Closed teletraan-x[bot] closed 1 year ago
This PR contains the following updates:
v0.31.0
v0.36.1
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
This PR contains the following updates:
v0.31.0->v0.36.1Release Notes
aquasecurity/trivy
### [`v0.36.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.36.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.36.0...v0.36.1) ##### Changelog - [`9039df4`](https://togithub.com/aquasecurity/trivy/commit/9039df49) fix(deps): fix errors on yarn.lock files that contain local file reference ([#3384](https://togithub.com/aquasecurity/trivy/issues/3384)) - [`60cf4fe`](https://togithub.com/aquasecurity/trivy/commit/60cf4fe4) feat(flag): early fail when the format is invalid ([#3370](https://togithub.com/aquasecurity/trivy/issues/3370)) - [`9470e3c`](https://togithub.com/aquasecurity/trivy/commit/9470e3cd) chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 ([#3366](https://togithub.com/aquasecurity/trivy/issues/3366)) - [`d274d15`](https://togithub.com/aquasecurity/trivy/commit/d274d156) docs(aws): fix broken links ([#3374](https://togithub.com/aquasecurity/trivy/issues/3374)) - [`2a870f8`](https://togithub.com/aquasecurity/trivy/commit/2a870f8a) chore(deps): bump actions/stale from 6 to 7 ([#3360](https://togithub.com/aquasecurity/trivy/issues/3360)) - [`5974023`](https://togithub.com/aquasecurity/trivy/commit/5974023b) chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 ([#3359](https://togithub.com/aquasecurity/trivy/issues/3359)) - [`02aa8c2`](https://togithub.com/aquasecurity/trivy/commit/02aa8c2c) chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 ([#2974](https://togithub.com/aquasecurity/trivy/issues/2974)) - [`6e6171f`](https://togithub.com/aquasecurity/trivy/commit/6e6171fe) chore(deps): bump azure/setup-helm from 3.4 to 3.5 ([#3358](https://togithub.com/aquasecurity/trivy/issues/3358)) - [`066f277`](https://togithub.com/aquasecurity/trivy/commit/066f2779) chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 ([#3173](https://togithub.com/aquasecurity/trivy/issues/3173)) - [`8cc3284`](https://togithub.com/aquasecurity/trivy/commit/8cc32841) chore(deps): bump goreleaser/goreleaser-action from 3 to 4 ([#3357](https://togithub.com/aquasecurity/trivy/issues/3357)) - [`8d71346`](https://togithub.com/aquasecurity/trivy/commit/8d713461) chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 ([#3367](https://togithub.com/aquasecurity/trivy/issues/3367)) - [`5b944d2`](https://togithub.com/aquasecurity/trivy/commit/5b944d20) chore(go): updates wazero to v1.0.0-pre.7 ([#3355](https://togithub.com/aquasecurity/trivy/issues/3355)) - [`9c645b9`](https://togithub.com/aquasecurity/trivy/commit/9c645b99) chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 ([#3362](https://togithub.com/aquasecurity/trivy/issues/3362)) - [`e2cd782`](https://togithub.com/aquasecurity/trivy/commit/e2cd782d) chore(deps): bump actions/cache from 3.0.11 to 3.2.2 ([#3356](https://togithub.com/aquasecurity/trivy/issues/3356)) ### [`v0.36.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.36.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.35.0...v0.36.0) #### Changelog - [`4813cf5`](https://togithub.com/aquasecurity/trivy/commit/4813cf5c) docs: improve compliance docs ([#3340](https://togithub.com/aquasecurity/trivy/issues/3340)) - [`025e509`](https://togithub.com/aquasecurity/trivy/commit/025e5099) feat(deps): add yarn lock dependency tree ([#3348](https://togithub.com/aquasecurity/trivy/issues/3348)) - [`4d59a1e`](https://togithub.com/aquasecurity/trivy/commit/4d59a1ef) fix: compliance change id and title naming ([#3349](https://togithub.com/aquasecurity/trivy/issues/3349)) - [`eaa5bcf`](https://togithub.com/aquasecurity/trivy/commit/eaa5bcf7) feat: add support