Releases: Checkmarx/kics
v1.5.10
🚀 New features and improvements
added 2 queries for Ansible and Terraform
feat(filesystem): double star support to exclude folders (#5408)
feat(result): added resourceType and resourceName to CloudFormation queries result (#5361)
feat(result): added resourceType and resourceName to Terraform queries result (#5387)
🐛 Bug fixes
fix(query): s3 bucket policy accepts http requests (#5415) by @LupovichRan
fix(query): fixed incorrect Dockerfile metadata (#5424) by @ramprasathasokan
fix(queries): align descriptionText to similar queries across different platforms (#5446) by @roi-orca
fix(queries): fixed function check_schemes of openapi lib (#5433)
fix(queries): corrected policies (#5441)
fix(filesystem): added mutex to lock read and write on map (#5429)
fix(analyzer): fixed Dockerfile analyzer approach (#5407)
fix(inspector): fix timeout secrets inspector (#5419)
📦 Dependency updates bumps
build(deps): bump github.com/aws/aws-sdk-go from 1.44.21 to 1.44.29 (#5404) (#5409) (#5414) (#5425) (#5431) (#5437) (#5445) (#5448)
build(deps): bump github.com/tdewolff/minify/v2 from 2.11.5 to 2.11.9 (#5420) (#5439) (#5444)
build(deps): bump github.com/hashicorp/terraform-json (#5405)
build(deps): bump github.com/spf13/viper from 1.11.0 to 1.12.0 (#5410)
build(deps): bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 (#5413)
build(deps): bump github.com/open-policy-agent/opa from 0.40.0 to 0.41.0 (#5436)
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#5443)
ci(deps): bump golang from 1.18.2-alpine to 1.18.3-alpine (#5430)
👻 Maintenance
update(parser): support child modules in the tfplan payload (#5422)
update(dockerfile): added 256 color to Dockerfile (#5427)
update(queries): updated S3 Bucket queries for Terraform (#4872)
update(bom): updated AWS BOM S3 Bucket (#4873)
update(report): improved report message (#5418)
update(docs): added -t flag on docker run command (#5434)
Contributors
Assets 2
v1.5.9
🚀 New features and improvements
added 3 queries for Kubernetes and CloudFormation
feat(resolver): added openapi file resolver for json and yaml parsers (#5396)
feat(result): added resourceType and resourceName to Kubernetes queries result (#5355)
feat(result): added resourceType and resourceName to Azure Resource Management queries result (#5356)
feat(result): added resourceType and resourceName to Google Deployment Management queries result (#5357)
feat(result): added resourceType and resourceName to Ansible queries result (#5362)
🐛 Bug fixes
fix(query): fix/cmk rotation disabled on terraform asymmetric key creation (#5344) by @LupovichRan
fix(query): changed severity of Memcached Disabled query (#5349)
fix(ci): fixed access to CIFlag (#5395)
fix(cpu): fix number cpus macos (#5371)
fix(vulnerability builder): fixed and improved DefaultVulnerabilityBuilder (#5347)
fix(detector): fixed bug on GetBracketValues function (#5343)
📦 Dependency updates bumps
build(go): bump golang version to 1.18 (#5348)
build(deps): bump helm.sh/helm/v3 from 3.8.2 to 3.9.0 (#5374)
build(deps): bump github.com/tdewolff/minify/v2 from 2.11.2 to 2.11.5 (#5392)
build(deps): bump mvdan.cc/sh/v3 from 3.4.3 to 3.5.1 (#5341) (#5391)
build(deps): bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.1 (#5372) (#5378)
build(deps): bump github.com/aws/aws-sdk-go from 1.44.11 to 1.44.21 (#5340) (#5345) (#5350) (#5353) (#5366) (#5373) (#5377) (#5385) (#5393) (#5397)
ci(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#5339)
ci(deps): bump goreleaser/goreleaser-action from 2.9.1 to 3.0.0 (#5390)
