Releases: Privado-Inc/privado
Releases · Privado-Inc/privado
v1.1.0 🌈
Changes
Features:
- Support for Console Output: Privado now shows the scan results as a summarized report on the console itself. Before this release, users had only two options either look at the privado.json file or view results on the Privado dashboard. Now, users can quickly see the scan results and for interesting scans visualize them on the dashboard or look at the privado.json file.
- Upload command: Users can explicitly pass a command for uploading the results from their machine to the dashboard. This will help if the automatic upload fails or if the user by default does not want to upload results and only wants to upload results for a few repositories. Details of the command are in our documentation.
- Added. flags to let CLI run in a non-interactive way: Users can now pass additional flags with the scan command to skip upload or explicitly upload results. This will be useful in a CI environment where there is no UI for users to interact with our consent question. Details on the flags are added to our documentation.
- Added Support for Configurable Semantics. With semantics, users have control over how data propagates through a function call. For example - log.debug(name, email), the user can choose if the name would further taint email, log, or does not taint anything.
Enhancements:
- Reduced noise in leakage detection
- Account Data: Account Name and Account Password will stop detecting global credentials needed for connecting with databases or SaaS apps like JIRA.
- Contact Data: Added more keywords to detect Phone Number: phone, cellphone, contact, etc.
- Mnemonics: Added a new data element to track mnemonics which is a sensitive data element for web3 wallets and products.
- Sync dev branch with master @HiteshMah-Jan (#65)
- Track mnemonic used in digital wallets @tuxology (#64)
- fix: prevent db_username to match as AccountName @HiteshMah-Jan (#41)
- semver: replaced . with - for versioning in dev @hiteshbedre (#57)
- fix: upgrade phone rule to get only phone keyworld @luizleite-hotmart (#42)
- Sync contributor commit with dev @ojaswa1942 (#56)
- Docs: sync Gitbook docs with dev @ojaswa1942 (#54)
- Versioning: Added new version semantics for dev env @hiteshbedre (#51)
- add - semantic support @khemrajrathore (#46)
- feat: update readme @prashant-privado (#38)
v1.0.0 🌈
Changes
- Release: First release of privado code scanning tool to scan Java source code project and identify data flows and privacy issues.
Privado CLI v0.2
Highlights
- Workflow to generate Data Safety Report
- CLI Commands for Privado Privacy Scan
- Incremental Data Safety Report on Rescan
Release Items
For the list of complete release items, refer v0.1.
Additional release items:
- Incremental Data Safety Report on Rescan
- Data Safety Report Validations
- Custom docker tag using
PRIVADO_TAG
- Enhance installation documentation
- Chore fixes and enhancements
Full Changelog: v0.1...v0.2
Privado CLI v0.1
Highlights
- Workflow to generate Data Safety Report
- CLI Commands for Privado Privacy Scan
Release Items
- Integration with Privado Scan for Data Elements
- Workflow to generate Data Safety Report
- CLI Commands:
auth
,bootstrap
,scan
,load
- Auto license and configuration setup via
bootstrap
command - Docker interfaces for aforementioned commands
- Workflow for GoLang Releases
- Installation Script
- Export CSV for Data Safety Report
- Privacy Result & Report Persistence
- Auto-spawn browser on completion
- Parse container STDOUT for error messages
- Add License, Security Policy, Code of Conduct
- Usage Documentation
- Integration with GitBook
Full Changelog: https://github.com/Privado-Inc/privado/commits/v0.1