v2.4.2
Changelog
Bug fixes:
- 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)
Chores:
- Updated all dependencies
Misc:
- Added OpenSSF scorecard GitHub action and badge
- CI hardening: pinned all dependency versions and restrict GitHub actions permissions (#187)
Complete changelog:
- 5d95a59 Add OSSF scorecard
- b9c8eec Add OpenSSF scorecard
- 2fbfb8d Add basic security policy to clarify how to report a vulnerability
- afd6023 Add dependabot configuration
- fc27192 Add information about CloudTrail events for EBS exfiltration (#171)
- 3527d57 Brew formula update for stratus-red-team version v2.4.1
- 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)
- 2123b13 Bump actions/checkout from 2 to 3 (#179)
- 38b016b Bump docker/build-push-action from 2.8.0 to 3.1.1 (#180)
- cc7a321 Bump docker/login-action from 1.12.0 to 2.0.0 (#181)
- 1ac7e69 Bump github.com/aws/aws-sdk-go-v2 from 1.16.7 to 1.16.16 in /v2 (#183)
- 9a1fc25 Bump github.com/aws/aws-sdk-go-v2/config from 1.13.0 to 1.17.7 in /v2 (#185)
- 99fed06 Bump github.com/aws/aws-sdk-go-v2/service/cloudtrail in /v2 (#186)
- eb4dd6a Bump github.com/aws/aws-sdk-go-v2/service/iam in /v2 (#182)
- 1849405 Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.13.0 to 1.16.1 in /v2 (#184)
- 68fea3f Bump goreleaser/goreleaser-action from 2 to 3 (#176)
- 0fbead5 Bump ossf/scorecard-action from 2.0.3 to 2.0.4 (#178)
- b6724c0 CI hardening (#187)
- 6e507e9 Docker base image: Use Go 1.19.x (#177)
- 16f578a Docker base image: bump alpine from 3.16.0 to 3.16.2 (#175)
- b836d04 Remove downloads badge
- c9bb44a Update usage.md (#166)
- 3371c2c [CI] Pin Github action versions (#188)
- 3b54217 [docker] Pin base image SHA256 (#189)