github aquasecurity/trivy v0.39.0

latest releases: v0.57.0, v0.56.2, v0.56.1...
19 months ago

Changelog

  • ed59096 docs(cli): added makefile and go file to create docs (#3930)
  • a2f39a3 chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  • 5a10631 chore: ignore gpg key (#3943)
  • 4072115 feat(cyclonedx): support dependency graph (#3177)
  • 7cad265 chore(deps): Bump defsec to v0.85.0 (#3940)
  • f8b5733 feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  • 10796a2 feat(server): redis with public TLS certs support (#3783)
  • abff139 feat(flag): Add glob support to --skip-dirs and --skip-files (#3866)
  • b40f60c chore: replace make with mage (#3932)
  • 67236f6 fix(sbom): add checksum to files (#3888)
  • 00de24b chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  • 5976d1f chore: remove unused mount volumes (#3927)
  • f14bed4 feat: add auth support for downloading OCI artifacts (#3915)
  • 1ee0518 refactor(purl): use epoch in qualifier (#3913)
  • 0000252 chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  • ca0d972 feat(image): add registry options (#3906)
  • 0336555 feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  • dd9cd95 chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  • edb0682 feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  • c02b15b chore(deps): updates wazero to 1.0.0 (#3904)
  • 63ef760 feat(image): discover SBOM in OCI referrers (#3768)
  • 3fa703c docs: change cache-dir key in config file (#3897)
  • 4d78747 fix(sbom): use release and epoch for SPDX package version (#3896)
  • 67572df ci: add gpg signing for RPM packages (#3612)
  • e76d5ff docs: Update incorrect comment for skip-update flag (#3878)
  • 011ea60 refactor(misconf): simplify policy filesystem (#3875)
  • 6445309 feat(nodejs): parse package.json alongside yarn.lock (#3757)
  • 6e9c2c3 fix(spdx): add PkgDownloadLocation field (#3879)
  • 18eeea2 fix(report): try to guess direct deps for dependency tree (#3852)
  • 02b6914 chore(amazon): update EOL (#3876)
  • 79096e1 fix(nodejs): improvement logic for package-lock.json v2-v3 (#3877)
  • fc2e80c feat(amazon): add al2023 support (#3854)
  • 5f8d69d chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.0 to 3.1.2 (#3736)
  • 7916aaf docs(misconf): Add information about selectors (#3703)
  • 1b1ed39 docs(cli): update CLI docs with cobra (#3815)
  • 234a360 feat: k8s parallel processing (#3693)
  • b864b3b docs: add DefectDojo in the Security Management section (#3871)
  • ad34c98 chore(deps): updates wazero to 1.0.0-rc.2 (#3853)
  • 7148de3 refactor: add pipeline (#3868)
  • 927acf9 feat(cli): add javadb metadata to version info (#3835)
  • 33074cf chore(deps): Move compliance types to defsec (#3842)
  • ba9b041 feat(sbom): add support for CycloneDX JSON Attestation of the correct specification (#3849)
  • a754a04 feat: add node toleration option (#3823)
  • 9e4b57f fix: allow mapfs to open dirs (#3867)
  • 09fd299 fix(report): update uri only for os class targets (#3846)
  • 09e1302 feat(nodejs): Add v3 npm lock file support (#3826)
  • 52cbfeb feat(nodejs): parse package.json files alongside package-lock.json (#2916)
  • d6a2d63 docs(misconf): Fix links to built in policies (#3841)

Don't miss a new trivy release

NewReleases is sending notifications on new releases.