v0.6.0 — "Multi-Platform & Intelligence"
3 major features shipped:
🌐 Multi-CI Support
Generate security pipelines for GitLab CI and Bitbucket Pipelines, not just GitHub Actions. All 4 languages supported.
devsecops init --ci=gitlab
devsecops init --ci=bitbucket
🏗️ IaC Scanning (Checkov)
Scan Terraform, CloudFormation, Kubernetes manifests, and Dockerfiles for misconfigurations.
devsecops scan --tool=checkov
Enable in security-config.yml: tools.checkov: true
🤖 AI Fix Suggestions
Get actionable fix suggestions for HIGH/CRITICAL findings powered by Ollama (local), OpenAI, or Anthropic. Privacy-first — defaults to local Ollama, no data sent
externally unless you configure it.
ai:
enabled: true
provider: "ollama"
model: "llama3.1"
Also in this release: Python and Java workflow templates for GitHub Actions, SBOM generation, SARIF output, and license compliance scanning (shipped in v0.5.0 but
missing from prior release).