sonarcloud[bot]
commented
1 year ago Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
No Duplication information
This PR contains the following updates:
0.36.1->0.37.1Release Notes
aquasecurity/trivy
### [`v0.37.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.37.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.37.0...v0.37.1) #### Changelog - [`7f8868b`](https://togithub.com/aquasecurity/trivy/commit/7f8868b7) fix(sbom): download the Java DB when generating SBOM ([#3539](https://togithub.com/aquasecurity/trivy/issues/3539)) - [`364379b`](https://togithub.com/aquasecurity/trivy/commit/364379b7) fix: use cgo free sqlite driver ([#3521](https://togithub.com/aquasecurity/trivy/issues/3521)) - [`0205475`](https://togithub.com/aquasecurity/trivy/commit/0205475f) ci: fix path to dist folder ([#3527](https://togithub.com/aquasecurity/trivy/issues/3527)) ### [`v0.37.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.37.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.36.1...v0.37.0) #### Changelog - [`e9d2af9`](https://togithub.com/aquasecurity/trivy/commit/e9d2af91) fix(image): close layers ([#3517](https://togithub.com/aquasecurity/trivy/issues/3517)) - [`b169424`](https://togithub.com/aquasecurity/trivy/commit/b1694240) refactor: db client changed ([#3515](https://togithub.com/aquasecurity/trivy/issues/3515)) - [`7bf1e19`](https://togithub.com/aquasecurity/trivy/commit/7bf1e192) feat(java): use trivy-java-db to get GAV ([#3484](https://togithub.com/aquasecurity/trivy/issues/3484)) - [`023e45b`](https://togithub.com/aquasecurity/trivy/commit/023e45b8) docs: add note about the limitation in Rekor ([#3494](https://togithub.com/aquasecurity/trivy/issues/3494)) - [`0fe62a9`](https://togithub.com/aquasecurity/trivy/commit/0fe62a93) docs: aggregate targets ([#3503](https://togithub.com/aquasecurity/trivy/issues/3503)) - [`0373e08`](https://togithub.com/aquasecurity/trivy/commit/0373e082) deps: updates wazero to 1.0.0-pre.8 ([#3510](https://togithub.com/aquasecurity/trivy/issues/3510)) - [`a2e21f9`](https://togithub.com/aquasecurity/trivy/commit/a2e21f9b) docs: add alma 9 and rocky 9 to supported os ([#3513](https://togithub.com/aquasecurity/trivy/issues/3513)) - [`7d778b7`](https://togithub.com/aquasecurity/trivy/commit/7d778b75) chore(deps): bump defsec to v0.82.9 ([#3512](https://togithub.com/aquasecurity/trivy/issues/3512)) - [`9e9dbea`](https://togithub.com/aquasecurity/trivy/commit/9e9dbea7) chore: add missing target labels ([#3504](https://togithub.com/aquasecurity/trivy/issues/3504)) - [`d99a7b8`](https://togithub.com/aquasecurity/trivy/commit/d99a7b82) docs: add java vulnerability page ([#3429](https://togithub.com/aquasecurity/trivy/issues/3429)) - [`cb5af0b`](https://togithub.com/aquasecurity/trivy/commit/cb5af0b3) feat(image): add support for Docker CIS Benchmark ([#3496](https://togithub.com/aquasecurity/trivy/issues/3496)) - [`6eec9ac`](https://togithub.com/aquasecurity/trivy/commit/6eec9ac0) feat(image): secret scanning on container image config ([#3495](https://togithub.com/aquasecurity/trivy/issues/3495)) - [`1eca973`](https://togithub.com/aquasecurity/trivy/commit/1eca973c) chore(deps): Upgrade defsec to v0.82.8 ([#3488](https://togithub.com/aquasecurity/trivy/issues/3488)) - [`fb0d8f3`](https://togithub.com/aquasecurity/trivy/commit/fb0d8f3f) feat(image): scan misconfigurations in image config ([#3437](https://togithub.com/aquasecurity/trivy/issues/3437)) - [`501d424`](https://togithub.com/aquasecurity/trivy/commit/501d424d) chore(helm): update Trivy from v0.30.4 to v0.36.1 ([#3489](https://togithub.com/aquasecurity/trivy/issues/3489)) - [`475dc17`](https://togithub.com/aquasecurity/trivy/commit/475dc17b) feat(k8s): add node info resource ([#3482](https://togithub.com/aquasecurity/trivy/issues/3482)) - [`ed173b8`](https://togithub.com/aquasecurity/trivy/commit/ed173b82) perf(secret): optimize secret scanning memory usage ([#3453](https://togithub.com/aquasecurity/trivy/issues/3453)) - [`1b368be`](https://togithub.com/aquasecurity/trivy/commit/1b368be3) feat: support aliases in CLI flag, env and config ([#3481](https://togithub.com/aquasecurity/trivy/issues/3481)) - [`66a83d5`](https://togithub.com/aquasecurity/trivy/commit/66a83d5c) fix(k8s): migrate rbac k8s ([#3459](https://togithub.com/aquasecurity/trivy/issues/3459)) - [`81bee0f`](https://togithub.com/aquasecurity/trivy/commit/81bee0f1) feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF ([#3480](https://togithub.com/aquasecurity/trivy/issues/3480)) - [`e107608`](https://togithub.com/aquasecurity/trivy/commit/e1076085) refactor: rename security-checks to scanners ([#3467](https://togithub.com/aquasecurity/trivy/issues/3467)) - [`aaf845d`](https://togithub.com/aquasecurity/trivy/commit/aaf845d0) chore: display the troubleshooting URL for the DB denial error ([#3474](https://togithub.com/aquasecurity/trivy/issues/3474)) - [`ed5bb0b`](https://togithub.com/aquasecurity/trivy/commit/ed5bb0ba) docs: yaml tabs to spaces, auto create namespace ([#3469](https://togithub.com/aquasecurity/trivy/issues/3469)) - [`3158bfe`](https://togithub.com/aquasecurity/trivy/commit/3158bfe6) docs: adding show-and-tell template to GH discussions ([#3391](https://togithub.com/aquasecurity/trivy/issues/3391)) - [`85b6c4a`](https://togithub.com/aquasecurity/trivy/commit/85b6c4aa) fix: Fix a temporary file leak in case of error ([#3465](https://togithub.com/aquasecurity/trivy/issues/3465)) - [`60bddae`](https://togithub.com/aquasecurity/trivy/commit/60bddae6) fix(test): sort cyclonedx components ([#3468](https://togithub.com/aquasecurity/trivy/issues/3468)) - [`e0bb04c`](https://togithub.com/aquasecurity/trivy/commit/e0bb04c9) docs: fixing spelling mistakes ([#3462](https://togithub.com/aquasecurity/trivy/issues/3462)) - [`c25e826`](https://togithub.com/aquasecurity/trivy/commit/c25e826b) ci: set paths triggering VM tests in PR ([#3438](https://togithub.com/aquasecurity/trivy/issues/3438)) - [`07ddc85`](https://togithub.com/aquasecurity/trivy/commit/07ddc85a) docs: typo in --skip-files ([#3454](https://togithub.com/aquasecurity/trivy/issues/3454)) - [`e88507c`](https://togithub.com/aquasecurity/trivy/commit/e88507c9) feat(custom-forward): Extended advisory data ([#3444](https://togithub.com/aquasecurity/trivy/issues/3444)) - [`e2dfee2`](https://togithub.com/aquasecurity/trivy/commit/e2dfee20) docs: fix spelling error ([#3436](https://togithub.com/aquasecurity/trivy/issues/3436)) - [`c575d6f`](https://togithub.com/aquasecurity/trivy/commit/c575d6f7) refactor(image): extend image config analyzer ([#3434](https://togithub.com/aquasecurity/trivy/issues/3434)) - [`036d5a8`](https://togithub.com/aquasecurity/trivy/commit/036d5a82) fix(nodejs): add ignore protocols to yarn parser ([#3433](https://togithub.com/aquasecurity/trivy/issues/3433)) - [`e6d7f15`](https://togithub.com/aquasecurity/trivy/commit/e6d7f157) fix(db): check proxy