integrations v1.5.12 updated (#5631)

* fix(filesystem): GetExcludedPaths (#5288)

* Update README.md

* Update README.md

* fixed GetExcludePaths

* correcting log msg

* docs: preparing for release 1.5.7 (#5289)

* docs: preparing for release 1.5.7

* updated version

Co-authored-by: rafaela-soares <rafaela-soares@users.noreply.github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.4 to 1.44.5 (#5297)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.4 to 1.44.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.4...v1.44.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.5 to 1.44.6 (#5299)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.5 to 1.44.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.5...v1.44.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5300)

* update Network ACL With Unrestricted Access To RDP (#5296)

* update(query): Update category and severities according with issue 5220 (#5292)

* Queries severity and category change

* update SNS Topic is Publicly Accessible ansible

* update SNS Topic is Publicly Accessible for cF

* update SNS Topic is Publicly Accessible ansible

* update description

* change any principal check

* update CloudTrail Log Files Not Encrypted With CMK

* update yaml sample

* change yaml sample

* update line

* fix issues

* fixing e2e errors

* Add community tag to new issues by default

This change is possible as core team members mostly create PRs instead
of opening issues.

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.6 to 1.44.7 (#5306)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.6 to 1.44.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.6...v1.44.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5302)

Co-authored-by: rogeriopeixotocx <rogeriopeixotocx@users.noreply.github.com>

* feat(query): add new k8s rule to detect port-forwarding into containers (RBAC) (#5266)

* feat(query): add new k8s rule to detect account impersonation (RBAC) (#5267)

* feat(query): add new k8s rule to detect bind or escalate permissions (RBAC) (#5268)

* feat(query): add new k8s rule to detect exec permissions (RBAC) (#5286)

* update installation options and notes (#5293)

* update installation options and notes

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* fix links

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* another broken link

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* add deprecated Homebrew instructions

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* update Missing Flag From Dnf Install (#5310)

* removed results report formats list from docs (#5308)

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* ci(deps): bump docker/build-push-action from 2.10.0 to 3.0.0 (#5316)

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci(deps): bump docker/login-action from 1.14.1 to 2.0.0 (#5317)

Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.7 to 1.44.8 (#5318)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.7 to 1.44.8.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.7...v1.44.8)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update(query):  StatefulSet Without Service Name for Kubernetes (#5303)

* update check for matching labels

* update label checking method & queries description

* update keyExpectedValue

* update description

* update(query): Remote Desktop Port Open To Internet and HTTP Port Open To Internet (#5307)

* docs(kicsbot): update images digest (#5302)

Co-authored-by: rogeriopeixotocx <rogeriopeixotocx@users.noreply.github.com>

* update open port aws queries name

* add fileName

Co-authored-by: rogeriopeixotocx <rogeriopeixotocx@users.noreply.github.com>

* delete check for incorrect default (#5314)

* doc: fix syntax (#5309)

broken markdown syntax without line before list

* ci(deps): bump docker/setup-qemu-action from 1 to 2 (#5315)

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.8 to 1.44.9 (#5323)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.8 to 1.44.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.8...v1.44.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/moby/buildkit from 0.10.2 to 0.10.3 (#5324)

Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.10.2 to 0.10.3.
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](https://github.com/moby/buildkit/compare/v0.10.2...v0.10.3)

---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(query): adjusted severity rating and added searchLine in rbac_wildcard_in_rule k8s rule (#5264)

* fix(query): adjusted severity rating and added searchLine in rbac_wildcard_in_rule k8s rule

* updated severity to HIGH

* update(query): Audit Policy Not Cover Key Security Concerns for Kubernetes (#5326)

* add audit policy check

* empty commit

* update(queries): Add check for traffic direction in port queries in some providers (#5313)

* add check for inbound direction

* add check for inbound direction

* update alicloud queries to check for ingress

* change function Name

* empty commit

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.9 to 1.44.10 (#5329)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.9 to 1.44.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.9...v1.44.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.10 to 1.44.11 (#5330)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.10 to 1.44.11.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.10...v1.44.11)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/johnfercher/maroto from 0.36.1 to 0.37.0 (#5331)

Bumps [github.com/johnfercher/maroto](https://github.com/johnfercher/maroto) from 0.36.1 to 0.37.0.
- [Release notes](https://github.com/johnfercher/maroto/releases)
- [Commits](https://github.com/johnfercher/maroto/compare/v0.36.1...v0.37.0)

---
updated-dependencies:
- dependency-name: github.com/johnfercher/maroto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci(deps): bump golang from 1.18.1-alpine to 1.18.2-alpine (#5332)

Bumps golang from 1.18.1-alpine to 1.18.2-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5311)

* fix(password and secrets): improve performance (#5334)

* fix(cpu): fixed number of cpus available info (#5321)

* fix get cpu

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* change variable name

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* removed magic number

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* change function name

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* ...

