v13.5.0

What's Changed

• 🐛 fix(grafana): add init functions for sub-resources accessed directly by @syrull in #7141
• 🐛 fix container repo and registry scanning by @imilchev in #7142
• ⭐ introduce maturity for providers, resources, and fields by @arlimus in #7140
• ⭐ Add Google Cloud Model Armor resources to GCP provider by @tas50 in #7145
• 🧹 add a few more maturity tests by @arlimus in #7146
• ✨ Add Bicep/ARM template provider for static analysis by @tas50 in #7026
• ✨ show provider maturity in cli when listing them by @arlimus in #7148
• ✨ Add Helm chart provider for static analysis by @tas50 in #7137
• ✨ Add Kustomize provider for static analysis by @tas50 in #7025
• 🧹 Add copyright header and new provider checklist to CLAUDE.md by @tas50 in #7147
• ⭐ Add Bedrock, Control Tower, Security Lake, Verified Access, Private CA resources by @tas50 in #7136
• 🎉 gcp-13.6.0 by @tas50 in #7150
• 🎉 grafana-13.0.2 by @tas50 in #7151
• 🎉 os-13.8.1 by @tas50 in #7152
• 🎉 aws-13.11.0 by @tas50 in #7153
• ⭐ Add SageMaker clusters, feature groups, model packages, model cards, spaces, user profiles by @tas50 in #7149
• ⭐ add Claude and Codex resources to os provider by @arlimus in #7154
• Expand CloudTrail, GuardDuty, and Config resources by @tas50 in #7155
• ⭐ Expand Security Hub with standards controls, findings, and insights by @tas50 in #7156
• ⭐ add unicode resources to core by @arlimus in #7157
• Expand Redshift, EMR, and ElastiCache resources by @tas50 in #7158
• Expand EKS resources with typed references, insights, and addon versions by @tas50 in #7159
• Expand 6 AWS services with security-focused resources by @tas50 in #7160
• Expand AWS provider: 10 services, 24 ARN→typed conversions, Step Functions, Batch, AppMesh by @tas50 in #7165
• Bump docker/login-action from 4.0.0 to 4.1.0 by @dependabot[bot] in #7163
• Add 12 GCP Compute networking resources with typed cross-references by @tas50 in #7166
• Expand 8 GCP services with 17 new resources using existing SDK deps by @tas50 in #7168
• Bump dawidd6/action-download-artifact from 19 to 20 by @dependabot[bot] in #7162
• Fix Windows client hotpatch detection false positives by @czunker in #7172
• 🧹 Update deps for mql and providers 20260413 by @github-actions[bot] in #7171
• feat(providers): add Proxmox VE provider by @langen1x in #7164
• 🐛 fix proxmox provider: firewall rule ID collisions and POST error handling by @chris-rock in #7170
• Add configurable idle timeout for provider downloads by @jaym in #7135
• 🐛 Fix 5 incorrect AWS IAM permission prefixes by @tas50 in #7174
• ⭐ Add 6 new GCP services: Eventarc, DLP, Batch, IDS, GKE Backup, Container Analysis by @tas50 in #7169
• 🎉 os-13.9.0 by @tas50 in #7176

New Contributors

• @langen1x made their first contribution in #7164

Full Changelog: v13.4.1...v13.5.0

v13.4.1

What's Changed

• ✨ Update AWS SDK deps and add new resource fields by @tas50 in #7129
• ⭐ Add new AWS services, sub-resources, and security-relevant fields by @tas50 in #7130
• 📄 Document spell check CI in CLAUDE.md by @tas50 in #7131
• 🎉 aws-13.8.0 by @tas50 in #7133
• 🧹 Update deps for mql and providers 20260408 by @github-actions[bot] in #7132
• ⭐ Add new security-relevant fields from SDK bumps by @tas50 in #7134
• 🐛 fix recording GetData returning wrong type for "id" field by @syrull in #7138

Full Changelog: v13.4.0...v13.4.1

v13.4.0

What's Changed

• ✨ Add AWS token retrieval to WIF auth flow. by @VasilSirakov in #7121
• 🧹 Update deps for mql and providers 20260406 by @github-actions[bot] in #7122
• ⭐ Add new GCP resource fields from dependency updates by @tas50 in #7126
• 🎉 activedirectory-13.0.1, aws-13.7.0, azure-13.4.0, gcp-13.4.0 by @github-actions[bot] in #7124
• 🧹 Resolve token provider from issuer URI before attempting to fetch token. by @VasilSirakov in #7125

