Skip to content

Releases: EdgarPsda/devsecops-kit

🚀 GitHub Release: v0.4.1

23 Nov 06:35
@EdgarPsda EdgarPsda
0.4.1
d08f347
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
🚀 GitHub Release: v0.4.1 Latest
Latest

We've closed the security feedback loop! v0.4.1 moves the DevSecOps Kit from a CI-only tool to a complete, developer-first security platform.

This release ensures developers get fast, actionable feedback before pushing to CI.

✨ Major New Features

  • Local Security Scanning (devsecops scan): Run all configured tools (Semgrep, Trivy, Gitleaks) on your machine with a single command. The local result always matches the CI policy.
  • Git Hooks Integration:
    • devsecops init-hooks installs pre-commit (blocking) and pre-push (warning) hooks. Security policy enforcement is now Shifted Furthest Left!
  • Rich Reporting & UX:
    • HTML Reports: Generate beautiful, interactive reports locally: devsecops scan --format=html --open
    • Rich terminal output with progress bars and color-coding for faster developer feedback.

⚙️ Improvements

  • Parallel execution of all scanners for minimal performance impact.
  • Respects all fail_on thresholds and exclude_paths in the security-config.yml locally.
  • New go.mod structure for better dependency management.

📦 Installation

To update your kit:

go install [github.com/edgarpsda/devsecops-kit/cmd/devsecops@latest](https://github.com/edgarpsda/devsecops-kit/cmd/devsecops@latest)
Assets 2
Loading