cluster-stack-bot[bot]
commented
6 months ago ⚠ Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: undefined
Command failed: BUILD_IMAGE_TOKEN=**redacted** BUILD_IMAGE_USER=batistein CI=true ./hack/upgrade-builder-image.sh
+ git diff --exit-code .builder-image-version.txt images/builder/Dockerfile images/builder/build.sh
+ '[' true = true ']'
+ echo **redacted**
+ docker login ghcr.io -u batistein --password-stdin
WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
++ git fetch --quiet origin main
++ git show origin/main:.builder-image-version.txt
+ VERSION=0.1.1
+ '[' -z 0.1.1 ']'
+ export VERSION
++ semver_upgrade patch 0.1.1
++ IFS=.
++ read -r version minor patch
++ case "$1" in
++ tag=0.1.2
++ echo 0.1.2
+ NEW_VERSION=0.1.2
+ export NEW_VERSION
+ docker manifest inspect ghcr.io/sovereigncloudstack/cspo-builder:0.1.1
+ echo 0.1.2
+ echo 'Wrote new version 0.1.2 to .builder-image-version.txt'
+ docker manifest inspect ghcr.io/sovereigncloudstack/cspo-builder:0.1.2
+ echo 0
+ sed -i -e '/^BUILDER_IMAGE_VERSION /s/:=.*$/:= 0.1.2/' Makefile
+ grep -r -E 'ghcr.io/sovereigncloudstack/cspo-builder:[0-9].*.*' -l
+ xargs sed -i -e 's/ghcr.io\/sovereigncloudstack\/cspo-builder:0.1.1/ghcr.io\/sovereigncloudstack\/cspo-builder:0.1.2/g'
+ docker build -t ghcr.io/sovereigncloudstack/cspo-builder:0.1.2 ./images/builder
DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
Install the buildx component to build images with BuildKit:
https://docs.docker.com/go/buildx/
The command '/bin/sh -c apk add -U --no-cache curl clusterctl=~${CLUSTERCTL_VERSION#v} controller-gen=~${CONTROLLER_GEN_VERSION#v} kind=~${KIND_VERSION#v} kubectl=~${KUBECTL_VERSION#v} kustomize=~${KUSTOMIZE_VERSION#v} trivy=~${TRIVY_VERSION#v}' returned a non-zero code: 1
This PR contains the following updates:
v0.49.1->v0.51.4v1.57.2->v1.59.0v1.6.3->v1.7.2v0.14.0->v0.15.0v0.22.0->v0.23.0Release Notes
aquasecurity/trivy (aquasecurity/trivy)
### [`v0.51.4`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.4) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.51.2...v0.51.4) #### Changelog - [`c06f467`](https://togithub.com/aquasecurity/trivy/commit/c06f467e6) chore: downgrade trivy-checks and trivy-aws - [`df4f760`](https://togithub.com/aquasecurity/trivy/commit/df4f7604a) build: use main package instead of main.go ([#6766](https://togithub.com/aquasecurity/trivy/issues/6766)) - [`bf7a8ed`](https://togithub.com/aquasecurity/trivy/commit/bf7a8ede3) chore(deps): bump the common group across 1 directory with 29 updates ([#6756](https://togithub.com/aquasecurity/trivy/issues/6756)) - [`acb22c6`](https://togithub.com/aquasecurity/trivy/commit/acb22c60a) chore(deps): bump the aws group with 8 updates ([#6738](https://togithub.com/aquasecurity/trivy/issues/6738)) - [`9a3510f`](https://togithub.com/aquasecurity/trivy/commit/9a3510ffd) chore(deps): bump the docker group with 2 updates ([#6739](https://togithub.com/aquasecurity/trivy/issues/6739)) - [`7806b37`](https://togithub.com/aquasecurity/trivy/commit/7806b37e2) ci: add `generic` dir to deb deploy script ([#6636](https://togithub.com/aquasecurity/trivy/issues/6636)) ### [`v0.51.2`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.2) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.51.1...v0.51.2) #### Changelog - [`eadc6fb`](https://togithub.com/aquasecurity/trivy/commit/eadc6fb64) fix: node-collector high and critical cves ([#6707](https://togithub.com/aquasecurity/trivy/issues/6707)) - [`cc489b1`](https://togithub.com/aquasecurity/trivy/commit/cc489b1af) Merge pull request from GHSA-xcq4-m2r3-cmrj - [`013f71a`](https://togithub.com/aquasecurity/trivy/commit/013f71a6a) chore: auto-bump golang patch versions ([#6711](https://togithub.com/aquasecurity/trivy/issues/6711)) - [`113a5b2`](https://togithub.com/aquasecurity/trivy/commit/113a5b216) fix(misconf): don't shift ignore rule related to code ([#6708](https://togithub.com/aquasecurity/trivy/issues/6708)) - [`733e5ac`](https://togithub.com/aquasecurity/trivy/commit/733e5ac1f) fix(go): include only `.version`|`.ver` (no prefixes) ldflags for `gobinaries` ([#6705](https://togithub.com/aquasecurity/trivy/issues/6705)) - [`d311e49`](https://togithub.com/aquasecurity/trivy/commit/d311e49bc) fix(go): add only non-empty root modules for `gobinaries` ([#6710](https://togithub.com/aquasecurity/trivy/issues/6710)) - [`cf1a7bf`](https://togithub.com/aquasecurity/trivy/commit/cf1a7bf30) refactor: unify package addition and vulnerability scanning ([#6579](https://togithub.com/aquasecurity/trivy/issues/6579)) - [`d465d9d`](https://togithub.com/aquasecurity/trivy/commit/d465d9d1e) fix: Golang version parsing from binaries w/GOEXPERIMENT ([#6696](https://togithub.com/aquasecurity/trivy/issues/6696)) - [`0af225c`](https://togithub.com/aquasecurity/trivy/commit/0af225ccf) fix(conda): add support `pip` deps for `environment.yml` files ([#6675](https://togithub.com/aquasecurity/trivy/issues/6675)) - [`6f64d55`](https://togithub.com/aquasecurity/trivy/commit/6f64d5518) fix(misconf): skip Rego errors with a nil location ([#6666](https://togithub.com/aquasecurity/trivy/issues/6666)) - [`8c27430`](https://togithub.com/aquasecurity/trivy/commit/8c27430a2) fix(misconf): skip Rego errors with a nil location ([#6638](https://togithub.com/aquasecurity/trivy/issues/6638)) - [`c2b46d3`](https://togithub.com/aquasecurity/trivy/commit/c2b46d3c2) refactor: unify Library and Package structs ([#6633](https://togithub.com/aquasecurity/trivy/issues/6633)) - [`4368f11`](https://togithub.com/aquasecurity/trivy/commit/4368f11e0) fix: use of specified context to obtain cluster name ([#6645](https://togithub.com/aquasecurity/trivy/issues/6645)) - [`5ec62f8`](https://togithub.com/aquasecurity/trivy/commit/5ec62f863) docs: fix usage of image-config-scanners ([#6635](https://togithub.com/aquasecurity/trivy/issues/6635)) ### [`v0.51.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.51.0...v0.51.1) #### Changelog - [`8016b82`](https://togithub.com/aquasecurity/trivy/commit/8016b821a) fix(fs): handle default skip dirs properly ([#6628](https://togithub.com/aquasecurity/trivy/issues/6628)) - [`7a25dad`](https://togithub.com/aquasecurity/trivy/commit/7a25dadb4) fix(misconf): load cached tf modules ([#6607](https://togithub.com/aquasecurity/trivy/issues/6607)) - [`9c794c0`](https://togithub.com/aquasecurity/trivy/commit/9c794c0ff) fix(misconf): do not use semver for parsing tf module versions ([#6614](https://togithub.com/aquasecurity/trivy/issues/6614)) ### [`v0.51.