Full Changelog: v13.3.4...v13.4.0

v13.3.4

What's Changed

• ⭐️Add Active Directory Provider by @syrull in #7000
• 🧹 Add Active Directory provider to docs and defaults by @tas50 in #7104
• 🎉 gcp-13.3.3 by @github-actions[bot] in #7103
• ⭐ Add Organizations OUs, account paths, AppStream drain mode & URL redirection by @tas50 in #7105
• 🧹 Update Azure armdatafactory SDK v9 → v10 by @tas50 in #7106
• ⭐ Add Azure security resources for CIS/SOC 2/PCI audit coverage by @tas50 in #7107
• Fix incomplete enum value comments in AWS .lr definitions by @tas50 in #7108
• ⭐ Add Azure Container Registry resources for security auditing by @tas50 in #7109
• ⭐ Add Amazon Keyspaces (Managed Cassandra) resources by @tas50 in #7110
• ⭐ Add Log Analytics Workspace and Recovery Services Vault resources by @tas50 in #7111
• ⭐ Enhance VPC coverage with new fields, resources, and sub-resources by @tas50 in #7112
• Lazy-load DynamoDB, ECS, EKS details and parallelize S3 listing by @tas50 in #7114
• Add SSM, CloudWatch Logs, and VPC PrivateLink resources by @tas50 in #7113
• Bump actions/setup-go from 6.3.0 to 6.4.0 by @dependabot[bot] in #7115
• Bump github/codeql-action from 4.32.6 to 4.35.1 by @dependabot[bot] in #7116
• ⭐ Add Azure Functions, Service Bus, Event Hubs, DNS, and Front Door/CDN resources by @tas50 in #7117
• ⭐ Add GCP Security Command Center and VPC Service Controls resources by @tas50 in #7118
• Add AWS App Mesh, Identity Center, RAM, Step Functions, and Transfer Family resources by @tas50 in #7119
• Register technology=directory-service in asset URL schema by @syrull in #7123

Full Changelog: v13.3.3...v13.3.4

v13.3.3

What's Changed

• 🎉 ansible-13.0.4, arista-13.1.6, atlassian-13.0.4, aws-13.6.2, azure-13.3.2, cloudflare-13.0.4, cloudformation-13.0.4, depsdev-13.0.5, equinix-13.0.4, gcp-13.3.2, github-13.0.5, gitlab-13.0.5, google-workspace-13.0.5, grafana-13.0.1, ipinfo-13.0.4, ipmi-13.0.4, mondoo-13.0.4, ms365-13.0.4, network-13.0.4, nmap-13.0.4, oci-13.0.4, okta-13.1.3, opcua-13.0.4, os-13.6.2, shodan-13.0.4, slack-13.0.4, snowflake-13.0.4, tailscale-13.0.4, terraform-13.0.4, vcd-13.0.4, vsphere-13.0.4 by @github-actions[bot] in #7092
• ✨ Publish provider schema.json to release bucket by @chris-rock in #7093
• 🧹 Add grafana provider to defaults and README by @tas50 in #7094
• Add machine.secureboot resource for Linux Secure Boot status by @tas50 in #7088
• 🎉 os-13.7.0 by @tas50 in #7095
• ✨ Add user.loggedIn field to os provider by @tas50 in #7096
• 🐛 Fix OOM crash: select only needed fields in Get-NetFirewallRule by @vjeffrey in #7098
• ⭐ Add systemd.timer and systemd.socket resources by @tas50 in #7097
• ⚡ Stream-decode Windows firewall rules to reduce memory by @vjeffrey in #7099
• 🐛 Fix 21 incorrect GCP IAM permissions in auto-generated manifest by @vjeffrey in #7080
• ⭐ Add filesystem fallback for systemd timer and socket resources by @tas50 in #7100
• 🎉 os-13.8.0 by @tas50 in #7101
• 🐛 Fix remaining GCP permissions and add validation test by @vjeffrey in #7102

Full Changelog: v13.3.2...v13.3.3

v13.3.2

What's Changed

• feat(grafana): add Grafana provider with org-scoped API resources by @syrull in #7084
• 🧹 generate correct copyright for lr files by @imilchev in #7090
• 🐛 handle asset explorer discovery targets properly by @imilchev in #7089
• 🎉 k8s-13.0.7 by @imilchev in #7091