for mix.lock files for elixir language ([#3328](https://togithub.com/aquasecurity/trivy/issues/3328)) - [`a888440`](https://togithub.com/aquasecurity/trivy/commit/a8884409) feat: add k8s cis bench ([#3315](https://togithub.com/aquasecurity/trivy/issues/3315)) - [`62b369e`](https://togithub.com/aquasecurity/trivy/commit/62b369ee) test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch ([#3322](https://togithub.com/aquasecurity/trivy/issues/3322)) - [`c110c4e`](https://togithub.com/aquasecurity/trivy/commit/c110c4e0) revert: cache merged layers ([#3334](https://togithub.com/aquasecurity/trivy/issues/3334)) - [`bc759ef`](https://togithub.com/aquasecurity/trivy/commit/bc759efd) feat(cyclonedx): add recommendation ([#3336](https://togithub.com/aquasecurity/trivy/issues/3336)) - [`fe3831e`](https://togithub.com/aquasecurity/trivy/commit/fe3831e0) feat(ubuntu): added support ubuntu ESM versions ([#1893](https://togithub.com/aquasecurity/trivy/issues/1893)) - [`b0cebec`](https://togithub.com/aquasecurity/trivy/commit/b0cebec3) fix: change logic to build relative paths for skip-dirs and skip-files ([#3331](https://togithub.com/aquasecurity/trivy/issues/3331)) - [`a66d3fe`](https://togithub.com/aquasecurity/trivy/commit/a66d3fe3) chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 ([#3265](https://togithub.com/aquasecurity/trivy/issues/3265)) - [`5190f95`](https://togithub.com/aquasecurity/trivy/commit/5190f956) feat: Adding support for Windows testing ([#3037](https://togithub.com/aquasecurity/trivy/issues/3037)) - [`b00f3c6`](https://togithub.com/aquasecurity/trivy/commit/b00f3c60) feat: add support for Alpine 3.17 ([#3319](https://togithub.com/aquasecurity/trivy/issues/3319)) - [`a70f885`](https://togithub.com/aquasecurity/trivy/commit/a70f8851) docs: change PodFile.lock to Podfile.lock ([#3318](https://togithub.com/aquasecurity/trivy/issues/3318)) - [`1ec1fe6`](https://togithub.com/aquasecurity/trivy/commit/1ec1fe64) fix(sbom): support for the detection of old CycloneDX predicate type ([#3316](https://togithub.com/aquasecurity/trivy/issues/3316)) - [`68eda79`](https://togithub.com/aquasecurity/trivy/commit/68eda793) feat(secret): Use .trivyignore for filtering secret scanning result ([#3312](https://togithub.com/aquasecurity/trivy/issues/3312)) - [`b95d435`](https://togithub.com/aquasecurity/trivy/commit/b95d435a) chore(go): remove experimental FS API usage in Wasm ([#3299](https://togithub.com/aquasecurity/trivy/issues/3299)) - [`ac6b7c3`](https://togithub.com/aquasecurity/trivy/commit/ac6b7c33) ci: add workflow to add issues to roadmap project ([#3292](https://togithub.com/aquasecurity/trivy/issues/3292)) - [`cfabdf9`](https://togithub.com/aquasecurity/trivy/commit/cfabdf91) fix(vuln): include duplicate vulnerabilities with different package paths in the final report ([#3275](https://togithub.com/aquasecurity/trivy/issues/3275)) - [`56e3d8d`](https://togithub.com/aquasecurity/trivy/commit/56e3d8de) chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 ([#3250](https://togithub.com/aquasecurity/trivy/issues/3250)) - [`bbccb44`](https://togithub.com/aquasecurity/trivy/commit/bbccb448) feat(sbom): better support for third-party SBOMs ([#3262](https://togithub.com/aquasecurity/trivy/issues/3262)) - [`e879b06`](https://togithub.com/aquasecurity/trivy/commit/e879b069) docs: add information about languages with support for dependency locations ([#3306](https://togithub.com/aquasecurity/trivy/issues/3306)) - [`e92266f`](https://togithub.com/aquasecurity/trivy/commit/e92266f2) feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots ([#3284](https://togithub.com/aquasecurity/trivy/issues/3284)) - [`01c7fb1`](https://togithub.com/aquasecurity/trivy/commit/01c7fb14) chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible ([#3251](https://togithub.com/aquasecurity/trivy/issues/3251)) - [`23d0613`](https://togithub.com/aquasecurity/trivy/commit/23d06138) fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln ([#3255](https://togithub.com/aquasecurity/trivy/issues/3255)) - [`407c240`](https://togithub.com/aquasecurity/trivy/commit/407c2407) docs: remove comparisons ([#3289](https://togithub.com/aquasecurity/trivy/issues/3289)) - [`93c5d2d`](https://togithub.com/aquasecurity/trivy/commit/93c5d2dc) feat: add support for Wolfi Linux ([#3215](https://togithub.com/aquasecurity/trivy/issues/3215)) - [`2809794`](https://togithub.com/aquasecurity/trivy/commit/28097949) ci: add go.mod to canary workflow ([#3288](https://togithub.com/aquasecurity/trivy/issues/3288)) - [`08b55c3`](https://togithub.com/aquasecurity/trivy/commit/08b55c33) feat(python): skip dev dependencies ([#3282](https://togithub.com/aquasecurity/trivy/issues/3282)) - [`52300e6`](https://togithub.com/aquasecurity/trivy/commit/52300e60) chore: update ubuntu version for Github action runnners ([#3257](https://togithub.com/aquasecurity/trivy/issues/3257)) - [`a7ac6ac`](https://togithub.com/aquasecurity/trivy/commit/a7ac6aca) fix(go): skip dep without Path for go-binaries ([#3254](https://togithub.com/aquasecurity/trivy/issues/3254)) - [`4436a20`](https://togithub.com/aquasecurity/trivy/commit/4436a202) feat(rust): add ID for cargo pgks ([#3256](https://togithub.com/aquasecurity/trivy/issues/3256)) - [`34d505a`](https://togithub.com/aquasecurity/trivy/commit/34d505ad) chore(deps): bump github.com/samber/lo from 1.33.0 to 1.36.0 ([#3263](https://togithub.com/aquasecurity/trivy/issues/3263)) - [`ea95602`](https://togithub.com/aquasecurity/trivy/commit/ea956026) chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 ([#3253](https://togithub.com/aquasecurity/trivy/issues/3253)) - [`aea298b`](https://togithub.com/aquasecurity/trivy/commit/aea298b3) feat: add support for swift cocoapods lock files ([#2956](https://togithub.com/aquasecurity/trivy/issues/2956)) - [`c67fe17`](https://togithub.com/aquasecurity/trivy/commit/c67fe17b) fix(sbom): use proper constants ([#3286](https://togithub.com/aquasecurity/trivy/issues/3286)) - [`f907255`](https://togithub.com/aquasecurity/trivy/commit/f9072556) chore(deps): bump golang.org/x/term from 0.1.0 to 0.3.0 ([#3278](https://togithub.com/aquasecurity/trivy/issues/3278)) - [`8f95743`](https://togithub.com/aquasecurity/trivy/commit/8f957435) test(vm): import relevant analyzers ([#3285](https://togithub.com/aquasecurity/trivy/issues/3285)) - [`8744534`](https://togithub.com/aquasecurity/trivy/commit/8744534c) feat: support scan remote repository ([#3131](https://togithub.com/aquasecurity/trivy/issues/3131)) - [`c278d86`](https://togithub.com/aquasecurity/trivy/commit/c278d866) docs: fix typo in fluxcd ([#3268](https://togithub.com/aquasecurity/trivy/issues/3268)) - [`fa2281f`](https://togithub.com/aquasecurity/trivy/commit/fa2281f7) docs: fix broken "ecosystem" link in readme ([#3280](https://togithub.com/aquasecurity/trivy/issues/3280)) - [`a3eece4`](https://togithub.com/aquasecurity/trivy/commit/a3eece4f) feat(misconf): Add compliance check support ([#3130](https://togithub.com/aquasecurity/trivy/issues/3130)) - [`7a6cf5a`](https://togithub.com/aquasecurity/trivy/commit/7a6cf5a2) docs: Adding Concourse resource for trivy ([#3224](https://togithub.com/aquasecurity/trivy/issues/3224)) - [`dd26bd2`](https://togithub.com/aquasecurity/trivy/commit/dd26bd23) chore(deps): change golang from 1.19.2 to 1.19 ([#3249](https://togithub.com/aquasecurity/trivy/issues/3249)) - [`cbba6d1`](https://togithub.com/aquasecurity/trivy/commit/cbba6d10) fix(sbom): duplicate dependson ([#3261](https://togithub.com/aquasecurity/trivy/issues/3261)) - [`fa2e3ac`](https://togithub.com/aquasecurity/trivy/commit/fa2e3ac2) chore(deps): bump alpine from 3.16.2 to 3.17.0 ([#3247](https://togithub.com/aquasecurity/trivy/issues/3247)) - [`5c43475`](https://togithub.com/aquasecurity/trivy/commit/5c434753) chore(go): updates wazero to 1.0.0-pre.4 ([#3242](https://togithub.com/aquasecurity/trivy/issues/3242)) - [`d29b0ed`](https://togithub.com/aquasecurity/trivy/commit/d29b0edc) feat(report): add dependency locations to sarif format ([#3210](https://togithub.com/aquasecurity/trivy/issues/3210)) - [`967e32f`](https://togithub.com/aquasecurity/trivy/commit/967e32f4) fix(rpm): add rocky to osVendors ([#3241](https://togithub.com/aquasecurity/trivy/issues/3241)) - [`9477416`](https://togithub.com/aquasecurity/trivy/commit/94774166) docs: fix a typo ([#3236](https://togithub.com/aquasecurity/trivy/issues/3236)) - [`97ce61e`](https://togithub.com/aquasecurity/trivy/commit/97ce61ee) feat(dotnet): add dependency parsing for nuget lock files ([#3222](https://togithub.com/aquasecurity/trivy/issues/3222)) - [`17e13c4`](https://togithub.com/aquasecurity/trivy/commit/17e13c4d) docs: add pre-commit hook to community tools ([#3203](https://togithub.com/aquasecurity/trivy/issues/3203)) - [`b1a2c4e`](https://togithub.com/aquasecurity/trivy/commit/b1a2c4e9) feat(helm): pass arbitrary env vars to trivy ([#3208](https://togithub.com/aquasecurity/trivy/issues/3208)) ### [`v0.35.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.35.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.34.0...v0.35.0) #### Changelog - [`bd30e98`](https://togithub.com/aquasecurity/trivy/commit/bd30e983) chore(vm): update xfs filesystem parser for change log ([#3230](https://togithub.com/aquasecurity/trivy/issues/3230)) - [`22d92e4`](https://togithub.com/aquasecurity/trivy/commit/22d92e4a) feat: add virtual machine scan command ([#2910](https://togithub.com/aquasecurity/trivy/issues/2910)) - [`531eaa8`](https://togithub.com/aquasecurity/trivy/commit/531eaa8f) docs: reorganize index and readme ([#3026](https://togithub.com/aquasecurity/trivy/issues/3026)) - [`8569d43`](https://togithub.com/aquasecurity/trivy/commit/8569d43a) fix: `slowSizeThreshold` should be less than `defaultSizeThreshold` ([#3225](https://togithub.com/aquasecurity/trivy/issues/3225)) - [`604a73d`](https://togithub.com/aquasecurity/trivy/commit/604a73d3) feat: Export functions for trivy plugin ([#3204](https://togithub.com/aquasecurity/trivy/issues/3204)) - [`7594b1f`](https://togithub.com/aquasecurity/trivy/commit/7594b1f0) feat(image): add support wildcard for platform os ([#3196](https://togithub.com/aquasecurity/trivy/issues/3196)) - [`fd5cafb`](https://togithub.com/aquasecurity/trivy/commit/fd5cafb2) fix: load compliance report from file system ([#3161](https://togithub.com/aquasecurity/trivy/issues/3161)) - [`6ab9380`](https://togithub.com/aquasecurity/trivy/commit/6ab9380b) fix(suse): use package name to get advisories ([#3199](https://togithub.com/aquasecurity/trivy/issues/3199)) - [`4a5d643`](https://togithub.com/aquasecurity/trivy/commit/4a5d6435) docs(image): space issues during image scan ([#3190](https://togithub.com/aquasecurity/trivy/issues/3190)) - [`2206e00`](https://togithub.com/aquasecurity/trivy/commit/2206e008) feat(containerd): scan image by digest ([#3075](https://togithub.com/aquasecurity/trivy/issues/3075)) - [`861bc03`](https://togithub.com/aquasecurity/trivy/commit/861bc03e) fix(vuln): add package name to title ([#3183](https://togithub.com/aquasecurity/trivy/issues/3183)) - [`f115895`](https://togithub.com/aquasecurity/trivy/commit/f115895d) fix: present control status instead of compliance percentage in compliance report ([#3181](https://togithub.com/aquasecurity/trivy/issues/3181)) - [`cc8cef1`](https://togithub.com/aquasecurity/trivy/commit/cc8cef19) perf(license): remove go-enry/go-license-detector. ([#3187](https://togithub.com/aquasecurity/trivy/issues/3187)) - [`a0033f6`](https://togithub.com/aquasecurity/trivy/commit/a0033f6b) fix: workdir command as empty layer ([#3087](https://togithub.com/aquasecurity/trivy/issues/3087)) - [`cb5744d`](https://togithub.com/aquasecurity/trivy/commit/cb5744dc) docs: reorganize ecosystem section ([#3025](https://togithub.com/aquasecurity/trivy/issues/3025)) - [`1ddd6d3`](https://togithub.com/aquasecurity/trivy/commit/1ddd6d30) feat(dotnet): add support dependency location for dotnet-core files ([#3095](https://togithub.com/aquasecurity/trivy/issues/3095)) - [`30c8d75`](https://togithub.com/aquasecurity/trivy/commit/30c8d756) chore(deps): bump github.com/aws/aws-sdk-go from 1.44.114 to 1.44.136 ([#3174](https://togithub.com/aquasecurity/trivy/issues/3174)) - [`8e7b44f`](https://togithub.com/aquasecurity/trivy/commit/8e7b44f7) chore(deps): bump github.com/testcontainers/testcontainers-go from 0.13.0 to 0.15.0 ([#3109](https://togithub.com/aquasecurity/trivy/issues/3109)) - [`dfff371`](https://togithub.com/aquasecurity/trivy/commit/dfff371f) feat(dotnet): add support dependency location for nuget lock files ([#3032](https://togithub.com/aquasecurity/trivy/issues/3032)) - [`eb571fd`](https://togithub.com/aquasecurity/trivy/commit/eb571fdc) chore: update code owners for misconfigurations ([#3176](https://togithub.com/aquasecurity/trivy/issues/3176)) - [`7571783`](https://togithub.com/aquasecurity/trivy/commit/75717834) feat: add slow mode ([#3084](https://togithub.com/aquasecurity/trivy/issues/3084)) - [`01df475`](https://togithub.com/aquasecurity/trivy/commit/01df4758) docs: fix typo in enable-builin-rules mentions ([#3118](https://togithub.com/aquasecurity/trivy/issues/3118)) - [`6b3be15`](https://togithub.com/aquasecurity/trivy/commit/6b3be150) feat: Add maintainer field to OS packages ([#3149](https://togithub.com/aquasecurity/trivy/issues/3149)) - [`9ebdc51`](https://togithub.com/aquasecurity/trivy/commit/9ebdc51d) docs: fix some typo ([#3171](https://togithub.com/aquasecurity/trivy/issues/3171)) - [`42e81ad`](https://togithub.com/aquasecurity/trivy/commit/42e81ad0) chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.17.8 to 1.18.0 ([#3175](https://togithub.com/aquasecurity/trivy/issues/3175)) - [`55ec898`](https://togithub.com/aquasecurity/trivy/commit/55ec8989) chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 ([#3112](https://togithub.com/aquasecurity/trivy/issues/3112)) - [`0644ceb`](https://togithub.com/aquasecurity/trivy/commit/0644ceba) docs: fix links on Built-in Policies page ([#3124](https://togithub.com/aquasecurity/trivy/issues/3124)) - [`50af7a2`](https://togithub.com/aquasecurity/trivy/commit/50af7a2f) chore(deps): bump github.com/go-openapi/runtime from 0.24.1 to 0.24.2 ([#3117](https://togithub.com/aquasecurity/trivy/issues/3117)) - [`c455d14`](https://togithub.com/aquasecurity/trivy/commit/c455d142) chore(deps): bump github.com/samber/lo from 1.28.2 to 1.33.0 ([#3116](https://togithub.com/aquasecurity/trivy/issues/3116)) - [`8fb9d31`](https://togithub.com/aquasecurity/trivy/commit/8fb9d316) fix: Perform filepath.Clean first and then filepath.ToSlash for skipFile/skipDirs settings ([#3144](https://togithub.com/aquasecurity/trivy/issues/3144)) - [`8562b8c`](https://togithub.com/aquasecurity/trivy/commit/8562b8cf) chore: use newline for semantic pr ([#3172](https://togithub.com/aquasecurity/trivy/issues/3172)) - [`aff9a3e`](https://togithub.com/aquasecurity/trivy/commit/aff9a3e0) chore(deps): bump azure/setup-helm from 3.3 to 3.4 ([#3107](https://togithub.com/aquasecurity/trivy/issues/3107)) - [`001671e`](https://togithub.com/aquasecurity/trivy/commit/001671ed) chore(deps): bump