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* check error

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* requested changes

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* fix(samples): k8s queries (#5322)

* docs: preparing for release 1.5.8 (#5336)

Signed-off-by: João Reigota <joao.reigota@checkmarx.com>

* ci(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#5339)

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3.1.0...v3.2.0)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump mvdan.cc/sh/v3 from 3.4.3 to 3.5.0 (#5341)

Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh) from 3.4.3 to 3.5.0.
- [Release notes](https://github.com/mvdan/sh/releases)
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mvdan/sh/compare/v3.4.3...v3.5.0)

---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5342)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.11 to 1.44.12 (#5340)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.11 to 1.44.12.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.11...v1.44.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.12 to 1.44.13 (#5345)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.12 to 1.44.13.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.12...v1.44.13)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5346)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.13 to 1.44.14 (#5350)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.13 to 1.44.14.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.13...v1.44.14)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5351)

* build(go): bump golang version to 1.18 (#5348)

Signed-off-by: João Reigota <joao.reigota@checkmarx.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.14 to 1.44.15 (#5353)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.14 to 1.44.15.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.14...v1.44.15)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5354)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.15 to 1.44.16 (#5366)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.15 to 1.44.16.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.15...v1.44.16)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5367)

* build(deps): bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.0 (#5372)

Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.5.11 to 1.6.0.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.5.11...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.16 to 1.44.17 (#5373)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.16 to 1.44.17.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.16...v1.44.17)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump helm.sh/helm/v3 from 3.8.2 to 3.9.0 (#5374)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.8.2...v3.9.0)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5375)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.17 to 1.44.18 (#5377)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.17 to 1.44.18.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.17...v1.44.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/hashicorp/go-getter from 1.6.0 to 1.6.1 (#5378)

Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5379)

* add support to .crt file (#5360)

* fix(query): Changed severity of Memcached Disabled query (#5349)

* changed severity

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* fix positve results

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* fix function (#5343)

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* fix(vulnerability builder): fixed and improved DefaultVulnerabilityBuilder (#5347)

* improved vulnerability_builder.go

* fix SAST error

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.18 to 1.44.19 (#5385)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* docs(kicsbot): update images digest (#5382)

* feat(query): added Default KMS Key Usage query for CloudFormation (#5363)

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* feat(query): CNI Plugin Does Not Support Network Policies for Kubernetes (#5370)

* + CNI Plugin Does Not Support Network Policies

* change description

* update

* feat(query): Ensure Administrative Boundaries Between Resources for Kubernetes (#5368)

* + Ensure Administrative Boundaries Between Res

* change category

* change category

* update

* update(kics): reduced the number of code files (#5325)

* fix(cpu): fix number cpus macos (#5371)

* fixed cpu number on macos

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* ...

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* ci(deps): bump goreleaser/goreleaser-action from 2.9.1 to 3.0.0 (#5390)

Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 2.9.1 to 3.0.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v2.9.1...v3.0.0)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump mvdan.cc/sh/v3 from 3.5.0 to 3.5.1 (#5391)

Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/mvdan/sh/releases)
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mvdan/sh/compare/v3.5.0...v3.5.1)

---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.2 to 2.11.5 (#5392)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.2 to 2.11.5.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.2...v2.11.5)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.19 to 1.44.20 (#5393)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.19 to 1.44.20.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.19...v1.44.20)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci(deps): bump alpine from 3.15.4 to 3.16.0 (#5394)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* fix(ci): fixed access to CIFlag (#5395)

* feat(result): added resourceType and resourceName to Kubernetes queries result (#5355)

* added resourceType and resourceName to k8s queries

* omit ResourceType and ResourceName when empty

* unknown to n/a

* feat(result): added resourceType and resourceName to Azure Resource Management queries result (#5356)

* added resourceType and resourceName to ARM queries

* correcting

* fix(query): fix/cmk rotation disabled on terraform asymmetric key creation (#5344)

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* Update assets/queries/terraform/aws/cmk_rotation_disabled/query.rego

