What's Changed

• NV Protect: add compatibility for pre-5.4 alpine pods during roling upgrade by @jayhuang-suse in #1557
• NV Protect: backward compatible for k8s readiness by @jayhuang-suse in #1562
• NV Protect: add adapter as allowed parent process by @jayhuang-suse in #1564
• NV Protect: add scannerTask as allowed parent process by @jayhuang-suse in #1566
• NV Protect: add sigstore-interface as allowed parent process by @jayhuang-suse in #1568
• NVSHAS-8583, separate network policy mode and profile mode at per group level by @gfsuse in #1513
• feat: golangci-lint as git hook by @holyspectral in #1571
• NVSHAS-9416 fix several issues with jar parsing by @Acmarr in #1556
• NVSHAS-9440: support separate network mode and Process and File mode … by @williamlin-suse in #1576
• NVSHAS-9369 Add debug log category via helm deployment support for co… by @kyledong-suse in #1574
• NVSHAS-8583, add profile related group count by @gfsuse in #1577
• NVSHAS-9447: Controller/Scanner pods crashing - "Unsupported system Exit" by @jayhuang-suse in #1580
• sync from github.com/neuvector/k8s by @williamlin-suse in #1585
• CVE-2024-41110: Upgrade docker package by @jayhuang-suse in #1584
• NVSHAS-9467: custom group defined by the pod label does not propagate its profile data on the children containers. by @jayhuang-suse in #1586
• NVSHAS-9325: NVProtect: Manager/Controller is not blocking not-allowed commands by @jayhuang-suse in #1588
• fix: NVSHAS-9442 create lease object for ArgoCD by @holyspectral in #1570
• NVSHAS-9484: Enable Mode Automation on the separate policy and profile modes by @jayhuang-suse in #1591
• Enhanced NV Protect: block unallowed processes. by @jayhuang-suse in #1593
• feat: enable golangci-lint by @holyspectral in #1594
• Change implicit mockup test data to explicit mockup test data by @williamlin-suse in #1596
• NVSHAS-9525/agent: Resolve existing Go linter issues in the NeuVector repository by @jayhuang-suse in #1603
• fix: NVSHAS-9525 fix linter issue in upgrader by @holyspectral in #1600
• fix: NVSHAS-9430 redundant type from array warnings by @holyspectral in #1561
• NVSHAS-9525: Resolve existing Go linter issues in the NeuVector repository by @williamlin-suse in #1604
• fix: NVSHAS-9525 fix lint issue in kv/cm by @holyspectral in #1605
• fix: NVSHAS-9525 fix lint issue in controller, gofmt category by @jeffhuang4704 in #1606
• NVSHAS-9436 add CompareWithoutEpoch function by @Acmarr in #1598
• NVSHAS-9525: Resolve existing Go linter issues in the NeuVector repository by @williamlin-suse in #1607
• NVSHAS-9525: Resolve existing Go linter issues in the NeuVector repository by @williamlin-suse in #1609
• Disable NV Protect block feature by @jayhuang-suse in #1610
• fix: NVSHAS-9525 resolve golint issue by @jeffhuang4704 in #1608
• NVSHAS-9541, Fix and check potential buffer overflow cases in c code by @gfsuse in #1612
• NVSHAS-9525: Resolve existing Go linter issues by @williamlin-suse in #1615
• NVSHAS-9542: Rewrite ringbuffer package by @jayhuang-suse in #1613
• feat: add CODEOWNERS file by @holyspectral in #1617
• NVSHAS-9525: Resolve existing Go linter issues in the NeuVector repository by @williamlin-suse in #1616
• Update security policy by @macedogm in #1611
• fix: NVSHAS-9525 lint issues by @holyspectral in #1618
• NVSHAS-9560 Use placeholder keys in apis.yaml by @jeffhuang4704 in #1623
• NVSHAS-9525: Resolve existing Go linter issues by @williamlin-suse in #1625
• NVSHAS-9468: Fix CVE-2020-26160 to replace jwt-go with jwt:v5 by @kyledong-suse in #1619
• NVSHAS-9525: Resolve existing Go linter issues in the NeuVector repository by @williamlin-suse in #1626
• NVSHAS-9517: Admission control is not consistent, getting incorrect r… by @williamlin-suse in #1627
• NVSHAS-9574: Remove license-related REST APIs by @williamlin-suse in #1628
• NVSHAS-9532: The image scan is completed but deployment is still not allowed by @williamlin-suse in #1629
• Modified version for java and scala by @xingzhang-suse in #1632
• NVSHAS-9558: JWT token expire reports http.StatusRequestTimeout 408 by @williamlin-suse in #1633
• [NVSHAS-9576] Clear password field for registry data when user use controller mode with Jenkins to scan by @pohanhuangtw in #1634
• ReadCmdLine failure: Fix golint PR error. by @jayhuang-suse in #1621
• NVSHAS-9425: create nfq when container has vxlan by @gfsuse in #1637
• NVSHAS-9571 fix image asset advanced filter issue by @jeffhuang4704 in #1638
• NVSHAS-9589: Managed clusters disconnected - Version mismatch with primary cluster by @williamlin-suse in #1639
• fix: linter: use new-from-rev by @holyspectral in #1642
• NVSHAS-8824: User fails to delete own groups, cannot create namespace-scoped groups by @williamlin-suse in #1640
• NVSHAS-9605: Export group with invalid policy mode & process profile mode values is mistakenly allowed by @williamlin-suse in #1643
• NVSHAS-9608:grpc client failed to rx > 4MB pkt by @jayhuang-suse in #1644
• NVSHAS-9609:Fix clang-tidy(lint) warning on c code in repository. by @gfsuse in #1646
• NVSHAS-9534: Display error in admission controls by @williamlin-suse in #1647
• NVSHAS-9537: Change existing builders base image to BCI - neuvector portion by @kyledong-suse in #1631
• NVSHAS-9600: Fix disable controller debug category by @kyledong-suse in #1650
• NVSHAS-9525: resolve go linter warnings by @jeffhuang4704 in #1648
• fix: NVSHAS-9624 rewrite swagger validation by @holyspectral in #1652
• NVSHAS-9631: Reduce some enforcer errors by @jayhuang-suse in #1653
• NVSHAS-9539: 5.4.1 update Tls_cipher_suites for consul 1.20.1 by @kyledong-suse in #1657
• NVSHAS-9645: pre-existing CRD processing fails by @williamlin-suse in #1660
• NVSHAS-9651: Quay.io needs user name and password for scanning by @williamlin-suse in #1662
• NVSHAS-9592: requeue in-progress workloads on db update by @alopez-suse in #1665

New Contributors

• @macedogm made their first contribution in #1611
• @xingzhang-suse made their first contribution in #1632

Full Changelog: v5.4.0...v5.4.1