minimal version: 1.19.
#
Features & improvements- API: enrich the Members section with retrieve and delete endpoints.
- API: handle invitations on grant/revoke access endpoints.
- API: add a filter by role and a search on name and email for the
/members
endpoint. - API: add filters to the audit log list endpoint.
- Cluster Management: add a parameter to customize pods' CPU limits. More information is available in the dedicated documentation.
- Incidents: include the unaffected count for bulk actions.
#
Bug fixes- API: respect the validity checks setting ON/OFF.
- Custom webhooks: fix the webhook event-based signature.
- GitHub: don't display the "scan integrated repositories" modal if the auto scan is on.
- GitLab integration: keep unmonitored projects unmonitored.
- Incident details: searching GitHub pull requests associated with an issue can be performed on a specific #ID and repository name.
- Incident: secrets with validity status "failed to check" are no longer checked automatically after they have been marked as resolved.
- Incident: the button to manually check the presence in git history remains when the incident is closed.
- Incidents: fix the severity badge 'info' icon.
#
2022.08.0 - Required- Released on August 8, 2022.
- Validated for KOTS v1.78.
- Kubernetes minimal version: 1.19.
#
Features & improvements- API: the
/occurrences
endpoint can be filtered byauthor_name
andauthor_info
. - API: add an endpoint to fetch the audit logs. The API key needs to have
the new
audit_logs:read
scope to query the endpoint. - API: tags are exposed in the incidents endpoint.
- CSV: tags are exposed in the CSV report of secret incidents.
- Health Check: it checks if the GitHub integration has been suspended.
- Perimeter: the repository name is now a link to the incidents list filtered on this repository. The link to the VCS is also available as a popup icon.
- Applicative Metrics: metrics have been added: scanned commit, API quota, API usage and API tokens.
#
Bug fixes- Detectors: activating and deactivating detectors is now forbidden for Members.
- Perimeter: fix a bug preventing Members from launching historical scans.
#
Deprecation- API: deprecated
issue_id
in favor ofincident_id
on incident note management endpoints.
#
2022.07.0- Released on July 11, 2022.
- Validated for KOTS v1.75.
- Kubernetes minimal version: 1.19.
#
Features & improvements- ggshield: setting up ggshield is made easy with the new
ggshield auth login
command. More information is available in the dedicated documentation. - Grant access: notify Restricted users by email when they are granted access to an incident.
- Members: notify users by email when their role is updated.
- CSV: add
status
,ignore_reason
andstatus_revoked
columns to the CSV export of secret incidents. - CSV: add
occurrence_id
column to CSV export of occurrences. - CSV: return the dates in iso format.
- Members: invitations can be resent through the dashboard.
- API: add endpoints to manage invitations. The API key needs to have the
new
members:
write
scope to query those endpoints. - API: add an endpoint to set the severity of a secret incident.
#
Bug fixes- GitLab: adding a GitLab project that had been deleted now correctly set it as monitored.
- Analytics: pre-receive mode is displayed correctly in the shift-left panel.
- Service account: fix a permission error allowing all roles to modify service accounts.
- GitHub: fix the re-run action of old check runs to show an explicit error.
#
2022.06.1- Released on July 1, 2022.
- Validated for KOTS v1.73.
- Kubernetes minimal version: 1.19.
#
Bug Fixes- BitBucket Integration: add a parameter in the Preferences section of the Admin Area to disable Admin Check during Bitbucket Installation creation.
#
2022.06.0- Released on June 20, 2022.
- Validated for KOTS v1.71.
- Kubernetes minimal version: 1.19.
#
Features & improvements- Applicative Metrics: applicative metrics are added to help you monitor your self-hosted instance. More information is available in the dedicated documentation
- API: move the Personal access tokens to the API section.
- Check runs: improve success message in GitHub UI.
- GitHub: expose the base/head branch of GitHub pull requests.
- Incident: mark the third remediation step "rewrite git history" as optional.
- Health checks: Health checks are displayed in the VCS integration settings
#
Bug fixes- GitHub: explicitly neutralize old check runs that are re-run.
- Incident: fix grant access modal broken when too many Restricted users.