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.50.4...v0.51.0) #### ⚡Release highlights and summary⚡ 👉 [https://github.com/aquasecurity/trivy/discussions/6622](https://togithub.com/aquasecurity/trivy/discussions/6622) #### Changelog - [`14c1024`](https://togithub.com/aquasecurity/trivy/commit/14c1024b4) refactor: move setting scanners when using compliance reports to flag parsing ([#6619](https://togithub.com/aquasecurity/trivy/issues/6619)) - [`998f750`](https://togithub.com/aquasecurity/trivy/commit/998f75043) feat: introduce package UIDs for improved vulnerability mapping ([#6583](https://togithub.com/aquasecurity/trivy/issues/6583)) - [`770b141`](https://togithub.com/aquasecurity/trivy/commit/770b14113) perf(misconf): Improve cause performance ([#6586](https://togithub.com/aquasecurity/trivy/issues/6586)) - [`3ccb1a0`](https://togithub.com/aquasecurity/trivy/commit/3ccb1a0f1) docs: trivy-k8s new experiance remove un-used section ([#6608](https://togithub.com/aquasecurity/trivy/issues/6608)) - [`58cfd1b`](https://togithub.com/aquasecurity/trivy/commit/58cfd1b07) chore(deps): bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible ([#6612](https://togithub.com/aquasecurity/trivy/issues/6612)) - [`715963d`](https://togithub.com/aquasecurity/trivy/commit/715963d75) docs: remove mention of GitLab Gold because it doesn't exist anymore ([#6609](https://togithub.com/aquasecurity/trivy/issues/6609)) - [`37da98d`](https://togithub.com/aquasecurity/trivy/commit/37da98df4) feat(misconf): Use updated terminology for misconfiguration checks ([#6476](https://togithub.com/aquasecurity/trivy/issues/6476)) - [`cdee703`](https://togithub.com/aquasecurity/trivy/commit/cdee7030a) chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.15 to 1.16.15 ([#6593](https://togithub.com/aquasecurity/trivy/issues/6593)) - [`6a2225b`](https://togithub.com/aquasecurity/trivy/commit/6a2225b42) docs: use `generic` link from `trivy-repo` ([#6606](https://togithub.com/aquasecurity/trivy/issues/6606)) - [`a2a02de`](https://togithub.com/aquasecurity/trivy/commit/a2a02de7c) docs: update trivy k8s with new experience ([#6465](https://togithub.com/aquasecurity/trivy/issues/6465)) - [`e739ab8`](https://togithub.com/aquasecurity/trivy/commit/e739ab850) feat: support `--skip-images` scanning flag ([#6334](https://togithub.com/aquasecurity/trivy/issues/6334)) - [`c6d5d85`](https://togithub.com/aquasecurity/trivy/commit/c6d5d856c) BREAKING: add support for k8s `disable-node-collector` flag ([#6311](https://togithub.com/aquasecurity/trivy/issues/6311)) - [`194a814`](https://togithub.com/aquasecurity/trivy/commit/194a81468) chore(deps): bump github.com/zclconf/go-cty from 1.14.1 to 1.14.4 ([#6601](https://togithub.com/aquasecurity/trivy/issues/6601)) - [`03830c5`](https://togithub.com/aquasecurity/trivy/commit/03830c50c) chore(deps): bump github.com/sigstore/rekor from 1.2.2 to 1.3.6 ([#6599](https://togithub.com/aquasecurity/trivy/issues/6599)) - [`8e814fa`](https://togithub.com/aquasecurity/trivy/commit/8e814fa23) chore(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 ([#6597](https://togithub.com/aquasecurity/trivy/issues/6597)) - [`2dc76ba`](https://togithub.com/aquasecurity/trivy/commit/2dc76ba78) chore(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 ([#6588](https://togithub.com/aquasecurity/trivy/issues/6588)) - [`c17176b`](https://togithub.com/aquasecurity/trivy/commit/c17176ba9) chore(deps): bump github.com/testcontainers/testcontainers-go from 0.28.0 to 0.30.0 ([#6595](https://togithub.com/aquasecurity/trivy/issues/6595)) - [`bce70af`](https://togithub.com/aquasecurity/trivy/commit/bce70af36) chore(deps): bump github.com/open-policy-agent/opa from 0.62.0 to 0.64.1 ([#6596](https://togithub.com/aquasecurity/trivy/issues/6596)) - [`4369a19`](https://togithub.com/aquasecurity/trivy/commit/4369a19af) feat: add ubuntu 23.10 and 24.04 support ([#6573](https://togithub.com/aquasecurity/trivy/issues/6573)) - [`5566548`](https://togithub.com/aquasecurity/trivy/commit/5566548b7) chore(deps): bump azure/setup-helm from 3.5 to 4 ([#6590](https://togithub.com/aquasecurity/trivy/issues/6590)) - [`a8af76a`](https://togithub.com/aquasecurity/trivy/commit/a8af76a47) chore(deps): bump actions/checkout from 4.1.2 to 4.1.4 ([#6587](https://togithub.com/aquasecurity/trivy/issues/6587)) - [`c8ed432`](https://togithub.com/aquasecurity/trivy/commit/c8ed432f2) chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.24.6 to 1.27.4 ([#6598](https://togithub.com/aquasecurity/trivy/issues/6598)) - [`551a46e`](https://togithub.com/aquasecurity/trivy/commit/551a46efc) docs(go): add stdlib ([#6580](https://togithub.com/aquasecurity/trivy/issues/6580)) - [`261649b`](https://togithub.com/aquasecurity/trivy/commit/261649b11) chore(deps): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 ([#6592](https://togithub.com/aquasecurity/trivy/issues/6592)) - [`acfddd4`](https://togithub.com/aquasecurity/trivy/commit/acfddd457) chore(deps): bump github.com/go-openapi/runtime from 0.27.1 to 0.28.0 ([#6600](https://togithub.com/aquasecurity/trivy/issues/6600)) - [`419e3d2`](https://togithub.com/aquasecurity/trivy/commit/419e3d202) feat(go): parse main mod version from build info settings ([#6564](https://togithub.com/aquasecurity/trivy/issues/6564)) - [`f0961d5`](https://togithub.com/aquasecurity/trivy/commit/f0961d54f) feat: respect custom exit code from plugin ([#6584](https://togithub.com/aquasecurity/trivy/issues/6584)) - [`a5d485c`](https://togithub.com/aquasecurity/trivy/commit/a5d485cf8) docs: add asdf and mise installation method ([#6063](https://togithub.com/aquasecurity/trivy/issues/6063)) - [`29b8faf`](https://togithub.com/aquasecurity/trivy/commit/29b8faf5f) feat(vuln): Handle scanning conan v2.x lockfiles ([#6357](https://togithub.com/aquasecurity/trivy/issues/6357)) - [`e3bef02`](https://togithub.com/aquasecurity/trivy/commit/e3bef0201) feat: add support `environment.yaml` files ([#6569](https://togithub.com/aquasecurity/trivy/issues/6569)) - [`916f6c6`](https://togithub.com/aquasecurity/trivy/commit/916f6c66f) fix: close plugin.yaml ([#6577](https://togithub.com/aquasecurity/trivy/issues/6577)) - [`8e6cd0e`](https://togithub.com/aquasecurity/trivy/commit/8e6cd0e91) fix: trivy k8s avoid deleting non-default node collector namespace ([#6559](https://togithub.com/aquasecurity/trivy/issues/6559)) - [`060d0bb`](https://togithub.com/aquasecurity/trivy/commit/060d0bb64) BREAKING: support exclude `kinds/namespaces` and include `kinds/namespaces` ([#6323](https://togithub.com/aquasecurity/trivy/issues/6323)) - [`2d090ef`](https://togithub.com/aquasecurity/trivy/commit/2d090ef2d) feat(go): add main module ([#6574](https://togithub.com/aquasecurity/trivy/issues/6574)) - [`6343e4f`](https://togithub.com/aquasecurity/trivy/commit/6343e4fc7) feat: add relationships ([#6563](https://togithub.com/aquasecurity/trivy/issues/6563)) - [`a018ee1`](https://togithub.com/aquasecurity/trivy/commit/a018ee1f9) ci: disable `Go` cache for `reusable-release.yaml` ([#6572](https://togithub.com/aquasecurity/trivy/issues/6572)) - [`5da053f`](https://togithub.com/aquasecurity/trivy/commit/5da053f30) docs: mention `--show-suppressed` is available in table ([#6571](https://togithub.com/aquasecurity/trivy/issues/6571)) - [`3d66cb8`](https://togithub.com/aquasecurity/trivy/commit/3d66cb8d8) chore: fix sqlite to support loong64 ([#6511](https://togithub.com/aquasecurity/trivy/issues/6511)) - [`9aca98c`](https://togithub.com/aquasecurity/trivy/commit/9aca98cca) fix(debian): sort dpkg info before parsing due to exclude directories ([#6551](https://togithub.com/aquasecurity/trivy/issues/6551)) - [`7811ad0`](https://togithub.com/aquasecurity/trivy/commit/7811ad0d2) docs: update info about config file ([#6547](https://togithub.com/aquasecurity/trivy/issues/6547)) - [`fae710d`](https://togithub.com/aquasecurity/trivy/commit/fae710db8) docs: remove RELEASE_VERSION from trivy.repo ([#6546](https://togithub.com/aquasecurity/trivy/issues/6546)) - [`d2d4022`](https://togithub.com/aquasecurity/trivy/commit/d2d4022ef) fix(sbom): change error to warning for multiple OSes ([#6541](https://togithub.com/aquasecurity/trivy/issues/6541)) - [`164b025`](https://togithub.com/aquasecurity/trivy/commit/164b02541) fix(vuln): skip empty versions ([#6542](https://togithub.com/aquasecurity/trivy/issues/6542)) - [`5dd9bd4`](https://togithub.com/aquasecurity/trivy/commit/5dd9bd470) feat(c): add license support for conan lock files ([#6329](https://togithub.com/aquasecurity/trivy/issues/6329)) - [`7c2017f`](https://togithub.com/aquasecurity/trivy/commit/7c2017fa7) fix(terraform): Attribute and fileset fixes ([#6544](https://togithub.com/aquasecurity/trivy/issues/6544)) - [`63c9469`](https://togithub.com/aquasecurity/trivy/commit/63c9469bd) refactor: change warning if no vulnerability details are found ([#6230](https://togithub.com/aquasecurity/trivy/issues/6230)) - [`aa822c2`](https://togithub.com/aquasecurity/trivy/commit/aa822c260) refactor(misconf): improve error handling in the Rego scanner ([#6527](https://togithub.com/aquasecurity/trivy/issues/6527)) - [`30cc88f`](https://togithub.com/aquasecurity/trivy/commit/30cc88fa8) ci: use tmp dir inside Trivy repo dir for GoReleaser ([#6533](https://togithub.com/aquasecurity/trivy/issues/6533)) - [`e32215c`](https://togithub.com/aquasecurity/trivy/commit/e32215c99) feat(go): parse main module of go binary files ([#6530](https://togithub.com/aquasecurity/trivy/issues/6530)) - [`d4da83c`](https://togithub.com/aquasecurity/trivy/commit/d4da83c63) chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 ([#6526](https://togithub.com/aquasecurity/trivy/issues/6526)) - [`0d7d97d`](https://togithub.com/aquasecurity/trivy/commit/0d7d97d13) refactor(misconf): simplify the retrieval of module annotations ([#6528](https://togithub.com/aquasecurity/trivy/issues/6528)) - [`9873cf3`](https://togithub.com/aquasecurity/trivy/commit/9873cf3b9) chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 ([#6523](https://togithub.com/aquasecurity/trivy/issues/6523)) - [`95c8fd9`](https://togithub.com/aquasecurity/trivy/commit/95c8fd912) docs(nodejs): add info about supported versions of pnpm lock files ([#6510](https://togithub.com/aquasecurity/trivy/issues/6510)) - [`12ec0df`](https://togithub.com/aquasecurity/trivy/commit/12ec0dfe9) feat(misconf): loading embedded checks as a fallback ([#6502](https://togithub.com/aquasecurity/trivy/issues/6502)) - [`9b7d713`](https://togithub.com/aquasecurity/trivy/commit/9b7d7132b) fix(misconf): Parse JSON k8s manifests properly ([#6490](https://togithub.com/aquasecurity/trivy/issues/6490)) - [`13e72ec`](https://togithub.com/aquasecurity/trivy/commit/13e72eca5) refactor: remove parallel walk ([#5180](https://togithub.com/aquasecurity/trivy/issues/5180)) - [`a986199`](https://togithub.com/aquasecurity/trivy/commit/a9861994e) fix: close pom.xml ([#6507](https://togithub.com/aquasecurity/trivy/issues/6507)) - [`46d5aba`](https://togithub.com/aquasecurity/trivy/commit/46d5abad4) fix(secret): convert severity for custom rules ([#6500](https://togithub.com/aquasecurity/trivy/issues/6500)) - [`34ab09d`](https://togithub.com/aquasecurity/trivy/commit/34ab09d55) fix(java): update logic to detect `pom.xml` file snapshot artifacts from remote repositories ([#6412](https://togithub.com/aquasecurity/trivy/issues/6412)) - [`1ba5b59`](https://togithub.com/aquasecurity/trivy/commit/1ba5b5952) fix: typo ([#6283](https://togithub.com/aquasecurity/trivy/issues/6283)) - [`4fab0f8`](https://togithub.com/aquasecurity/trivy/commit/4fab0f8b9) docs(k8s,image): fix command-line syntax issues ([#6403](https://togithub.com/aquasecurity/trivy/issues/6403)) - [`d770981`](https://togithub.com/aquasecurity/trivy/commit/d7709816c) chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 ([#6435](https://togithub.com/aquasecurity/trivy/issues/6435)) - [`4337068`](https://togithub.com/aquasecurity/trivy/commit/433706820) fix(misconf): avoid panic if the scheme is not valid ([#6496](https://togithub.com/aquasecurity/trivy/issues/6496)) - [`d82d6cb`](https://togithub.com/aquasecurity/trivy/commit/d82d6cb73) feat(image): goversion as stdlib ([#6277](https://togithub.com/aquasecurity/trivy/issues/6277)) - [`cfddfb3`](https://togithub.com/aquasecurity/trivy/commit/cfddfb33c) fix: add color for error inside of log message ([#6493](https://togithub.com/aquasecurity/trivy/issues/6493)) - [`dfcb0f9`](https://togithub.com/aquasecurity/trivy/commit/dfcb0f90d) chore(deps): bump actions/add-to-project from 0.4.1 to 1.0.0 ([#6438](https://togithub.com/aquasecurity/trivy/issues/6438)) - [`183eaaf`](https://togithub.com/aquasecurity/trivy/commit/183eaafb4) docs: fix links to OPA docs ([#6480](https://togithub.com/aquasecurity/trivy/issues/6480)) - [`94d6e8c`](https://togithub.com/aquasecurity/trivy/commit/94d6e8ced) refactor: replace zap with slog ([#6466](https://togithub.com/aquasecurity/trivy/issues/6466)) - [`336c47e`](https://togithub.com/aquasecurity/trivy/commit/336c47ecc) docs: update links to IaC schemas ([#6477](https://togithub.com/aquasecurity/trivy/issues/6477)) - [`06b4473`](https://togithub.com/aquasecurity/trivy/commit/06b44738e) chore: bump Go to 1.22 ([#6075](https://togithub.com/aquasecurity/trivy/issues/6075)) - [`a51cedd`](https://togithub.com/aquasecurity/trivy/commit/a51ceddad) refactor(terraform): sync funcs with Terraform ([#6415](https://togithub.com/aquasecurity/trivy/issues/6415)) - [`53517d6`](https://togithub.com/aquasecurity/trivy/commit/53517d622) feat(misconf): add helm-api-version and helm-kube-version flag ([#6332](https://togithub.com/aquasecurity/trivy/issues/6332)) - [`ad544e9`](https://togithub.com/aquasecurity/trivy/commit/ad544e97c) chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.4.0 to 1.5.1 ([#6426](https://togithub.com/aquasecurity/trivy/issues/6426)) - [`089368d`](https://togithub.com/aquasecurity/trivy/commit/089368d96) chore(deps): bump github.com/go-openapi/strfmt from 0.22.0 to 0.23.0 ([#6452](https://togithub.com/aquasecurity/trivy/issues/6452)) - [`1163565`](https://togithub.com/aquasecurity/trivy/commit/116356500) chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.6 to 2.0.7 ([#6430](https://togithub.com/aquasecurity/trivy/issues/6430)) - [`637da2b`](https://togithub.com/aquasecurity/trivy/commit/637da2b17) chore(deps): bump aquaproj/aqua-installer from 2.2.0 to 3.0.0 ([#6437](https://togithub.com/aquasecurity/trivy/issues/6437)) - [`13190e9`](https://togithub.com/aquasecurity/trivy/commit/13190e92d) fix(terraform): eval submodules ([#6411](https://togithub.com/aquasecurity/trivy/issues/6411)) - [`6bca7c3`](https://togithub.com/aquasecurity/trivy/commit/6bca7c3c7) refactor(terraform): remove unused options ([#6446](https://togithub.com/aquasecurity/trivy/issues/6446)) - [`8e4279b`](https://togithub.com/aquasecurity/trivy/commit/8e4279b86) refactor(terraform): remove unused file ([#6445](https://togithub.com/aquasecurity/trivy/issues/6445)) - [`e98c873`](https://togithub.com/aquasecurity/trivy/commit/e98c873ed) chore(deps): bump github.com/testcontainers/testcontainers-go to v0.28.0 ([#6387](https://togithub.com/aquasecurity/trivy/issues/6387)) - [`b1c2eab`](https://togithub.com/aquasecurity/trivy/commit/b1c2eab5a) chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.0 to 1.10.0 ([#6427](https://togithub.com/aquasecurity/trivy/issues/6427)) - [`1c49a16`](https://togithub.com/aquasecurity/trivy/commit/1c49a16c6) fix(misconf): Escape template value correctly ([#6292](https://togithub.com/aquasecurity/trivy/issues/6292)) - [`8dd0fcd`](https://togithub.com/aquasecurity/trivy/commit/8dd0fcd61) feat(misconf): add support for wildcard ignores ([#6414](https://togithub.com/aquasecurity/trivy/issues/6414)) - [`74e4c6e`](https://togithub.com/aquasecurity/trivy/commit/74e4c6e01) fix(cloudformation): resolve `DedicatedMasterEnabled` parsing issue ([#6439](https://togithub.com/aquasecurity/trivy/issues/6439)) - [`245c120`](https://togithub.com/aquasecurity/trivy/commit/245c12053) refactor(terraform): remove metrics collection ([#6444](https://togithub.com/aquasecurity/trivy/issues/6444)) - [`86714bf`](https://togithub.com/aquasecurity/trivy/commit/86714bf6b) feat(cloudformation): add support for logging and endpoint access for EKS ([#6440](https://togithub.com/aquasecurity/trivy/issues/6440)) - [`a758392`](https://togithub.com/aquasecurity/trivy/commit/a75839212) chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.1 to 1.53.1 ([#6424](https://togithub.com/aquasecurity/trivy/issues/6424)) - [`4d00d8b`](https://togithub.com/aquasecurity/trivy/commit/4d00d8b52) chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.4 to 1.27.10 ([#6428](https://togithub.com/aquasecurity/trivy/issues/6428)) - [`3ad2b3e`](https://togithub.com/aquasecurity/trivy/commit/3ad2b3e25) chore(deps): bump go.etcd.io/bbolt from 1.3.8 to 1.3.9 ([#6429](https://togithub.com/aquasecurity/trivy/issues/6429)) - [`8baccd7`](https://togithub.com/aquasecurity/trivy/commit/8baccd790) fix(db): check schema version for image name only ([#6410](https://togithub.com/aquasecurity/trivy/issues/6410)) - [`e75a90f`](https://togithub.com/aquasecurity/trivy/commit/e75a90f2e) chore(deps): bump github.com/google/wire from 0.5.0 to 0.6.0 ([#6425](https://togithub.com/aquasecurity/trivy/issues/6425)) - [`6625bd3`](https://togithub.com/aquasecurity/trivy/commit/6625bd32e) chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.149.1 to 1.155.1 ([#6433](https://togithub.com/aquasecurity/trivy/issues/6433)) - [`826fe60`](https://togithub.com/aquasecurity/trivy/commit/826fe6073) chore(deps): bump actions/cache from 4.0.0 to 4.0.2 ([#6436](https://togithub.com/aquasecurity/trivy/issues/6436)) - [`f23ed77`](https://togithub.com/aquasecurity/trivy/commit/f23ed7759) feat(misconf): Support private registries for misconf check bundle ([#6327](https://togithub.com/aquasecurity/trivy/issues/6327)) - [`df024e8`](https://togithub.com/aquasecurity/trivy/commit/df024e88d) feat(cloudformation): inline ignore support for YAML templates ([#6358](https://togithub.com/aquasecurity/trivy/issues/6358)) - [`29dee32`](https://togithub.com/aquasecurity/trivy/commit/29dee3281) feat(terraform): ignore resources by nested attributes ([#6302](https://togithub.com/aquasecurity/trivy/issues/6302)) - [`1a67472`](https://togithub.com/aquasecurity/trivy/commit/1a67472d2) perf(helm): load in-memory files ([#6383](https://togithub.com/aquasecurity/trivy/issues/6383)) - [`09e37b7`](https://togithub.com/aquasecurity/trivy/commit/09e37b7c6) feat(aws): apply filter options to result ([#6367](https://togithub.com/aquasecurity/trivy/issues/6367)) - [`87a9aa6`](https://togithub.com/aquasecurity/trivy/commit/87a9aa60d) feat(aws): quiet flag support ([#6331](https://togithub.com/aquasecurity/trivy/issues/6331)) - [`712dcd3`](https://togithub.com/aquasecurity/trivy/commit/712dcd300) fix(misconf): clear location URI for SARIF ([#6405](https://togithub.com/aquasecurity/trivy/issues/6405)) - [`625f22b`](https://togithub.com/aquasecurity/trivy/commit/625f22b81) test(cloudformation): add CF tests ([#6315](https://togithub.com/aquasecurity/trivy/issues/6315)) - [`6a2f6fd`](https://togithub.com/aquasecurity/trivy/commit/6a2f6fde4) fix(cloudformation): infer type after resolving a function ([#6406](https://togithub.com/aquasecurity/trivy/issues/6406)) ### [`v0.50.4`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.50.4) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.50.2...v0.50.4) #### Note v0.50.3 hads a critical problem, and we deleted it and released v0.50.4. #### Changelog - [`e47fd48`](https://togithub.com/aquasecurity/trivy/commit/e47fd487c) fix(sbom): change error to warning for multiple OSes ([#6541](https://togithub.com/aquasecurity/trivy/issues/6541)) ### [`v0.50.2`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.50.2) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.50.1...v0.50.2) #### Changelog - [`9aa9e17`](https://togithub.com/aquasecurity/trivy/commit/9aa9e173b) ci: use tmp dir inside Trivy repo dir for GoReleaser ([#6533](https://togithub.com/aquasecurity/trivy/issues/6533)) - [`058f483`](https://togithub.com/aquasecurity/trivy/commit/058f4839d) chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 ([#6526](https://togithub.com/aquasecurity/trivy/issues/6526)) - [`9e3d2c5`](https://togithub.com/aquasecurity/trivy/commit/9e3d2c5f9) chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 ([#6523](https://togithub.com/aquasecurity/trivy/issues/6523)) - [`2ad8e33`](https://togithub.com/aquasecurity/trivy/commit/2ad8e332e) fix(java): update logic to detect `pom.xml` file snapshot artifacts from remote repositories ([#6412](https://togithub.com/aquasecurity/trivy/issues/6412)) ### [`v0.50.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.50.