Add 11.26 release notes

New week. New release.

Signed-off-by: Tim Smith <[email protected]>

.github/actions/spelling/expect.txt

@@ -92,6 +92,7 @@ CYEXAMPLEKEY
 datacompute
 datapath
 DATAUSER
+dba
 dcea
 Ddos
 debconf

docs/cnquery/cli/cnquery_vault_configure.md

@@ -19,7 +19,7 @@ cnquery vault configure VAULTNAME [flags]
   -h, --help                    help for configure
       --inventory-file string   Set the path to the inventory file
       --option stringToString   addition vault connection options, multiple options via --option key=value (default [])
-      --type string             possible values: linux-kernel-keyring | hashicorp-vault | gcp-secret-manager | aws-parameter-store | none | keyring | gcp-berglas | memory | encrypted-file | aws-secrets-manager
+      --type string             possible values: encrypted-file | gcp-secret-manager | aws-secrets-manager | aws-parameter-store | gcp-berglas | none | linux-kernel-keyring | hashicorp-vault | memory | keyring
 ```
 
 ### Options inherited from parent commands

docs/cnspec/cli/cnspec_framework.md

@@ -25,6 +25,7 @@ Manage local and Mondoo Platform hosted compliance frameworks
 
 - [cnspec](cnspec.md) - cnspec CLI
 - [cnspec framework active](cnspec_framework_active.md) - Change a framework status to active
+- [cnspec framework disabled](cnspec_framework_disabled.md) - Change a framework status to disabled
 - [cnspec framework download](cnspec_framework_download.md) - Download a compliance framework
 - [cnspec framework list](cnspec_framework_list.md) - List available compliance frameworks
 - [cnspec framework preview](cnspec_framework_preview.md) - Change a framework status to preview

docs/cnspec/cli/cnspec_framework_disabled.md

@@ -0,0 +1,30 @@
+---
+id: cnspec_framework_disabled
+title: cnspec framework disabled
+---
+
+Change a framework status to disabled
+
+```
+cnspec framework disabled [mrn] [flags]
+```
+
+### Options
+
+```
+  -h, --help   help for disabled
+```
+
+### Options inherited from parent commands
+
+```
+      --api-proxy string   Set proxy for communications with Mondoo API
+      --auto-update        Enable automatic provider installation and update (default true)
+      --config string      Set config file path (default $HOME/.config/mondoo/mondoo.yml)
+      --log-level string   Set log level: error, warn, info, debug, trace (default "info")
+  -v, --verbose            Enable verbose output
+```
+
+### SEE ALSO
+
+- [cnspec framework](cnspec_framework.md) - Manage local and Mondoo Platform hosted compliance frameworks

docs/cnspec/cli/cnspec_login.md

@@ -23,13 +23,13 @@ cnspec login [flags]
 ### Options
 
 ```
-      --annotation stringToString   Set the client annotations. (default [])
-      --api-endpoint string         Set the Mondoo API endpoint.
+      --annotation stringToString   Set the client annotations (default [])
+      --api-endpoint string         Set the Mondoo API endpoint
   -h, --help                        help for login
-      --name string                 Set asset name.
-      --splay int                   Randomize the timer by up to this many minutes.
-      --timer int                   Set the scan interval in minutes.
-  -t, --token string                Set a client registration token.
+      --name string                 Set asset name
+      --splay int                   Randomize the timer by up to this many minutes
+      --timer int                   Set the scan interval in minutes
+  -t, --token string                Set a client registration token
 ```
 
 ### Options inherited from parent commands

docs/cnspec/cli/cnspec_providers.md

@@ -7,7 +7,7 @@ Providers add connectivity to all assets
 
 ### Synopsis
 
-Manage your providers. List and install new ones or update existing ones.
+Manage your providers. List and install new ones or update existing ones
 
 ```bash
 cnspec providers [flags]
@@ -32,5 +32,5 @@ cnspec providers [flags]
 ### SEE ALSO
 
 - [cnspec](cnspec.md) - cnspec CLI
-- [cnspec providers install](cnspec_providers_install.md) - Install or update a provider.
-- [cnspec providers list](cnspec_providers_list.md) - List all providers on the system.
+- [cnspec providers install](cnspec_providers_install.md) - Install or update a provider
+- [cnspec providers list](cnspec_providers_list.md) - List all providers on the system

docs/cnspec/cli/cnspec_providers_install.md

@@ -3,7 +3,7 @@ id: cnspec_providers_install
 title: cnspec providers install
 ---
 
-Install or update a provider.
+Install or update a provider
 
 ```bash
 cnspec providers install <NAME[@VERSION]> [flags]

docs/cnspec/cli/cnspec_providers_list.md

@@ -3,7 +3,7 @@ id: cnspec_providers_list
 title: cnspec providers list
 ---
 
-List all providers on the system.
+List all providers on the system
 
 ```
 cnspec providers list [flags]

docs/cnspec/cli/cnspec_run.md

@@ -16,13 +16,13 @@ cnspec run [flags]
 ### Options
 
 ```
-      --ast                  Parse the query and return the abstract syntax tree (AST).
-  -c, --command string       MQL query to executed in the shell.
+      --ast                  Parse the query and return the abstract syntax tree (AST)
+  -c, --command string       MQL query to execute in the shell
   -h, --help                 help for run
-      --info                 Parse the query and provide information about it.
-  -j, --json                 Run the query and return the object in a JSON structure.
-      --parse                Parse the query and return the logical structure.
-      --platform-id string   Select a specific target asset by providing its platform ID.
+      --info                 Parse the query and provide information about it
+  -j, --json                 Run the query and return the object in a JSON structure
+      --parse                Parse the query and return the logical structure
+      --platform-id string   Select a specific target asset by providing its platform ID
 ```
 
