Add 10.7 release notes (#32)

* Add 10.7 release notes

Signed-off-by: Tim Smith <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Add missing section

Signed-off-by: Tim Smith <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-03-12-mondoo-10.7-is-out.md

Co-authored-by: Letha <[email protected]>

* Add 1 more items to the bugfix list

Signed-off-by: Tim Smith <[email protected]>

---------

Signed-off-by: Tim Smith <[email protected]>
Co-authored-by: Letha <[email protected]>

releases/2024-03-05-mondoo-10.6-is-out.md

@@ -107,7 +107,7 @@ Both the CIS AWS Foundations benchmark policy and the various AWS Best Practices
 - Only show the options to add new integrations when the user has the appropriate permissions for the space.
 - Change documentation links in the console to go directly to Mondoo Platform documentation.
 - Improve how space owners are listed in the Organization dashboard's CVE list.
-- Fix policy recommendation during the Kubernetes integration setup.
+- Fix policy recommendations during the Kubernetes integration setup.
 - Show EPSS scores with a single decimal point in all locations.
 - Don't fail scanning if the location of an S3 bucket cannot be determined.
 - Return more than 100 Microsoft 365 users in queries.

releases/2024-03-12-mondoo-10.7-is-out.md

@@ -0,0 +1,66 @@
+---
+slug: mondoo-10.7-is-out/
+title: Mondoo 10.7 is out!
+author: Tim Smith
+author_title: Mondoo Core Team
+author_url: https://github.com/tas50
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 10.7 is out! This release includes vendor advisory links, improved CLI scanning, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🧹 IMPROVEMENTS
+
+### Show numeric asset scores in the CLI
+
+Understand your precise scores in the cnspec CLI with new numeric score values in addition to A-F scores.
+
+![Numeric scores](/img/releases/2024-03-12-mondoo-10.7-is-out/numeric.png)
+
+### Add specific vendor advisory sources
+
+Jump right to the source with new direct links to vendor advisories on software advisory pages.
+
+![Advisory links](/img/releases/2024-03-12-mondoo-10.7-is-out/vendor_links.png)
+
+### Improved AWS integration troubleshooting
+
+Failures happen, so let's get to the root cause faster with new troubleshooting options for AWS integrations. The ... menu in the AWS integrations pages now includes new options that:
+- Force an update of the Lambda code powering the integration
+- Send diagnostics logs directly to Mondoo
+
+![Diagnostics information](/img/releases/2024-03-12-mondoo-10.7-is-out/aws_diagnostics.png)
+
+## Kubernetes scanning performance improvements
+
+We introduced a new mechanism to reduce the number of calls made during asset discovery. This is especially helpful when scanning larger Kubernetes clusters. It lets cnquery and cnspec incrementally scan every asset one by one without having to scan all of them initially. This performance improvement not only drastically cuts the execution time, it also eliminates the need for reading container images twice from the system, cutting down on I/O load.
+
+This improvement is automatically enabled for new workloads. We currently support it for container images and plan to extend it to other workloads with costly discovery steps in the future.
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Fix failures to detect vulnerable versions of system-wide Visual Studio Code installations on Windows.
+- Fix incorrect pluralization on the assets page.
+- Fix incorrect source links for Debian, Chrome, and Firefox vulnerabilities and advisories.
+- Fix detection of some newer VMware advisories.
+- Fix macOS systems displaying a low vulnerability score but no CVEs or advisories.
+- Add missing available package data when scanning for vulnerabilities on the command line.
+- Fix failures scanning systems with the command line `--incognito` flag.
+- Add missing first-found data to the asset software tab.
+- Respect the `--output` flag when running `cnspec vuln`.
+- Improve the disk/memory usage of container image scans on large Kubernetes clusters.
+- Fix duplicate AWS instance scans.
+- Add support for VMware vSphere/ESXi 8.0U2b vulnerability scanning.
+- Don't show the service accounts button when a Kubernetes integration is still pending.
+- Show "unknown" instead of "0.0" when a CVSS score has not been published.
+- Don't show an empty CVSS score section on vulnerability pages if they have not been published.
+- Improve the display of vendor icons in the asset software tab.
+- Add tooltips to check status icons in Compliance Hub.
+- Fix failures scanning GCP if resources can't be discovered.
+- Improve the display of installed memory on Windows assets.
+- Add macOS model detection for new M3 MacBook Air laptops.
+- Improve check reliability in the AWS Operation Best Practices policies.

