Skip to content

Releases: aquasecurity/trivy

v0.42.0

02 Jun 11:21
@aqua-bot aqua-bot
v0.42.0
854b639
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.42.0

⚡Release highlights and summary⚡

👉 #4541

Changelog

  • 854b639 chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
  • 59e1a86 chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
  • 9ef0113 feat: add SBOM analyzer (#4210)
  • dadd1e1 fix(sbom): update logic for work with files in spdx format (#4513)
  • 1a65821 feat: azure workload identity support (#4489)
  • 411862c feat(ubuntu): add eol date for 18.04 ESM (#4524)
  • 62a1aaf fix(misconf): Update required extensions for terraformplan (#4523)
  • 48b2e15 refactor(cyclonedx): add intermediate representation (#4490)
  • c15f269 fix(misconf): Remove debug print while scanning (#4521)
  • b6ee08e fix(java): remove duplicates of jar libs (#4515)
  • d474040 fix(java): fix overwriting project props in pom.xml (#4498)
  • 4cf2f94 docs: Update compilation instructions (#4512)
  • 18ce1c3 fix(nodejs): update logic for parsing pnpm lock files (#4502)
  • 87eed38 fix(secret): remove aws-account-id rule (#4494)
  • b0c591e feat(oci): add support for referencing an input image by digest (#4470)
  • b84b5ec chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#4338)
  • 305255a docs: fixed the format (#4503)
  • d586de5 fix(java): add support of * for exclusions for pom.xml files (#4501)
  • de6eef3 feat: adding issue template for documentation (#4453)
  • 83a9c4a docs: switch glad to ghsa for Go (#4493)
  • 5372722 chore(deps): Update defsec to v0.89.0 (#4474)
  • 6fcd153 feat(misconf): Add terraformplan support (#4342)
  • 72e302c feat(debian): add digests for dpkg (#4445)
  • 7e99d08 chore(deps): bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#4478)
  • 12a1789 feat(k8s): exclude node scanning by node labels (#4459)
  • 919e8c9 docs: add info about multi-line mode for regexp from custom secret rules (#4159)
  • 50fe43f feat(cli): convert JSON reports into a different format (#4452)
  • 09db1d4 feat(image): add logic to guess base layer for docker-cis scan (#4344)
  • 3f0721f fix(cyclonedx): set original names for packages (#4306)
  • 0ef0dad feat: group subcommands (#4449)
  • 3a7717f feat(cli): add retry to cache operations (#4189)
  • 63cfb27 fix(vuln): report architecture for apk packages (#4247)
  • e136136 refactor: enable cases where return values are not needed in pipeline (#4443)
  • 29b5f7e fix(image): resolve scan deadlock when error occurs in slow mode (#4336)
  • 92ed344 docs(misconf): Update docs for kubernetes file patterns (#4435)
  • 16af41b test: k8s integration tests (#4423)
  • cab8569 feat(redhat): add package digest for rpm (#4410)
  • 92f9e98 feat(misconf): Add --reset-policy-bundle for policy bundle (#4167)
  • 33fb047 fix: typo (#4431)
  • 8b162f2 add user instruction to imgconf (#4429)
  • 3b7c919 fix(k8s): add image sources (#4411)
  • c75d35f docs(scanning): Add versioning banner (#4415)
  • d298415 feat(cli): add mage command to update golden integration test files (#4380)
  • 1a56295 feat: node-collector custom namespace support (#4407)
  • 864ad10 chore(deps): bump owenrumney/go-sarif from v2.1.3 to v2.2.0 (#4378)
  • 7a20d96 refactor(sbom): use multiline json for spdx-json format (#4404)
  • ea5fd75 fix(ubuntu): add EOL date for Ubuntu 23.04 (#4347)
  • 56a01ec refactor: code-optimization (#4214)
  • 6a0e152 feat(image): Add image-src flag to specify which runtime(s) to use (#4047)
  • 50c8b41 test: skip wrong update of test golden files (#4379)
  • 51ca653 refactor: don't return error for package.json without version/name (#4377)
  • e5e7ebc docs: cmd error (#4376)
  • 6ee4960 test(cli): add test for config file and env combination (#2666)
  • c067b02 fix(report): set a correct file location for license scan output (#4326)
  • ff63748 ci: rpm repository for all versions and aarch64 (#4077)
  • 0009b02 chore(alpine): Update Alpine to 3.18 (#4351)
  • d61ae8c fix(alpine): add EOL date for Alpine 3.18 (#4308)
  • 636ce80 chore(deps): bump github.com/docker/distribution (#4337)
  • e859d10 feat: allow root break for mapfs (#4094)
  • a6ef37f docs(misconf): Remove examples.md (#4256)
  • dca8c03 fix(ubuntu): update eol dates for Ubuntu (#4258)
  • b003f58 feat(alpine): add digests for apk packages (#4168)
  • 86f0016 chore: add discussion templates (#4190)
  • 2f318ce fix(terraform): Support tfvars (#4123)
  • ec3906c chore: separate docs:generate (#4242)
  • 37b25d2 chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4246)
  • 45d5edb refactor: define vulnerability scanner interfaces (#4117)
  • 090a00e feat: unified k8s scan resources (#4188)
  • f2188eb chore(deps): Update defsec to v0.88.1 (#4178)
  • b79850f chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.1 to 2.30.2 (#4141)
  • 36acdfa chore: trivy bin ignore (#4212)
  • 55fb723 feat(image): enforce image platform (#4083)
  • 9c87cb2 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.2 to 2.1.3 (#4143)
  • 21cf179 chore(deps): bump github.com/docker/docker (#4144)
  • fbf7a77 chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.1 to 2.0.2 (#4146)
  • 547391c chore(deps): bump aquaproj/aqua-installer from 2.0.2 to 2.1.1 (#4140)
  • 882bfdd fix(ubuntu): fix version selection logic for ubuntu esm (#4171)
  • 949cd10 chore(deps): bump github.com/samber/lo from 1.37.0 to 1.38.1 (#4147)
  • 93bc162 chore(deps): bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1 (#4145)
  • 57993ef chore(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.3 (#4138)
  • dc4baeb chore(deps): bump github.com/testcontainers/testcontainers-go (#4150)
  • 25d0255 chore: install.sh support for windows (#4155)
  • 73e5454 chore(deps): bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#4166)
  • 08de7c6 chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#4149)
  • ade4730 docs: moving skipping files out of others (#4154)
Assets 75
Loading
4 Join discussion

