2 min read
June is here and the beer garden is calling our name, but that hasnt stopped us shipping some great new improvements this month. We have a few new features and quality of life enhancements on our UX and UI that we think you’ll like including our new Dashboards, avalible now in Beta!
📊 Dashboards Beta is now live
Kosli introduces the Organization Dashboard, offering leadership a comprehensive view of compliance metrics. Key features include deployment and build frequency metrics, recent deployments, and compliance events, providing insights into team and process efficiency. This dashboard aims to enhance executive visibility, support process improvements, and increase user engagement. The Beta is now avalible in the app
☁️ Sonar Cloud integration is now available
Following customer requests we have implemented a new method for attesting SonarCloud scan results to Kosli. Until now, scan results could only be recorded as a generic attestation, which required the user to decide its compliance status and attach any evidence you wanted to upload.
As of CLI v. 2.10.8 you can use the new “kosli attest sonar” command to attest the results of your SonarCloud analysis. The CLI retrieves the latest scan results from SonarCloud, parses them to determine compliance, and attests them to the given trail.
💻 Improvements to kosli cli pipeline & reporting
Kosli CLI provenance and risk mitigation data (including SBOMs) is now publicly available at https://app.kosli.com/kosli-public/flows/cli-release/trails/ .
In addition, you can view the CLI’s Github provenance attestations here https://github.com/kosli-dev/cli/attestations
👀 Option to redact sensitive commit information from CLI commands
Kosli collects and stores commit information (sha1, author, message, branch, and timestamp) for attestations that happen from a git repo. If your commit data contains sensitive data that you would not like to store in Kosli, you can (as of CLI v2.10.5) use the new “–redact-commit-info” flag on any “kosli attest” command to redact one or more of the following commit fields [author, message, branch].
