Releases: DmitriyLewen/trivy
Releases · DmitriyLewen/trivy
v0.38.6
v0.38.0
Changelog
- 2cfbe22 test revert 32 bit
- f105279 fix(report): return severity colors in table format (aquasecurity#4969)
- bc2b0ca build: maximize available disk space for release (aquasecurity#4937)
- 9493c6f test(cli): Fix assertion helptext (aquasecurity#4966)
- b0359de chore(deps): Bump defsec to v0.91.1 (aquasecurity#4965)
- d3a34e4 test: validate CycloneDX with the JSON schema (aquasecurity#4956)
- 798ef1b fix(server): add licenses to the Result message (aquasecurity#4955)
- e8cf281 fix(aws): resolve endpoint if endpoint is passed (aquasecurity#4925)
- f18b0db fix(sbom): move licenses to
namefield in Cyclonedx format (aquasecurity#4941) - a796701 add only uniq deps in dependsOn (aquasecurity#4943)
- b544e0d use testify instead of gotest.tools (aquasecurity#4946)
- 067a0fc fix(nodejs): do not detect lock file in node_modules as an app (aquasecurity#4949)
- e6d7705 bump go-dep-parser (aquasecurity#4936)
- c584dc1 chore(deps): bump github.com/openvex/go-vex from 0.2.0 to 0.2.1 (aquasecurity#4914)
- 358d56b chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (aquasecurity#4909)
- 17f3ea9 chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore (aquasecurity#4912)
- 39ccbf7 test(aws): move part of unit tests to integration (aquasecurity#4884)
- 6d3ae3b docs(cli): update help string for file and dir skipping (aquasecurity#4872)
- 7d7a1ef chore(deps): bump sigstore/cosign-installer (aquasecurity#4910)
- fc74950 chore(deps): bump github.com/sosedoff/gitkit from 0.3.0 to 0.4.0 (aquasecurity#4916)
- b2a68bc chore(deps): bump k8s.io/api from 0.27.3 to 0.27.4 (aquasecurity#4918)
- e5c0c15 chore(deps): bump github.com/secure-systems-lab/go-securesystemslib (aquasecurity#4919)
- da37803 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (aquasecurity#4913)
- 9744e64 chore(deps): bump github.com/magefile/mage from 1.14.0 to 1.15.0 (aquasecurity#4915)
- 99eebc6 docs: update the discussion template (aquasecurity#4928)
- d19c7d9 feat(repo): support local repositories (aquasecurity#4890)
- 3c19761 bump go-dep-parser (aquasecurity#4893)
- e1c2a8c fix(misconf): add missing fields to proto (aquasecurity#4861)
- 8b8e0e8 fix: remove trivy-db package replacement (aquasecurity#4877)
- f9efe44 chore(test): bump the integration test timeout to 15m (aquasecurity#4880)
- 7271d68 chore(deps): Update defsec to v0.91.0 (aquasecurity#4886)
- c3bc67c chore: update CODEOWNERS (aquasecurity#4871)
- 232ba82 feat(vuln): support vulnerability status (aquasecurity#4867)
- 11618c9 feat(misconf): Support custom URLs for policy bundle (aquasecurity#4834)
- 0707569 refactor: replace with sortable packages (aquasecurity#4858)
- fbe1c9e docs: correct license scanning sample command (aquasecurity#4855)
- 20c2246 fix(report): close the file (aquasecurity#4842)
- 24a3e54 feat(nodejs): add support for include-dev-deps flag for yarn (aquasecurity#4812)
- a7bd7bb feat(misconf): Add support for independently enabling libraries (aquasecurity#4070)
- 4aa9ea0 feat(secret): add secret config file for cache calculation (aquasecurity#4837)
- 5d349d8 Fix a link in gitlab-ci.md (aquasecurity#4850)
- a61531c fix(flag): use globalstar to skip directories (aquasecurity#4854)
- 78cc209 chore(deps): bump github.com/docker/docker from v23.0.5+incompatible to v23.0.7-0.20230714215826-f00e7af96042+incompatible (aquasecurity#4849)
- 9399604 fix(license): using common way for splitting licenses (aquasecurity#4434)
- 3e2416d fix(containerd): Use img platform in exporter instead of strict host platform (aquasecurity#4477)
- ce77bb4 remove govulndb (aquasecurity#4783)
- c05caae fix(java): inherit licenses from parents (aquasecurity#4817)
- aca11b9 refactor: add allowed values for CLI flags (aquasecurity#4800)
