github aquasecurity/trivy v0.69.4
on GitHub

11 hours ago

Changelog

  • 1885610 fix(ci): Use correct checkout pinning
  • 20458b8 fix(flag): validate template file extension (#10296)
  • e9e9e8c fix(sbom): preserve Red Hat BuildInfo when scanning SBOMs without layer info (#10378)
  • f207ec6 fix: handle Go 1.26 GOEXPERIMENT version format change (#10351)
  • 4cf4498 fix(python): handle multiple version specifiers in requirements.txt (#10361)
  • 51c1599 ci: run Trivy version bump in trivy-action (#10272)
  • 12ab3ce fix(python): nil pointer dereference with optional poetry groups without dependencies (#10359)
  • aef4ecc ci: replace personal email with github-actions[bot] in workflows (#10369)
  • 1962aa9 chore: replace smithy epoch parsing with stdlib time.Unix (#10286)
  • 891cd79 test: update golden files for purl changes (#10372)
  • fb6a83a ci: add zizmor to scan GitHub Actions workflows (#10322)
  • 778a853 refactor: log statuses as strings (#10285)
  • 88a91cf ci: add build provenance attestations for release artifacts (#10316)
  • 33b9d8e fix(sbom): add NOASSERTION for licenseDeclared/licenseConcluded in SPDX non-library packages (#10368)
  • e5da6de fix(report): set correct sarif ROOTPATH uri when scanning a git repository (#10366)
  • d7fb355 perf(plugin): optimize directory traversal by replacing filepath.Walk with filepath.WalkDir (#10325)
  • a96cede docs: correct typos in CHANGELOG and diagram (#10320)
  • 703de6d chore: delete roadmap wf (#10295)
  • 66acebb ci(helm): bump Trivy version to 0.69.3 for Trivy Helm Chart 0.21.3 (#10310)
  • 2a4dfbf fix(cyclonedx): include CVSS v4 vulnerability ratings (#10313)
  • 77f5cb5 fix: detected vulnerability fields in azure and mariner detector (#10275)
  • 18e6028 ci: add persist-credentials: false to checkout steps (#10306)
  • 2f62c94 ci(helm): bump Trivy version to 0.69.2 for Trivy Helm Chart 0.21.2 (#10270)
  • 9588325 chore(deps): bump the common group across 1 directory with 8 updates (#10248)
  • 01295f3 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#10257)
  • a01f109 chore(deps): bump the aws group across 1 directory with 6 updates (#10249)
  • 5fe09eb chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (#10241)
  • 835a4ad ci: remove apidiff workflow (#10259)
  • 2a140f1 chore(deps): bump github.com/docker/cli from 29.1.4+incompatible to 29.2.1+incompatible in the docker group across 1 directory (#10221)
  • a0f6962 ci: bump golangci-lint to v2.10 in cache-test-assets (#10243)
  • 350fe33 feat(java): add support for proxy configuration from Maven settings.xml (#10187)
  • ccf5a5a chore(deps): bump the github-actions group across 3 directories with 11 updates (#10242)
  • d0a3f63 feat(python): add pylock.toml support (#10137)
  • 2d92b27 chore: bump SPDX license IDs and exceptions to v3.28.0 (#10233)
  • 21e6577 docs: fix typos and upgrade insecure HTTP links to HTTPS (#10219)
  • a4f7937 chore: bump golangci-lint to v2.10.0 (#10223)
  • da94d5f feat(misconf): support for azurerm_network_interface_security_group_association (#10215)
  • d758826 ci: pin Docker Engine to v29 for integration tests (#10232)
  • 7acb5f6 feat(go): detect version from ELF symbol table for binaries built with -trimpath (#10197)
  • 5b54388 docs: migrate private registry documentation from GCR to GAR (#10208)
  • 1c09181 chore(deps): bump the common group across 1 directory with 24 updates (#10206)
  • fb05196 chore(deps): update Docker client SDK to v29 (#10202)
  • 3a3d750 test: update Docker Engine integration tests for Docker API v0.29.0+ compatibility (#10199)
  • 0f0d6db fix(misconf): initialize custom annotation field if empty (#10123)
  • 2c1f65b feat(ubuntu): add eol data for 25.10 (#10181)
  • 42216b5 docs: fix incorrect count of Python package managers (#10175)
  • 8662089 chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 (#10179)
  • 823f363 feat(misconf): resolve Azure resources via resource_id (#10173)
  • 580c4ac ci(helm): bump Trivy version to 0.69.1 for Trivy Helm Chart 0.21.1 (#10155)
  • 68c196f refactor: remove unused Insecure field from ServiceOption (#10113)
  • 0b73503 refactor: reduce complexity of init in detect.go (#10163)
  • 66bdec4 feat(misconf): adapt ARM k8s clusters (#9696) (#10125)
  • 82019c3 docs: update version endpoint example in client/server documentation (#10151)
  • d6e6331 feat(vuln): skip third-party packages in common Detect function (#10129)
  • 5ffcdfc ci: add composite action for Go setup (#10146)
  • b775a1b fix(misconf): apply check aliases when filtering results via .trivyignore (#10112)
  • 8d3d4ee docs(terraform): add limitation for data sources and computed resource attributes (#10128)
  • fa195b4 fix: update PhotonOS feed URL (#10122)
  • 4c46d41 feat(server): include server version info in JSON output for client/server mode (#10075)
  • 7415661 chore(deps): bump to alpine:3.23.3 and go-1.25.6 to fix CVEs (#10107)
  • fc5f139 refactor: unify scanner error limit and compiler limit (#10106)
  • 73c64af ci(helm): bump Trivy version to 0.69.0 for Trivy Helm Chart 0.21.0 (#10103)
  • 9a3e0a8 fix(java): Disable overwriting exclusions (#10088)
  • 65e151f refactor(rust): use txtar format for cargo analyzer test data (#10104)
  • 1a72b32 feat(python): add pylock.toml (PEP 751) parser (#9632)
  • cc64eeb chore(deps): bump the aws group across 1 directory with 6 updates (#10068)
  • b9a8d2d fix(server): exclude JavaDB and CheckBundle from /version endpoint (#10100)
Check out latest releases or
releases around aquasecurity/trivy v0.69.4

Don't miss a new trivy release

NewReleases is sending notifications on new releases.

Get notifications