v1.33.0-B0053

What's changed since pre-release v1.33.0-B0023:

• New rules:
  • Databricks:
    • Check that Databricks workspaces use a non-trial SKU by @batemansogq.
      #2646
    • Check that Databricks workspaces require use of private endpoints by @batemansogq.
      #2646
• Engineering:
  • Bump xunit to v2.6.6.
    #2645
  • Bump BenchmarkDotNet to v0.13.12.
    #2636
  • Bump BenchmarkDotNet.Diagnostics.Windows to v0.13.12.
    #2636

See change log.

v1.33.0-B0023

What's changed since v1.32.1:

• Updated rules:
  • Application Gateway:
    • Updated Azure.AppGwWAF.RuleGroups to use the rule sets by @BenjaminEngeset.
      #2629
      • The latest Bot Manager rule set is now 1.0.
      • The latest OWASP rule set is now 3.2.
  • Cognitive Services:
    • Relaxed Azure.Cognitive.ManagedIdentity to configurations that require managed identities by @BernieWhite.
      #2559
  • Virtual Machine:
    • Checks for Azure Hybrid Benefit Azure.VM.UseHybridUseBenefit are not enabled by default by @BernieWhite.
      #2493
      • To enable, set the AZURE_VM_USE_HYBRID_USE_BENEFIT option to true.
  • Virtual Network:
    • Added option for excluding subnets to Azure.VNET.UseNSGs by @BernieWhite.
      #2572
      • To add a subnet exclusion, set the AZURE_VNET_SUBNET_EXCLUDED_FROM_NSG option.
• General improvements:
  • Quality updates to rules and documentation by @BernieWhite.
    #1772
    #2570
• Engineering:
  • Bump xunit to v2.6.4.
    #2618
  • Bump xunit.runner.visualstudio to v2.5.6.
    #2619
• Bug fixes:
  • Fixed dateTimeAdd may fail with different localization by @BernieWhite.
    #2631

See change log.

v1.32.1

What's changed since v1.32.0:

• Bug fixes:
  • Fixed quotes get incorrectly duplicated by @BernieWhite.
    #2593
  • Fixed failure to expand copy loop in a Azure Policy deployment by @BernieWhite.
    #2605
  • Fixed cast exception when expanding the union of an array and mock by @BernieWhite.
    #2614

See change log.

v1.32.0

What's changed since v1.31.3:

• New features:
  • Added December 2023 baselines Azure.GA_2023_12 and Azure.Preview_2023_12 by @BernieWhite.
    #2580
    • Includes rules released before or during December 2023.
    • Marked Azure.GA_2023_09 and Azure.Preview_2023_09 baselines as obsolete.
• Updated rules:
  • App Configuration:
    • Promoted Azure.AppConfig.GeoReplica to GA rule set by @BernieWhite.
      #2592
  • API Management:
    • Promoted Azure.APIM.DefenderCloud to GA rule set by @BernieWhite.
      #2591
  • Azure Kubernetes Service:
    • Updated Azure.AKS.Version to use latest stable version 1.27.7 by @BernieWhite.
      #2581
  • Defender for Cloud:
    • Promoted Azure.Defender.Api to GA rule set by @BernieWhite.
      #2591
  • Network Interface:
    • Important change: Renamed NIC rules to reflect current usage by @BernieWhite.
      #2574
      • Rename Azure.VM.NICAttached to Azure.NIC.Attached.
      • Rename Azure.VM.NICName to Azure.NIC.Name.
      • Rename Azure.VM.UniqueDns to Azure.NIC.UniqueDns.
      • Added aliases to reference the old names for suppression and exclusion.
      • Old names will be removed from v2.
    • Added support for private link services to Azure.VM.NICAttached by @BernieWhite.
      #2563
• General improvements:
  • Improved reporting of null argument in length function by @BernieWhite.
    #2597
  • Quality updates to documentation by @BernieWhite.
    #2557
    #2570
    #1772
• Engineering:
  • Updated resource providers and policy aliases.
    #2579
  • Bump xunit to v2.6.2.
    #2544
  • Bump xunit.runner.visualstudio to v2.5.4.
    #2567
  • Bump Microsoft.SourceLink.GitHub to v8.0.0.
    #2538
  • Bump BenchmarkDotNet.Diagnostics.Windows and BenchmarkDotNet to v0.13.11.
    #2575
  • Bump Microsoft.CodeAnalysis.NetAnalyzers to v8.0.0.
    #2568
  • Bump Microsoft.NET.Test.Sdk to v17.8.0.
    #2527
• Bug fixes:
  • Fixed additional false positives of Azure.Deployment.SecureParameter by @BernieWhite.
    #2556
  • Fixed expansion with sub-resource handling of deployments with duplicate resources by @BernieWhite.
    #2564
  • Fixed dependency ordered is incorrect by @BernieWhite.
    #2578

What's changed since pre-release v1.32.0-B0099:

• No additional changes.