ci(deps): bump alpine from 3.15.4 to 3.16.0 (#5394)
👻 Maintenance
update(resolver): implemented limit in resolver to 50 files (#5398)
update(kics): reduced the number of code files (#5325)
update(query): updated description of Ensure Administrative Boundaries Between Resources query (#5388)
updated(query): added support to .crt file for Client Certificate Authentication Not Setup Properly query (#5360)
Contributors: @LupovichRan
v1.5.8
🚀 New features and improvements
added 4 queries for Kubernetes
feat(query): add new k8s rule to detect port-forwarding into containers (RBAC) (#5266) by @Churro
feat(query): add new k8s rule to detect account impersonation (RBAC) (#5267) by @Churro
feat(query): add new k8s rule to detect bind or escalate permissions (RBAC) (#5268) by @Churro
feat(query): add new k8s rule to detect exec permissions (RBAC) (#5286) by @Churro
🐛 Bug fixes
fix(query): adjusted severity rating and added searchLine in rbac_wildcard_in_rule k8s rule (#5264) by @Churro
fix(password and secrets): improve performance (#5334)
fix(cpu): fixed number of cpus available info (#5321)
fix(samples): k8s queries (#5322)
fix(doc): fix syntax (#5309) by @nv35
📦 Dependency updates bumps
build(deps): bump github.com/aws/aws-sdk-go from 1.44.4 to 1.44.11 (#5297) (#5299) (#5306) (#5318) (#5323) (#5329) (#5330)
build(deps): bump github.com/moby/buildkit from 0.10.2 to 0.10.3 (#5324)
build(deps): bump github.com/johnfercher/maroto from 0.36.1 to 0.37.0 (#5331)
ci(deps): bump golang from 1.18.1-alpine to 1.18.2-alpine (#5332)
ci(deps): bump docker/setup-qemu-action from 1 to 2 (#5315)
ci(deps): bump docker/build-push-action from 2.10.0 to 3.0.0 (#5316)
ci(deps): bump docker/login-action from 1.14.1 to 2.0.0 (#5317)
👻 Maintenance
update(query): update Network ACL With Unrestricted Access To RDP (#5296)
update(query): update category and severities according with issue 5220 (#5292)
update(query): update StatefulSet Without Service Name for Kubernetes (#5303)
update(query): update Remote Desktop Port Open To Internet and HTTP Port Open To Internet (#5307)
update(query): update Audit Policy Not Cover Key Security Concerns for Kubernetes (#5326)
update(query): update Missing Flag From Dnf Install for Dockerfile (#5310)
update(query): update Storage Account Not Using Latest TLS Encryption Version for Terraform Azure (#5314)
update(queries): add check for traffic direction in port queries in some providers (#5313)
update(docs): update installation options and notes (#5293) by @konstruktoid
update(docs): removed results formats list from results section (#5308)
Contributors: @Churro, @konstruktoid, @nv35
v1.5.7
🚀 New features and improvements
added 19 new queries (Terraform, Kubernetes)
feat(report): added Code Climate report (#5261)
🐛 Bug fixes
fix(query): extended scope of MissingAttribute rule in seccomp k8s rule (#5201) by @Churro
fix(query): fixed searchKey and resource kind in pod_or_container_without_resource_quota k8s rule (#5199) by @Churro
fix(query): fixed searchKey and resource kind in pod_or_container_without_limit_range k8s rule (#5198) by @Churro
fix(query): added support for aws_iam_policy_document.Principals to policy_without_principal tf rule (#5196) by @Churro
fix(query): fixed SNS Topic is Publicly Accessible (#5210)
fix(query): fixed Api Gateway Without Content Encoding (#5215)
fix(query): fixed Api Gateway Without Content Encoding on Terraform platform (#5227)
fix(query): fixed ALB Listening on HTTP for AWS CloudFormation (#5212)