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

* Update assets/queries/terraform/aws/cmk_rotation_disabled/query.rego

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

* Update assets/queries/terraform/aws/cmk_rotation_disabled/query.rego

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

* Update assets/queries/terraform/aws/cmk_rotation_disabled/query.rego

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

* fix support for AWS KMS in asymmetric keys - do not support automation key rotation

* Update assets/queries/terraform/aws/cmk_rotation_disabled/query.rego

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

Co-authored-by: Rafaela Soares <rafaela.soares@checkmarx.com>

* update(query): Ensure Administrative Boundaries (#5388)

* docs(kicsbot): update github-action image digest (#5359)

Co-authored-by: nunoocx <nunoocx@users.noreply.github.com>

* feat(result): added resourceType and resourceName to Google Deployment Management queries result (#5357)

* added resourceType and resourceName to GDM queries

* omit ResourceType and ResourceName when empty

* feat(result): added resourceType and resourceName to Ansible queries result  (#5362)

* added resourceType and resourceName to ANS AWS

* added resourceType and resourceName to ANS AZURE

* added resourceType and resourceName to ANS GCP

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.20 to 1.44.21 (#5397)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.20 to 1.44.21.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.20...v1.44.21)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(resolver): added openapi file resolver for json and yaml parsers (#5396)

Signed-off-by: João Reigota <joao.Reigota@checkmarx.com>

* docs(kicsbot): update images digest (#5386)

* update(resolver): implemented limit in resolver to 50 files (#5398)

Signed-off-by: João Reigota <joao.Reigota@checkmarx.com>

* fix(resolver): fixed issue with searchLine (#5399)

Signed-off-by: João Reigota <joao.Reigota@checkmarx.com>

* fix(helm): fixed helm filepath bug introduced by resolver (#5400)

Signed-off-by: João Reigota <joao.Reigota@checkmarx.com>

* docs: preparing for release 1.5.9 (#5401)

Co-authored-by: joaoReigota1 <joaoreigota1@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.21 to 1.44.22 (#5404)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.21 to 1.44.22.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.21...v1.44.22)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/hashicorp/terraform-json (#5405)

Bumps [github.com/hashicorp/terraform-json](https://github.com/hashicorp/terraform-json) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/hashicorp/terraform-json/releases)
- [Commits](https://github.com/hashicorp/terraform-json/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/terraform-json
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5406)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.22 to 1.44.23 (#5409)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.22 to 1.44.23.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.22...v1.44.23)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/spf13/viper from 1.11.0 to 1.12.0 (#5410)

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5411)

* docs(kicsbot): update images digest (#5416)

Co-authored-by: rogeriopeixotocx <rogeriopeixotocx@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.23 to 1.44.24 (#5414)

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 (#5413)

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.5 to 2.11.7 (#5420)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.5 to 2.11.7.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.5...v2.11.7)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5421)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.24 to 1.44.25 (#5425)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.24 to 1.44.25.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.24...v1.44.25)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5426)

* Update metadata.json (#5424)

* ci(deps): bump golang from 1.18.2-alpine to 1.18.3-alpine (#5430)

Bumps golang from 1.18.2-alpine to 1.18.3-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.25 to 1.44.26 (#5431)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.25 to 1.44.26.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.25...v1.44.26)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5428)

* feat(query): added "App Service Without Latest PHP Version" query for Terraform Azure  (#5358)

* query Php Version Not Latest When Running Web App for azure terraform

* changed latest php version (was not mentioned in tf docs)

* updated samples

* changed severity, category, and query name

* correcting tflint errors

Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* build(deps): bump github.com/open-policy-agent/opa from 0.40.0 to 0.41.0 (#5436)

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.40.0 to 0.41.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.40.0...v0.41.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.26 to 1.44.27 (#5437)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.26 to 1.44.27.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.26...v1.44.27)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.7 to 2.11.8 (#5439)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.7 to 2.11.8.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.7...v2.11.8)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* added -t flag on docker run command (#5434)

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* added 256 color to Dockerfile (#5427)

* update(report): improved report message (#5418)

* improved report message

* standardize

* correcting tests

* correcting e2e

* Fix(e2e): updating junit schema regex

Co-authored-by: Lucas Mendes <lucas.mendes@checkmarx.com>

* fix(analyzer): fixed Dockerfile analyzer approach (#5407)

* fixed Dockerfile analyzer approach

* correcting TestParser_SupportedExtensions

* fix Code scanning results

* improving

* update(queries): updated S3 Bucket queries for Terraform (#4872)