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.50.0...v0.50.1) #### Changelog - [`5f69937`](https://togithub.com/aquasecurity/trivy/commit/5f69937cc) fix(sbom): fix error when parent of SPDX Relationships is not a package. ([#6399](https://togithub.com/aquasecurity/trivy/issues/6399)) - [`258d153`](https://togithub.com/aquasecurity/trivy/commit/258d15346) fix(nodejs): merge `Indirect`, `Dev`, `ExternalReferences` fields for same deps from `package-lock.json` files v2 or later ([#6356](https://togithub.com/aquasecurity/trivy/issues/6356)) - [`ade033a`](https://togithub.com/aquasecurity/trivy/commit/ade033a83) docs: add info about support for package license detection in `fs`/`repo` modes ([#6381](https://togithub.com/aquasecurity/trivy/issues/6381)) - [`f85c9fa`](https://togithub.com/aquasecurity/trivy/commit/f85c9fac6) fix(nodejs): add support for parsing `workspaces` from `package.json` as an object ([#6231](https://togithub.com/aquasecurity/trivy/issues/6231)) - [`9d7f5c9`](https://togithub.com/aquasecurity/trivy/commit/9d7f5c948) fix: use `0600` perms for tmp files for post analyzers ([#6386](https://togithub.com/aquasecurity/trivy/issues/6386)) - [`f148eb1`](https://togithub.com/aquasecurity/trivy/commit/f148eb10f) fix(helm): scan the subcharts once ([#6382](https://togithub.com/aquasecurity/trivy/issues/6382)) - [`97f95c4`](https://togithub.com/aquasecurity/trivy/commit/97f95c4dd) docs(terraform): add file patterns for Terraform Plan ([#6393](https://togithub.com/aquasecurity/trivy/issues/6393)) - [`abd62ae`](https://togithub.com/aquasecurity/trivy/commit/abd62ae74) fix(terraform): сhecking SSE encryption algorithm validity ([#6341](https://togithub.com/aquasecurity/trivy/issues/6341)) - [`7c409fd`](https://togithub.com/aquasecurity/trivy/commit/7c409fd27) fix(java): parse modules from `pom.xml` files once ([#6312](https://togithub.com/aquasecurity/trivy/issues/6312)) - [`1b68327`](https://togithub.com/aquasecurity/trivy/commit/1b68327b6) chore(deps): bump github.com/docker/docker from 25.0.3+incompatible to 25.0.5+incompatible ([#6364](https://togithub.com/aquasecurity/trivy/issues/6364)) - [`a2482c1`](https://togithub.com/aquasecurity/trivy/commit/a2482c14e) fix(server): add Locations for `Packages` in client/server mode ([#6366](https://togithub.com/aquasecurity/trivy/issues/6366)) - [`e866bd5`](https://togithub.com/aquasecurity/trivy/commit/e866bd5b5) fix(sbom): add check for `CreationInfo` to nil when detecting SPDX created using Trivy ([#6346](https://togithub.com/aquasecurity/trivy/issues/6346)) - [`1870f28`](https://togithub.com/aquasecurity/trivy/commit/1870f2846) fix(report): don't include empty strings in `.vulnerabilities[].identifiers[].url` when `gitlab.tpl` is used ([#6348](https://togithub.com/aquasecurity/trivy/issues/6348)) - [`6c81e55`](https://togithub.com/aquasecurity/trivy/commit/6c81e5505) chore(ubuntu): Add Ubuntu 22.04 EOL date ([#6371](https://togithub.com/aquasecurity/trivy/issues/6371)) ### [`v0.50.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.50.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.49.1...v0.50.0) ⚡Release highlights and summary⚡ 👉 [https://github.com/aquasecurity/trivy/discussions/6340](https://togithub.com/aquasecurity/trivy/discussions/6340) #### Changelog - [`8ec3938`](https://togithub.com/aquasecurity/trivy/commit/8ec3938e0) chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 ([#6321](https://togithub.com/aquasecurity/trivy/issues/6321)) - [`f6c5d58`](https://togithub.com/aquasecurity/trivy/commit/f6c5d5800) feat(java): add support licenses and graph for gradle lock files ([#6140](https://togithub.com/aquasecurity/trivy/issues/6140)) - [`c4022d6`](https://togithub.com/aquasecurity/trivy/commit/c4022d61b) feat(vex): consider root component for relationships ([#6313](https://togithub.com/aquasecurity/trivy/issues/6313)) - [`3177924`](https://togithub.com/aquasecurity/trivy/commit/317792433) fix: increase the default buffer size for scanning dpkg status files by 2 times ([#6298](https://togithub.com/aquasecurity/trivy/issues/6298)) - [`dd9620e`](https://togithub.com/aquasecurity/trivy/commit/dd9620ef3) chore: updates wazero to v1.7.0 ([#6301](https://togithub.com/aquasecurity/trivy/issues/6301)) - [`eb3ceb3`](https://togithub.com/aquasecurity/trivy/commit/eb3ceb323) feat(sbom): Support license detection for SBOM scan ([#6072](https://togithub.com/aquasecurity/trivy/issues/6072)) - [`ab74caa`](https://togithub.com/aquasecurity/trivy/commit/ab74caa87) refactor(sbom): use intermediate representation for SPDX ([#6310](https://togithub.com/aquasecurity/trivy/issues/6310)) - [`71da44f`](https://togithub.com/aquasecurity/trivy/commit/71da44f7e) docs(terraform): improve documentation for filtering by inline comments ([#6284](https://togithub.com/aquasecurity/trivy/issues/6284)) - [`102b6df`](https://togithub.com/aquasecurity/trivy/commit/102b6df73) fix(terraform): fix policy document retrieval ([#6276](https://togithub.com/aquasecurity/trivy/issues/6276)) - [`aa19aaf`](https://togithub.com/aquasecurity/trivy/commit/aa19aaf4e) refactor(terraform): remove unused custom error ([#6303](https://togithub.com/aquasecurity/trivy/issues/6303)) - [`8fcef35`](https://togithub.com/aquasecurity/trivy/commit/8fcef352b) refactor(sbom): add intermediate representation for BOM ([#6240](https://togithub.com/aquasecurity/trivy/issues/6240)) - [`fb8c516`](https://togithub.com/aquasecurity/trivy/commit/fb8c516de) fix(amazon): check only major version of AL to find advisories ([#6295](https://togithub.com/aquasecurity/trivy/issues/6295)) - [`96bd7ac`](https://togithub.com/aquasecurity/trivy/commit/96bd7ac59) fix(db): use schema version as tag only for `trivy-db` and `trivy-java-db` registries by default ([#6219](https://togithub.com/aquasecurity/trivy/issues/6219)) - [`12c5bf0`](https://togithub.com/aquasecurity/trivy/commit/12c5bf080) fix(nodejs): add name validation for package name from `package.json` ([#6268](https://togithub.com/aquasecurity/trivy/issues/6268)) - [`d6c40ce`](https://togithub.com/aquasecurity/trivy/commit/d6c40ce05) docs: Added install instructions for FreeBSD ([#6293](https://togithub.com/aquasecurity/trivy/issues/6293)) - [`9d2057a`](https://togithub.com/aquasecurity/trivy/commit/9d2057a7c) feat(image): customer podman host or socket option ([#6256](https://togithub.com/aquasecurity/trivy/issues/6256)) - [`2a9d9bd`](https://togithub.com/aquasecurity/trivy/commit/2a9d9bd21) chore(deps): bump wazero from 1.2.1 to 1.6.0 ([#6290](https://togithub.com/aquasecurity/trivy/issues/6290)) - [`617c3e3`](https://togithub.com/aquasecurity/trivy/commit/617c3e31b) feat(java): mark dependencies from `maven-invoker-plugin` integration tests pom.xml files as `Dev` ([#6213](https://togithub.com/aquasecurity/trivy/issues/6213)) - [`56cedc0`](https://togithub.com/aquasecurity/trivy/commit/56cedc0d6) fix(license): reorder logic of how python package licenses are acquired ([#6220](https://togithub.com/aquasecurity/trivy/issues/6220)) - [`d7d7265`](https://togithub.com/aquasecurity/trivy/commit/d7d7265eb) test(terraform): skip cached modules ([#6281](https://togithub.com/aquasecurity/trivy/issues/6281)) - [`6639911`](https://togithub.com/aquasecurity/trivy/commit/663991166) feat(secret): Support for detecting Hugging Face Access Tokens ([#6236](https://togithub.com/aquasecurity/trivy/issues/6236)) - [`337cb75`](https://togithub.com/aquasecurity/trivy/commit/337cb7535) fix(cloudformation): support of all SSE algorithms for s3 ([#6270](https://togithub.com/aquasecurity/trivy/issues/6270)) - [`9361cdb`](https://togithub.com/aquasecurity/trivy/commit/9361cdb7e) feat(terraform): Terraform Plan snapshot scanning support ([#6176](https://togithub.com/aquasecurity/trivy/issues/6176)) - [`ee01e6e`](https://togithub.com/aquasecurity/trivy/commit/ee01e6e2f) chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.26.6 to 1.27.4 ([#6249](https://togithub.com/aquasecurity/trivy/issues/6249)) - [`3d2f583`](https://togithub.com/aquasecurity/trivy/commit/3d2f583ec) fix: typo function name and comment optimization ([#6200](https://togithub.com/aquasecurity/trivy/issues/6200)) - [`c4b5ab7`](https://togithub.com/aquasecurity/trivy/commit/c4b5ab788) fix(java): don't ignore runtime scope for pom.xml files ([#6223](https://togithub.com/aquasecurity/trivy/issues/6223)) - [`355c1b5`](https://togithub.com/aquasecurity/trivy/commit/355c1b583) chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 ([#6242](https://togithub.com/aquasecurity/trivy/issues/6242)) - [`7244ece`](https://togithub.com/aquasecurity/trivy/commit/7244ece53) chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 ([#6243](https://togithub.com/aquasecurity/trivy/issues/6243)) - [`5cd0566`](https://togithub.com/aquasecurity/trivy/commit/5cd056684) chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.1 to 1.51.1 ([#6251](https://togithub.com/aquasecurity/trivy/issues/6251)) - [`ebb74a5`](https://togithub.com/aquasecurity/trivy/commit/ebb74a5de) chore(deps): bump github.com/hashicorp/go-uuid from 1.0.1 to 1.0.3 ([#6253](https://togithub.com/aquasecurity/trivy/issues/6253)) - [`24a8d6a`](https://togithub.com/aquasecurity/trivy/commit/24a8d6aaa) chore(deps): bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 ([#6250](https://togithub.com/aquasecurity/trivy/issues/6250)) - [`9d0d7ad`](https://togithub.com/aquasecurity/trivy/commit/9d0d7ad88) chore(deps): bump github.com/containerd/containerd from 1.7.12 to 1.7.13 ([#6247](https://togithub.com/aquasecurity/trivy/issues/6247)) - [`e8230e1`](https://togithub.com/aquasecurity/trivy/commit/e8230e19d) chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 ([#6246](https://togithub.com/aquasecurity/trivy/issues/6246)) - [`04535b5`](https://togithub.com/aquasecurity/trivy/commit/04535b554) fix(license): add FilePath to results to allow for license path filtering via trivyignore file ([#6215](https://togithub.com/aquasecurity/trivy/issues/6215)) - [`939e34e`](https://togithub.com/aquasecurity/trivy/commit/939e34e37) chore(deps): Upgrade iac deps ([#6255](https://togithub.com/aquasecurity/trivy/issues/6255)) - [`7cb6c02`](https://togithub.com/aquasecurity/trivy/commit/7cb6c02a4) feat: add info log message about dev deps suppression ([#6211](https://togithub.com/aquasecurity/trivy/issues/6211)) - [`c1d26ec`](https://togithub.com/aquasecurity/trivy/commit/c1d26ec33) test(k8s): use test-db for k8s integration tests ([#6222](https://togithub.com/aquasecurity/trivy/issues/6222)) - [`4f70468`](https://togithub.com/aquasecurity/trivy/commit/4f70468bd) ci: add maximize-build-space for `Test` job ([#6221](https://togithub.com/aquasecurity/trivy/issues/6221)) - [`1dfece8`](https://togithub.com/aquasecurity/trivy/commit/1dfece89d) fix(terraform): fix root module search ([#6160](https://togithub.com/aquasecurity/trivy/issues/6160)) - [`e1ea02c`](https://togithub.com/aquasecurity/trivy/commit/e1ea02c7b) test(parser): squash test data for yarn ([#6203](https://togithub.com/aquasecurity/trivy/issues/6203)) - [`64926d8`](https://togithub.com/aquasecurity/trivy/commit/64926d842) fix(terraform): do not re-expand dynamic blocks ([#6151](https://togithub.com/aquasecurity/trivy/issues/6151)) - [`eb54bb5`](https://togithub.com/aquasecurity/trivy/commit/eb54bb5da) docs: update ecosystem page reporting with db app ([#6201](https://togithub.com/aquasecurity/trivy/issues/6201)) - [`dc76c6e`](https://togithub.com/aquasecurity/trivy/commit/dc76c6e4f) fix: k8s summary separate infra and user finding results ([#6120](https://togithub.com/aquasecurity/trivy/issues/6120)) - [`1b7e474`](https://togithub.com/aquasecurity/trivy/commit/1b7e47424) fix: add context to target finding on k8s table view ([#6099](https://togithub.com/aquasecurity/trivy/issues/6099)) - [`876ab84`](https://togithub.com/aquasecurity/trivy/commit/876ab84b3) fix: Printf format err ([#6198](https://togithub.com/aquasecurity/trivy/issues/6198)) - [`eef7c4f`](https://togithub.com/aquasecurity/trivy/commit/eef7c4fb4) refactor: better integration of the parser into Trivy ([#6183](https://togithub.com/aquasecurity/trivy/issues/6183)) - [`069aae5`](https://togithub.com/aquasecurity/trivy/commit/069aae59e) chore(deps): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 ([#6189](https://togithub.com/aquasecurity/trivy/issues/6189)) - [`4a9ac6d`](https://togithub.com/aquasecurity/trivy/commit/4a9ac6d19) feat(terraform): Add hyphen and non-ASCII support for domain names in credential extraction ([#6108](https://togithub.com/aquasecurity/trivy/issues/6108)) - [`9c5e5a0`](https://togithub.com/aquasecurity/trivy/commit/9c5e5a04e) fix(vex): CSAF filtering should consider relationships ([#5923](https://togithub.com/aquasecurity/trivy/issues/5923)) - [`388f476`](https://togithub.com/aquasecurity/trivy/commit/388f47669) refactor(report): Replacing `source_location` in `github` report when scanning an image ([#5999](https://togithub.com/aquasecurity/trivy/issues/5999)) - [`cd3e4bc`](https://togithub.com/aquasecurity/trivy/commit/cd3e4bcac) feat(vuln): ignore vulnerabilities by PURL ([#6178](https://togithub.com/aquasecurity/trivy/issues/6178)) - [`ce81c05`](https://togithub.com/aquasecurity/trivy/commit/ce81c0585) feat(java): add support for fetching packages from repos mentioned in pom.xml ([#6171](https://togithub.com/aquasecurity/trivy/issues/6171)) - [`cf0f0d0`](https://togithub.com/aquasecurity/trivy/commit/cf0f0d00c) feat(k8s): rancher rke2 version support ([#5988](https://togithub.com/aquasecurity/trivy/issues/5988)) - [`8a3a113`](https://togithub.com/aquasecurity/trivy/commit/8a3a113ee) docs: update kbom distribution for scanning ([#6019](https://togithub.com/aquasecurity/trivy/issues/6019)) - [`19495ba`](https://togithub.com/aquasecurity/trivy/commit/19495ba7c) chore: update CODEOWNERS ([#6173](https://togithub.com/aquasecurity/trivy/issues/6173)) - [`e787e1a`](https://togithub.com/aquasecurity/trivy/commit/e787e1af0) fix(swift): try to use branch to resolve version ([#6168](https://togithub.com/aquasecurity/trivy/issues/6168)) - [`327cf88`](https://togithub.com/aquasecurity/trivy/commit/327cf8839) fix(terraform): ensure consistent path handling across OS ([#6161](https://togithub.com/aquasecurity/trivy/issues/6161)) - [`8221473`](https://togithub.com/aquasecurity/trivy/commit/82214736a) fix(java): add only valid libs from `pom.properties` files from `jars` ([#6164](https://togithub.com/aquasecurity/trivy/issues/6164)) - [`7694df1`](https://togithub.com/aquasecurity/trivy/commit/7694df11f) fix(sbom): skip executable file analysis if Rekor isn't a specified SBOM source ([#6163](https://togithub.com/aquasecurity/trivy/issues/6163)) - [`74dc5b6`](https://togithub.com/aquasecurity/trivy/commit/74dc5b680) chore(deps): merge go-dep-parser into Trivy ([#6094](https://togithub.com/aquasecurity/trivy/issues/6094)) - [`32a02a9`](https://togithub.com/aquasecurity/trivy/commit/32a02a95d) docs(report): add remark about `path` to filter licenses using `.trivyignore.yaml` file ([#6145](https://togithub.com/aquasecurity/trivy/issues/6145)) - [`fb79ea7`](https://togithub.com/aquasecurity/trivy/commit/fb79ea7c9) docs: update template path for gitlab-ci tutorial ([#6144](https://togithub.com/aquasecurity/trivy/issues/6144)) - [`c6844a7`](https://togithub.com/aquasecurity/trivy/commit/c6844a73f) feat(report): support for filtering licenses and secrets via rego policy files ([#6004](https://togithub.com/aquasecurity/trivy/issues/6004)) - [`a813506`](https://togithub.com/aquasecurity/trivy/commit/a813506f4) fix(cyclonedx): move root component from scanned cyclonedx file to output cyclonedx file ([#6113](https://togithub.com/aquasecurity/trivy/issues/6113)) - [`14adbb4`](https://togithub.com/aquasecurity/trivy/commit/14adbb446) refactor(deps): Merge defsec into trivy ([#6109](https://togithub.com/aquasecurity/trivy/issues/6109)) - [`efe0e0f`](https://togithub.com/aquasecurity/trivy/commit/efe0e0f8f) chore(deps): bump helm.sh/helm/v3 from 3.14.0 to 3.14.1 ([#6142](https://togithub.com/aquasecurity/trivy/issues/6142)) - [`73dde32`](https://togithub.com/aquasecurity/trivy/commit/73dde3263) docs: add SecObserve in CI/CD and reporting ([#6139](https://togithub.com/aquasecurity/trivy/issues/6139)) - [`aadbad1`](https://togithub.com/aquasecurity/trivy/commit/aadbad1d7) fix(alpine): exclude empty licenses for apk packages ([#6130](https://togithub.com/aquasecurity/trivy/issues/6130)) - [`14a0981`](https://togithub.com/aquasecurity/trivy/commit/14a0981ef) docs: add docs tutorial on custom policies with rego ([#6104](https://togithub.com/aquasecurity/trivy/issues/6104)) - [`3ac6388`](https://togithub.com/aquasecurity/trivy/commit/3ac63887d) fix(nodejs): use project dir when searching for workspaces for Yarn.lock files ([#6102](https://togithub.com/aquasecurity/trivy/issues/6102)) - [`3c1601b`](https://togithub.com/aquasecurity/trivy/commit/3c1601b6c) feat(vuln): show suppressed vulnerabilities in table ([#6084](https://togithub.com/aquasecurity/trivy/issues/6084)) - [`c107e1a`](https://togithub.com/aquasecurity/trivy/commit/c107e1af2) docs: rename governance to principles ([#6107](https://togithub.com/aquasecurity/trivy/issues/6107)) - [`b26f217`](https://togithub.com/aquasecurity/trivy/commit/b26f21717) docs: add governance ([#6090](https://togithub.com/aquasecurity/trivy/issues/6090)) - [`7bd3b63`](https://togithub.com/aquasecurity/trivy/commit/7bd3b630b) refactor(deps): Merge trivy-iac into Trivy ([#6005](https://togithub.com/aquasecurity/trivy/issues/6005)) - [`535b5a9`](https://togithub.com/aquasecurity/trivy/commit/535b5a96d) feat(java): add dependency location support for `gradle` files ([#6083](https://togithub.com/aquasecurity/trivy/issues/6083)) - [`428420e`](https://togithub.com/aquasecurity/trivy/commit/428420ee8) chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.11 to 1.15.15 ([#6038](https://togithub.com/aquasecurity/trivy/issues/6038)) - [`7fec991`](https://togithub.com/aquasecurity/trivy/commit/7fec991c5) fix(misconf): get `user` from `Config.User` ([#6070](https://togithub.com/aquasecurity/trivy/issues/6070))golangci/golangci-lint (golangci/golangci-lint)
### [`v1.59.0`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1590) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.2...v1.59.0) 1. Enhancements - Add SARIF output format - Allow the analysis of generated files (`issues.exclude-generated: disable`) 2. Updated linters - `errcheck`: fix deprecation warning - `go-critic`: from 0.11.3 to 0.11.4 - `gosec`: from 2.20.0 to [`5f0084e`](https://togithub.com/golangci/golangci-lint/commit/5f0084eb01a9) (fix G601 and G113 performance issues) - `sloglint`: from 0.6.0 to 0.7.0 (new option `forbidden-keys`) - `testifylint`: from 1.2.0 to 1.3.0 (new checker `negative-positive` and new option `go-require.ignore-http-handlers`) 3. Misc. - ️️⚠️ Deprecate `github-action` output format - ️️⚠️ Deprecate `issues.exclude-generated-strict` option (replaced by `issues.exclude-generated: strict`) - ️️⚠️ Add warning about disabled and deprecated linters (level 2) ### [`v1.58.2`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1582) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) 1. Updated linters - `canonicalheader`: from 1.0.6 to 1.1.1 - `gosec`: from 2.19.0 to 2.20.0 - `musttag`: from 0.12.1 to 0.12.2 - `nilnil`: from 0.1.8 to 0.1.9 2. Documentation - Improve integrations and install pages ### [`v1.58.1`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1581) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) 1. Updated linters - `tagalign`: from 1.3.3 to 1.3.4 - `protogetter`: from 0.3.5 to 0.3.6 - `gochecknoinits`: fix analyzer name 2. Fixes - Restores previous `gihub-actions` output format (removes GitHub Action problem matchers) ### [`v1.58.0`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1580) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) 1. New linters - `fatcontext`: https://github.com/Crocmagnon/fatcontext - `canonicalheader`: https://github.com/lasiar/canonicalheader 2. Updated linters - `copyloopvar`: from 1.0.10 to 1.1.0 (`ignore-alias` is replaced by `check-alias` with the opposite behavior) - `decorder`: from 0.4.1 to 0.4.2 - `errname`: from 0.1.12 to 0.1.13 - `errorlint`: from 1.4.8 to 1.5.1 (new options `allowed-errors` and `allowed-errors-wildcard`) - `execinquery`: deprecate linter ⚠️ - `gci`: from 0.12.3 to 0.13.4 (new section `localModule`) - `gocritic`: from 0.11.2 to 0.11.3 - `spancheck`: from 0.5.3 to 0.6.1 - `goerr113` is replaced by `err113` ⚠️ - `gomnd` is replaced by `mnd` ⚠️ - `gomodguard`: from 1.3.1 to 1.3.2 - `grouper`: from 1.1.1 to 1.1.2 - `intrange`: from 0.1.1 to 0.1.2 - `mirror`: from 1.1.0 to 1.2.0 - `misspell`: from 0.4.1 to 0.5.1 - `musttag`: from 0.9.0 to 0.12.1 - `nilnil`: from 0.1.7 to 0.1.8 - `nonamedreturns`: from 1.0.4 to 1.0.5 - `promlinter`: from 0.2.0 to 0.3.0 - `sloglint`: from 0.5.0 to 0.6.0 - `unparam`: bump to HEAD ([`063aff9`](https://togithub.com/golangci/golangci-lint/commit/063aff900ca150b80930c8de76f11d7e6488222f)) - `whitespace`: from 0.1.0 to 0.1.1 3. Enhancements - Speed up "fast" linters when only "fast" linters are run: between 40% and 80% faster at first run (i.e. without cache) 4. Fixes - Use version with module plugins - Skip `go.mod` report inside autogenerated processor - Keep only `typecheck` issues when needed - Don't hide `typecheck` errors inside diff processor 5. Misc. - ⚠️ log an error when using previously deprecated linters ([Linter Deprecation Cycle](https://golangci-lint.run/product/roadmap/#linter-deprecation-cycle)) - [`deadcode`](https://togithub.com/remyoudompheng/go-misc/tree/master/deadcode): deprecated since v1.49.0 (2022-08-23). - [`exhaustivestruct`](https://togithub.com/mbilski/exhaustivestruct): deprecated since v1.46.0 (2022-05-08). - [`golint`](https://togithub.com/golang/lint): deprecated since v1.41.0 (2021-06-15). - [`ifshort`](https://togithub.com/esimonov/ifshort): deprecated since v1.48.0 (2022-08-04). - [`interfacer`](https://togithub.com/mvdan/interfacer): deprecated since v1.38.0 (2021-03-03). - [`maligned`](https://togithub.com/mdempsky/maligned): deprecated since v1.38.0 (2021-03-03). - [`nosnakecase`](https://togithub.com/sivchari/nosnakecase): deprecated since v1.48.0 (2022-08-04). - [`scopelint`](https://togithub.com/kyoh86/scopelint): deprecated