fix(query): updated ecr_repositories_not_encrypted TF rule to match KMS type (#5195) by @Churro
fix(queries): fixed aws unique identifiers from common queries (#5236)
fix(query): remove viewer from list of improper privileges (#5211) by @jaevans
fix(query): added possibility of security group being declared as a variable (#5208)
fix(filesystem): fixed GetExcludedPaths (#5288)
fix(e2e): results json compare (index out of range) (#5209)
fix(yaml parser): added model.NewIgnore.Reset() at the beginning of the YAML parser (#5255)
docs(implementations): fix changed directory for kics assets queries (#5213) by @roock
📦 Dependency updates bumps
build(deps): bump github.com/aws/aws-sdk-go from 1.43.39 to 1.44.4 (#5200) (#5218) (#5224) (#5230) (#5244) (#5256) (#5269) (#5281)
build(deps): bump github.com/tidwall/gjson from 1.14.0 to 1.14.1 (#5217)
build(deps): bump github.com/emicklei/proto from 1.9.2 to 1.10.0 (#5216)
build(deps): bump github.com/hashicorp/hcl/v2 from 2.11.1 to 2.12.0 (#5238)
build(deps): bump github.com/moby/buildkit from 0.10.1 to 0.10.2 (#5270)
build(deps): bump github.com/tdewolff/minify/v2 from 2.11.1 to 2.11.2 (#5257)
ci(deps): bump checkmarx/kics-action from 1.4 to 1.5 (#5207)
ci(deps): bump github/codeql-action from 1 to 2 (#5243)
👻 Maintenance
update(analyzer): analyzer usage when types flag is passed (#5222)
update(query): updated Unpinned Package Version in Apk Add (#5181)
update(query): updated metadata of Add Instead Copy query (#5233)
update(docs): updated missing technologies supported in docs (#5223) (#5226)
update(docs): removed -q flag from integration examples (#5225)
New Contributors
- @jaevans made their first contribution in #5211
- @roock made their first contribution in #5213
- @tspearconquest made their first contribution in #5282
Full Changelog: v1.5.6...v1.5.7
Contributors
Assets 2
v1.5.6
🚀 New features and improvements
added 54 new queries (Docker Compose, Kubernetes, and CloudFormation)
feat(bom): support BoM for CloudFormation (#5178)
feat(scripts): added query metadata validation script (#5167)
🐛 Bug fixes
fix(script): queries validator files filtering (#5202)
fix(query): update Viewer Protocol Policy Allows HTTP (#5174)
fix(query): renamed folder and query, changed query description (#5173)
delete(query): Remove false positive host_aliases_undefined_or_empty k8s rule (#5077) by @Churro
📦 Dependency updates bumps
build(deps): bump github.com/aws/aws-sdk-go from 1.43.28 to 1.43.39 (#5111) (#5114) (#5134) (#5171) (#5180) (#5182) (#5186)
build(deps): bump github.com/open-policy-agent/opa from 0.38.1 to 0.39.0 (#5110)
build(deps): bump github.com/johnfercher/maroto from 0.35.0 to 0.36.1 (#5109) (#5169)
build(deps): bump github.com/tdewolff/minify/v2 from 2.10.0 to 2.11.1 (#5170)
build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0 (#5143)
build(deps): bump github.com/moby/buildkit from 0.10.0 to 0.10.1 (#5163)
build(deps): bump helm.sh/helm/v3 from 3.8.1 to 3.8.2 (#5185)
build(deps): bump github.com/spf13/viper from 1.10.1 to 1.11.0 (#5187)
ci(deps): bump alpine from 3.15.3 to 3.15.4 (#5142)
ci(deps): bump golang from 1.18.0-alpine to 1.18.1-alpine (#5184)
ci(deps): bump actions/setup-go from 2 to 3 (#5168)
👻 Maintenance
update(kics): improve KICS overall performance (#5112)
update(logs): added debug and info log messages (#5192)
update(docs): updated documentation (#5138)
Full Changelog: v1.5.5...v1.5.6
Contributors
Assets 2
v1.5.5
🚀 New features and improvements
added 30 new queries (Kubernetes, and Docker Compose)
feat(analyzer): added Docker Compose initial support (#4851)