See change log.

v1.32.0-B0099

What's changed since pre-release v1.32.0-B0053:

• New features:
  • Added December 2023 baselines Azure.GA_2023_12 and Azure.Preview_2023_12 by @BernieWhite.
    #2580
    • Includes rules released before or during December 2023.
    • Marked Azure.GA_2023_09 and Azure.Preview_2023_09 baselines as obsolete.
• Updated rules:
  • App Configuration:
    • Promoted Azure.AppConfig.GeoReplica to GA rule set by @BernieWhite.
      #2592
    • API Management:
      • Promoted Azure.APIM.DefenderCloud to GA rule set by @BernieWhite.
        #2591
  • Azure Kubernetes Service:
    • Updated Azure.AKS.Version to use latest stable version 1.27.7 by @BernieWhite.
      #2581
  • Defender for Cloud:
    • Promoted Azure.Defender.Api to GA rule set by @BernieWhite.
      #2591
• General improvements:
  • Improved reporting of null argument in length function by @BernieWhite.
    #2597
• Engineering:
  • Updated resource providers and policy aliases.
    #2579
  • Bump Microsoft.SourceLink.GitHub to v8.0.0.
    #2538
  • Bump BenchmarkDotNet.Diagnostics.Windows and BenchmarkDotNet to v0.13.11.
    #2575
  • Bump Microsoft.CodeAnalysis.NetAnalyzers to v8.0.0.
    #2568

See change log.

v1.32.0-B0053

What's changed since pre-release v1.32.0-B0021:

• Updated rules:
  • Network Interface:
    • Important change: Renamed NIC rules to reflect current usage by @BernieWhite.
      #2574
      • Rename Azure.VM.NICAttached to Azure.NIC.Attached.
      • Rename Azure.VM.NICName to Azure.NIC.Name.
      • Rename Azure.VM.UniqueDns to Azure.NIC.UniqueDns.
      • Added aliases to reference the old names for suppression and exclusion.
      • Old names will be removed from v2.
    • Added support for private link services to Azure.VM.NICAttached by @BernieWhite.
      #2563
• General improvements:
  • Quality updates to documentation by @BernieWhite.
    #2570
    #1772
• Engineering:
  • Bump xunit.runner.visualstudio to v2.5.4.
    #2567
• Bug fixes:
  • Fixed dependency is ordered incorrect by @BernieWhite.
    #2578

See change log.

v1.32.0-B0021

What's changed since v1.31.3:

• General improvements:
  • Updates to documentation by @BernieWhite.
    #2557
• Engineering:
  • Bump Microsoft.NET.Test.Sdk to v17.8.0.
    #2527
  • Bump xunit to v2.6.2.
    #2544
• Bug fixes:
  • Fixed additional false positives of Azure.Deployment.SecureParameter by @BernieWhite.
    #2556
  • Fixed expansion with sub-resource handling of deployments with duplicate resources by @BernieWhite.
    #2564

See change log.

v1.31.3

What's changed since v1.31.2:

• Bug fixes:
  • Fixed incorrect scope generated for subscription aliases by @BernieWhite.
    #2545
  • Fixed null dereferenced properties in map lambda by @BernieWhite.
    #2535
  • Fixed handling of for array index symbols by @BernieWhite.
    #2548

See change log.

v1.31.2

What's changed since v1.31.1:

• Bug fixes:
  • Fixed nullable parameters with JValue null by @BernieWhite.
    #2535

See change log.

v1.31.1

What's changed since v1.31.0:

• Bug fixes:
  • Fixed additional non-sensitive parameter name patterns by Azure.Deployment.SecureParameter by @BernieWhite.
    #2528
    • Added support for configuration of the rule by setting AZURE_DEPLOYMENT_NONSENSITIVE_PARAMETER_NAMES.
  • Fixed incorrect handling of expressions with contains with JValue string by @BernieWhite.
    #2531

See change log.