aquasecurity/trivy (aquasecurity/trivy)
### [`v0.57.0`](https://redirect.github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0570-2024-10-31)
[Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.56.2...v0.57.0)
##### ⚠ BREAKING CHANGES
- **k8s:** support k8s multi container ([#7444](https://redirect.github.com/aquasecurity/trivy/issues/7444))
##### Features
- add end of life date for Ubuntu 24.10 ([#7787](https://redirect.github.com/aquasecurity/trivy/issues/7787)) ([ad3c09e](https://redirect.github.com/aquasecurity/trivy/commit/ad3c09e006e134f3c5b879ffc34ce9895a8c860f))
- **cli:** add `trivy auth` ([#7664](https://redirect.github.com/aquasecurity/trivy/issues/7664)) ([27117f8](https://redirect.github.com/aquasecurity/trivy/commit/27117f81d52483c3ceec56fe56ac298e242fbc9a))
- **cli:** error out when ignore file cannot be found ([#7624](https://redirect.github.com/aquasecurity/trivy/issues/7624)) ([cb0b3a9](https://redirect.github.com/aquasecurity/trivy/commit/cb0b3a9279b31810ecd686a385e5140e567ce86f))
- **cli:** rename `trivy auth` to `trivy registry` ([#7727](https://redirect.github.com/aquasecurity/trivy/issues/7727)) ([633a7ab](https://redirect.github.com/aquasecurity/trivy/commit/633a7abeea4287899392a24f2705f96dfeb7e312))
- **cyclonedx:** add file checksums to `CycloneDX` reports ([#7507](https://redirect.github.com/aquasecurity/trivy/issues/7507)) ([c225883](https://redirect.github.com/aquasecurity/trivy/commit/c225883649f58128a99fa2c1cef327d0e57940be))
- **db:** append errors ([#7843](https://redirect.github.com/aquasecurity/trivy/issues/7843)) ([5e78b6c](https://redirect.github.com/aquasecurity/trivy/commit/5e78b6c12fb5740c12dedeea3d335d48ec2f752b))
- **misconf:** export unresolvable field of IaC types to Rego ([#7765](https://redirect.github.com/aquasecurity/trivy/issues/7765)) ([9514148](https://redirect.github.com/aquasecurity/trivy/commit/9514148767865baddd73a49245385574927f7a74))
- **misconf:** public network support for Azure Storage Account ([#7601](https://redirect.github.com/aquasecurity/trivy/issues/7601)) ([ad91412](https://redirect.github.com/aquasecurity/trivy/commit/ad914123c4d203af1e1da6b7e2d3e49d9d3831d8))
- **misconf:** Show misconfig ID in output ([#7762](https://redirect.github.com/aquasecurity/trivy/issues/7762)) ([f75c0d1](https://redirect.github.com/aquasecurity/trivy/commit/f75c0d1f0069d4856cb4826d6049f32c5b9409d9))
- **misconf:** ssl_mode support for GCP SQL DB instance ([#7564](https://redirect.github.com/aquasecurity/trivy/issues/7564)) ([2eaa17e](https://redirect.github.com/aquasecurity/trivy/commit/2eaa17e0717940b27a79050e2efd9213b71178c9))
- **parser:** ignore white space in pom.xml files ([#7747](https://redirect.github.com/aquasecurity/trivy/issues/7747)) ([a7baa93](https://redirect.github.com/aquasecurity/trivy/commit/a7baa93b00b8636aa097e64cdb8eed97dbd68511))
- **report:** update gitlab template to populate operating_system value ([#7735](https://redirect.github.com/aquasecurity/trivy/issues/7735)) ([c0d79fa](https://redirect.github.com/aquasecurity/trivy/commit/c0d79fa09e645f3a3dbff878e393b8631fb17b64))
##### Bug Fixes
- **cli:** `clean --all` deletes only relevant dirs ([#7704](https://redirect.github.com/aquasecurity/trivy/issues/7704)) ([672e886](https://redirect.github.com/aquasecurity/trivy/commit/672e886aed152ae0f09a16941706746f3053ca94))
- **cli:** add config name to skip-policy-update alias ([#7820](https://redirect.github.com/aquasecurity/trivy/issues/7820)) ([b661d68](https://redirect.github.com/aquasecurity/trivy/commit/b661d680ff0372c8e4beea0db13bf69d6a2203a8))
- **db:** fix javadb downloading error handling ([#7642](https://redirect.github.com/aquasecurity/trivy/issues/7642)) ([2c87f0c](https://redirect.github.com/aquasecurity/trivy/commit/2c87f0cb794acd77446a273582ba1a45b9f18980))
- enable usestdlibvars linter ([#7770](https://redirect.github.com/aquasecurity/trivy/issues/7770)) ([57e24aa](https://redirect.github.com/aquasecurity/trivy/commit/57e24aa85382f749df7f673e241caaf3fcbb45cb))