feat(report): added CSV report (#5046)
feat(logs): added lines scanned and lines parsed (#5050)
feat(analyzer & parser): added Kubeblet Configuration support (#5001) (#5013)
🐛 Bug fixes
fix(secrets regex): added "Avoiding Secrets Manager arn" (#5048)
fix(pre-commit): pre-commit hook fix and integration update (#5031) (#5069)
fix(query): updated ebs not optimized queries (#5020) by @lipeavelar
fix(query): defined NET_BIND_SERVICE as exception in containers_with_added_capabilities k8s rule (#4888) by @Churro
fix(query): extended containers_running_as_root k8s rule to work if no securityContext is defined (#4886) by @Churro
fix(query): refined missing_app_armor_config k8s rule to operate on specific containers (#4895) by @Churro
fix(query): fixed "S3 Static Website Host Enabled" for CF (#5060)
fix(query): added kubelet config file to Kubelet Read Only Port is Not Set To Zero query (#5010)
fix(query): added kubelet config to Anonymous Auth Is Not Set To False query (#5014)
fix(query): added kubelet config to Authorization Mode Set To Always Allow query (#5017)
fix(query): update validCertificate.pem for "Certificate Has Expired" query (#5059) (#5061)
fix(query): fixed Client Certificate Authentication Not Setup Properly (#5091)
delete(query): removed query lambda_function_without_tags (#5036) by @jycamier
delete(query): removed redundant default_service_account_in_use k8s rule (#5078) by @Churro
delete(query): removed redundant resource_with_allow_privilege_escalation k8s rule (#5076) by @Churro
📦 Dependency updates bumps
build(deps): bump github.com/aws/aws-sdk-go from 1.43.19 to 1.43.28 (#5004) (#5019) (#5033) (#5041) (#5047) (#5079) (#5083)
build(deps): bump github.com/johnfercher/maroto from 0.34.0 to 0.35.0 (#5040)
ci(deps): bump golang from 1.17.8-alpine to 1.18.0-alpine (#5003)
ci(deps): bump alpine from 3.15.1 to 3.15.3 (#5015) (#5039) (#5082)
ci(deps): bump peter-evans/create-pull-request from 3.14.0 to 4 (#5038)
ci(deps): bump actions/cache from 2.1.7 to 3 (#5025)
ci(deps): bump peter-evans/repository-dispatch from 1 to 2 (#5032)
👻 Maintenance
update(common lib): improved performance of get_nested_values_info (#5075) by @Churro
update(docs): gitlab integration: clarify that SAST report requires an ultimate license (#5086) by @floh96
update(printer): moved printer package from internal to use KICS as a module (#5066)
update(query): updated "Kubelet Server Periodic Certificate Switch Disabled" to "Rotate Kubelet Server Certificate Not Active" (#5030)
update(query): updated AWS IAM Policy Grants Full Permissions for Terraform (#5064)
update(BoM): updated BoM queries and BoM docs (#5074)
Contributors
Assets 2
v1.5.4
🚀 New features and improvements
added 107 new queries (Terraform Alicloud, Terraform Azure, Terraform AWS, Kubernetes), new total is 2245
feat(alicloud): added support to Alicloud provider for Terraform
feat(analyzer & parser): decrypt Ansible Vault file on the fly in (#4976)
feat(docs): added environment variables list to documentation in (#4979)
🐛 Bug fixes
fix(query): revise list of unsafe sysctls in cluster_allows_unsafe_sysctls k8s rule by @Churro in (#4883)
fix(query): fix searchKey and additional resource kinds in volume_mount_with_os_directory_write_permissions k8s rule by @Churro in (#4889)
fix(query): extend image_without_digest k8s rule to cover further resource kinds by @Churro in (#4892)
fix(query): extend container_requests_not_equal_to_its_limits k8s rule to cover further resource kinds and remove redundant checks by @Churro in (#4974)