* updated TF S3 Bucket queries

* refactored bucket queries for pre 1.4.0

* removed unnecessary line

* added before/after version 1.4.0 comments

* added before/after version 1.4.0 comments

* 1.4.0 to 4.0

* adjusted key expected values as requested

Co-authored-by: André Felicidade <andre.felicidade@checkmarx.com>

* update(bom): updated AWS BOM S3 Bucket (#4873)

* updated TF AWS BOM S3 Bucket

* correcting positive5.tf

* added more cases to get_bucket_acl, deleted deprecated function

* added missing resource check and version comments

* corrected comments saying 1.4.0 to 4.0

Co-authored-by: André Felicidade <andre.felicidade@checkmarx.com>

* fix(inspector): fix timeout secrets inspector (#5419)

* fix timeout

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* Feat(e2e): adding e2e tests for timeout flag

* Fix(e2e): updating config validation in e2e tests

* Fix(e2e): moving testing configs to configs folder

Co-authored-by: Lucas Mendes <lucas.mendes@checkmarx.com>

* feat(filesystem): double star support to exclude folders (#5408)

* double start support

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* added test to double star

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* fix test

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* docs(kicsbot): update images digest (#5432)

* docs(kicsbot): update github-action image digest (#5440)

Co-authored-by: nunoocx <nunoocx@users.noreply.github.com>

* fixed queries (#5441)

* fix(query): s3 bucket policy accepts http requests (#5415)

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* fix support iam policy document in terraform http deny check

* Update positive3.tf

* Update negative3.tf

* Update negative2.tf

* Update negative4.tf

* Update query.rego

* Update query.rego

* feat(query): added "Role Definition Allows Custom Role Creation" query for Ansible (#5417)

* added Role Definition Allows Custom Role Creation

* correcting wrong indentation

* fixed function check_schemes of openapi lib (#5433)

* support child modules in the tfplan payload (#5422)

* docs(kicsbot): update images digest (#5442)

* build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#5443)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.27 to 1.44.28 (#5445)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.27 to 1.44.28.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.27...v1.44.28)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.8 to 2.11.9 (#5444)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.8 to 2.11.9.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.8...v2.11.9)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.28 to 1.44.29 (#5448)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.28 to 1.44.29.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.28...v1.44.29)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5450)

* fix(queries): align descriptionText to similar queries across different platforms (#5446)

* fix(queries): align descriptionText to similar queries across different platforms

* align more descriptionText queries

* resolve comments

* added mutex (#5429)

Signed-off-by: joaorufi <joao.rufino@checkmarx.com>

* feat(result): added resourceType and resourceName to CloudFormation queries result (#5361)

* added resourceType and resourceName to CF queries

* discard aws_bom entries

* unknown to n/a

* improving resource name information

* docs(queries): update queries catalog (#5451)

Co-authored-by: rafaela-soares <rafaela-soares@users.noreply.github.com>

* feat(result): added resourceType and resourceName to Terraform queries result (#5387)

* added resource info for TF K8S, GITHUB, GENERAL

* added resourceType and resourceName to ANS GCP

* added resourceType and resourceName to TF AZURE

* added resourceType and resourceName to TF ALICLOUD

* added resourceType and resourceName to TF AWS

* correcting

* improved resourceName for TF

* docs(queries): update queries catalog (#5454)

Co-authored-by: rafaela-soares <rafaela-soares@users.noreply.github.com>

* docs: preparing for release 1.5.10 (#5455)

* docs: preparing for release 1.5.10

* updating version

Co-authored-by: rafaela-soares <rafaela-soares@users.noreply.github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* build(deps): bump github.com/gookit/color from 1.5.0 to 1.5.1 (#5469)

Bumps [github.com/gookit/color](https://github.com/gookit/color) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/gookit/color/releases)
- [Commits](https://github.com/gookit/color/compare/v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/gookit/color
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.29 to 1.44.32 (#5468)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.29 to 1.44.32.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.29...v1.44.32)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5464)

* build(deps): bump golang.org/x/tools from 0.1.10 to 0.1.11 (#5467)

Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.10 to 0.1.11.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.1.10...v0.1.11)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci(deps): bump actions/setup-python from 3 to 4 (#5462)

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(queries): align descriptionText to similar queries across different platforms #2 (#5460)

* fix(queries): align descriptionText to similar queries across different platforms #2