yarn.lock

@@ -250,10 +250,10 @@
     lodash.debounce "^4.0.8"
     resolve "^1.14.2"
 
-"@babel/helper-define-polyfill-provider@^0.6.0":
-  version "0.6.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.6.0.tgz#4d1a8b898c8299a2fcf295d7d356d2648471ab31"
-  integrity sha512-efwOM90nCG6YeT8o3PCyBVSxRfmILxCNL+TNI8CGQl7a62M0Wd9VkV+XHwIlkOz1r4b+lxu6gBjdWiOMdUCrCQ==
+"@babel/helper-define-polyfill-provider@^0.6.1":
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.6.1.tgz#fadc63f0c2ff3c8d02ed905dcea747c5b0fb74fd"
+  integrity sha512-o7SDgTJuvx5vLKD6SFvkydkSMBvahDKGiNJzG22IZYXhiqoe9efY7zocICBgzHV4IRg5wdgl2nEL/tulKIEIbA==
   dependencies:
     "@babel/helper-compilation-targets" "^7.22.6"
     "@babel/helper-plugin-utils" "^7.22.5"
@@ -1692,7 +1692,7 @@
     "@types/yargs" "^17.0.8"
     chalk "^4.0.0"
 
-"@jridgewell/gen-mapping@^0.3.0", "@jridgewell/gen-mapping@^0.3.2", "@jridgewell/gen-mapping@^0.3.5":
+"@jridgewell/gen-mapping@^0.3.2", "@jridgewell/gen-mapping@^0.3.5":
   version "0.3.5"
   resolved "https://registry.yarnpkg.com/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz#dcce6aff74bdf6dad1a95802b69b04a2fcb1fb36"
   integrity sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==
@@ -1712,19 +1712,19 @@
   integrity sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==
 
 "@jridgewell/source-map@^0.3.3":
-  version "0.3.5"
-  resolved "https://registry.yarnpkg.com/@jridgewell/source-map/-/source-map-0.3.5.tgz#a3bb4d5c6825aab0d281268f47f6ad5853431e91"
-  integrity sha512-UTYAUj/wviwdsMfzoSJspJxbkH5o1snzwX0//0ENX1u/55kkZZkcTZP6u9bwKGkv+dkk9at4m1Cpt0uY80kcpQ==
+  version "0.3.6"
+  resolved "https://registry.yarnpkg.com/@jridgewell/source-map/-/source-map-0.3.6.tgz#9d71ca886e32502eb9362c9a74a46787c36df81a"
+  integrity sha512-1ZJTZebgqllO79ue2bm3rIGud/bOe0pP5BjSRCRxxYkEZS8STV7zN84UBbiYu7jy+eCKSnVIUgoWWE/tt+shMQ==
   dependencies:
-    "@jridgewell/gen-mapping" "^0.3.0"
-    "@jridgewell/trace-mapping" "^0.3.9"
+    "@jridgewell/gen-mapping" "^0.3.5"
+    "@jridgewell/trace-mapping" "^0.3.25"
 
 "@jridgewell/sourcemap-codec@^1.4.10", "@jridgewell/sourcemap-codec@^1.4.14":
   version "1.4.15"
   resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz#d7c6e6755c78567a951e04ab52ef0fd26de59f32"
   integrity sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==
 
-"@jridgewell/trace-mapping@^0.3.17", "@jridgewell/trace-mapping@^0.3.20", "@jridgewell/trace-mapping@^0.3.24", "@jridgewell/trace-mapping@^0.3.9":
+"@jridgewell/trace-mapping@^0.3.17", "@jridgewell/trace-mapping@^0.3.20", "@jridgewell/trace-mapping@^0.3.24", "@jridgewell/trace-mapping@^0.3.25":
   version "0.3.25"
   resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz#15f190e98895f3fc23276ee14bc76b675c2e50f0"
   integrity sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==
@@ -2284,9 +2284,9 @@
     "@types/node" "*"
 