sigstore/cosign-installer from 2.7.0 to 2.8.1 ([#3106](https://togithub.com/aquasecurity/trivy/issues/3106)) - [`4e7ab48`](https://togithub.com/aquasecurity/trivy/commit/4e7ab484) chore(deps): bump amannn/action-semantic-pull-request from 4 to 5 ([#3105](https://togithub.com/aquasecurity/trivy/issues/3105)) - [`a6091a7`](https://togithub.com/aquasecurity/trivy/commit/a6091a7e) chore(deps): bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 ([#3104](https://togithub.com/aquasecurity/trivy/issues/3104)) - [`6da148c`](https://togithub.com/aquasecurity/trivy/commit/6da148cc) fix(spdx): rename describes field in spdx ([#3102](https://togithub.com/aquasecurity/trivy/issues/3102)) - [`df9cf88`](https://togithub.com/aquasecurity/trivy/commit/df9cf881) chore: handle GOPATH with several paths in make file ([#3092](https://togithub.com/aquasecurity/trivy/issues/3092)) - [`32fe108`](https://togithub.com/aquasecurity/trivy/commit/32fe108c) docs(flag): add "rego" configuration file options ([#3165](https://togithub.com/aquasecurity/trivy/issues/3165)) - [`8fcca9c`](https://togithub.com/aquasecurity/trivy/commit/8fcca9c8) chore(go): updates wazero to 1.0.0-pre.3 ([#3090](https://togithub.com/aquasecurity/trivy/issues/3090)) - [`02f77bc`](https://togithub.com/aquasecurity/trivy/commit/02f77bc1) chore(deps): bump actions/cache from 3.0.9 to 3.0.11 ([#3108](https://togithub.com/aquasecurity/trivy/issues/3108)) - [`aa3ff09`](https://togithub.com/aquasecurity/trivy/commit/aa3ff09a) docs(license): fix typo inside quick start ([#3134](https://togithub.com/aquasecurity/trivy/issues/3134)) - [`f26b452`](https://togithub.com/aquasecurity/trivy/commit/f26b4529) chore: update codeowners for docs ([#3135](https://togithub.com/aquasecurity/trivy/issues/3135)) - [`3b6d7d8`](https://togithub.com/aquasecurity/trivy/commit/3b6d7d8c) fix(cli): exclude --compliance flag from non supported sub-commands ([#3158](https://togithub.com/aquasecurity/trivy/issues/3158)) - [`e9a2549`](https://togithub.com/aquasecurity/trivy/commit/e9a25499) fix: remove --security-checks none from image help ([#3156](https://togithub.com/aquasecurity/trivy/issues/3156)) - [`3aa1912`](https://togithub.com/aquasecurity/trivy/commit/3aa19122) fix: compliance flag description ([#3160](https://togithub.com/aquasecurity/trivy/issues/3160)) - [`fc82057`](https://togithub.com/aquasecurity/trivy/commit/fc820570) docs(k8s): fix a typo ([#3163](https://togithub.com/aquasecurity/trivy/issues/3163)) - [`3a1f05e`](https://togithub.com/aquasecurity/trivy/commit/3a1f05e3) chore(deps): bump golang from 1.19.1 to 1.19.2 ([#3103](https://togithub.com/aquasecurity/trivy/issues/3103)) ### [`v0.34.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.34.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.33.0...v0.34.0) #### Changelog - [`7912f58`](https://togithub.com/aquasecurity/trivy/commit/7912f585) feat(vuln): support dependency graph for RHEL/CentOS ([#3094](https://togithub.com/aquasecurity/trivy/issues/3094)) - [`9468056`](https://togithub.com/aquasecurity/trivy/commit/9468056c) feat(vuln): support dependency graph for dpkg and apk ([#3093](https://togithub.com/aquasecurity/trivy/issues/3093)) - [`7cc83cc`](https://togithub.com/aquasecurity/trivy/commit/7cc83cc2) perf(license): enable license classifier only with "--license-full" ([#3086](https://togithub.com/aquasecurity/trivy/issues/3086)) - [`5b975de`](https://togithub.com/aquasecurity/trivy/commit/5b975de2) feat(report): add secret scanning to ASFF template ([#2860](https://togithub.com/aquasecurity/trivy/issues/2860)) - [`b6cef12`](https://togithub.com/aquasecurity/trivy/commit/b6cef125) feat: Allow override of containerd namespace ([#3060](https://togithub.com/aquasecurity/trivy/issues/3060)) - [`0765148`](https://togithub.com/aquasecurity/trivy/commit/07651480) fix(vuln): In alpine use Name as SrcName ([#3079](https://togithub.com/aquasecurity/trivy/issues/3079)) - [`9e649b8`](https://togithub.com/aquasecurity/trivy/commit/9e649b87) fix(secret): Alibaba AccessKey ID ([#3083](https://togithub.com/aquasecurity/trivy/issues/3083)) ### [`v0.33.