* resolve comments

* docs(kicsbot): update images digest (#5471)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.32 to 1.44.33 (#5472)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.32 to 1.44.33.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.32...v1.44.33)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/hashicorp/go-getter from 1.6.1 to 1.6.2 (#5473)

Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.6.1 to 1.6.2.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.6.1...v1.6.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update github-action image digest (#5474)

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.9 to 2.11.10 (#5476)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.9 to 2.11.10.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.9...v2.11.10)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.33 to 1.44.34 (#5477)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.33 to 1.44.34.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.33...v1.44.34)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5485)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.34 to 1.44.37 (#5490)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.34 to 1.44.37.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.34...v1.44.37)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(query): uncomment cloud formation's test sample (#5320)

* fix(query): uncomment cloud formation's test sample

Signed-off-by: Felipe Avelar <felipe.avelar@outlook.com>

* add suggested changes

Signed-off-by: Felipe Avelar <felipe.avelar@outlook.com>

* added branching process for major versions (#5479)

* Update sync_major_release.yaml (#5497)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.37 to 1.44.38 (#5498)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.37 to 1.44.38.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.37...v1.44.38)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.4 (#5499)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5500)

* update(query): improved "Resource Not Using Tags" description (#5483)

* updated "Resource Not Using Tags" description

* fixing E2E test

* fix(secrets inspector): added mutex to lock addVulnerability (#5503)

* added mutex to lock addVulnerability

* increased timeout for go lint and go test race

* fixed tiller queries

* fixed 94b76ea5-e074-4ca2-8a03-c5a606e30645

* docs(queries): update queries catalog (#5501)

* build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 (#5507)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.38 to 1.44.39 (#5508)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.38 to 1.44.39.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.38...v1.44.39)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5509)

* fix(analyzer): discard possible Dockerfile when they are not actually a Dockerfile (#5470)

* fixed analyzer

* update utilities.md

* update(dockerfile): fix CVE-2022-1586 and CVE-2022-29810 (#5492)

* upgrade pcre2

* upgrade tf and tf azure provider version

* fix(resolver): exclude resolve path call for the same path reference (#5511)

* fix resolver

* improved comment

* changed approach

* improving

* docs: preparing for release 1.5.11 (#5515)

* docs: preparing for release 1.5.10

* updating version

* docs: preparing for release 1.5.11

* updating version

* update

Co-authored-by: rafaela-soares <rafaela-soares@users.noreply.github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* build(deps): bump github.com/tdewolff/minify/v2 from 2.11.10 to 2.11.11 (#5523)

Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.11.10 to 2.11.11.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.11.10...v2.11.11)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/hashicorp/hcl/v2 from 2.12.0 to 2.13.0 (#5524)

Bumps [github.com/hashicorp/hcl/v2](https://github.com/hashicorp/hcl) from 2.12.0 to 2.13.0.
- [Release notes](https://github.com/hashicorp/hcl/releases)
- [Changelog](https://github.com/hashicorp/hcl/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/hcl/compare/v2.12.0...v2.13.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/hcl/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.39 to 1.44.40 (#5525)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.39 to 1.44.40.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.39...v1.44.40)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5526)

* build(deps): bump github.com/stretchr/testify from 1.7.4 to 1.7.5 (#5530)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.40 to 1.44.42 (#5531)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.40 to 1.44.42.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.40...v1.44.42)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5528)

* feat(query): add new k8s rule to detect attach permission (RBAC) (#5491)

* feat(query): add new k8s rule to detect attach permission (RBAC)

* test

* refined description text

* docs(kicsbot): update images digest (#5535)

* ci(deps): bump styfle/cancel-workflow-action from 0.9.1 to 0.10.0 (#5537)

Bumps [styfle/cancel-workflow-action](https://github.com/styfle/cancel-workflow-action) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/styfle/cancel-workflow-action/releases)
- [Commits](https://github.com/styfle/cancel-workflow-action/compare/0.9.1...0.10.0)

---
updated-dependencies:
- dependency-name: styfle/cancel-workflow-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.42 to 1.44.43 (#5538)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.42 to 1.44.43.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.42...v1.44.43)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add wafv2 to query incl. negative test (#5529)

* Add wafv2 to query incl. negative test

* fix typo

Co-authored-by: Alexander Endris <alexander.endris@hrs.de>

* docs(kicsbot): update images digest (#5541)

* build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (#5544)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.43 to 1.44.45 (#5545)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.43 to 1.44.45.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.43...v1.44.45)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(scan behavior): ignore broken synlink (#5533)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.45 to 1.44.46 (#5548)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.45 to 1.44.46.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.45...v1.44.46)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/emicklei/proto from 1.10.0 to 1.11.0 (#5549)

