What's Changed
🚓 Security Scanner
- Upgraded nuclei from v3.3.5 to v3.3.6 @secureCodeBoxBot (#2778)
- Upgraded trivy from 0.57.0 to 0.58.0 @secureCodeBoxBot (#2765, #2791)
- Upgraded trivy-sbom from 0.57.0 to 0.58.0 @secureCodeBoxBot (#2764, #2790)
🐛 Bug Fixes
- Handle 'Packages' attribute in Trivy parser by @BorisShek in #2727
- Fix Duplicate Env Vars Added To Hook Kubernetes Job by @J12934 in #2779
📚 Documentation
- Adapt 'location' attribute in Trivy parser to match a URL format by @BorisShek in https://github.com/secureCodeBox/
/pull/2725
🔧 Maintenance
- Replace release drafter config with build in github config by @J12934 in #2792
- Added workflow that adds bot PRs directly into To Review column by @Reet00 in #2758
📌 Dependencies
Minor dependency updates (16 pull requests). Click to expand.
- Bump cross-spawn from 7.0.3 to 7.0.6 in /auto-discovery/kubernetes/pull-secret-extractor/integration-test by @dependabot in #2763
- Bump jsonpath-plus from 10.0.1 to 10.2.0 in the npm-security-updates group across 1 directory by @dependabot in #2762
- Temporary Ignore Broken Defect Dojo Client Lib by @Weltraumschaf in #2746
- Bump jsonpath-plus from 10.0.6 to 10.2.0 in /auto-discovery/kubernetes/pull-secret-extractor/integration-test by @dependabot in #2767
- Bump @types/node from 22.8.7 to 22.9.0 in the npm-version-updates group by @dependabot in #2751
- Bump the npm-version-updates group in /documentation with 18 updates by @dependabot in #2771
- Bump the npm-version-updates group across 7 directories with 12 updates by @dependabot in #2772
- Bump cross-spawn from 7.0.3 to 7.0.6 in the npm-security-updates group by @dependabot in #2768
- Bump the gradle-version-updates group across 1 directory with 10 updates by @dependabot in #2770
- Bump cross-spawn from 7.0.3 to 7.0.6 in /documentation in the npm-security-updates group by @dependabot in #2775
- Bump the npm-security-updates group across 2 directories with 2 updates by @dependabot in #2777
- Bump cross-spawn from 7.0.3 to 7.0.6 in /hooks by @dependabot in #2774
- Bump the npm-version-updates group across 7 directories with 3 updates by @dependabot in #2781
- Bump the npm-version-updates group in /documentation with 8 updates by @dependabot in #2780
- Bump @types/node from 22.9.3 to 22.10.1 in /documentation in the npm-version-updates group by @dependabot in #2782
- Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 5 updates by @dependabot in #2783
- Bump the npm-version-updates group across 7 directories with 3 updates by @dependabot in #2784
Full Changelog: v4.10.0...v4.11.0