v2.8.0

2.8.0 (2026-03-19)

Bug Fixes

• address regressions and remaining security issues from re-audit (8d7d0cb)
• address remaining bugs, hardening, and test coverage (5de96be)
• migrate console.* to logger, remove request pkg, fix empty catches (a37faa0)
• P1 hardening — GCP log sanitization, Docker non-root, K8s Jobs (6393dba)
• prevent TypeError when alert type has no required env vars (7e1d4a2)
• remove AWS key from logs, add GCP Cloud Storage export/save (00684da)
• security: address critical injection and TLS vulnerabilities (aa09eb0), closes #7332

Features

• add CIS security rules for PostgreSQL, MySQL, Oracle and MongoDB (#656) (4cc8fc9)
• add integration tests to CI/CD pipelines (#655) (491da53)
• enrich per-rule webhook payload for external remediation (#657) (231eba7)
• implement remaining P0 — SSRF protection, Slack alerts, S3 save (0e28825)