- 4cecd17 add example regex to allow rules (aquasecurity#4827)
- 4bc8d29 feat(misconf): Support custom data for rego policies for cloud (aquasecurity#4745)
- 88243a0 docs: correcting the trivy k8s tutorial (aquasecurity#4815)
- 3c7d988 feat(cli): add --tf-exclude-downloaded-modules flag (aquasecurity#4810)
- fd0fd10 fix(sbom): cyclonedx recommendations should include fixed versions for each package (aquasecurity#4794)
- d0d543b feat(misconf): enable --policy flag to accept directory and files both (aquasecurity#4777)
- b43a3e6 feat(python): add license fields (aquasecurity#4722)
- aef7b14 fix: support trivy k8s-version on k8s sub-command (aquasecurity#4786)
- 5d76aba chore(deps): Update defsec to v0.90.3 (aquasecurity#4793)
- fed446c chore(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 (aquasecurity#4752)
- df62927 chore(deps): bump alpine from 3.18.0 to 3.18.2 (aquasecurity#4748)
- 1b9b9a8 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.3 to 2.30.4 (aquasecurity#4758)
- 3c16ca8 docs(image): fix the comment on the soft/hard link (aquasecurity#4740)
- e5bee5c check Type when filling pkgs in vulns (aquasecurity#4776)
- 4b9f310 feat: add support of linux/ppc64le and linux/s390x architectures for Install.sh script (aquasecurity#4770)
- 8e7fb7c chore(deps): bump modernc.org/sqlite from 1.20.3 to 1.23.1 (aquasecurity#4756)
- a9badea fix(rocky): add architectures support for advisories (aquasecurity#4691)
- f8ebccc chore(deps): bump github.com/opencontainers/image-spec (aquasecurity#4751)
- 1c81948 chore(deps): bump github.com/package-url/packageurl-go (aquasecurity#4754)
- 497cc10 chore(deps): bump golang.org/x/sync from 0.2.0 to 0.3.0 (aquasecurity#4750)
- 065f0af chore(deps): bump github.com/tetratelabs/wazero from 1.2.0 to 1.2.1 (aquasecurity#4755)
- e260305 chore(deps): bump github.com/testcontainers/testcontainers-go (aquasecurity#4759)
- 0621402 fix: documentation about reseting trivy image (aquasecurity#4733)
- 798fdbc fix(suse): Add openSUSE Leap 15.5 eol date as well (aquasecurity#4744)
- 34a8929 fix: update Amazon Linux 1 EOL (aquasecurity#4761)
- 6008192 chore(deps): Update defsec to v0.90.1 (aquasecurity#4739)
- 73734ea feat(nodejs): support yarn workspaces (aquasecurity#4664)
- 22463ab feat(cli): add include-dev-deps flag (aquasecurity#4700)
- 790c805 fix(image): pass the secret scanner option to scan the img config (aquasecurity#4735)
- 86fec9c fix: scan job pod it not found on k8s-1.27.x (aquasecurity#4729)
- 26bc911 feat(docker): add support for mTLS authentication when connecting to registry (aquasecurity#4649)
- d699e8c chore(deps): Update defsec to v0.90.0 (aquasecurity#4723)
- 1777878 fix: skip scanning the gpg-pubkey package (aquasecurity#4720)
- 9be0825 Fix http registry oci pull (aquasecurity#4701)
- 5d73b47 feat(misconf): Support skipping services (aquasecurity#4686)
- 46e784c docs: fix supported modes for pubspec.lock files (aquasecurity#4713)
- 0f61a84 fix(misconf): disable the terraform plan analyzer for other scanners (aquasecurity#4714)
- 8a1aa44 clarifying a dir path is required for custom policies (aquasecurity#4716)
- fbab9ee chore: update alpine base images (aquasecurity#4715)
- f84417b fix last-history-created (aquasecurity#4697)
- 85c681d feat: kbom and cyclonedx v1.5 spec support (aquasecurity#4708)
- 46748ce docs: add information about Aqua (aquasecurity#4590)
- c6741bd fix: k8s escape resource filename on windows os (aquasecurity#4693)
- a21acc7 ci: ignore merge queue branches (aquasecurity#4696)
- 32a3a33 chore(deps): bump actions/checkout from 2.4.0 to 3.5.3 (aquasecurity#4695)
- cbb47dc chore(deps): bump aquaproj/aqua-installer from 2.1.1 to 2.1.2 (aquasecurity#4694)
- e3d10d2 feat: cyclondx sbom custom property support (aquasecurity#4688)
- e1770e0 ci: do not trigger tests in main (aquasecurity#4692)