 ### Options inherited from parent commands

docs/cnspec/cli/cnspec_vault_add-secret.md

@@ -13,7 +13,7 @@ cnspec vault add-secret SECRETID SECRETVALUE [flags]
 
 ```
   -h, --help                    help for add-secret
-      --inventory-file string   Set the path to the inventory file.
+      --inventory-file string   Set the path to the inventory file
 ```
 
 ### Options inherited from parent commands

docs/cnspec/cli/cnspec_vault_configure.md

@@ -17,9 +17,9 @@ cnspec vault configure VAULTNAME [flags]
 
 ```
   -h, --help                    help for configure
-      --inventory-file string   Set the path to the inventory file.
+      --inventory-file string   Set the path to the inventory file
       --option stringToString   addition vault connection options, multiple options via --option key=value (default [])
-      --type string             possible values: keyring | linux-kernel-keyring | encrypted-file | hashicorp-vault | gcp-secret-manager | aws-parameter-store | memory | none | aws-secrets-manager | gcp-berglas
+      --type string             possible values: gcp-secret-manager | aws-secrets-manager | none | encrypted-file | hashicorp-vault | aws-parameter-store | gcp-berglas | memory | keyring | linux-kernel-keyring
 ```
 
 ### Options inherited from parent commands

releases/2024-10-08-mondoo-11.25-is-out.md

@@ -50,12 +50,10 @@ Exception counts on individual check pages let you quickly see how many exceptio
 - Improve form validation and formatting in the AWS integration setup form.
 - Fix incorrectly clipped log messages in the AWS integration page.
 - Make single account installs the default option during AWS serverless integration setup.
-- Improve form validation in the AWS serverless integration.
 - Improve auditd checks in CIS Linux benchmark policies to better support container image and filesystem snapshot scans.
 - Redirect to the spaces list page after deleting a space.
 - Support sending very large scan results to Mondoo Platform.
 - Fix returning an incorrect platform family for Dockerfiles.
 - Improve scan reliability in the AWS serverless integration.
 - Expand and improve help in cnquery and cnspec.
-- Fix errors on the Software page versions graph if all risk severities are unchecked.
 - Update CIS Google Cloud Foundations policy to version 3.0 to match the check content.

releases/2024-10-15-mondoo-11.26-is-out.md

@@ -0,0 +1,75 @@
+---
+slug: mondoo-11.26-is-out/
+title: Mondoo 11.26 is out!
+description: Announcing the 11.26 release of Mondoo with new AWS scan filtering options, custom fields in Zendesk cases, and more!
+authors: [tim]
+image: /img/releases/2024-10-15-mondoo-11.26-is-out/zendesk.png
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 11.26 is out! This release includes new AWS scan filtering options, custom fields in Zendesk cases, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### AWS resource scan filtering
+
+Pick and choose the exact AWS resources that Mondoo evaluates with new scan filtering.
+
+The AWS Serverless integration now includes the ability to define AWS resources to scan with region, instance, and tag based include and exclude filters. Scan just a single region or exclude resources using owner tags.
+
+![AWS resource filtering](/img/releases/2024-10-15-mondoo-11.26-is-out/filtering.png)
+
+For CLI users, now you can specify a comma separated list of tag values with the `--filters` flag.
+
+To include resources with the "Owner" tag of "backend", "frontend", or "dba":
+
+```bash
+--filters ec2:tag:Owner=backend,frontend,dba
+```
+
+To exclude the "Owner" tag of "qa" and "dev":
+
+```bash
+--filters exclude:ec2:tag:Owner=qa,dev
+```
+
+### Custom fields for Zendesk cases
+
+Improve the routing of cases generated in Zendesk with new globally set custom fields.
+
+![Custom fields for Zendesk](/img/releases/2024-10-15-mondoo-11.26-is-out/zendesk.png)
+
+## 🧹 IMPROVEMENTS
+
+### Improved policy risk display
+
+Understand the risk scores distribution of policies accross assets in your spaces with improved asset scan results in the security policies page.
+
+![Risk score distribution](/img/releases/2024-10-15-mondoo-11.26-is-out/risk_score.png)
+
+### Ubuntu 24.10 platform support
+
+Secure workstations on the latest release of Ubuntu with full Ubuntu 24.10 support in Linux policies, vulnerability detection, and EOL support.
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Fix errors on the Software page versions graph if all risk severities are unchecked.
+- Add a creation date column to ticketing integration lists.
+- Don't display "Last scanned" on ticketing integration pages.
+- Don't display the "Schedule Now" button on ticketing integration pages.
+- Don't include the "Pause Scanning" menu option on ticketing integration pages.
+- Improve display of affected assets on advisories, CVEs, and checks pages.
+- Fix flickering of text fields on integration setup pages.
+- Improve rendering of manual setup instructions on the Workstation integration setup page.
+- Don't show "Base Score" in the score summary of CVEs or Advisories.
+- Fix incorrect rendering of some tool tips on overview pages.
+- Improve rendering of compliance progress bars at 0% progress.
+- Improve reliability of advisories and MTTR values on the vulnerabilities overview page.
+- Improve readability of markdown generated by Cases.
+- Expand and improve help in cnquery and cnspec.
+- Properly parse command line flags containing --.
+- Improve performance loading asset checks.