#
Deprecation- ggshield: since v1.12 of ggshield,
ggshield scan
andggshield ignore
commands are deprecated, useggshield secret scan
andggshield secret ignore
instead.
#
2022.05.1 - Required- Released on June 6, 2022.
- Validated for KOTS v1.70.
- Kubernetes minimal version: 1.19.
#
Bug fixes- Bitbucket Integration: when configuring a whole instance token, GitGuardian is not returning a timeout.
#
2022.05.0- Released on May 16, 2022.
- Validated for KOTS v1.70.
- Kubernetes minimal version: 1.19.
#
Bug fixes- Grant Access: Members in Business workspaces can give access to restricted users but can’t invite new users by typing email addresses.
- Incident details: timestamp of the last presence check is updated synchronously upon manual check.
- CSV Export: disable timeouts.
- Incidents: improve performance on the incidents table.
- Detector: improve performance of table of detectors for workspaces with many incidents.
- Email: the warning banner is not displayed anymore when the email-sending system is configured.
- Health Check: the error code for an expired GitLab token has been corrected.
- PostgreSQL: configuring an external port different from the default one (5432) correctly works.
#
2022.04.2- Released on May 09, 2022.
- Validated for KOTS v1.70.
#
Bug Fixes- Upgrade: Error on Ingress component deployment.
- Postgre TLS: Fixes error on deployment while Postgres TLS "Allowed" mode is activated.
caution
This release is not compatible with Kubernetes versions 1.18 and below. Please update your Kubernetes Cluster to at least version 1.19.
#
2022.04.1- Released on April 22, 2022.
- Validated for KOTS v1.59.1.
#
Features & improvements- Health checks: We add VCS troubleshooting tools in the Admin Area. You can check the status of your integrations and gather error information on this page. More information is available in the dedicated documentation
- Personal access tokens and service accounts: We now distinguish two types of API keys: Personal Access Tokens and Service accounts. More information is available in the dedicated documentation
- GitHub check runs now handle the regression mode. If an already resolved secret incident is detected by a check run AND the regression mode is OFF, the check run won’t raise the secret.
- GitHub A comment can be posted directly to Github pull request timeline when a check run detects a secret. This can be deactivated in Settings by a Manager.
- API: We add an API endpoint to list members having access to an incident. More information is available in the dedicated documentation.
- PostgreSQL: Secrets are now encrypted in the database.
#
Bug Fixes- Incident: Restricted users are no longer able to generate incident-sharing links.
caution
This release integrates secret encryption in the database. Please be careful while updating and do not hesitate to backup completely your database before upgrading.
#
1.35- Released on March 25, 2022.
- Validated for KOTS v1.59.1.
#
Features & improvements- TLS Support for PostgreSQL: Transport Layer Security (TLS) is an encryption protocol intended to keep data secure when being transferred over a network. When installing GitGuardian Self-Hosted, users can now activate the option for PostgreSQL.
- API: Members are now exposed in API and new fields were added to the source payload.
- Incident detail: From an incident detail page, you can grant access to a selection of Restricted users.
#
1.34- Released on February 11, 2022.
- Validated for KOTS v1.59.1.
#
Features & improvements- TLS Support for Redis: Transport Layer Security (TLS) is an encryption protocol intended to keep data secure when being transferred over a network. When installing GitGuardian Self-Hosted, users can now activate the option for Redis. You can find more information about the configuration on our official documentation
#
1.33- Released on January 13, 2022.
- Validated for KOTS v1.59.1.
#
Features & improvements- API: Added secret validity information.
#
1.32- Released on December 14, 2021.
- Validated for KOTS v1.58.1.
#
Features & improvements- API: new scope
incident::share
and grant access to incidents, documented here. - Regression: added a workspace setting giving the option to control the behavior of GG when a new occurrence of an already-resolved incident is detected.
- Custom webhooks: added validity and severity to the payload.
- API: added validity to scan results.
#
1.31- Released on November 15, 2021.
- Validated for KOTS v1.56.0.
#
Features & improvements- Synchronization between ggshield and the dashboard: secrets ignored on the dashboard will also be ignored by ggshield. Detectors deactivated in the dashboard will be deactivated for ggshield too.