Full Changelog: v13.3.1...v13.3.2

v13.3.1

What's Changed

• 🧹 Expose built in providers. by @preslavgerchev in #7076
• 🐛 Use provider name instead of id for GetBuiltinProviderNames. by @preslavgerchev in #7077
• ✨ implement vault delete for berglas by @imilchev in #7078
• fix: propagate null through dict and map bracket access by @syrull in #7079
• ⭐️ asset explorer discovery mechanism by @imilchev in #6949
• 🎉 ansible-13.0.3, arista-13.1.5, atlassian-13.0.3, aws-13.6.1, azure-13.3.1, cloudflare-13.0.3, cloudformation-13.0.3, depsdev-13.0.4, equinix-13.0.3, gcp-13.3.1, github-13.0.4, gitlab-13.0.4, google-workspace-13.0.4, ipinfo-13.0.3, ipmi-13.0.3, k8s-13.0.6, mondoo-13.0.3, ms365-13.0.3, network-13.0.3, nmap-13.0.3, oci-13.0.3, okta-13.1.2, opcua-13.0.3, shodan-13.0.3, slack-13.0.3, snowflake-13.0.3, tailscale-13.0.3, terraform-13.0.3, vcd-13.0.3, vsphere-13.0.3 by @github-actions[bot] in #7075
• chore: update copyright year to 2026 and bump copywrite to v0.25.2 by @chris-rock in #7082
• ✨ Add Hetzner Cloud platform detection by @tas50 in #7083
• 🎉 os-13.6.0 by @tas50 in #7085
• 🐛 Fix Hetzner Cloud missing public IPv4 in cloud.instance by @tas50 in #7086

Full Changelog: v13.3.0...v13.3.1

v13.3.0

What's Changed

• 🐛 Implement EKS authentication flow and token retrieval by @slntopp in #7028
• ⭐ Add security fields to AWS provider resources by @tas50 in #7024
• ⭐ Add disk usage fields to mount.point resource by @tas50 in #6948
• 🎉 ansible-13.0.2, arista-13.1.4, atlassian-13.0.2, aws-13.2.7, cloudflare-13.0.2, cloudformation-13.0.2, depsdev-13.0.3, equinix-13.0.2, gcp-13.2.2, github-13.0.3, gitlab-13.0.2, google-workspace-13.0.3, ipinfo-13.0.2, ipmi-13.0.2, k8s-13.0.5, mondoo-13.0.2, ms365-13.0.2, nmap-13.0.2, oci-13.0.2, okta-13.1.1, opcua-13.0.2, shodan-13.0.2, slack-13.0.2, snowflake-13.0.2, tailscale-13.0.2, terraform-13.0.2, vcd-13.0.2, vsphere-13.0.2 by @github-actions[bot] in #7027
• feat(os): add FORWARD chain and default policy to iptables/ip6tables resources by @syrull in #7031
• 🐛 fix provider stack overflow panics with empty hcl files by @slntopp in #7032
• ⭐ Add security fields to ES, EMR, DAX, and SQS resources by @tas50 in #7033
• 🐛 Report provider connection errors and crashes to Sentry by @vjeffrey in #7034
• ⭐ Add typed kmsKey reference to aws.kinesis.stream by @tas50 in #7035
• fix: return false instead of error for null comparison operands by @syrull in #7036
• feat(gitlab): add gitlab.settings resource for instance-level application settings by @syrull in #7037
• 🧹 Represent auto discovery as accounts + resources. by @preslavgerchev in #7038
• 🐛 Fix panic in initAwsAccount during EBS volume scanning by @czunker in #7039
