secureCodeBox · J12934 · May 12, 2025 · May 7, 2025 · May 9, 2025
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -424,7 +424,6 @@ jobs:
           - ffuf
           - git-repo-scanner
           - gitleaks
-          - kubeaudit
           - kube-hunter
           - ncrack
           - nikto

diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
@@ -329,7 +329,6 @@ jobs:
           - git-repo-scanner
           - gitleaks
           - kube-hunter
-          - kubeaudit
           - ncrack
           - nikto
           - nmap
@@ -415,7 +414,6 @@ jobs:
           - cmseek
           - ffuf
           - kube-hunter
-          - kubeaudit
           - ncrack
           - nmap
           - nikto

diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
@@ -33,7 +33,6 @@ jobs:
           - ffuf
           - gitleaks
           - kube-hunter
-          - kubeaudit
           - ncrack
           - nuclei
           - semgrep

diff --git a/bin/release-note-grouper.js b/bin/release-note-grouper.js
@@ -13,7 +13,6 @@ Example Usage: `pbpaste | release-version-grouper.js`
 
 E.g. turn this:
 ```md
-    [SCB-Bot] Upgraded kubeaudit from 0.22.0 to 0.22.1 @secureCodeBoxBot (#2111)
     [SCB-Bot] Upgraded semgrep from 1.50.0 to 1.51.0 @secureCodeBoxBot (#2112)
     [SCB-Bot] Upgraded nuclei from v3.0.4 to v3.1.0 @secureCodeBoxBot (#2114)
     [SCB-Bot] Upgraded gitleaks from v8.18.0 to v8.18.1 @secureCodeBoxBot (#2103)
@@ -23,7 +22,6 @@ E.g. turn this:
 into this:
 ```md
  - Upgraded gitleaks from v8.18.0 to v8.18.1 @secureCodeBoxBot (#2103)
- - Upgraded kubeaudit from 0.22.0 to 0.22.1 @secureCodeBoxBot (#2111)
  - Upgraded nuclei from v3.0.3 to v3.1.0 @secureCodeBoxBot (#2114, #2104)
  - Upgraded semgrep from 1.48.0 to 1.51.0 @secureCodeBoxBot (#2112, #2101)
 ```

diff --git a/documentation/docs/contributing/integrating-a-scanner/makefile.md b/documentation/docs/contributing/integrating-a-scanner/makefile.md
@@ -56,7 +56,7 @@ This adds the old-wordpress demo-target to your integration tests. You can find
 ```makefile
 #!/usr/bin/make -f
 include_guard = set
-scanner = kubeaudit
+scanner = nmap
 custom_scanner = set
 
 include ../../scanners.mk
@@ -67,18 +67,16 @@ deploy-with-scanner:
 		--set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-$(scanner)" \
 		--set="parser.image.tag=$(IMG_TAG)" \
 		--set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(scanner)" \
-		--set="scanner.image.tag=$(IMG_TAG)" \
-		--set="kubeauditScope=cluster"
+		--set="scanner.image.tag=$(IMG_TAG)"
 
