Remove license requirement. Update go version, Docker base image version and dependencies. Update threat intel feed URL.

Author: ramanan-ravi

Makefile

@@ -18,7 +18,7 @@ export IMAGE_REPOSITORY?=quay.io/deepfenceio
 export DF_IMG_TAG?=latest
 export STEAMPIPE_IMG_TAG?=0.23.x
 export IS_DEV_BUILD?=false
-export VERSION?=v2.5.7
+export VERSION?=v2.5.8
 export AGENT_BINARY_BUILD=$(DEEPFENCE_FARGATE_DIR)/build
 export AGENT_BINARY_BUILD_RELATIVE=deepfence_agent/agent-binary/build
 export AGENT_BINARY_DIST=$(DEEPFENCE_FARGATE_DIR)/dist
@@ -125,21 +125,21 @@ graphdb:
 ui:
 	git log --format="%h" -n 1 > $(DEEPFENCE_FRONTEND_DIR)/console_version.txt && \
 	echo $(subst v,,$(VERSION)) > $(DEEPFENCE_FRONTEND_DIR)/product_version.txt && \
-	docker run --rm --entrypoint=bash -v $(DEEPFENCE_FRONTEND_DIR):/app node:18-bullseye-slim -c "cd /app && corepack enable && corepack prepare pnpm@7.17.1 --activate && PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=true pnpm install --frozen-lockfile --prefer-offline && ENABLE_ANALYTICS=true pnpm run build" && \
+	docker run --rm --entrypoint=bash -v $(DEEPFENCE_FRONTEND_DIR):/app node:24-bookworm-slim -c "cd /app && corepack enable && corepack prepare pnpm@9.15.4 --activate && PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=true pnpm install && ENABLE_ANALYTICS=true pnpm run build" && \
 	docker build -f $(DEEPFENCE_FRONTEND_DIR)/Dockerfile -t $(IMAGE_REPOSITORY)/deepfence_ui_ce:$(DF_IMG_TAG) $(DEEPFENCE_FRONTEND_DIR) && \
 	rm -rf $(DEEPFENCE_FRONTEND_DIR)/console_version.txt $(DEEPFENCE_FRONTEND_DIR)/product_version.txt
 
 .PHONY: secretscanner
 secretscanner: bootstrap-agent-plugins
-	docker build --tag=$(IMAGE_REPOSITORY)/deepfence_secret_scanner_ce:$(DF_IMG_TAG) -f $(SECRET_SCANNER_DIR)/Dockerfile $(SECRET_SCANNER_DIR)
+	docker build --tag=$(IMAGE_REPOSITORY)/deepfence_secret_scanner_ce:$(DF_IMG_TAG) -f $(SECRET_SCANNER_DIR)/Dockerfile $(DEEPFENCE_AGENT_DIR)/plugins
 
 .PHONY: malwarescanner
 malwarescanner: bootstrap-agent-plugins
 	docker build --tag=$(IMAGE_REPOSITORY)/deepfence_malware_scanner_ce:$(DF_IMG_TAG) -f $(MALWARE_SCANNER_DIR)/Dockerfile $(MALWARE_SCANNER_DIR)
 
 .PHONY: packagescanner
 packagescanner: bootstrap-agent-plugins
-	docker build --tag=$(IMAGE_REPOSITORY)/deepfence_package_scanner_ce:$(DF_IMG_TAG) -f $(PACKAGE_SCANNER_DIR)/Dockerfile $(PACKAGE_SCANNER_DIR)
+	docker build --tag=$(IMAGE_REPOSITORY)/deepfence_package_scanner_ce:$(DF_IMG_TAG) -f $(PACKAGE_SCANNER_DIR)/Dockerfile $(DEEPFENCE_AGENT_DIR)/plugins
 
 .PHONY: packagescanner-cli
 packagescanner-cli:
@@ -174,7 +174,7 @@ openapi: server
 	--git-user-id deepfence
 
 	rm openapi.yaml
-	cd $(PWD)/golang_deepfence_sdk/client && rm -rf ./test && sed -i 's/go 1.18/go 1.23.2/g' go.mod && go mod tidy -v && cd -
+	cd $(PWD)/golang_deepfence_sdk/client && rm -rf ./test && sed -i 's/go 1.18/go 1.25.5/g' go.mod && go mod tidy -v && cd -
 
