Add 11.29 release notes

.github/actions/spelling/line_forbidden.patterns

@@ -169,6 +169,10 @@
 # s.b. AlmaLinux
 \bAlma Linux\b
 
+# s.b. CloudLinux
+\bCloud Linux\b
+\bCloudlinux\b
+
 # s.b. openSUSE
 \bOpenSUSE\b
 

docs/mql/resources/ms365-pack/microsoft.user.md

@@ -41,3 +41,4 @@ Microsoft Entra ID user
 | job               | dict                                                                            | Job information                               |
 | contact           | dict                                                                            | Contact information                           |
 | authMethods       | [microsoft.user.authenticationMethods](microsoft.user.authenticationmethods.md) | Authentication information                    |
+| mfaEnabled        | bool                                                                            | Whether MFA is enabled for the user.          |

releases/2024-11-05-mondoo-11.29-is-out.md

@@ -0,0 +1,82 @@
+---
+slug: mondoo-11.29-is-out/
+title: Mondoo 11.29 is out!
+description: Announcing the 11.29 release of Mondoo with asset risk factor customization, Windows Server 2025 support and more!
+authors: [tim]
+image: /img/releases/2024-11-05-mondoo-11.29-is-out/risk_factors.png
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 11.29 is out! This release includes asset risk factor customization, Windows Server 2025 support and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### Risk factor customization
+
+Tailor Mondoo's security model to match the needs of your business with risk factor customizations. Choose which risk factors matter to you and tune how much risk factors impact the prioritization of assets, so that the most critical systems are surfaced first.
+
+![Custom Risk Factors](/img/releases/2024-11-05-mondoo-11.29-is-out/risk_factors.png)
+
+### Expanded Risk Factors
+
+Focus on the most important systems first, with new risk factors for critical database, file sharing, and directory services. These new risk factors surface your most critical systems first, so you can focus your energy on the highest risks to your business:
+
+- Cassandra
+- Elasticsearch
+- MariaDB
+- MongoDB
+- OpenLDAP
+- OpenSearch
+- Samba
+
+### Organizations and spaces descriptions
+
+Communicate the intended purpose of organizations and spaces to your coworkers, or maybe just your future self, with descriptions for organizations and spaces. Set a description in the updated organization/space creation pages or edit them after the fact in the settings pages.
+
+![Space Description](/img/releases/2024-11-05-mondoo-11.29-is-out/space_description.png)
+
+## 🧹 IMPROVEMENTS
+
+### Windows 2025 support
+
+It's been over 3 years since the last major Windows Server release, and Microsoft has been busy with plenty of new security features released in Windows 2025 this week. If you're testing the waters on this new release, Mondoo has your back with full support for securing Windows Server 2025, including the new Arm processor variants.
+
+If you're intested in learning more about everything new in this release check out our [Overview of Changes and New Security Features in Windows Server 2025 blog](https://mondoo.com/blog/overview-of-changes-and-new-security-features-in-windows-server-2025).
+
+### CloudLinux support
+
+Query and secure CloudLinux assets with new support in Mondoo for the hosted-optimized Linux distribution.
+
+### CIS AWS Foundations benchmark 4.0
+
+Stay on top of the latest threats against your AWS infrastructure with the updated CIS AWS Foundations benchmark 4.0. This new release includes 14 new and updated recommendations for the most commonly used Amazon services.
+
+### Resource updates
+
+#### microsoft.user
+
+- New `mfaEnabled` field
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Improve the text describing policy scoring when the scale icon is selected.
+- Improve the layout of the page when adding an integration and all recommended policies are already enabled.
+- Add additional input validation for GitHub Enterprise URLs in the GitHub issues integration setup.
+- Fix a panic querying `aws.eks.clusters { * }` when no disks are present.
+- Include RPM packages with the vendor of "(none)" in the packages resource.
+- Improve scalability of GitHub provider in very large organizations.
+- Provide a helpful error message when the clients can't authenticate to Mondoo Platform.
+- Report IBM dB2 and Amazon Aurora RDS instances in asset overview.
+- Support fetching Windows Appx packages during filesystem scans.
+- Update policy and query pack download icons to be more consistent with other console icons.
+- Don't include the properties tab on policies that don't have any properties.
+- Include the create date in asset overview for AWS EFS filesystem assets.
+- Fix incorrect scoring of the Incompletely removed packages risk factor.
+- Fix a failure running some Microsoft 365 integration scans.
+- Update VMware ESXi 7 EOL to the new extended EOL date.
+- Don't show internal query packs on the query packs page.
+- Update Microsoft Teams notification support to use the new AdaptiveCard system in Teams.