- **go:** Do not trim v prefix from versions in Go Mod Analyzer ([#7733](https://redirect.github.com/aquasecurity/trivy/issues/7733)) ([e872ec0](https://redirect.github.com/aquasecurity/trivy/commit/e872ec006c0745a5a142728af0096c6d6bb9ddf3))
- **helm:** properly handle multiple archived dependencies ([#7782](https://redirect.github.com/aquasecurity/trivy/issues/7782)) ([6fab88d](https://redirect.github.com/aquasecurity/trivy/commit/6fab88dd56c257ef2cc63b617c2a5decb1c4cf98))
- **java:** correctly inherit `version` and `scope` from upper/root `depManagement` and `dependencies` into parents ([#7541](https://redirect.github.com/aquasecurity/trivy/issues/7541)) ([778df82](https://redirect.github.com/aquasecurity/trivy/commit/778df828eaad9827cb833c6285058a33aa2b83ca))
- **k8s:** skip resources without misconfigs ([#7797](https://redirect.github.com/aquasecurity/trivy/issues/7797)) ([7882776](https://redirect.github.com/aquasecurity/trivy/commit/78827768a612ab305bf9c55409ce76d6774302a5))
- **k8s:** support k8s multi container ([#7444](https://redirect.github.com/aquasecurity/trivy/issues/7444)) ([c434775](https://redirect.github.com/aquasecurity/trivy/commit/c4347759234dcb5f372b07f92fb4230ef391d710))
- **k8s:** support kubernetes v1.31 ([#7810](https://redirect.github.com/aquasecurity/trivy/issues/7810)) ([7a4f4d8](https://redirect.github.com/aquasecurity/trivy/commit/7a4f4d8b12996687f3095a2042cdf2f5985332c9))
- **license:** fix license normalization for Universal Permissive License ([#7766](https://redirect.github.com/aquasecurity/trivy/issues/7766)) ([f6acdf7](https://redirect.github.com/aquasecurity/trivy/commit/f6acdf713991f8ffdbe765178fcb8a9cde433cba))
- **misconf:** change default ACL of digitalocean_spaces_bucket to private ([#7577](https://redirect.github.com/aquasecurity/trivy/issues/7577)) ([9da84f5](https://redirect.github.com/aquasecurity/trivy/commit/9da84f54fadbe6ad0d73983952e945ed63b666f3))
- **misconf:** check if property is not nil before conversion ([#7578](https://redirect.github.com/aquasecurity/trivy/issues/7578)) ([c8c14d3](https://redirect.github.com/aquasecurity/trivy/commit/c8c14d36245623019f29d258f813d2325f7490f7))
- **misconf:** fix for Azure Storage Account network acls adaptation ([#7602](https://redirect.github.com/aquasecurity/trivy/issues/7602)) ([35fd018](https://redirect.github.com/aquasecurity/trivy/commit/35fd018ae7ad86823f114f0ac2f1376726aee444))
- **misconf:** properly expand dynamic blocks ([#7612](https://redirect.github.com/aquasecurity/trivy/issues/7612)) ([8d5dbc9](https://redirect.github.com/aquasecurity/trivy/commit/8d5dbc9fec3569b22ed81a03c40eaf732768718b))
- **redhat:** include arch in PURL qualifiers ([#7654](https://redirect.github.com/aquasecurity/trivy/issues/7654)) ([a585e95](https://redirect.github.com/aquasecurity/trivy/commit/a585e95f3398631d9ad10505c5ff642fde21aef7))
- **repo:** `git clone` output to Stderr ([#7561](https://redirect.github.com/aquasecurity/trivy/issues/7561)) ([fdf203c](https://redirect.github.com/aquasecurity/trivy/commit/fdf203cd209aeb40f454bd12d121a54d6ed7a542))
- **report:** Fix invalid URI in SARIF report ([#7645](https://redirect.github.com/aquasecurity/trivy/issues/7645)) ([015bb88](https://redirect.github.com/aquasecurity/trivy/commit/015bb885ac414b91201fa9791eead395d878149c))
- **sbom:** add options for DBs in private registries ([#7660](https://redirect.github.com/aquasecurity/trivy/issues/7660)) ([1f2e91b](https://redirect.github.com/aquasecurity/trivy/commit/1f2e91b02b3606dd11963002a8cfac7962f3478f))
- **sbom:** use `Annotation` instead of `AttributionTexts` for `SPDX` formats ([#7811](https://redirect.github.com/aquasecurity/trivy/issues/7811)) ([f2bb9c6](https://redirect.github.com/aquasecurity/trivy/commit/f2bb9c6227743dd61f44eb591d4b15192fe110c6))
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
0.56.2
->0.57.0