v0.41.0

28 Apr 06:00
@aqua-bot aqua-bot
v0.41.0
1be1e2e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.41.0

⚡Release highlights and summary⚡

👉 #4135

Changelog

  • 1be1e2e fix(spdx): add workaround for no src packages (#4118)
  • 45bc9e0 test(golang): rename broken go.mod (#4129)
  • 3334e78 feat(sbom): add supplier field (#4122)
  • 27fb1bf test(misconf): skip downloading of policies for tests #4126
  • 845ae31 refactor: use debug message for post-analyze errors (#4037)
  • 11a5b91 feat(sbom): add VEX support (#4053)
  • 5eab464 feat(sbom): add primary package purpose field for SPDX (#4119)
  • a00d00e fix(k8s): fix quiet flag (#4120)
  • 9bc3269 fix(python): parse of pip extras (#4103)
  • 8559841 feat(java): use full path for nested jars (#3992)
  • 0650e0e feat(license): add new flag for classifier confidence level (#4073)
  • 43b6496 feat: config and fs compliance support (#4097)
  • 9181bc1 chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952)
  • 48e021e feat(spdx): add support for SPDX 2.3 (#4058)
  • 107752d fix: k8s all-namespaces support (#4096)
  • bd0c603 perf(misconf): replace with post-analyzers (#4090)
  • 76662d5 fix(helm): update networking API version detection (#4106)
  • be47b68 feat(image): custom docker host option (#3599)
  • cc18f92 style: debug flag is incorrect and needs extra - (#4087)
  • 572a619 docs(vuln): Document inline vulnerability filtering comments (#4024)
  • 914c6f0 feat(fs): customize error callback during fs walk (#4038)
  • 3f02fee fix(ubuntu): skip copyright files from subfolders (#4076)
  • 57bb77c docs: restructure scanners (#3977)
  • b19b56c fix: fix file does not exist error for post-analyzers (#4061)
Assets 75
Loading
0 Join discussion