yarn.lock

@@ -2,20 +2,20 @@
 # yarn lockfile v1
 
 
-"@algolia/autocomplete-core@1.9.3":
-  version "1.9.3"
-  resolved "https://registry.yarnpkg.com/@algolia/autocomplete-core/-/autocomplete-core-1.9.3.tgz#1d56482a768c33aae0868c8533049e02e8961be7"
-  integrity sha512-009HdfugtGCdC4JdXUbVJClA0q0zh24yyePn+KUGk3rP7j8FEe/m5Yo/z65gn6nP/cM39PxpzqKrL7A6fP6PPw==
+"@algolia/autocomplete-core@1.17.6":
+  version "1.17.6"
+  resolved "https://registry.yarnpkg.com/@algolia/autocomplete-core/-/autocomplete-core-1.17.6.tgz#63f4c2f21a215cb9968611f51a82d6017cd690df"
+  integrity sha512-lkDoW4I7h2kKlIgf3pUt1LqvxyYKkVyiypoGLlUnhPSnCpmeOwudM6rNq6YYsCmdQtnDQoW5lUNNuj6ASg3qeg==
   dependencies:
-    "@algolia/autocomplete-plugin-algolia-insights" "1.9.3"
-    "@algolia/autocomplete-shared" "1.9.3"
+    "@algolia/autocomplete-plugin-algolia-insights" "1.17.6"
+    "@algolia/autocomplete-shared" "1.17.6"
 
-"@algolia/autocomplete-plugin-algolia-insights@1.9.3":
-  version "1.9.3"
-  resolved "https://registry.yarnpkg.com/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.9.3.tgz#9b7f8641052c8ead6d66c1623d444cbe19dde587"
-  integrity sha512-a/yTUkcO/Vyy+JffmAnTWbr4/90cLzw+CC3bRbhnULr/EM0fGNvM13oQQ14f2moLMcVDyAx/leczLlAOovhSZg==
+"@algolia/autocomplete-plugin-algolia-insights@1.17.6":
+  version "1.17.6"
+  resolved "https://registry.yarnpkg.com/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.17.6.tgz#ff760852769e9f27a70f48f2c4e111fc93fd64e5"
+  integrity sha512-17NnaacuFzSWVuZu4NKzVeaFIe9Abpw8w+/gjc7xhZFtqj+GadufzodIdchwiB2eM2cDdiR3icW7gbNTB3K2YA==
   dependencies:
-    "@algolia/autocomplete-shared" "1.9.3"
+    "@algolia/autocomplete-shared" "1.17.6"
 
 "@algolia/[email protected]":
   version "1.17.6"
@@ -29,11 +29,6 @@
   resolved "https://registry.yarnpkg.com/@algolia/autocomplete-shared/-/autocomplete-shared-1.17.6.tgz#ad951632b6d477d4ba9a68a347e1702d26009d58"
   integrity sha512-aq/3V9E00Tw2GC/PqgyPGXtqJUlVc17v4cn1EUhSc+O/4zd04Uwb3UmPm8KDaYQQOrkt1lwvCj2vG2wRE5IKhw==
 
-"@algolia/[email protected]":
-  version "1.9.3"
-  resolved "https://registry.yarnpkg.com/@algolia/autocomplete-shared/-/autocomplete-shared-1.9.3.tgz#2e22e830d36f0a9cf2c0ccd3c7f6d59435b77dfa"
-  integrity sha512-Wnm9E4Ye6Rl6sTTqjoymD+l8DjSTHsHboVRYrKgEt8Q7UHm9nYbqhN/i0fhUYA3OAEH7WA8x3jfpnmJm3rKvaQ==
-
 "@algolia/[email protected]":
   version "4.24.0"
   resolved "https://registry.yarnpkg.com/@algolia/cache-browser-local-storage/-/cache-browser-local-storage-4.24.0.tgz#97bc6d067a9fd932b9c922faa6b7fd6e546e1348"
@@ -1200,20 +1195,20 @@
   resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz#1d572bfbbe14b7704e0ba0f39b74815b84870d70"
   integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==
 
-"@docsearch/css@3.6.3":
-  version "3.6.3"
-  resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.6.3.tgz#d787cc9d27a7e67305fa47d668656eb2e64c4526"
-  integrity sha512-3uvbg8E7rhqE1C4oBAK3tGlS2qfhi9zpfZgH/yjDPF73vd9B41urVIKujF4rczcF4E3qs34SedhehiDJ4UdNBA==
+"@docsearch/css@3.7.0":
+  version "3.7.0"
+  resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.7.0.tgz#4886f7b598929c6df6572ab57a887915fc77e86e"
+  integrity sha512-1OorbTwi1eeDmr0v5t+ckSRlt1zM5GHjm92iIl3kUu7im3GHuP+csf6E0WBg8pdXQczTWP9J9+o9n+Vg6DH5cQ==
 