since v1.39.0 (2021-03-25). - [`structcheck`](https://togithub.com/opennota/check): deprecated since v1.49.0 (2022-08-23). - [`varcheck`](https://togithub.com/opennota/check): deprecated since v1.49.0 (2022-08-23). - ⚠️ Deprecate usage of linter alternative names - Remove help display on errors with `config verify` command - Add `pre-commit` hook to run `config verify` - Improve `github-action` output 6. Documentation - Remove deprecated Atom from Editor Integrations GitHub Action (v5.1.0) for golangci-lint: - supports for `pull`, `pull_request_target`, and `merge_group` events with the option `only-new-issues`. - ️️⚠️ `skip-pkg-cache` and `skip-build-cache` have been removed because the cache related to Go itself is already handled by `actions/setup-go`. - with golangci-lint v1.58, the file information (path and position) will be displayed on the log.kubernetes-sigs/cluster-api (kubernetes-sigs/cluster-api)
### [`v1.7.2`](https://togithub.com/kubernetes-sigs/cluster-api/releases/tag/v1.7.2) [Compare Source](https://togithub.com/kubernetes-sigs/cluster-api/compare/v1.7.1...v1.7.2) #### 👌 Kubernetes version support - Management Cluster: v1.26.x -> v1.30.x - Workload Cluster: v1.24.x -> v1.30.x [More information about version support can be found here](https://cluster-api.sigs.k8s.io/reference/versions.html) #### Changes since v1.7.1 #### :chart_with_upwards_trend: Overview - 12 new commits merged - 3 bugs fixed 🐛 #### :bug: Bug Fixes - clusterctl: Ensure cert-manager objects get applied before other provider objects ([#10503](https://togithub.com/kubernetes-sigs/cluster-api/issues/10503)) - e2e: Test: Ensure all ownerRef assertions for some Kind are evaluated ([#10592](https://togithub.com/kubernetes-sigs/cluster-api/issues/10592)) - e2e: Test: filter cluster-wide objects asserted in ResourceVersion tests to exclude objects of parallel tests ([#10570](https://togithub.com/kubernetes-sigs/cluster-api/issues/10570)) #### :seedling: Others - API: Allow users to specify webhook server cert and key names ([#10581](https://togithub.com/kubernetes-sigs/cluster-api/issues/10581)) - clusterctl: Add Tinkerbell to the providers list ([#10516](https://togithub.com/kubernetes-sigs/cluster-api/issues/10516)) - clusterctl: Bump cert-manager to 1.14.5 ([#10517](https://togithub.com/kubernetes-sigs/cluster-api/issues/10517)) - clusterctl: Clusterctl/client/cert_manager: improve shouldUpgrade ([#10497](https://togithub.com/kubernetes-sigs/cluster-api/issues/10497)) - clusterctl: Add support for the linode-linode infrastructure provider to clusterctl ([#10512](https://togithub.com/kubernetes-sigs/cluster-api/issues/10512)) - e2e: Ensure resourceVersions are stable ([#10548](https://togithub.com/kubernetes-sigs/cluster-api/issues/10548)) - KCP/MachineSet: Flag for old infra machine naming ([#10587](https://togithub.com/kubernetes-sigs/cluster-api/issues/10587)) :book: Additionally, there have been 2 contributions to our documentation and book. ([#10535](https://togithub.com/kubernetes-sigs/cluster-api/issues/10535), [#10536](https://togithub.com/kubernetes-sigs/cluster-api/issues/10536)) #### Dependencies ##### Added *Nothing has changed.* ##### Changed *Nothing has changed.* ##### Removed *Nothing has changed.* *Thanks to all our contributors!* 😊 ### [`v1.7.1`](https://togithub.com/kubernetes-sigs/cluster-api/releases/tag/v1.7.1) [Compare Source](https://togithub.com/kubernetes-sigs/cluster-api/compare/v1.7.0...v1.7.1) #### 👌 Kubernetes version support - Management Cluster: v1.26.x -> v1.30.x - Workload Cluster: v1.24.x -> v1.30.x [More information about version support can be found here](https://cluster-api.sigs.k8s.io/reference/versions.html) #### Highlights - Kubernetes v1.30 is now supported #### Changes since v1.7.0 #### :chart_with_upwards_trend: Overview - 11 new commits merged - 2 bugs fixed 🐛 #### :bug: Bug Fixes - CAPD: Verify lb config after writing it ([#10461](https://togithub.com/kubernetes-sigs/cluster-api/issues/10461)) - e2e: also gather junit reports in case of errors observed from ginkgo ([#10494](https://togithub.com/kubernetes-sigs/cluster-api/issues/10494)) #### :seedling: Others - Dependency: Bump envtest to v1.30.0 ([#10481](https://togithub.com/kubernetes-sigs/cluster-api/issues/10481)) - e2e: Export more func in test/e2e/common.go ([#10447](https://togithub.com/kubernetes-sigs/cluster-api/issues/10447)) - Testing: Bump Kubernetes in tests to v1.30.0 and claim support for v1.30 ([#10465](https://togithub.com/kubernetes-sigs/cluster-api/issues/10465)) :book: Additionally, there have been 6 contributions to our documentation and book. ([#10446](https://togithub.com/kubernetes-sigs/cluster-api/issues/10446), [#10448](https://togithub.com/kubernetes-sigs/cluster-api/issues/10448), [#10451](https://togithub.com/kubernetes-sigs/cluster-api/issues/10451), [#10456](https://togithub.com/kubernetes-sigs/cluster-api/issues/10456), [#10470](https://togithub.com/kubernetes-sigs/cluster-api/issues/10470), [#10491](https://togithub.com/kubernetes-sigs/cluster-api/issues/10491)) #### Dependencies ##### Added *Nothing has changed.* ##### Changed *Nothing has changed.* ##### Removed *Nothing has changed.* *Thanks to all our contributors!* 😊 ### [`v1.7.0`](https://togithub.com/kubernetes-sigs/cluster-api/releases/tag/v1.7.0) [Compare Source](https://togithub.com/kubernetes-sigs/cluster-api/compare/v1.6.5...v1.7.0) #### 👌 Kubernetes version support - Management Cluster: v1.26.x -> v1.29.x - Workload Cluster: v1.24.x -> v1.29.x [More information about version support can be found here](https://cluster-api.sigs.k8s.io/reference/versions.html) #### Highlights - MachinePool: promoted to beta and enabled per default ([#10141](https://togithub.com/kubernetes-sigs/cluster-api/issues/10141)) - MachineDeployment: Taint nodes with PreferNoSchedule during rollouts ([#10223](https://togithub.com/kubernetes-sigs/cluster-api/issues/10223)) - MachineHealthCheck: implement annotation to manually mark machines for remediation ([#10202](https://togithub.com/kubernetes-sigs/cluster-api/issues/10202)) - KCP improvements: - Enable kubeadm feature gates mutation ([#10154](https://togithub.com/kubernetes-sigs/cluster-api/issues/10154)) - Defer remediation when a control plane machine is still provisioning ([#9734](https://togithub.com/kubernetes-sigs/cluster-api/issues/9734)) - Prefer deletion of Machines with unhealthy control plane components during rollout ([#10421](https://togithub.com/kubernetes-sigs/cluster-api/issues/10421)) - ClusterClass: - Add variable metadata ([#10308](https://togithub.com/kubernetes-sigs/cluster-api/issues/10308)) - Improved version validation if an update is already in progress ([#10063](https://togithub.com/kubernetes-sigs/cluster-api/issues/10063)) - Improved unit and e2e test coverage for ClusterClass with MachinePools ([#10028](https://togithub.com/kubernetes-sigs/cluster-api/issues/10028)) - Various improvements to our e2e tests to increase test coverage and reduce flakes to improvConfiguration
📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.