v0.40.0

16 Apr 13:30
@aqua-bot aqua-bot
v0.40.0
b43b19b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.40.0

⚡Release highlights and summary⚡

👉 #4074

Changelog

  • b43b19b feat(flag): Support globstar for --skip-files and --skip-directories (#4026)
  • 1480500 chore(deps): bump actions/stale from 7 to 8 (#3955)
  • 83bb97a fix: return insecure option to download javadb (#4064)
  • 79a1ba3 fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052)
  • ff1c43a ci: add gpg signing for RPM packages (#4056)
  • b608b11 fix(k8s): current context title (#4055)
  • 2c3b60f fix(k8s): quit support on k8s progress bar (#4021)
  • a6b8642 chore: add a note about Dockerfile.canary (#4050)
  • 90b8066 ci: fix path to canary binaries (#4045)
  • dcefc6b fix(vuln): report architecture for debian packages (#4032)
  • 601e25f feat: add support for Chainguard's commercial distro (#3641)
  • 0bebec1 ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979)
  • 707ea94 fix(vuln): fix error message for remote scanners (#4031)
  • 8e1fe76 feat(report): add image metadata to SARIF (#4020)
  • 4b36e97 docs: fix broken cache link on Installation page (#3999)
  • f0df725 fix: lock downloading policies and database (#4017)
  • 009675c fix: avoid concurrent access to the global map (#4014)
  • 3ed86aa feat(rust): add Cargo.lock v3 support (#4012)
  • f31dea4 feat: auth support oci download server subcommand (#4008)
  • d37c50a chore(deps): bump github.com/docker/docker (#4009)
  • 693d205 chore: install.sh support for armv7 (#3985)
  • 65d89b9 chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961)
Assets 75
Loading
0 Join discussion

v0.39.1

09 Apr 13:47
@aqua-bot aqua-bot
v0.39.1
a119ef8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.39.1

Changelog

  • a119ef8 fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997)
  • c8283ce fix(sbom): fix infinite loop for cyclonedx (#3998)
  • 6c8b042 chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954)
  • c42f360 fix: use warning for errors from enrichment files for post-analyzers (#3972)
  • 20c21ca chore(deps): bump github.com/docker/docker (#3963)
  • 54388ff fix(helm): added annotation to psp configurable from values (#3893)
  • 99a2519 chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962)
  • d113b93 fix(secret): update built-in rule tests (#3855)
  • 5ab6d25 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957)
  • 0767cb8 test: rewrite scripts in Go (#3968)
  • 428ee19 docs(cli): Improve glob documentation (#3945)
  • 3e00dc3 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959)
  • cf2f0b2 ci: check CLI references (#3967)
  • 70f507e chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951)
  • befabc6 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956)
  • ee69abb chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958)
  • 8901f7b chore(deps): bump actions/setup-go from 3 to 4 (#3953)
  • 4e6bbbc chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950)
  • d70f346 chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965)
  • 3efb2fd chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964)
Assets 75
Loading
0 Join discussion