- 337c0b7 add SUSE Linux Enterprise Server 15 SP5 and update SP4 eol date (aquasecurity#4690)
- 5ccee14 use group field for jar in cyclonedx (aquasecurity#4674)
- 96db52c feat(java): capture licenses from pom.xml (aquasecurity#4681)
- 3e902a5 feat(helm): make sessionAffinity configurable (aquasecurity#4623)
- 904f1cf fix: Show the correct URL of the secret scanning (aquasecurity#4682)
- 7d48c5d document expected file pattern definition format (aquasecurity#4654)
- dcc73e9 fix: format arg error (aquasecurity#4642)
- 35c4262 feat(k8s): cyclonedx kbom support (aquasecurity#4557)
- 0e01851 fix(nodejs): remove unused fields for the pnpm lockfile (aquasecurity#4630)
- 4d9b444 fix(vm): update ext4-filesystem parser for parse multi block extents (aquasecurity#4616)
- c29197a ci: update build IDs (aquasecurity#4641)
- d7637ad fix(debian): update EOL for Debian 12 (aquasecurity#4647)
- ef39eee chore(deps): bump go-containerregistry (aquasecurity#4639)
- 1ce8bb5 chore: unnecessary use of fmt.Sprintf (S1039) (aquasecurity#4637)
- bc9513f fix(db): change argument order in Exists query for JavaDB (aquasecurity#4595)
- aecd2f0 feat(aws): Add support to see successes in results (aquasecurity#4427)
- 2cbf402 chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (aquasecurity#4613)
- 0099b20 ci: do not trigger tests in main (aquasecurity#4614)
- a597a54 chore(deps): bump sigstore/cosign-installer (aquasecurity#4609)
- b453fbe chore(deps): bump CycloneDX/gh-gomod-generate-sbom from 1 to 2 (aquasecurity#4608)
- 0e876d5 ci: bypass the required status checks (aquasecurity#4611)
- a4f27d2 ci: support merge queue (aquasecurity#3652)
- 9e6411e ci: matrix build for testing (aquasecurity#4587)
- ef6538a feat: trivy k8s private registry support (aquasecurity#4567)
- 139f3e1 docs: add general coverage page (aquasecurity#3859)
- 479cfdd chore: create SECURITY.md (aquasecurity#4601)
- 9a279fa ci: remove 32bit packages (aquasecurity#4585)
- d52b0b7 fix(misconf): deduplicate misconf results (aquasecurity#4588)
- 9b531fa fix(vm): support sector size of 4096 (aquasecurity#4564)
- 8ca1bfd fix(misconf): terraform relative paths (aquasecurity#4571)
- c20d466 fix(purl): skip unsupported library type (aquasecurity#4577)
- 52cbe79 fix(terraform): recursively detect all Root Modules (aquasecurity#4457)
- 4a5b915 fix(vm): support post analyzer for vm command (aquasecurity#4544)
- 56cdc55 fix(nodejs): change the type of the devDependencies field (aquasecurity#4560)
- 17d7536 fix(sbom): export empty dependencies in CycloneDX (aquasecurity#4568)
- 2796abe refactor: add composite fs for post-analyzers (aquasecurity#4556)
- 22a1573 chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (aquasecurity#4554)
- 4358665 chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (aquasecurity#4526)
- 5081399 chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 (aquasecurity#4528)
- e1a3812 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to 2.30.3 (aquasecurity#4529)
- 283eef6 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 (aquasecurity#4536)
- bbd7b98 chore(deps): bump github.com/tetratelabs/wazero from 1.0.0 to 1.2.0 (aquasecurity#4549)
- 11c81bf chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 (aquasecurity#4532)
- 2d8d63e chore(deps): bump github.com/testcontainers/testcontainers-go (aquasecurity#4537)
- a46839b chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (aquasecurity#4530)
- 19715f5 chore(deps): bump github.com/aws/aws-sdk-go-v2/config (aquasecurity#4534)
- 854b639 chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (aquasecurity#4533)
- 59e1a86 chore(deps): bump alpine from 3.17.3 to 3.18.0 (aquasecurity#4525)
- 9ef0113 feat: add SBOM analyzer (aquasecurity#4210)
- dadd1e1 fix(sbom): update logic for work with files in spdx format (aquasecurity#4513)...