 .PHONY: cli
 cli: bootstrap

README.md

@@ -2,13 +2,9 @@
 
 [![GitHub license](https://img.shields.io/github/license/deepfence/ThreatMapper)](https://github.com/deepfence/ThreatMapper/blob/master/LICENSE)
 [![GitHub stars](https://img.shields.io/github/stars/deepfence/ThreatMapper)](https://github.com/deepfence/ThreatMapper/stargazers)
-[![Hacktoberfest](https://img.shields.io/github/hacktoberfest/2022/deepfence/ThreatMapper)](https://github.com/deepfence/ThreatMapper/issues)
 [![GitHub issues](https://img.shields.io/github/issues/deepfence/ThreatMapper)](https://github.com/deepfence/ThreatMapper/issues)
 [![Documentation](https://img.shields.io/badge/documentation-read-green)](https://threatmapper.org/threatmapper/docs/v2.5/)
-[![Demo](https://img.shields.io/badge/threatmapper-demo-green)](https://threatmapper.org/threatmapper/docs/v2.5/demo)
-[![Docker pulls](https://img.shields.io/docker/pulls/deepfenceio/deepfence_agent_ce)](https://hub.docker.com/r/deepfenceio/deepfence_agent_ce)
 [![Slack](https://img.shields.io/badge/slack-@deepfence-blue.svg?logo=slack)](https://join.slack.com/t/deepfence-community/shared_invite/zt-podmzle9-5X~qYx8wMaLt9bGWwkSdgQ)
-[![Twitter](https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2Fdeepfence%2FThreatMapper)](https://twitter.com/intent/tweet?text=Wow:&url=https%3A%2F%2Fgithub.com%2Fdeepfence%2FThreatMapper)
 
 # ThreatMapper - Runtime Threat Management and Attack Path Enumeration for Cloud Native
 
@@ -30,11 +26,6 @@ ThreatMapper carries on the good 'shift left' security practices that you alread
 Use ThreatMapper to provide security observability for your production workloads and infrastructure, across cloud, kubernetes, serverless (Fargate) and on-prem platforms.
 
 
-<!--- # (# Getting Started with ThreatMapper) --->
-
-<!--- # (https://user-images.githubusercontent.com/3711627/183735806-7afc0dd3-a3ee-4486-a241-06541025a3d4.mp4) --->
-
-
 ## Planning your Deployment
 
