Skip to main content

Release Summary v1.2.23

This release delivers a range of enhancements, bug fixes, and security updates across multiple services. Key highlights include improved data handling, enhanced Azure and AWS integrations, UI improvements for account management, and several critical dependency upgrades to address security vulnerabilities.

helmChart

  • No changes in this release.

aws-scanner

🔧 Improvements

  • Changed types from DescribeHubResponse and DescribeOrganizationConfigurationResponse to DescribeHubCommandOutput and DescribeOrganizationConfigurationCommandOutput for improved alignment with AWS SDK v3.
  • Cleaned up hubData and orgConfigData by removing metadata before spreading into the final objects.

🔼 Version Updates

  • Upgraded axios from 1.13.6 to 1.15.0 to address vulnerabilities:
    • Fixed HTTP Response Splitting (high severity).
    • Fixed Unintended Proxy or Intermediary ("Confused Deputy") (critical severity).

chronom-backend

🔧 Improvements

  • Added .DS_Store to .gitignore to prevent macOS system files from being tracked.
  • Enhanced Azure tenant management:
    • Included severity levels in responses for missing permissions when adding Azure tenants.
    • Improved error handling in secretManager.js for missing permissions and handled the triggeredBy property in the addAzureTenant function.

New Features

  • Enhanced report generation by adding resourceOwnerId for AI reports, enabling extraction and inclusion of account IDs in report objects.

chronom-client

🔧 Improvements

  • Updated documentation to reflect the new accountType field and ACCOUNT_TYPE_ICONS mapping for clearer account representation.
  • Ensured consistent display of account type icons in the UI for a more cohesive user experience.

New Features

  • Added account type icons to the Accounts dropdowns and filters in the Dashboard, Alerts, Inventory, M365 Directory, and Graph pages, improving visual identification of account types (AWS, Azure Subscription, Azure Tenant).

🔧 Improvements

  • Filtered out azureTenant accounts from AI report generation requests to prevent backend crashes, ensuring only supported accounts are processed. Non-AI reports remain unaffected.

policy-service

🔧 Improvements

  • Updated data retrieval service to allow unlimited content and body lengths for improved data handling during API requests.
  • Enhanced CacheManager to support cache disabling and added a fetchFromSource method for direct data retrieval, allowing cache bypass when necessary.

typesense-mongodb-sync

🐛 Bug Fixes

  • Fixed variable usage in syncAllPolicies (from policyResultsToUpsert to policyResultsMatch), resolving buffer overflow and ensuring correct policy result synchronization.
  • Allowed empty accountIds through RabbitMQ validation for deleted policy cleanup messages.
  • Updated syncSinglePolicy to handle empty accountIds as delete-all for the specified policy and organization, and to skip re-seeding.

azure-scanner

🔧 Improvements

  • Migrated Coralogix log sending functionality.

🔼 Version Updates

  • Upgraded axios from 1.14.0 to 1.15.0 to address vulnerabilities:
    • Fixed HTTP Response Splitting (high severity).
    • Fixed Unintended Proxy or Intermediary ("Confused Deputy") (critical severity).

dedicated-scanner

🔼 Version Updates

  • Upgraded @aws-sdk/client-cost-explorer from 3.1010.0 to 3.1013.0, including:
    • Updated client endpoints.
    • Added support for new AWS Batch quota management features.
    • Added bi-directional streaming in Polly and other new AWS SDK features.
    • Bug fixes in XML builder and other SDK components.
  • Upgraded @aws-sdk/client-sts from 3.1009.0 to 3.1013.0, including endpoint updates and new AWS SDK features.
  • Upgraded @aws-sdk/client-secrets-manager from 3.1009.0 to 3.1013.0, including endpoint updates and new AWS SDK features.

reports-generator

🔧 Improvements

  • Updated the brief agent to use Claude Sonnet 4.6 as the default model and removed deprecated configuration code for streamlined setup.

🐛 Bug Fixes

  • Added resource_owner_id filtering to policy result aggregation in the cost reduction agent, reducing excessive data processing and preventing context limit overflows.

be-ms-inventory

🔧 Improvements

  • Updated package-lock.json and enrichTimeline.service.ts to enhance license management and add new SKU exclusions.
  • Upgraded dependencies including @cacheable/utils, @eslint/config-array, and @typescript-eslint packages to their latest versions.
  • Expanded the excluded SKU list for improved handling of specific licenses.

Additional Improvements

  • Merged development branches into main across multiple services for cumulative updates and stability.

Disclaimer: The release notes are generated by OpenAI ChatGPT and may not be accurate. Please contact our support team for more information.

2026-Apr-12T13:33:51