 deploy-test-deps:
 	# If not exists create namespace where the tests will be executed
-	kubectl create namespace kubeaudit-tests --dry-run=client -o yaml | kubectl apply -f -
-	# Install jshop in kubeaudit-tests namespace
-	helm -n kubeaudit-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait
+	kubectl create namespace nmap-tests --dry-run=client -o yaml | kubectl apply -f -
+	# Install jshop in nmap-tests namespace
+	helm -n nmap-tests upgrade --install juice-shop ../../demo-targets/juice-shop/ --wait
 ```
 
-This makefile overrides the deploy-with-scanner target such that the `kubeauditScope` can be overwritten.
-Furthermore, it overrides the deploy-test-deps target such that juice-shop is installed in the correct namespace (kubeaudit-tests).
+Furthermore, it overrides the deploy-test-deps target such that juice-shop is installed in the correct namespace (nmap-tests).
 
 ### Reusing components from other scanners
 

diff --git a/documentation/docs/getting-started/upgrading.md b/documentation/docs/getting-started/upgrading.md
@@ -15,6 +15,7 @@ sidebar_position: 3
 ### Removed / Replaced ScanTypes
 
 * `typo3scan` was removed as the scanner itself [isn't maintaned anymore](https://github.com/whoot/Typo3Scan?tab=readme-ov-file#unsupported). Most security aspects of typo3 are now hard to verify from the outside as it requires authentication (which is really good). Some typo3 security aspects (e.g. a incomplete installation) can be verified by [nuclei](https://www.securecodebox.io/docs/scanners/nuclei).
+* `kubeaudit` was removed as the scanner itself [isn't maintaned anymore](https://github.com/Shopify/kubeaudit?tab=readme-ov-file#-deprecation-notice-). As a replacement you can use the `trivy` with it's `k8s` scanning mode, see [trivy ScanType k8s example](https://www.securecodebox.io/docs/scanners/trivy#k8s).
 
 ➡️  [Reference: #2670](https://github.com/secureCodeBox/secureCodeBox/issues/2670)
 

diff --git a/documentation/src/integrations.js b/documentation/src/integrations.js
@@ -126,13 +126,6 @@ export const Scanners = [
     path: "docs/scanners/kube-hunter",
     imageUrl: "img/integrationIcons/Default.svg",
   },
-  {
-        title: "Kubeaudit",
-    type: "Kubernetes",
-    usecase: "Kubernetes Configuration Scanner",
-    path: "docs/scanners/kubeaudit",
-    imageUrl: "img/integrationIcons/Kubeaudit.svg",
-  },
   {
     title: "Ncrack",
     type: "Authentication",

diff --git a/operator/internal/telemetry/telemetry.go b/operator/internal/telemetry/telemetry.go
@@ -31,7 +31,7 @@ var officialScanTypes map[string]bool = map[string]bool{
 	"git-repo-scanner":         true,
 	"gitleaks":                 true,
 	"kube-hunter":              true,
-	"kubeaudit":                true,
+	"kubeaudit":                true, // deprecated. we'll keep it in this list to still recieve telemetry data from older versions
 	"ncrack":                   true,
 	"nikto":                    true,
 	"nmap":                     true,

diff --git a/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml b/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml
@@ -487,27 +487,6 @@
         "archived": false,
       },
   },
-  {
-    "name": "GitHub Repo",
-    "description": "A GitHub repository",
-    "category": "Git Repository",
-    "osi_layer": "APPLICATION",
-    "severity": "INFORMATIONAL",
-    "attributes":
-      {
-        "id": "303349727",
-        "web_url": "https://github.com/secureCodeBox/kubeaudit",
-        "full_name": "secureCodeBox/kubeaudit",
-        "owner_type": "Organization",
-        "owner_id": "34573705",
-        "topics": [],
-        "owner_name": "secureCodeBox",
-        "created_at": "2020-10-12T09:58:26Z",
-        "last_activity_at": "2020-10-12T09:58:28Z",
-        "visibility": "public",
-        "archived": false,
-      },
-  },
   {
     "name": "GitHub Repo",
     "description": "A GitHub repository",

diff --git a/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json b/scanners/git-repo-scanner/parser/__testFiles__/git-scanner-test-findings.json
@@ -520,23 +520,5 @@
       "last_activity_at": "2020-10-21T15:11:56Z",
       "visibility": "private"
     }
-  },
-  {
-    "name": "GitHub Repo",
-    "description": "A GitHub repository",
-    "category": "Git Repository",
-    "osi_layer": "APPLICATION",
-    "severity": "INFORMATIONAL",
-    "attributes": {
-      "id": 303349727,
-      "web_url": "https://github.com/secureCodeBox/kubeaudit",
-      "full_name": "secureCodeBox/kubeaudit",
-      "owner_type": "Organization",
      "owner_id": 34573705,
-      "owner_name": "secureCodeBox",
-      "created_at": "2020-10-12T09:58:26Z",
-      "last_activity_at": "2020-10-12T09:58:28Z",
-      "visibility": "public"
-    }
   }
 ]
diff --git a/scanners/git-repo-scanner/parser/parser.test.js b/scanners/git-repo-scanner/parser/parser.test.js
@@ -554,24 +554,6 @@ test("should properly parse git-scanner json file", async () => {
         "osi_layer": "APPLICATION",
         "severity": "INFORMATIONAL",
       },
-      Object {
-        "attributes": Object {
-          "created_at": "2020-10-12T09:58:26Z",
-          "full_name": "secureCodeBox/kubeaudit",
-          "id": 303349727,
-          "last_activity_at": "2020-10-12T09:58:28Z",
-          "owner_id": 34573705,
-          "owner_name": "secureCodeBox",
-          "owner_type": "Organization",
-          "visibility": "public",
-          "web_url": "https://github.com/secureCodeBox/kubeaudit",
-        },
-        "category": "Git Repository",
-        "description": "A GitHub repository",
-        "name": "GitHub Repo",
-        "osi_layer": "APPLICATION",
-        "severity": "INFORMATIONAL",
-      },
     ]
   `);
 });
diff --git a/scanners/kubeaudit/.gitignore b/scanners/kubeaudit/.gitignore
diff --git a/scanners/kubeaudit/.helm-docs.gotmpl b/scanners/kubeaudit/.helm-docs.gotmpl
diff --git a/scanners/kubeaudit/.helmignore b/scanners/kubeaudit/.helmignore
diff --git a/scanners/kubeaudit/Chart.yaml b/scanners/kubeaudit/Chart.yaml
diff --git a/scanners/kubeaudit/Makefile b/scanners/kubeaudit/Makefile
-Original file line number
+Diff line change
@@ Expand Up / @@ -33,7 +33,6 @@ jobs: @@
               - ffuf
               - gitleaks
               - kube-hunter
-              - kubeaudit
               - ncrack
               - nuclei
               - semgrep
@@ Expand Down @@