 ThreatMapper consists of two components:
@@ -96,10 +87,10 @@ docker run -dit \
     -e http_proxy="" \
     -e https_proxy="" \
     -e no_proxy="" \
-    quay.io/deepfenceio/deepfence_agent_ce:2.5.7
+    quay.io/deepfenceio/deepfence_agent_ce:2.5.8
 ```
 
-Note: Image tag `quay.io/deepfenceio/deepfence_agent_ce:2.5.7-multiarch` is supported in amd64 and arm64/v8 architectures.
+Note: Image tag `quay.io/deepfenceio/deepfence_agent_ce:2.5.8-multiarch` is supported in amd64 and arm64/v8 architectures.
 
 On a Kubernetes platform, the sensors are installed using [helm chart](https://threatmapper.org/threatmapper/docs/v2.5/sensors/kubernetes/)
 
@@ -137,12 +128,3 @@ Please file GitHub issues as needed, and join the Deepfence Community [Slack cha
 The Deepfence ThreatMapper project (this repository) is offered under the [Apache2 license](https://www.apache.org/licenses/LICENSE-2.0).
 
 [Contributions](CONTRIBUTING.md) to Deepfence ThreatMapper project are similarly accepted under the Apache2 license, as per [GitHub's inbound=outbound policy](https://docs.github.com/en/github/site-policy/github-terms-of-service#6-contributions-under-repository-license).
-
-# Performance Stats of deepfence/ThreatMapper - Last 28 days
-
-<a href="https://next.ossinsight.io/widgets/official/compose-last-28-days-stats?repo_id=238662977" target="_blank" style="display: block" align="center">
-  <picture>
-    <source media="(prefers-color-scheme: dark)" srcset="https://next.ossinsight.io/widgets/official/compose-last-28-days-stats/thumbnail.png?repo_id=238662977&image_size=auto&color_scheme=dark" width="662" height="auto">
-    <img alt="Performance Stats of deepfence/ThreatMapper - Last 28 days" src="https://next.ossinsight.io/widgets/official/compose-last-28-days-stats/thumbnail.png?repo_id=238662977&image_size=auto&color_scheme=light" width="662" height="auto">
-  </picture>
-</a>

ci-cd-integrations/github-actions/Dockerfile

@@ -1,4 +1,3 @@
 FROM python:3.6-slim-stretch
-MAINTAINER Deepfence Inc "support@deepfence.io"
 COPY jenkins/index.html /
 CMD python3 -m http.server 8000

ci-cd-integrations/jenkins/Dockerfile

@@ -1,4 +1,3 @@
 FROM python:3.6-slim-stretch
-MAINTAINER Deepfence Inc "support@deepfence.io"
 COPY ci-cd-integrations/jenkins/index.html /
 CMD python3 -m http.server 8000

deepfence_agent/Dockerfile

@@ -6,12 +6,12 @@ FROM $IMAGE_REPOSITORY/deepfence_package_scanner_ce:$DF_IMG_TAG AS package_build
 FROM $IMAGE_REPOSITORY/deepfence_malware_scanner_ce:$DF_IMG_TAG AS malware_build
 FROM $IMAGE_REPOSITORY/deepfence_compliance_scanner_ce:$DF_IMG_TAG AS compliance_build
 
-FROM debian:12-slim as downloads
+FROM debian:13-slim as downloads
 
-ENV DOCKERVERSION="27.3.1" \
-    VESSEL_VERSION="0.14.0" \
-    NERDCTL_VERSION="1.7.7" \
-    CRICTL_VERSION="v1.31.1"
+ENV DOCKERVERSION="29.1.3" \
+    VESSEL_VERSION="0.15.0" \
+    NERDCTL_VERSION="2.2.0" \
+    CRICTL_VERSION="v1.35.0"
 
 ARG TARGETARCH
 
@@ -68,9 +68,8 @@ RUN . /envfile-tools; cat /envfile-tools && \
     rm -f crictl-${CRICTL_VERSION}-linux-${ARCHITECTURE}.tar.gz
 
 
-FROM debian:12-slim
+FROM debian:13-slim
 
-MAINTAINER Deepfence Inc
 LABEL deepfence.role=system
 
 ENV CHECKPOINT_DISABLE=true \

deepfence_agent/Dockerfile.cloud-agent

@@ -2,9 +2,8 @@ ARG STEAMPIPE_IMG_TAG=0.23.x
 ARG IMAGE_REPOSITORY=quay.io/deepfenceio
 FROM $IMAGE_REPOSITORY/steampipe:$STEAMPIPE_IMG_TAG AS steampipe
 
-FROM debian:bookworm-slim
+FROM debian:trixie-slim
 ARG VERSION
-MAINTAINER Deepfence Inc
 LABEL deepfence.role=system
 
 ENV CHECKPOINT_DISABLE=true \

deepfence_agent/Dockerfile.cluster-agent

@@ -1,5 +1,4 @@
-FROM debian:bullseye-slim
-LABEL maintainer="Deepfence Inc"
+FROM debian:trixie-slim
 LABEL deepfence.role=system
 
 ENV CHECKPOINT_DISABLE=true \

deepfence_agent/agent-binary/Dockerfile.scratch

@@ -1,14 +1,13 @@
-FROM golang:1.19-bullseye AS build
+FROM golang:1.25-trixie AS build
 RUN apt-get update \
     && apt-get install -y bash make git gcc \
     && cd /go \
-    && git clone --depth 1 -b v0.44.1 https://github.com/deepfence/syft \
-    && cd /go/syft \
-    && go build -v -o syftCli .
+    && git clone --depth 1 -b v1.39.0 https://github.com/anchore/syft \
+    && cd /go/syft/cmd/syft \
+    && go build -v -o /go/syft/syftCli .
 
 FROM scratch
 
-MAINTAINER Deepfence Inc
 LABEL deepfence.role=system
 
 WORKDIR /

deepfence_agent/build-fargate.sh

@@ -4,7 +4,7 @@ IMAGE_REPOSITORY=${IMAGE_REPOSITORY:-deepfenceio}
 
 rm -rf $AGENT_BINARY_BUILD/*
 
-wget https://deepfence-public.s3.amazonaws.com/ThreatMapper/agent-sensor/v2.1.0/cc11435d-bf5f-4a16-8c92-0a5a27e06b92/deepfence-agent-2.tar.gz
+wget https://artifacts.threatmapper.org/ThreatMapper/agent-sensor/v2.1.0/cc11435d-bf5f-4a16-8c92-0a5a27e06b92/deepfence-agent-2.tar.gz
 
 tar -zxvf deepfence-agent-2.tar.gz -C $AGENT_BINARY_BUILD/
 rm -rf deepfence-agent-2.tar.gz