• ✨ Add Wolfi OS detection and package support by @tas50 in #7041
• ⭐ Support Bottlerocket OS detection in EBS volume scanning by @czunker in #7040
• 🎉 os-13.3.0 by @tas50 in #7042
• ✨ Add macos.firewall resource with typed sub-resources by @tas50 in #7043
• 🎉 os-13.4.0 by @tas50 in #7044
• ✨ Add storageEncryptionType to RDS resources by @tas50 in #7045
• ✨ Add security-relevant fields to AWS resources by @tas50 in #7046
• ✨ Add security-relevant fields to GCP resources by @tas50 in #7047
• 🧹 Update GCP provider dependencies by @tas50 in #7049
• ⭐ Add security-relevant fields to Azure resources by @tas50 in #7048
• ✨ Add RPM modularity support for RHEL, CentOS, and Rocky Linux by @czunker in #7051
• ✨ Add config aggregators, ECR repo policy, and EC2 launch templates by @tas50 in #7052
• 🐛 Fix GitHub Actions workflow bugs and typos by @tas50 in #6865
• 🐛 Add timeout to OCSP request to prevent hangs by @jaym in #7053
• ✨ Add BIOS UUID detection for platform identification by @philipbalinov in #6556
• 🎉 os-13.4.1 by @slntopp in #7054
• ✨ Upgrade Azure SDK deps and add security-relevant fields by @tas50 in #7055
• Bump github.com/moby/buildkit from 0.16.0 to 0.28.1 by @dependabot[bot] in #7056
• ⭐ Expand nftables resource with sets, version, and top-level accessors by @tas50 in #7030
• ⭐ Add firewalld resource for Linux firewall management by @tas50 in #7029
• 🎉 Add sysrc resource for FreeBSD rc.conf configuration by @tas50 in #6984
• 🎉 os-13.5.0 by @tas50 in #7057
• ✨ Add macOS FileVault, Gatekeeper, and SIP resources by @tas50 in #7059
• ⭐ expose initProcessEnabled on ECS container definition by @tas50 in #7060
• ⭐ Add EC2 launch configuration resource and CloudFront logging by @tas50 in #7061
• ⭐ Add Azure Data Factory and Synapse Analytics resources by @tas50 in #7062
• 🧹 Fix default display name for microsoft.application. by @preslavgerchev in #7066
• 🐛 reuse smbios manager by @slntopp in #7067
• 🎉 os-13.5.1 by @slntopp in #7068
• 🐛 Silence noisy log for missing python package dirs by @tas50 in #7069
• 🧹 Update deps for mql and providers 20260330 by @github-actions[bot] in #7065
• Bump dawidd6/action-download-artifact from 16 to 19 by @dependabot[bot] in #7064
• Bump azure/login from 2.3.0 to 3.0.0 by @dependabot[bot] in #7063
• ⚡ Refactor Azure discovery to generic ARM resource listing by @tas50 in #7017
• ⚡ Lazy-load Azure network, AKS, IAM, and Redis sub-resources by @tas50 in #7014
• 🧹 Skip permissions.json write when only timestamp changed by @tas50 in #7071
• 🧹 Drop all debug logs for missing resource id logs. by @preslavgerchev in #7074
• 🐛 Reject non-KMS ARNs in initAwsKmsKey by @tas50 in #7072
• 🎉 os-13.5.2 by @tas50 in #7070

