v0.42.0

aquasecurity/trivy

版本发布时间: 2023-06-02 19:21:29

aquasecurity/trivy最新发布版本:v0.54.1(2024-08-01 00:45:52)

⚡Release highlights and summary⚡

👉 https://github.com/aquasecurity/trivy/discussions/4541

Changelog

854b63940 chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
59e1a8664 chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
9ef01133c feat: add SBOM analyzer (#4210)
dadd1e10c fix(sbom): update logic for work with files in spdx format (#4513)
1a658210a feat: azure workload identity support (#4489)
411862c90 feat(ubuntu): add eol date for 18.04 ESM (#4524)
62a1aaf03 fix(misconf): Update required extensions for terraformplan (#4523)
48b2e15c2 refactor(cyclonedx): add intermediate representation (#4490)
c15f269a9 fix(misconf): Remove debug print while scanning (#4521)
b6ee08e55 fix(java): remove duplicates of jar libs (#4515)
d4740401a fix(java): fix overwriting project props in pom.xml (#4498)
4cf2f94d0 docs: Update compilation instructions (#4512)
18ce1c336 fix(nodejs): update logic for parsing pnpm lock files (#4502)
87eed38c6 fix(secret): remove aws-account-id rule (#4494)
b0c591ef6 feat(oci): add support for referencing an input image by digest (#4470)
b84b5ecfc chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#4338)
305255a49 docs: fixed the format (#4503)
d586de585 fix(java): add support of * for exclusions for pom.xml files (#4501)
de6eef3b0 feat: adding issue template for documentation (#4453)
83a9c4a4c docs: switch glad to ghsa for Go (#4493)
537272257 chore(deps): Update defsec to v0.89.0 (#4474)
6fcd1538d feat(misconf): Add terraformplan support (#4342)
72e302cf8 feat(debian): add digests for dpkg (#4445)
7e99d08a1 chore(deps): bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#4478)
12a1789be feat(k8s): exclude node scanning by node labels (#4459)
919e8c92b docs: add info about multi-line mode for regexp from custom secret rules (#4159)
50fe43f14 feat(cli): convert JSON reports into a different format (#4452)
09db1d438 feat(image): add logic to guess base layer for docker-cis scan (#4344)
3f0721ff6 fix(cyclonedx): set original names for packages (#4306)
0ef0dadb1 feat: group subcommands (#4449)
3a7717fde feat(cli): add retry to cache operations (#4189)
63cfb2714 fix(vuln): report architecture for apk packages (#4247)
e1361368a refactor: enable cases where return values are not needed in pipeline (#4443)
29b5f7e8e fix(image): resolve scan deadlock when error occurs in slow mode (#4336)
92ed344e8 docs(misconf): Update docs for kubernetes file patterns (#4435)
16af41be1 test: k8s integration tests (#4423)
cab8569cd feat(redhat): add package digest for rpm (#4410)
92f9e98d0 feat(misconf): Add --reset-policy-bundle for policy bundle (#4167)
33fb04763 fix: typo (#4431)
8b162f287 add user instruction to imgconf (#4429)
3b7c9198d fix(k8s): add image sources (#4411)
c75d35ff6 docs(scanning): Add versioning banner (#4415)
d298415c0 feat(cli): add mage command to update golden integration test files (#4380)
1a56295ff feat: node-collector custom namespace support (#4407)
864ad10a3 chore(deps): bump owenrumney/go-sarif from v2.1.3 to v2.2.0 (#4378)
7a20d9622 refactor(sbom): use multiline json for spdx-json format (#4404)
ea5fd75ff fix(ubuntu): add EOL date for Ubuntu 23.04 (#4347)
56a01ec6f refactor: code-optimization (#4214)
6a0e15265 feat(image): Add image-src flag to specify which runtime(s) to use (#4047)
50c8b418a test: skip wrong update of test golden files (#4379)
51ca6536c refactor: don't return error for package.json without version/name (#4377)
e5e7ebcda docs: cmd error (#4376)
6ee496077 test(cli): add test for config file and env combination (#2666)
c067b026e fix(report): set a correct file location for license scan output (#4326)
ff6374829 ci: rpm repository for all versions and aarch64 (#4077)
0009b02bb chore(alpine): Update Alpine to 3.18 (#4351)
d61ae8cc7 fix(alpine): add EOL date for Alpine 3.18 (#4308)
636ce808f chore(deps): bump github.com/docker/distribution (#4337)
e859d10ee feat: allow root break for mapfs (#4094)
a6ef37fa3 docs(misconf): Remove examples.md (#4256)
dca8c039e fix(ubuntu): update eol dates for Ubuntu (#4258)
b003f58b2 feat(alpine): add digests for apk packages (#4168)
86f001616 chore: add discussion templates (#4190)
2f318ce97 fix(terraform): Support tfvars (#4123)
ec3906c24 chore: separate docs:generate (#4242)
37b25d28b chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4246)
45d5edb0d refactor: define vulnerability scanner interfaces (#4117)
090a00e71 feat: unified k8s scan resources (#4188)
f2188eb56 chore(deps): Update defsec to v0.88.1 (#4178)
b79850f41 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.1 to 2.30.2 (#4141)
36acdfa8d chore: trivy bin ignore (#4212)
55fb723a6 feat(image): enforce image platform (#4083)
9c87cb271 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.2 to 2.1.3 (#4143)
21cf179f6 chore(deps): bump github.com/docker/docker (#4144)
fbf7a77ae chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.1 to 2.0.2 (#4146)
547391c22 chore(deps): bump aquaproj/aqua-installer from 2.0.2 to 2.1.1 (#4140)
882bfdd78 fix(ubuntu): fix version selection logic for ubuntu esm (#4171)
949cd10c0 chore(deps): bump github.com/samber/lo from 1.37.0 to 1.38.1 (#4147)
93bc162ca chore(deps): bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1 (#4145)
57993ef67 chore(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.3 (#4138)
dc4baeb35 chore(deps): bump github.com/testcontainers/testcontainers-go (#4150)
25d0255dc chore: install.sh support for windows (#4155)
73e54549f chore(deps): bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#4166)
08de7c613 chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#4149)
ade4730fa docs: moving skipping files out of others (#4154)