v0.39.0

01 Apr 08:40
@aqua-bot aqua-bot
v0.39.0
ed59096
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.39.0

⚡Release highlights and summary⚡

👉 #3949

Changelog

  • ed59096 docs(cli): added makefile and go file to create docs (#3930)
  • a2f39a3 chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  • 5a10631 chore: ignore gpg key (#3943)
  • 4072115 feat(cyclonedx): support dependency graph (#3177)
  • 7cad265 chore(deps): Bump defsec to v0.85.0 (#3940)
  • f8b5733 feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  • 10796a2 feat(server): redis with public TLS certs support (#3783)
  • abff139 feat(flag): Add glob support to --skip-dirs and --skip-files (#3866)
  • b40f60c chore: replace make with mage (#3932)
  • 67236f6 fix(sbom): add checksum to files (#3888)
  • 00de24b chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  • 5976d1f chore: remove unused mount volumes (#3927)
  • f14bed4 feat: add auth support for downloading OCI artifacts (#3915)
  • 1ee0518 refactor(purl): use epoch in qualifier (#3913)
  • 0000252 chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  • ca0d972 feat(image): add registry options (#3906)
  • 0336555 feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  • dd9cd95 chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  • edb0682 feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  • c02b15b chore(deps): updates wazero to 1.0.0 (#3904)
  • 63ef760 feat(image): discover SBOM in OCI referrers (#3768)
  • 3fa703c docs: change cache-dir key in config file (#3897)
  • 4d78747 fix(sbom): use release and epoch for SPDX package version (#3896)
  • 67572df ci: add gpg signing for RPM packages (#3612)
  • e76d5ff docs: Update incorrect comment for skip-update flag (#3878)
  • 011ea60 refactor(misconf): simplify policy filesystem (#3875)
  • 6445309 feat(nodejs): parse package.json alongside yarn.lock (#3757)
  • 6e9c2c3 fix(spdx): add PkgDownloadLocation field (#3879)
  • 18eeea2 fix(report): try to guess direct deps for dependency tree (#3852)
  • 02b6914 chore(amazon): update EOL (#3876)
  • 79096e1 fix(nodejs): improvement logic for package-lock.json v2-v3 (#3877)
  • fc2e80c feat(amazon): add al2023 support (#3854)
  • 5f8d69d chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.0 to 3.1.2 (#3736)
  • 7916aaf docs(misconf): Add information about selectors (#3703)
  • 1b1ed39 docs(cli): update CLI docs with cobra (#3815)
  • 234a360 feat: k8s parallel processing (#3693)
  • b864b3b docs: add DefectDojo in the Security Management section (#3871)
  • ad34c98 chore(deps): updates wazero to 1.0.0-rc.2 (#3853)
  • 7148de3 refactor: add pipeline (#3868)
  • 927acf9 feat(cli): add javadb metadata to version info (#3835)
  • 33074cf chore(deps): Move compliance types to defsec (#3842)
  • ba9b041 feat(sbom): add support for CycloneDX JSON Attestation of the correct specification (#3849)
  • a754a04 feat: add node toleration option (#3823)
  • 9e4b57f fix: allow mapfs to open dirs (#3867)
  • 09fd299 fix(report): update uri only for os class targets (#3846)
  • 09e1302 feat(nodejs): Add v3 npm lock file support (#3826)
  • 52cbfeb feat(nodejs): parse package.json files alongside package-lock.json (#2916)
  • d6a2d63 docs(misconf): Fix links to built in policies (#3841)
Assets 75
Loading
0 Join discussion

v0.38.3

14 Mar 10:57
@aqua-bot aqua-bot
v0.38.3
a12f58b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.38.3

Changelog

  • a12f58b chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
  • ee51835 fix(java): skip empty files for jar post analyzer (#3832)
  • 3987a67 fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
  • 2bb25e7 refactor(license): use goyacc for license parser (#3824)
  • 00c763b chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
  • cac5881 fix: populate timeout context to node-collector (#3766)
  • bd9c6e6 fix: exclude node collector scanning (#3771)
  • 20f1067 fix: display correct flag in error message when skipping java db update #3808
  • 1fac7bf fix: disable jar analyzer for scanners other than vuln (#3810)
  • aaf2658 fix(sbom): fix incompliant license format for spdx (#3335)
  • f830763 fix(java): the project props take precedence over the parent's props (#3320)
  • 1aa3b7d docs: add canary build info to README.md (#3799)
  • 57904c0 docs: adding link to gh token generation (#3784)
  • bdccf72 docs: changing docs in accordance with #3460 (#3787)
Assets 75
Loading
0 Join discussion

v0.38.2

08 Mar 11:22
@aqua-bot aqua-bot
v0.38.2
800473a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.38.2

Changelog

  • 800473a chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
  • e6ab389 chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
  • 6614398 fix(license): disable jar analyzer for licence scan only (#3780)
  • 1dc6fee bump trivy-issue-action to v0.0.0; skip pkg dir (#3781)
  • 3357ed0 fix: skip checking dirs for required post-analyzers (#3773)
  • 1064636 docs: add information about plugin format (#3749)
  • 60b7ef5 fix(sbom): add trivy version to spdx creators tool field (#3756)
Assets 75
Loading
0 Join discussion

