Add release notes for 11.39

New week. New release.

Signed-off-by: Tim Smith <[email protected]>

.nvmrc

@@ -0,0 +1 @@
+v20

releases/2025-01-28-mondoo-11.39-is-out.md

@@ -0,0 +1,55 @@
+---
+slug: mondoo-11.39-is-out/
+title: Mondoo 11.39 is out!
+description: Announcing the 11.39 release of Mondoo with cases and search in workspaces, improved asset risk exposure, and more!
+authors: [tim]
+image: /img/releases/2025-01-28-mondoo-11.39-is-out/risk_insights.png
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 11.39 is out! This release includes cases and search in workspaces, improved asset risk exposure, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### Create cases in workspaces
+
+Turn prioritized findings into action with cases within your workspaces. Create cases directly from surfaced findings and track them in individual workspaces or the parent space for consolidated management of work.
+
+![Cases within workspaces](/img/releases/2025-01-28-mondoo-11.39-is-out/cases.png)
+
+### Search for assets and findings in workspaces
+
+Quickly track down assets, CVEs, checks, or policies in your workspaces with global search within workspaces.
+
+![Search within workspaces](/img/releases/2025-01-28-mondoo-11.39-is-out/search.png)
+
+## 🧹 IMPROVEMENTS
+
+### Risk insights on assets
+
+Quickly assess asset risks with the updated Risk Insights section, displaying total counts of high and critical findings and vulnerabilities. Click any section to drill in particular findings to fix.
+
+![Asset page with risk insights](/img/releases/2025-01-28-mondoo-11.39-is-out/risk_insights.png)
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Fix asset technology fields on VMware and OCI assets.
+- Add OCI to the list of technology values available for workspace creation.
+- Fix incorrect CVSS scores displayed in CVE page score boxes.
+- Ensure that positive risk factors display in green.
+- Display the save button on the security model settings tab even if the advanced settings aren't selected.
+- Update the workspaces selection filtering to move "Kind" under infrastructure.
+- Fix failures generating some exports.
+- Support certificate based authentication for the Microsoft Defender integration.
+- Add the version number to the PCI DSS compliance framework to make it more clear which version is included.
+- Fix the application of risk factors on Debian-based systems.
+- Show correct timestamps for export and import integrations.
+- Fix missing asset titles in space and organization search.
+- Improve the display of Ansible, Bash, and PowerShell based remediation steps for advisories.
+- Improve calculation of risk scores on assets.
+- Display EPSS data for more CVEs.
+- Fix missing advisory remediation information when using workspaces.

yarn.lock

@@ -2414,9 +2414,9 @@
     "@types/node" "*"
 
 "@types/node@*":
-  version "22.12.0"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.12.0.tgz#bf8af3b2af0837b5a62a368756ff2b705ae0048c"
-  integrity sha512-Fll2FZ1riMjNmlmJOdAyY5pUbkftXslB5DgEzlIuNaiWhXd00FhWxVC/r4yV/4wBb9JfImTu+jiSvXTkJ7F/gA==
+  version "22.13.0"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.13.0.tgz#d376dd9a0ee2f9382d86c2d5d7beb4d198b4ea8c"
+  integrity sha512-ClIbNe36lawluuvq3+YYhnIN2CELi+6q8NpnM7PYp4hBn/TatfboPgVSm2rwKRfnV2M+Ty9GWDFI64KEe+kysA==
   dependencies:
     undici-types "~6.20.0"