 "@types/node@*":
-  version "20.11.25"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-20.11.25.tgz#0f50d62f274e54dd7a49f7704cc16bfbcccaf49f"
-  integrity sha512-TBHyJxk2b7HceLVGFcpAUjsa5zIdsPWlR6XHfyGzd0SFu+/NFgQgMAl96MSDZgQDvJAvV6BKsFOrt6zIL09JDw==
+  version "20.11.26"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-20.11.26.tgz#3fbda536e51d5c79281e1d9657dcb0131baabd2d"
+  integrity sha512-YwOMmyhNnAWijOBQweOJnQPl068Oqd4K3OFbTc6AHJwzweUwwWG3GIFY74OKks2PJUDkQPeddOQES9mLn1CTEQ==
   dependencies:
     undici-types "~5.26.4"
 
@@ -2354,9 +2354,9 @@
     "@types/react" "*"
 
 "@types/react@*", "@types/react@^18.2.64":
-  version "18.2.64"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.2.64.tgz#3700fbb6b2fa60a6868ec1323ae4cbd446a2197d"
-  integrity sha512-MlmPvHgjj2p3vZaxbQgFUQFvD8QiZwACfGqEdDSWou5yISWxDQ4/74nCAwsUiX7UFLKZz3BbVSPj+YxeoGGCfg==
+  version "18.2.65"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.2.65.tgz#54eb311fa9aba173c9e163d42ec188d5a42878b8"
+  integrity sha512-98TsY0aW4jqx/3RqsUXwMDZSWR1Z4CUlJNue8ueS2/wcxZOsz4xmW1X8ieaWVRHcmmQM3R8xVA4XWB3dJnWwDQ==
   dependencies:
     "@types/prop-types" "*"
     "@types/scheduler" "*"
@@ -2796,12 +2796,12 @@ babel-plugin-dynamic-import-node@^2.3.3:
     object.assign "^4.1.0"
 
 babel-plugin-polyfill-corejs2@^0.4.8:
-  version "0.4.9"
-  resolved "https://registry.yarnpkg.com/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.4.9.tgz#15a285f681e1c5495093d85f1cf72bd1cbed41ce"
-  integrity sha512-BXIWIaO3MewbXWdJdIGDWZurv5OGJlFNo7oy20DpB3kWDVJLcY2NRypRsRUbRe5KMqSNLuOGnWTFQQtY5MAsRw==
+  version "0.4.10"
+  resolved "https://registry.yarnpkg.com/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.4.10.tgz#276f41710b03a64f6467433cab72cbc2653c38b1"
+  integrity sha512-rpIuu//y5OX6jVU+a5BCn1R5RSZYWAl2Nar76iwaOdycqb6JPxediskWFMMl7stfwNJR4b7eiQvh5fB5TEQJTQ==
   dependencies:
     "@babel/compat-data" "^7.22.6"
-    "@babel/helper-define-polyfill-provider" "^0.6.0"
+    "@babel/helper-define-polyfill-provider" "^0.6.1"
     semver "^6.3.1"
 
 babel-plugin-polyfill-corejs3@^0.9.0:
@@ -3835,9 +3835,9 @@ [email protected]:
   integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
 
 electron-to-chromium@^1.4.668:
-  version "1.4.700"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.700.tgz#0270c9f57d6782af031f71e16ef810d0588a1e2f"
-  integrity sha512-40dqKQ3F7C8fbBEmjSeJ+qEHCKzPyrP9SkeIBZ3wSCUH9nhWStrDz030XlDzlhNhlul1Z0fz7TpDFnsIzo4Jtg==
+  version "1.4.702"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.702.tgz#a05803c5a1a54f5eb727ce6a922a5923ef436261"
+  integrity sha512-LYLXyEUsZ3nNSwiOWjI88N1PJUAMU2QphQSgGLVkFnb3FxZxNui2Vzi2PaKPgPWbsWbZstZnh6BMf/VQJamjiQ==
 
 emoji-regex@^8.0.0:
   version "8.0.0"