Full Changelog: v13.2.0...v13.3.0

v13.2.0

What's Changed

• ✨ Add deps.dev provider for Go module dependency analysis by @czunker in #6911
• 🎉 arista-13.1.2, aws-13.2.3, azure-13.1.1, network-13.0.1, os-13.2.4 by @github-actions[bot] in #6973
• ⭐ Add PQC hybrid KEX detection and certificate introspection to network provider by @M-gre in #6953
• 🧹 fix depsdev provider go.mod formatting by @slntopp in #6975
• ✨ Implement filesystem caching for container images to prevent OOM issues by @slntopp in #6974
• 🎉 arista-13.1.3, aws-13.2.4, azure-13.1.2, depsdev-13.0.2, network-13.0.2, os-13.2.5 by @tas50 in #6976
• 🐛 Fix AWS provider panics and Route53 tag fetching by @preslavgerchev in #6979
• 🐛 Fix Azure provider panics on nil resource accessors by @preslavgerchev in #6980
• Auto-generate cloud provider permissions manifest by @vjeffrey in #6978
• 🐛 Do not return the FeatureIsNotSupportedForAccount err. by @preslavgerchev in #6982
• 🎉 azure-13.1.3, aws-13.2.5 by @github-actions[bot] in #6983
• 🐛 Fall back to lscpu for CPU manufacturer/model on ARM Linux by @tas50 in #6981
• ✨ Add os.date resource with time and timezone fields by @tas50 in #6972
• 🎉 gcp-13.2.1, k8s-13.0.3, os-13.2.6 by @github-actions[bot] in #6987
• 🧹 azure discovery: include resources in auto by @vjeffrey in #6990
• 🎉 azure-13.1.4, aws-13.2.6 by @github-actions[bot] in #6991
• 🎉 Add selinux resource for SELinux status and configuration by @tas50 in #6985
• 🎉 os-13.2.7 by @github-actions[bot] in #6993
• 🐛 Normalize azure vm platform id before using it. by @preslavgerchev in #6997
• 🟢 Add tests for All and Auto discovery list resolution (aws, azure, gcp) by @preslavgerchev in #6994
• 🎉 azure-13.1.5 by @github-actions[bot] in #6999
• ✨ Add grub.config resource for GRUB bootloader configuration by @tas50 in #6995
• ⭐ Add UFW resource to OS provider by @tas50 in #6986
• 🐛 Fix empty REG_MULTI_SZ returning [""] instead of [] by @M-gre in #6996
• 🐛 Normalize azure vm platform id before using it. by @preslavgerchev in #7001
• 🧹 Disable azure instances discovery. by @preslavgerchev in #7002
• 🎉 azure-13.1.6, os-13.2.8 by @github-actions[bot] in #7004
• 🐛 disable faulty linux/arm/6 build target by @slntopp in #7005
• Fix spell check workflow permissions to allow PR comments by @tas50 in #7007
• 🧹 Remove duplicate github entry from PROVIDERS list by @tas50 in #7008
• 🐛 Fix swapped cloudflare/cloudformation entries in defaults.go by @tas50 in #7009
• 🐛 Fix defaults.go: add missing depsdev provider and fix cloudflare description by @tas50 in #7010
• 🧹 Regenerate permissions files and clean up vcd.lr.versions by @tas50 in #7011
• 🧹 Sort and complete providers/test list in Makefile by @tas50 in #7012
• 🧹 Remove unused lr/docs/markdown target from Makefile by @tas50 in #7013
• Bump slackapi/slack-github-action from 2.1.1 to 3.0.1 by @dependabot[bot] in #7016
• Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by @dependabot[bot] in #7015
• 🧹 Update deps for mql and providers 20260323 by @github-actions[bot] in #7018
• 🐛 Fix nil pointer panic in azure network watcher flowLogs by @vjeffrey in #7019
• 🎉 azure-13.1.7 by @vjeffrey in #7020
• 🐛 Expose recovered provider panics via Runtime.CriticalErrors() by @vjeffrey in #7021

Full Changelog: v13.1.1...v13.2.0

v13.1.1

What's Changed

• 🧹 Remove sshhostkey platform id package and update imports by @slntopp in #6940
• 🐛 Recover and report panics in provider subprocesses by @vjeffrey in #6939
• ⭐️ improved provider versioning utility by @imilchev in #6951
• 🧹 do not commit provider release temp files by @imilchev in #6959
• 🎉 nmap-13.0.1, oci-13.0.1, opcua-13.0.1, os-13.2.3, shodan-13.0.1, slack-13.0.1, snowflake-13.0.1, tailscale-13.0.1, terraform-13.0.1, vcd-13.0.1, vsphere-13.0.1 by @github-actions[bot] in #6960
• ✨ Add custom tags to error reports for enhanced context by @slntopp in #6957
• 🧹 Update AWS SDK deps and fix stale .lr enum comments by @tas50 in #6963
• 🧹 Add concurrency group to release-providers workflow by @imilchev in #6961
• 🐛 Improve performance of process socket handling and refactor related functions by @slntopp in #6962
• 🐛 Fix wrong error variable returned in initAwsEc2Volume by @tas50 in #6965
• 🧹 Add .claude/worktrees/ to .gitignore by @tas50 in #6967
• 🐛 Fix internet gateway ARN using OwnerId instead of AccountId by @tas50 in #6966
• 🐛 Fix Neptune endpoint using wrong conversion function by @tas50 in #6964
• 🧹 aws: modernize Go syntax (any, slices.Chunk, stdlib slices) by @tas50 in #6889
• 🧹 Modernize arista and network providers with Go idioms by @tas50 in #6891
• ⚡ Fix N+1 and redundant API calls in Arista provider by @tas50 in #6947
• 🐛 Skip blob API calls for Azure Data Lake Storage Gen2 accounts by @vjeffrey in #6968
• 🧹 Improve Arista testing instructions by @tas50 in #6969
• 📄 Add doc comments to os.lr resources by @tas50 in #6971
• ✨ Add machine.cpu resource with correct socket/core reporting by @tas50 in #6946
• ✨ Add AppArmor resource to OS provider by @tas50 in #6970

Full Changelog: v13.1.0...v13.1.1