Add 12.33 release notes

New week. New release

Signed-off-by: Tim Smith <[email protected]>

.github/actions/spelling/line_forbidden.patterns

@@ -68,6 +68,9 @@
 # Industry Terms
 #
 
+# s.b. NetFlow
+\bNetflow\b
+
 # s.b. Side scanning
 \b[Ss]idescanning\b
 
@@ -103,6 +106,9 @@
 # Product Names
 #
 
+# s.b. Cloudflare
+\bCloudFlare\b
+
 # s.b. Memcached
 \bMemCached\b
 

package.json

@@ -36,13 +36,13 @@
     "nth-check": "^2.1.1",
     "path-parse": "^1.0.7",
     "prism-react-renderer": "^2.4.0",
-    "react": "^18.3.1",
-    "react-dom": "^18.3.1",
+    "react": "^19.0.0",
+    "react-dom": "^19.0.0",
     "react-loadable": "^5.5.0",
     "search-insights": "^2.17.3",
-    "terser": "5.36.0",
+    "terser": "5.37.0",
     "url-loader": "^4.1.1",
-    "webpack": "^5.97.0",
+    "webpack": "^5.97.1",
     "ws": "^8.18.0"
   },
   "browserslist": {
@@ -59,7 +59,7 @@
   },
   "devDependencies": {
     "@docusaurus/tsconfig": "^3.6.3",
-    "@types/react": "^18.3.13",
+    "@types/react": "^19.0.1",
     "@types/react-helmet": "^6.1.11",
     "@types/react-router-dom": "^5.3.3",
     "prettier": "3.4.2",

releases/2024-12-03-mondoo-12.33-is-out.md

@@ -0,0 +1,72 @@
+---
+slug: mondoo-12.33-is-out/
+title: Mondoo 12.33 is out!
+description: Announcing the 12.33 release of Mondoo with Cloudflare asset inventory, expanded Entra ID inspection, and more!
+authors: [tim]
+image: /img/featured_img/mondoo-feature.jpg
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 12.33 is out! This release includes Cloudflare asset inventory, expanded Entra ID inspection, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### Explore Cloudflare services
+
+Dive deep into your Cloudflare infrastructure with a new Cloudflare provider for cnquery/cnspec. Use this provider to gather information on key Cloudflare services:
+
+- Accounts
+- Zones
+- DNS Records
+- R2
+- Zero Trust Apps
+- Streams
+- Videos
+- Workers
+- Pages
+
+Example querying of DNS zones:
+
+```coffee
+cnquery run cloudflare -c "cloudflare.zones[1] { name dns { * } }"
+cloudflare.zones[1]: {
+  name: "lunalectric.com"
+  dns: {
+    records: [
+      0: cloudflare.dns.record type="A" content="164.90.210.141" name="api.lunalectric.com"
+      1: cloudflare.dns.record type="A" content="142.93.110.9" name="console.lunalectric.com"
+      3: cloudflare.dns.record type="CNAME" content="console.lunalectric.com-pages.pages.dev" name="prod.lunalectric.com"
+      7: cloudflare.dns.record type="MX" content="mail.protonmail.com" name="lunalectric.com"
+      9: cloudflare.dns.record type="TXT" content="v=DMARC1; p=none; rua=mailto:[email protected],mailto:[email protected]" name="_dmarc.lunalectric.com"
+      11: cloudflare.dns.record type="AAAA" content="100::" name="meet.lunalectric.com"
+    ]
+  }
+}
+```
+
+## 🧹 IMPROVEMENTS
+
+### Resource updates
+
+#### microsoft.user
+
+- New `creationType` field
+- New `identities` field using the new `microsoft.user.identity` resource
+- New `auditlog` field using the new `microsoft.user.auditlog` resource
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Improve default output of the `github.repository.adminCollaborators` resource.
+- Improve default output of the `github.organization.packages` resource.
+- Fix macOS process resource executable values to align with the output from Linux systems.
+- Add the EOL date for Fedora 41 and update dates for 40 and 39 to match the latest published information from the Fedora Project.
+- Improve cleanup of inactive assets in large organizations.
+- Fix missing compliance check mappings for some frameworks.
+- Add the missing query `Ensure permissions on /etc/group.old are configured` to the CIS SUSE Linux Enterprise 11 Benchmark policy.
+- Improve reliability of aggregate score generation on dashboards.
+- Add `Ensure port-level configuration overrides are disabled` and `Ensure Virtual Distributed Switch NetFlow traffic is sent to an authorized collector` checks to CIS VMware ESXi 6.7 and 7.0 benchmark policies.
+- Add an asset group for Kubernetes Namespace assets.