fix(query): extend image_pull_policy_of_container_is_not_always k8s rule to cover additional resource kinds by @Churro in (#4891)
fix(query): extend net_raw_capabilities_not_being_dropped k8s rule to cover further resource kinds by @Churro in (#4884)
fix(query): k8s rule service_account_token_automount_not_disabled should also consider automount option in ServiceAccount by @Churro in (#4887)
fix(query): add a missing SSE way for SQS by @jycamier in (#4984)
fix(query): show privilege_escalation_allowed k8s alert also in case no securityContext is defined by @Churro in (#4885)
fix(query): extend memory_limits_not_defined k8s rule to cover further resource kinds by @Churro in (#4943)
fix(query): extend memory_requests_not_defined k8s rule to cover further resource kinds by @Churro in (#4944)
fix(query): fix path to spec in root_container_not_mounted_as_read_only k8s rule by @Churro in (#4893)
fix(query): S3 Bucket Policy Accepts Http Requests in #4949
fix(report): fix pdf description row length in (#4937)
📦 Dependency updates bumps
build(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.38.1 in (#4913) (#4987)
build(deps): bump github.com/moby/buildkit from 0.9.3 to 0.10.0 in (#4958)
build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 in (#4966)
build(deps): bump helm.sh/helm/v3 from 3.8.0 to 3.8.1 in (#4957)
build(deps): bump github.com/getsentry/sentry-go from 0.12.0 to 0.13.0 in (#4965)
build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 in (#4995)
build(deps): bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.19 in (#4932) (#4956) (#4967) (#4973) (#4986) (#4994)
ci(deps): bump docker/build-push-action from 2.9.0 to 2.10.0 in (#4985)
ci(deps): bump golang from 1.17.7-alpine to 1.17.8-alpine in (#4933)
👻 Maintenance
update(ubi): update ubi to version 8 in (#4905)
update(docs-generator): added trace to severities in (#4998)
Full Changelog: v1.5.3...v1.5.4
v1.5.3
🐛 Bug fixes
fix(analyzer): fixed and improved regexes in analyzer #4857
fix(reports): version output on reports #4879
fix(query): extend container_is_privileged k8s rule to cover additional resource kinds by @Churro in #4882
fix(library): fixed "Generic:354: rego_type_error: rule named engines redeclared at Common:354" #4862
fix(query): corrected tag flagging invalid_image k8s rule by @Churro in #4894
📦 Dependency updates bumps
build(deps): bump mvdan.cc/sh/v3 from 3.4.2 to 3.4.3 #4865
build(deps): bump github.com/aws/aws-sdk-go from 1.42.53 to 1.43.9 #4902 #4861
ci(deps): bump actions/setup-python from 2.3.2 to 3 #4900
ci(deps): bump goreleaser/goreleaser-action from 2.8.1 to 2.9.1 #4899
ci(deps): bump peter-evans/create-pull-request from 3.12.1 to 3.14.0 #4897
ci(deps): bump actions/setup-node from 2 to 3 #4880
ci(deps): bump actions/checkout from 2 to 3 #4903
ci(deps): bump alpine from 3.14.3 to 3.15.0 #4559
ci(deps): bump golangci/golangci-lint-action from 2.5.2 to 3.1.0 #4898
ci(deps): bump docker/login-action from 1.12.0 to 1.14.1 #4904 #4855
👻 Maintenance
refactor(query): simplify docker_daemon_socket_is_exposed_to_containers k8s rule by @Churro in #4890
update(query): update "Trusted Microsoft Services Not Enabled" #4858
update(docs): updated roadmap #4868
update(queries): multi-staged aware for Docker queries #4877
delete(queries): delete "update" and "upgrade" Dockerfile queries #4878
💔 Deprecation
_Please be notified that KICS deprecated the availability of binaries in the GitHub releases assets as of version 1.5.2.
It is advised to update all systems (pipelines, integrations, etc.) to use KICS Docker Images.