Bumps [github.com/emicklei/proto](https://github.com/emicklei/proto) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/emicklei/proto/releases)
- [Changelog](https://github.com/emicklei/proto/blob/master/CHANGES.md)
- [Commits](https://github.com/emicklei/proto/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/emicklei/proto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5550)

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.46 to 1.44.47 (#5552)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.46 to 1.44.47.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.46...v1.44.47)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5553)

* build(deps): bump github.com/open-policy-agent/opa from 0.41.0 to 0.42.0 (#5555)

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.41.0 to 0.42.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/…

Author: 26 people

.github/workflows/go-ci-integration.yml

@@ -32,7 +32,7 @@ jobs:
         run: echo "GITHUB_SHA_SHORT=$(echo $GITHUB_SHA | cut -c 1-8)" >> $GITHUB_ENV
       - name: Build
         id: docker_build
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           load: true
           context: ./

.github/workflows/go-e2e.yaml

@@ -55,7 +55,7 @@ jobs:
         run: echo "GITHUB_SHA_SHORT=$(echo $GITHUB_SHA | cut -c 1-8)" >> $GITHUB_ENV
       - name: Build
         id: docker_build
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           load: true
           context: ./

.github/workflows/go-generate-antlr-parser.yaml

@@ -16,7 +16,7 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
       - name: Build ANTLR image
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         id: build_antlr_image
         with:
           context: .

.github/workflows/release-apispec.yml

@@ -137,7 +137,7 @@ jobs:
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Push alpine to Docker Hub
         id: build_alpine
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           push: true
@@ -150,7 +150,7 @@ jobs:
             APISCANNER="true"
       - name: Build and push debian to Docker Hub
         id: build_debian
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.apispec.debian

.github/workflows/release-dkr-image-for-tag.yml

@@ -69,7 +69,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Push alpine to Docker Hub
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           push: true
@@ -83,7 +83,7 @@ jobs:
       - name: Push debian to Docker Hub
         if: ${{ hashFiles('./docker/Dockerfile.debian') }} != ""
         id: build_debian
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.debian
@@ -98,7 +98,7 @@ jobs:
       - name: Push ubi8 to Docker Hub
         if: ${{ hashFiles('./docker/Dockerfile.ubi8') }} != ""
         id: build_ubi8
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.ubi8

.github/workflows/release-dkr-image.yml

@@ -48,7 +48,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Push alpine to Docker Hub
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         id: build_alpine
         with:
           context: .
@@ -62,7 +62,7 @@ jobs:
             DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
       - name: Build and push debian to Docker Hub
         id: build_debian
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.debian
@@ -76,7 +76,7 @@ jobs:
             DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
       - name: Build and push ubi8 to Docker Hub
         id: build_ubi8
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.ubi8

.github/workflows/release-docker-github-actions.yaml

@@ -33,7 +33,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Push Github Action Image to Docker Hub
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         id: build_gh_action
         with:
           context: .

.github/workflows/release-nightly.yml

@@ -160,7 +160,7 @@ jobs:
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Push alpine to Docker Hub
         id: build_alpine
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           push: true
@@ -172,7 +172,7 @@ jobs:
             DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
       - name: Build and push debian to Docker Hub
         id: build_debian
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.debian
@@ -185,7 +185,7 @@ jobs:
             DESCRIPTIONS_URL=${{ secrets.DESCRIPTIONS_URL }}
       - name: Build and push ubi8 to Docker Hub
         id: build_ubi8
-        uses: docker/build-push-action@v3.0.0
+        uses: docker/build-push-action@v3.1.0
         with:
           context: .
           file: ./docker/Dockerfile.ubi8

Dockerfile

@@ -33,7 +33,7 @@ HEALTHCHECK CMD wget -q --method=HEAD localhost/system-status.txt
 # Runtime image
 # Ignore no User Cmd since KICS container is stopped afer scan
 # kics-scan ignore-line
-FROM alpine:3.16.0
+FROM alpine:3.16.1
 
 ENV TERM xterm-256color
 

assets/queries/k8s/rbac_roles_with_attach_permission/test/negative.yaml

@@ -18,6 +18,6 @@ subjects:
   name: bob
   apiGroup: rbac.authorization.k8s.io
 roleRef:
-  kind: Role 
+  kind: Role
   name: allow-attach-neg
   apiGroup: ""