github aquasecurity/trivy v0.42.0
on GitHub

latest releases: v0.51.1, v0.51.0, v0.50.4...
11 months ago

⚡Release highlights and summary⚡

👉 #4541

Changelog

  • 854b639 chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
  • 59e1a86 chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
  • 9ef0113 feat: add SBOM analyzer (#4210)
  • dadd1e1 fix(sbom): update logic for work with files in spdx format (#4513)
  • 1a65821 feat: azure workload identity support (#4489)
  • 411862c feat(ubuntu): add eol date for 18.04 ESM (#4524)
  • 62a1aaf fix(misconf): Update required extensions for terraformplan (#4523)
  • 48b2e15 refactor(cyclonedx): add intermediate representation (#4490)
  • c15f269 fix(misconf): Remove debug print while scanning (#4521)
  • b6ee08e fix(java): remove duplicates of jar libs (#4515)
  • d474040 fix(java): fix overwriting project props in pom.xml (#4498)
  • 4cf2f94 docs: Update compilation instructions (#4512)
  • 18ce1c3 fix(nodejs): update logic for parsing pnpm lock files (#4502)
  • 87eed38 fix(secret): remove aws-account-id rule (#4494)
  • b0c591e feat(oci): add support for referencing an input image by digest (#4470)
  • b84b5ec chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#4338)
  • 305255a docs: fixed the format (#4503)
  • d586de5 fix(java): add support of * for exclusions for pom.xml files (#4501)
  • de6eef3 feat: adding issue template for documentation (#4453)
  • 83a9c4a docs: switch glad to ghsa for Go (#4493)
  • 5372722 chore(deps): Update defsec to v0.89.0 (#4474)
  • 6fcd153 feat(misconf): Add terraformplan support (#4342)
  • 72e302c feat(debian): add digests for dpkg (#4445)
  • 7e99d08 chore(deps): bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#4478)
  • 12a1789 feat(k8s): exclude node scanning by node labels (#4459)
  • 919e8c9 docs: add info about multi-line mode for regexp from custom secret rules (#4159)
  • 50fe43f feat(cli): convert JSON reports into a different format (#4452)
  • 09db1d4 feat(image): add logic to guess base layer for docker-cis scan (#4344)
  • 3f0721f fix(cyclonedx): set original names for packages (#4306)
  • 0ef0dad feat: group subcommands (#4449)
  • 3a7717f feat(cli): add retry to cache operations (#4189)
  • 63cfb27 fix(vuln): report architecture for apk packages (#4247)
  • e136136 refactor: enable cases where return values are not needed in pipeline (#4443)
  • 29b5f7e fix(image): resolve scan deadlock when error occurs in slow mode (#4336)
  • 92ed344 docs(misconf): Update docs for kubernetes file patterns (#4435)
  • 16af41b test: k8s integration tests (#4423)
  • cab8569 feat(redhat): add package digest for rpm (#4410)
  • 92f9e98 feat(misconf): Add --reset-policy-bundle for policy bundle (#4167)
  • 33fb047 fix: typo (#4431)
  • 8b162f2 add user instruction to imgconf (#4429)
  • 3b7c919 fix(k8s): add image sources (#4411)
  • c75d35f docs(scanning): Add versioning banner (#4415)
  • d298415 feat(cli): add mage command to update golden integration test files (#4380)
  • 1a56295 feat: node-collector custom namespace support (#4407)
  • 864ad10 chore(deps): bump owenrumney/go-sarif from v2.1.3 to v2.2.0 (#4378)
  • 7a20d96 refactor(sbom): use multiline json for spdx-json format (#4404)
  • ea5fd75 fix(ubuntu): add EOL date for Ubuntu 23.04 (#4347)
  • 56a01ec refactor: code-optimization (#4214)
  • 6a0e152 feat(image): Add image-src flag to specify which runtime(s) to use (#4047)
  • 50c8b41 test: skip wrong update of test golden files (#4379)
  • 51ca653 refactor: don't return error for package.json without version/name (#4377)
  • e5e7ebc docs: cmd error (#4376)
  • 6ee4960 test(cli): add test for config file and env combination (#2666)
  • c067b02 fix(report): set a correct file location for license scan output (#4326)
  • ff63748 ci: rpm repository for all versions and aarch64 (#4077)
  • 0009b02 chore(alpine): Update Alpine to 3.18 (#4351)
  • d61ae8c fix(alpine): add EOL date for Alpine 3.18 (#4308)
  • 636ce80 chore(deps): bump github.com/docker/distribution (#4337)
  • e859d10 feat: allow root break for mapfs (#4094)
  • a6ef37f docs(misconf): Remove examples.md (#4256)
  • dca8c03 fix(ubuntu): update eol dates for Ubuntu (#4258)
  • b003f58 feat(alpine): add digests for apk packages (#4168)
  • 86f0016 chore: add discussion templates (#4190)
  • 2f318ce fix(terraform): Support tfvars (#4123)
  • ec3906c chore: separate docs:generate (#4242)
  • 37b25d2 chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4246)
  • 45d5edb refactor: define vulnerability scanner interfaces (#4117)
  • 090a00e feat: unified k8s scan resources (#4188)
  • f2188eb chore(deps): Update defsec to v0.88.1 (#4178)
  • b79850f chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.1 to 2.30.2 (#4141)
  • 36acdfa chore: trivy bin ignore (#4212)
  • 55fb723 feat(image): enforce image platform (#4083)
  • 9c87cb2 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.2 to 2.1.3 (#4143)
  • 21cf179 chore(deps): bump github.com/docker/docker (#4144)
  • fbf7a77 chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.1 to 2.0.2 (#4146)
  • 547391c chore(deps): bump aquaproj/aqua-installer from 2.0.2 to 2.1.1 (#4140)
  • 882bfdd fix(ubuntu): fix version selection logic for ubuntu esm (#4171)
  • 949cd10 chore(deps): bump github.com/samber/lo from 1.37.0 to 1.38.1 (#4147)
  • 93bc162 chore(deps): bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1 (#4145)
  • 57993ef chore(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.3 (#4138)
  • dc4baeb chore(deps): bump github.com/testcontainers/testcontainers-go (#4150)
  • 25d0255 chore: install.sh support for windows (#4155)
  • 73e5454 chore(deps): bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#4166)
  • 08de7c6 chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#4149)
  • ade4730 docs: moving skipping files out of others (#4154)
Check out latest releases or
releases around aquasecurity/trivy v0.42.0

Don't miss a new trivy release

NewReleases is sending notifications on new releases.

Get notifications