settings when using insecure flag ([#3435](https://togithub.com/aquasecurity/trivy/issues/3435)) - [`a1d4427`](https://togithub.com/aquasecurity/trivy/commit/a1d4427c) feat(misconf): Fetch policies from OCI registry ([#3015](https://togithub.com/aquasecurity/trivy/issues/3015)) - [`682351a`](https://togithub.com/aquasecurity/trivy/commit/682351a1) ci: downgrade Go to 1.18 and use stable and oldstable go versions for unit tests ([#3413](https://togithub.com/aquasecurity/trivy/issues/3413)) - [`ff0c451`](https://togithub.com/aquasecurity/trivy/commit/ff0c4516) ci: store URLs to Github Releases in RPM repository ([#3414](https://togithub.com/aquasecurity/trivy/issues/3414)) - [`ee12442`](https://togithub.com/aquasecurity/trivy/commit/ee12442b) feat(server): add support of `skip-db-update` flag for hot db update ([#3416](https://togithub.com/aquasecurity/trivy/issues/3416)) - [`2033e05`](https://togithub.com/aquasecurity/trivy/commit/2033e05b) chore(deps): bump github.com/moby/buildkit from v0.10.6 to v0.11.0 ([#3411](https://togithub.com/aquasecurity/trivy/issues/3411)) - [`6bc564e`](https://togithub.com/aquasecurity/trivy/commit/6bc564e8) fix(image): handle wrong empty layer detection ([#3375](https://togithub.com/aquasecurity/trivy/issues/3375)) - [`b3b8d4d`](https://togithub.com/aquasecurity/trivy/commit/b3b8d4dd) test: fix integration tests for spdx and cycloneDX ([#3412](https://togithub.com/aquasecurity/trivy/issues/3412)) - [`b88bcca`](https://togithub.com/aquasecurity/trivy/commit/b88bccae) feat(python): Include Conda packages in SBOMs ([#3379](https://togithub.com/aquasecurity/trivy/issues/3379)) - [`fbd8a13`](https://togithub.com/aquasecurity/trivy/commit/fbd8a13d) feat: add support pubspec.lock files for dart ([#3344](https://togithub.com/aquasecurity/trivy/issues/3344)) - [`0f545cf`](https://togithub.com/aquasecurity/trivy/commit/0f545cfa) fix(image): parsePlatform is failing with UNAUTHORIZED error ([#3326](https://togithub.com/aquasecurity/trivy/issues/3326)) - [`76c883d`](https://togithub.com/aquasecurity/trivy/commit/76c883dc) fix(license): change normalize for GPL-3+-WITH-BISON-EXCEPTION ([#3405](https://togithub.com/aquasecurity/trivy/issues/3405)) - [`a8b671b`](https://togithub.com/aquasecurity/trivy/commit/a8b671bc) feat(server): log errors on server side ([#3397](https://togithub.com/aquasecurity/trivy/issues/3397)) - [`a5919ca`](https://togithub.com/aquasecurity/trivy/commit/a5919ca3) chore(deps): bump defsec to address helm vulnerabilities ([#3399](https://togithub.com/aquasecurity/trivy/issues/3399)) - [`89016da`](https://togithub.com/aquasecurity/trivy/commit/89016da2) docs: rewrite installation docs and general improvements ([#3368](https://togithub.com/aquasecurity/trivy/issues/3368)) - [`c3759c6`](https://togithub.com/aquasecurity/trivy/commit/c3759c6d) chore: update code owners ([#3393](https://togithub.com/aquasecurity/trivy/issues/3393)) - [`044fb97`](https://togithub.com/aquasecurity/trivy/commit/044fb976) chore: test docs separately from code ([#3392](https://togithub.com/aquasecurity/trivy/issues/3392)) - [`ad2e648`](https://togithub.com/aquasecurity/trivy/commit/ad2e648b) docs: use the formula maintained by Homebrew ([#3389](https://togithub.com/aquasecurity/trivy/issues/3389)) - [`ad25a77`](https://togithub.com/aquasecurity/trivy/commit/ad25a776) docs: add `Security Management` section with SonarQube pluginConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.