Hello InSpec friends!
We are delighted to announce the availability of version 5.22.29 of Chef InSpec. Changes include:
We've updated the Chef End User License Agreement (EULA).
The terms of the EULA are the same as they were before, but we've created three licensing tiers: Free, Trial, and Commercial.
The Free tier allows personal/non-commercial users to scan 10 targets for an unlimited period of time.
The Trial tier allows trial users to scan unlimited targets for 30 days.
The Commercial tier gives users the features and benefits that come with the subscription they've purchased.
Contact Chef Support for more information.
Updates in this release provide fixes for the following CVE(s):
- CVE-2023-42658 InSpec archive command vulnerable to maliciously crafted profile (#6721)
- Updated the Docker base image to support Ubuntu 22.04. (#6526)
- Updated the Docker base image to support Mac M1 (#6541)
- Updated the
--configCLI options so that reporter options in a config file are merged with reporter options set with the
--reporterCLI option. (#6568)
- Fixed controls in waiver files that were not getting waived if the control failed. (#6588)
inspec execso that it can correctly fetch a profile from a repository that isn't managed with Git and doesn't have a
- Fix for missing nil check for control variable in formatter's base. (#6629)
You can download binaries directly from Chef Downloads.