Release Notes
aquasecurity/trivy (aquasecurity/trivy)
### [`v0.57.0`](https://redirect.github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0570-2024-10-31) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.56.2...v0.57.0) ##### ⚠ BREAKING CHANGES - **k8s:** support k8s multi container ([#7444](https://redirect.github.com/aquasecurity/trivy/issues/7444)) ##### Features - add end of life date for Ubuntu 24.10 ([#7787](https://redirect.github.com/aquasecurity/trivy/issues/7787)) ([ad3c09e](https://redirect.github.com/aquasecurity/trivy/commit/ad3c09e006e134f3c5b879ffc34ce9895a8c860f)) - **cli:** add `trivy auth` ([#7664](https://redirect.github.com/aquasecurity/trivy/issues/7664)) ([27117f8](https://redirect.github.com/aquasecurity/trivy/commit/27117f81d52483c3ceec56fe56ac298e242fbc9a)) - **cli:** error out when ignore file cannot be found ([#7624](https://redirect.github.com/aquasecurity/trivy/issues/7624)) ([cb0b3a9](https://redirect.github.com/aquasecurity/trivy/commit/cb0b3a9279b31810ecd686a385e5140e567ce86f)) - **cli:** rename `trivy auth` to `trivy registry` ([#7727](https://redirect.github.com/aquasecurity/trivy/issues/7727)) ([633a7ab](https://redirect.github.com/aquasecurity/trivy/commit/633a7abeea4287899392a24f2705f96dfeb7e312)) - **cyclonedx:** add file checksums to `CycloneDX` reports ([#7507](https://redirect.github.com/aquasecurity/trivy/issues/7507)) ([c225883](https://redirect.github.com/aquasecurity/trivy/commit/c225883649f58128a99fa2c1cef327d0e57940be)) - **db:** append errors ([#7843](https://redirect.github.com/aquasecurity/trivy/issues/7843)) ([5e78b6c](https://redirect.github.com/aquasecurity/trivy/commit/5e78b6c12fb5740c12dedeea3d335d48ec2f752b)) - **misconf:** export unresolvable field of IaC types to Rego ([#7765](https://redirect.github.com/aquasecurity/trivy/issues/7765)) ([9514148](https://redirect.github.com/aquasecurity/trivy/commit/9514148767865baddd73a49245385574927f7a74)) - **misconf:** public network support for Azure Storage Account ([#7601](https://redirect.github.com/aquasecurity/trivy/issues/7601)) ([ad91412](https://redirect.github.com/aquasecurity/trivy/commit/ad914123c4d203af1e1da6b7e2d3e49d9d3831d8)) - **misconf:** Show misconfig ID in output ([#7762](https://redirect.github.com/aquasecurity/trivy/issues/7762)) ([f75c0d1](https://redirect.github.com/aquasecurity/trivy/commit/f75c0d1f0069d4856cb4826d6049f32c5b9409d9)) - **misconf:** ssl_mode support for GCP SQL DB instance ([#7564](https://redirect.github.com/aquasecurity/trivy/issues/7564)) ([2eaa17e](https://redirect.github.com/aquasecurity/trivy/commit/2eaa17e0717940b27a79050e2efd9213b71178c9)) - **parser:** ignore white space in pom.xml files ([#7747](https://redirect.github.com/aquasecurity/trivy/issues/7747)) ([a7baa93](https://redirect.github.com/aquasecurity/trivy/commit/a7baa93b00b8636aa097e64cdb8eed97dbd68511)) - **report:** update gitlab template to populate operating_system value ([#7735](https://redirect.github.com/aquasecurity/trivy/issues/7735)) ([c0d79fa](https://redirect.github.com/aquasecurity/trivy/commit/c0d79fa09e645f3a3dbff878e393b8631fb17b64)) ##### Bug Fixes - **cli:** `clean --all` deletes only relevant dirs ([#7704](https://redirect.github.com/aquasecurity/trivy/issues/7704)) ([672e886](https://redirect.github.com/aquasecurity/trivy/commit/672e886aed152ae0f09a16941706746f3053ca94)) - **cli:** add config name to skip-policy-update alias ([#7820](https://redirect.github.com/aquasecurity/trivy/issues/7820)) ([b661d68](https://redirect.github.com/aquasecurity/trivy/commit/b661d680ff0372c8e4beea0db13bf69d6a2203a8)) - **db:** fix javadb downloading error handling ([#7642](https://redirect.github.com/aquasecurity/trivy/issues/7642)) ([2c87f0c](https://redirect.github.com/aquasecurity/trivy/commit/2c87f0cb794acd77446a273582ba1a45b9f18980)) - enable usestdlibvars linter ([#7770](https://redirect.github.com/aquasecurity/trivy/issues/7770)) ([57e24aa](https://redirect.github.com/aquasecurity/trivy/commit/57e24aa85382f749df7f673e241caaf3fcbb45cb)) - **go:** Do not trim v prefix from versions in Go Mod Analyzer ([#7733](https://redirect.github.com/aquasecurity/trivy/issues/7733)) ([e872ec0](https://redirect.github.com/aquasecurity/trivy/commit/e872ec006c0745a5a142728af0096c6d6bb9ddf3)) - **helm:** properly handle multiple archived dependencies ([#7782](https://redirect.github.com/aquasecurity/trivy/issues/7782)) ([6fab88d](https://redirect.github.com/aquasecurity/trivy/commit/6fab88dd56c257ef2cc63b617c2a5decb1c4cf98)) - **java:** correctly inherit `version` and `scope` from upper/root `depManagement` and `dependencies` into parents ([#7541](https://redirect.github.com/aquasecurity/trivy/issues/7541)) ([778df82](https://redirect.github.com/aquasecurity/trivy/commit/778df828eaad9827cb833c6285058a33aa2b83ca)) - **k8s:** skip resources without misconfigs ([#7797](https://redirect.github.com/aquasecurity/trivy/issues/7797)) ([7882776](https://redirect.github.com/aquasecurity/trivy/commit/78827768a612ab305bf9c55409ce76d6774302a5)) - **k8s:** support k8s multi container ([#7444](https://redirect.github.com/aquasecurity/trivy/issues/7444)) ([c434775](https://redirect.github.com/aquasecurity/trivy/commit/c4347759234dcb5f372b07f92fb4230ef391d710)) - **k8s:** support kubernetes v1.31 ([#7810](https://redirect.github.com/aquasecurity/trivy/issues/7810)) ([7a4f4d8](https://redirect.github.com/aquasecurity/trivy/commit/7a4f4d8b12996687f3095a2042cdf2f5985332c9)) - **license:** fix license normalization for Universal Permissive License ([#7766](https://redirect.github.com/aquasecurity/trivy/issues/7766)) ([f6acdf7](https://redirect.github.com/aquasecurity/trivy/commit/f6acdf713991f8ffdbe765178fcb8a9cde433cba)) - **misconf:** change default ACL of digitalocean_spaces_bucket to private ([#7577](https://redirect.github.com/aquasecurity/trivy/issues/7577)) ([9da84f5](https://redirect.github.com/aquasecurity/trivy/commit/9da84f54fadbe6ad0d73983952e945ed63b666f3)) - **misconf:** check if property is not nil before conversion ([#7578](https://redirect.github.com/aquasecurity/trivy/issues/7578)) ([c8c14d3](https://redirect.github.com/aquasecurity/trivy/commit/c8c14d36245623019f29d258f813d2325f7490f7)) - **misconf:** fix for Azure Storage Account network acls adaptation ([#7602](https://redirect.github.com/aquasecurity/trivy/issues/7602)) ([35fd018](https://redirect.github.com/aquasecurity/trivy/commit/35fd018ae7ad86823f114f0ac2f1376726aee444)) - **misconf:** properly expand dynamic blocks ([#7612](https://redirect.github.com/aquasecurity/trivy/issues/7612)) ([8d5dbc9](https://redirect.github.com/aquasecurity/trivy/commit/8d5dbc9fec3569b22ed81a03c40eaf732768718b)) - **redhat:** include arch in PURL qualifiers ([#7654](https://redirect.github.com/aquasecurity/trivy/issues/7654)) ([a585e95](https://redirect.github.com/aquasecurity/trivy/commit/a585e95f3398631d9ad10505c5ff642fde21aef7)) - **repo:** `git clone` output to Stderr ([#7561](https://redirect.github.com/aquasecurity/trivy/issues/7561)) ([fdf203c](https://redirect.github.com/aquasecurity/trivy/commit/fdf203cd209aeb40f454bd12d121a54d6ed7a542)) - **report:** Fix invalid URI in SARIF report ([#7645](https://redirect.github.com/aquasecurity/trivy/issues/7645)) ([015bb88](https://redirect.github.com/aquasecurity/trivy/commit/015bb885ac414b91201fa9791eead395d878149c)) - **sbom:** add options for DBs in private registries ([#7660](https://redirect.github.com/aquasecurity/trivy/issues/7660)) ([1f2e91b](https://redirect.github.com/aquasecurity/trivy/commit/1f2e91b02b3606dd11963002a8cfac7962f3478f)) - **sbom:** use `Annotation` instead of `AttributionTexts` for `SPDX` formats ([#7811](https://redirect.github.com/aquasecurity/trivy/issues/7811)) ([f2bb9c6](https://redirect.github.com/aquasecurity/trivy/commit/f2bb9c6227743dd61f44eb591d4b15192fe110c6))Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.