 "@docsearch/react@^3.5.2":
-  version "3.6.3"
-  resolved "https://registry.yarnpkg.com/@docsearch/react/-/react-3.6.3.tgz#326a0811306060bfb481df3cd0db51adaa9f737c"
-  integrity sha512-2munr4uBuZq1PG+Ge+F+ldIdxb3Wi8OmEIv2tQQb4RvEvvph+xtQkxwHzVIEnt5s+HecwucuXwB+3JhcZboFLg==
+  version "3.7.0"
+  resolved "https://registry.yarnpkg.com/@docsearch/react/-/react-3.7.0.tgz#db3501013c5949d5547c2c0f254ddbbcdfcbc636"
+  integrity sha512-8e6tdDfkYoxafEEPuX5eE1h9cTkLvhe4KgoFkO5JCddXSQONnN1FHcDZRI4r8894eMpbYq6rdJF0dVYh8ikwNQ==
   dependencies:
-    "@algolia/autocomplete-core" "1.9.3"
+    "@algolia/autocomplete-core" "1.17.6"
     "@algolia/autocomplete-preset-algolia" "1.17.6"
-    "@docsearch/css" "3.6.3"
-    algoliasearch "^5.11.0"
+    "@docsearch/css" "3.7.0"
+    algoliasearch "^5.12.0"
 
 "@docusaurus/[email protected]":
   version "3.6.0"
@@ -2221,9 +2216,9 @@
     "@types/node" "*"
 
 "@types/node@*":
-  version "22.8.7"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.8.7.tgz#04ab7a073d95b4a6ee899f235d43f3c320a976f4"
-  integrity sha512-LidcG+2UeYIWcMuMUpBKOnryBWG/rnmOHQR5apjn8myTQcx3rinFRn7DcIFhMnS0PPFSC6OafdIKEad0lj6U0Q==
+  version "22.9.0"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.9.0.tgz#b7f16e5c3384788542c72dc3d561a7ceae2c0365"
+  integrity sha512-vuyHg81vvWA1Z1ELfvLko2c8f34gyA0zaic0+Rllc5lbCnbSyuvb2Oxpm6TAUAC/2xZN3QGqxBNggD1nNR2AfQ==
   dependencies:
     undici-types "~6.19.8"
 
@@ -2248,9 +2243,9 @@
   integrity sha512-hCZTSvwbzWGvhqxp/RqVqwU999pBf2vp7hzIjiYOsl8wqOmUxkQ6ddw1cV3l8811+kdUFus/q4d1Y3E3SyEifA==
 
 "@types/qs@*":
-  version "6.9.16"
-  resolved "https://registry.yarnpkg.com/@types/qs/-/qs-6.9.16.tgz#52bba125a07c0482d26747d5d4947a64daf8f794"
-  integrity sha512-7i+zxXdPD0T4cKDuxCUXJ4wHcsJLwENa6Z3dCu8cfCK743OGy5Nu1RmAGqDPsoTDINVEcdXKRvR/zre+P2Ku1A==
+  version "6.9.17"
+  resolved "https://registry.yarnpkg.com/@types/qs/-/qs-6.9.17.tgz#fc560f60946d0aeff2f914eb41679659d3310e1a"
+  integrity sha512-rX4/bPcfmvxHDv0XjfJELTTr+iB+tn032nPILqHm5wbthUUUuVtNGGqzhya9XUxjTP8Fpr0qYgSZZKxGY++svQ==
 
 "@types/range-parser@*":
   version "1.2.7"
@@ -2611,7 +2606,7 @@ algoliasearch@^4.18.0:
     "@algolia/requester-node-http" "4.24.0"
     "@algolia/transporter" "4.24.0"
 
-algoliasearch@^5.11.0:
+algoliasearch@^5.12.0:
   version "5.12.0"
   resolved "https://registry.yarnpkg.com/algoliasearch/-/algoliasearch-5.12.0.tgz#2e822a7916d691e55058ea7dba277d5110969dd0"
   integrity sha512-psGBRYdGgik8I6m28iAB8xpubvjEt7UQU+w5MAJUA2324WHiGoHap5BPkkjB14rMaXeRts6pmOsrVIglGyOVwg==
@@ -3750,9 +3745,9 @@ [email protected]:
   integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
 
 electron-to-chromium@^1.5.41:
-  version "1.5.50"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.50.tgz#d9ba818da7b2b5ef1f3dd32bce7046feb7e93234"
-  integrity sha512-eMVObiUQ2LdgeO1F/ySTXsvqvxb6ZH2zPGaMYsWzRDdOddUa77tdmI0ltg+L16UpbWdhPmuF3wIQYyQq65WfZw==
+  version "1.5.52"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.52.tgz#2bed832c95a56a195504f918150e548474687da8"
+  integrity sha512-xtoijJTZ+qeucLBDNztDOuQBE1ksqjvNjvqFoST3nGC7fSpqJ+X6BdTBaY5BHG+IhWWmpc6b/KfpeuEDupEPOQ==
 
 emoji-regex@^8.0.0:
   version "8.0.0"