Full Changelog: v1.5.2...v1.5.3
v1.5.2
🚀 New features and improvements
added 4 new queries (Ansible, CloudFormation, and Terraform)
feat(terraformer): added terraformer integration with AZURE #4802
feat(terraformer): added terraformer integration with GCP #4804
feat(terraform): added support for better IAM Policy evaluation and basic terraform resource relationship querying by @rams3sh in #4766
feat(docs): added Bamboo integration #4791
feat(docs): added AWS CodeBuild integration #4790
feat(cli): multiple paths for queries #4813
🐛 Bug fixes
fix(bom): fixed SQS #4820
fix(golang): fixed generic error message go-getter #4792
fix(analyzer): fixed anlyzer scan on GDM #4805
fix(query): containers-run-with-low-uid k8s query should consider statement precedence by @Churro in #4788
fix(query): update seccomp-profile-is-not-configured rule to match seccompProfile attribute by @Churro in #4789
fix(query): fixed vulnerable policies queries #4811
fix(query): extended readinessProbe k8s rule to cover additional resources by @Churro in #4829
fix(query): changed severity, description text and URL in "Liveness Probe Is Not Defined" query #4834
fix(query): covered additional deprecated API versions in k8s rule by @Churro in #4830
fix(query): update service_does_not_target_pod k8s rule with new logic to match labels and ports by @Churro in #4817
fix(query): be able to check default_tags on multiple providers by @jycamier in #4839
fix(query): fixed "Service Control Policies Disabled" query #4843
📦 Dependency updates bumps
ci(deps): bump actions/setup-python from 2.3.1 to 2.3.2 #4797
ci(deps): bump golang from 1.17.6-alpine to 1.17.7-alpine #4827
build(deps): bump github.com/open-policy-agent/opa from 0.37.1 to 0.37.2 #4826
build(deps): bump github.com/tidwall/gjson from 1.13.0 to 1.14.0 #4786
build(deps): bump github.com/aws/aws-sdk-go from 1.42.47 to 1.42.48 #4800
build(deps): bump github.com/aws/aws-sdk-go from 1.42.52 to 1.42.53 #4837
👻 Maintenance
update(report): added Checkmarx logo to pdf and HTML reports #4838 #4844 #4847
update(report): improved junit report #4796
update(docs): updated ASFF documentation by #4784
update(docs): added mention to 'descriptionID' in creating-queries documentation #4835
update(analyzer): only anaylze possible IaC files #4814
remove(query): removed "Use of Apk Upgrade" query #4832
💔 Deprecation
_Please be notified that KICS deprecated the availability of binaries in the GitHub releases assets as of version 1.5.2.
It is advised to update all systems (pipelines, integrations, etc.) to use KICS Docker Images.
Contributors
Assets 2
v1.5.1
🚀 New features and improvements
added 18 new queries (Google Deployment Manager, CloudFormation, Buildah, and Terraform)
feat(analyzer): added support to Cloud Development Kit for Terraform (CDKTF) (#4770)
feat(buildah): added initial Buildah support (#4740)
🐛 Bug fixes
fix(query): fix terraform query for ingress/egress description (#4736)
fix(golang): fixed golang data races and make file (#4741)
fix(version): fixed bug with version checking (#4675) (#4760)
fix(parser): added type handler to Terraform convertBody function (#4768)
fix(parser): added YAML alias as string (#4767)
fix(query): limited "IAM Access Analyzer Undefined" only for AWS (#4772)
fix(query): service should match containerPort using targetPort (#4762)
fix(report): fixed CycloneDX report for compressed files (#4761)
fix(report): fixed null ASFF report (#4756)
📦 Dependency updates bumps
build(deps): bump github.com/hashicorp/hcl/v2 from 2.10.1 to 2.11.1 (#4716)
build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 (#4717)
build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (#4718)
build(deps): bump github.com/aws/aws-sdk-go from 1.37.0 to 1.42.44 (#4765)
build(deps): bump github.com/johnfercher/maroto from 0.33.0 to 0.34.0 (#4746)
build(deps): bump helm.sh/helm/v3 from 3.7.2 to 3.8.0 (#4747)
build(deps): bump github.com/hashicorp/go-getter from 1.5.9 to 1.5.11 (#4745)
build(deps): bump github.com/tdewolff/minify/v2 from 2.9.29 to 2.10.0 (#4778)
build(deps): bump github.com/emicklei/proto from 1.9.1 to 1.9.2 (#4777)
build(deps): bump github.com/open-policy-agent/opa from 0.34.2 to 0.37.1 (#4776)
ci(deps): bump peter-evans/create-pull-request from 3.12.0 to 3.12.1 (#4769)
ci(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 (#4775)
👻 Maintenance
update(report): updated gitlab sast report schema version (#4720)
update(terraformer): added timestamp to generated import folder (#4733)
build(env): added dev build tag (#4729)
docs(kics.io): removed references to binaries usage and changed all cmds to Docker cmds (#4757)
💔 Deprecation
Please be notified that KICS is deprecating the availability of binaries in the GitHub releases assets as of 1.5.0.
We intend to stop publishing the binaries along with KICS 1.5.2 (scheduled for Mid of February).
It is advised to update all systems (pipelines, integrations, etc.) to use KICS Docker Images.