v0.38.1

02 Mar 16:30
@aqua-bot aqua-bot
v0.38.1
497c955
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.38.1

Changelog

  • 497c955 feat(misconf): Add support to show policy bundle version (#3743)
  • 5d54310 fix(python): fix error with optional dependencies in pyproject.toml (#3741)
  • 44cf1e2 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.212 (#3740)
  • 743b4b0 add id for package.json files (#3750)
  • 6de4385 chore(deps): bump github.com/containerd/containerd from 1.6.18 to 1.6.19 (#3738)
  • 9a0ceef chore(deps): bump actions/cache from 3.2.4 to 3.2.6 (#3725)
  • 0501b46 chore(deps): bump github.com/google/go-containerregistry (#3731)
  • ee3004d chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 (#3732)
  • 5c8e604 chore(deps): bump alpine from 3.17.1 to 3.17.2 (#3723)
Assets 75
Loading
2 Join discussion

v0.38.0

01 Mar 11:44
@aqua-bot aqua-bot
v0.38.0
bc08366
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.38.0

⚡Release highlights and summary⚡

👉 #3719

Changelog

  • bc08366 fix(cli): pass integer to exit-on-eol (#3716)
  • 23cdac0 feat: add kubernetes pss compliance (#3498)
  • 302c8ae feat: Adding --module-dir and --enable-modules (#3677)
  • 34120f4 feat: add special IDs for filtering secrets (#3702)
  • e399ed8 chore(deps): Update defsec (#3713)
  • ef7b762 docs(misconf): Add guide on input schema (#3692)
  • 00daebc feat(go): support dependency graph and show only direct dependencies in the tree (#3691)
  • 98d1031 feat: docker multi credential support (#3631)
  • b791362 feat: summarize vulnerabilities in compliance reports (#3651)
  • 719fdb1 feat(python): parse pyproject.toml alongside poetry.lock (#3695)
  • 3ff5699 feat(python): add dependency tree for poetry lock file (#3665)
  • 33909d9 fix(cyclonedx): incompliant affect ref (#3679)
  • d85a3e0 chore(helm): update skip-db-update environment variable (#3657)
  • 551899c fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675)
  • 3aaa2cf fix(sbom): export empty dependencies in CycloneDX (#3664)
  • 9d1300c docs: java-db air-gap doc tweaks (#3561)
  • 793cc43 feat(go): license support (#3683)
  • 6a3294e feat(ruby): add dependency tree/location support for Gemfile.lock (#3669)
  • e9dc21d fix(k8s): k8s label size (#3678)
  • 12976d4 fix(cyclondx): fix array empty value, null to [] (#3676)
  • 1dc2b34 refactor: rewrite gomod analyzer as post-analyzer (#3674)
  • 92eaf63 feat: config outdated-api result filtered by k8s version (#3578)
  • 9af436b fix: Update to Alpine 3.17.2 (#3655)
  • 88ee68d feat: add support for virtual files (#3654)
  • 75c96bd feat: add post-analyzers (#3640)
  • baea399 chore(deps): updates wazero to 1.0.0-pre.9 (#3653)
  • 7ca0db1 chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528)
  • 866999e chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633)
  • b7bfb9a feat(python): add dependency locations for Pipfile.lock (#3614)
  • 9badef2 chore(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 (#3648)
  • d856595 fix(java): fix groupID selection by ArtifactID for jar files. (#3644)
  • fe7c26a chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.63.1 to 1.85.0 (#3607)
  • f251dfc fix(aws): Adding a fix for update-cache flag that is not applied on AWS scans. (#3619)
  • 9be8062 feat(cli): add command completion (#3061)
  • 370098d docs(misconf): update dockerfile link (#3627)
  • 32acd29 feat(flag): add exit-on-eosl option (#3423)
  • aa8e185 chore(deps): bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.2 (#3533)
  • 86603bb fix(cli): make java db repository configurable (#3595)
  • 7b1e173 chore: bump trivy-kubernetes (#3613)
Assets 75
Loading
0 Join discussion

v0.37.3

14 Feb 12:28
@aqua-bot aqua-bot
v0.37.3
85d5d61
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.37.3

Changelog

  • 85d5d61 chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  • 2c17260 chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  • c54f1aa chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  • 625ea58 chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  • 623c7f9 chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  • d291c34 ci: quote pros in c++ for semantic pr (#3605)
  • 6cac6c9 fix(image): check proxy settings from env for remote images (#3604)
Assets 75
Loading
1 Join discussion