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.33.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.32.1...v0.33.0) #### Changelog - [`af89249`](https://togithub.com/aquasecurity/trivy/commit/af89249d) refactor(k8s): custom reports ([#3076](https://togithub.com/aquasecurity/trivy/issues/3076)) - [`f4e970f`](https://togithub.com/aquasecurity/trivy/commit/f4e970f3) fix(misconf): Bump in-toto-golang with correct CycloneDX predicate ([#3068](https://togithub.com/aquasecurity/trivy/issues/3068)) - [`8ae4627`](https://togithub.com/aquasecurity/trivy/commit/8ae46279) feat(image): add support for passing architecture and OS ([#3012](https://togithub.com/aquasecurity/trivy/issues/3012)) - [`0501e70`](https://togithub.com/aquasecurity/trivy/commit/0501e703) test: disable containerd integration tests for non-amd64 arch ([#3073](https://togithub.com/aquasecurity/trivy/issues/3073)) - [`a377c8d`](https://togithub.com/aquasecurity/trivy/commit/a377c8d0) feat(server): Add support for client/server mode to rootfs command ([#3021](https://togithub.com/aquasecurity/trivy/issues/3021)) - [`02a73f0`](https://togithub.com/aquasecurity/trivy/commit/02a73f01) feat(vuln): support non-packaged binaries ([#3019](https://togithub.com/aquasecurity/trivy/issues/3019)) - [`18581f3`](https://togithub.com/aquasecurity/trivy/commit/18581f34) feat: compliance reports ([#2951](https://togithub.com/aquasecurity/trivy/issues/2951)) - [`63b8e4d`](https://togithub.com/aquasecurity/trivy/commit/63b8e4d6) fix(flag): disable flag parsing for each plugin command ([#3074](https://togithub.com/aquasecurity/trivy/issues/3074)) - [`cbedd71`](https://togithub.com/aquasecurity/trivy/commit/cbedd712) feat(nodejs): add support dependency location for yarn.lock files ([#3016](https://togithub.com/aquasecurity/trivy/issues/3016)) - [`b22e37e`](https://togithub.com/aquasecurity/trivy/commit/b22e37e0) chore: Switch github.com/liamg dependencies to github.com/aquasecurity ([#3069](https://togithub.com/aquasecurity/trivy/issues/3069)) - [`9b0e979`](https://togithub.com/aquasecurity/trivy/commit/9b0e9794) feat: add k8s components ([#2589](https://togithub.com/aquasecurity/trivy/issues/2589)) - [`5e25182`](https://togithub.com/aquasecurity/trivy/commit/5e25182c) fix(secret): update the regex for secrets scanning ([#2964](https://togithub.com/aquasecurity/trivy/issues/2964)) - [`9947e51`](https://togithub.com/aquasecurity/trivy/commit/9947e511) chore(deps): bump github.com/samber/lo from 1.27.1 to 1.28.2 ([#2979](https://togithub.com/aquasecurity/trivy/issues/2979)) - [`d2a15a7`](https://togithub.com/aquasecurity/trivy/commit/d2a15a73) fix: bump trivy-kubernetes ([#3064](https://togithub.com/aquasecurity/trivy/issues/3064)) - [`f2efc9c`](https://togithub.com/aquasecurity/trivy/commit/f2efc9c5) docs: fix missing 'image' subcommand ([#3051](https://togithub.com/aquasecurity/trivy/issues/3051)) - [`34653c7`](https://togithub.com/aquasecurity/trivy/commit/34653c71) chore: Patch golang x/text vulnerability ([#3046](https://togithub.com/aquasecurity/trivy/issues/3046)) - [`e252ea8`](https://togithub.com/aquasecurity/trivy/commit/e252ea83) chore: add licensed project logo ([#3058](https://togithub.com/aquasecurity/trivy/issues/3058)) - [`439d216`](https://togithub.com/aquasecurity/trivy/commit/439d2166) feat(ubuntu): set Ubuntu 22.10 EOL ([#3054](https://togithub.com/aquasecurity/trivy/issues/3054)) - [`9f5113a`](https://togithub.com/aquasecurity/trivy/commit/9f5113a9) refactor(analyzer): use strings.TrimSuffix instead of strings.HasSuffix ([#3028](https://togithub.com/aquasecurity/trivy/issues/3028)) - [`c1e24d5`](https://togithub.com/aquasecurity/trivy/commit/c1e24d53) feat(report): Use understandable value for shortDescription in SARIF reports ([#3009](https://togithub.com/aquasecurity/trivy/issues/3009)) - [`212af07`](https://togithub.com/aquasecurity/trivy/commit/212af07e) docs(misconf): fix typo ([#3043](https://togithub.com/aquasecurity/trivy/issues/3043)) - [`68f374a`](https://togithub.com/aquasecurity/trivy/commit/68f374ac) feat: add support for scanning azure ARM ([#3011](https://togithub.com/aquasecurity/trivy/issues/3011)) - [`d35c668`](https://togithub.com/aquasecurity/trivy/commit/d35c668f) feat(report): add location.message to SARIF output ([#3002](https://togithub.com/aquasecurity/trivy/issues/3002)) ([#3003](https://togithub.com/aquasecurity/trivy/issues/3003)) - [`2150ffc`](https://togithub.com/aquasecurity/trivy/commit/2150ffc7) chore(deps): bump github.com/aws/aws-sdk-go from 1.44.95 to 1.44.109 ([#2980](https://togithub.com/aquasecurity/trivy/issues/2980)) - [`ca434f7`](https://togithub.com/aquasecurity/trivy/commit/ca434f7f) feat(nodejs): add dependency line numbers for npm lock files ([#2932](https://togithub.com/aquasecurity/trivy/issues/2932)) - [`a8ff5f0`](https://togithub.com/aquasecurity/trivy/commit/a8ff5f06) test(fs): add `--skip-files`, `--skip-dirs` ([#2984](https://togithub.com/aquasecurity/trivy/issues/2984)) - [`561b2e7`](https://togithub.com/aquasecurity/trivy/commit/561b2e75) docs: add Woodpecker CI integrations example ([#2823](https://togithub.com/aquasecurity/trivy/issues/2823)) - [`4a3583d`](https://togithub.com/aquasecurity/trivy/commit/4a3583da) chore(deps): bump github.com/sigstore/rekor from 0.12.0 to 0.12.2 ([#2981](https://togithub.com/aquasecurity/trivy/issues/2981)) - [`4be9eeb`](https://togithub.com/aquasecurity/trivy/commit/4be9eebf) chore(deps): bump github.com/liamg/memoryfs from 1.4.2 to 1.4.3 ([#2976](https://togithub.com/aquasecurity/trivy/issues/2976)) - [`a260d35`](https://togithub.com/aquasecurity/trivy/commit/a260d35d) chore(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 ([#2975](https://togithub.com/aquasecurity/trivy/issues/2975)) - [`558189f`](https://togithub.com/aquasecurity/trivy/commit/558189f7) chore(deps): bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 ([#2982](https://togithub.com/aquasecurity/trivy/issues/2982)) - [`c2eb6ee`](https://togithub.com/aquasecurity/trivy/commit/c2eb6ee3) fix(sbom): ref generation if serialNumber is empty when input is cyclonedx file ([#3000](https://togithub.com/aquasecurity/trivy/issues/3000)) - [`68f7952`](https://togithub.com/aquasecurity/trivy/commit/68f79526) fix(java): don't stop parsing jar file when wrong inner jar is found ([#2989](https://togithub.com/aquasecurity/trivy/issues/2989)) - [`be78da6`](https://togithub.com/aquasecurity/trivy/commit/be78da6c) fix(sbom): use nuget purl type for dotnet-core ([#2990](https://togithub.com/aquasecurity/trivy/issues/2990)) - [`92b5a19`](https://togithub.com/aquasecurity/trivy/commit/92b5a193) perf: retrieve rekor entries in bulk ([#2987](https://togithub.com/aquasecurity/trivy/issues/2987)) - [`babd7e7`](https://togithub.com/aquasecurity/trivy/commit/babd7e75) feat(aws): Custom rego policies for AWS scanning ([#2994](https://togithub.com/aquasecurity/trivy/issues/2994)) - [`8ad9b8a`](https://togithub.com/aquasecurity/trivy/commit/8ad9b8a9) docs: jq cli formatting ([#2881](https://togithub.com/aquasecurity/trivy/issues/2881)) - [`a78684c`](https://togithub.com/aquasecurity/trivy/commit/a78684c3) docs(repo): troubleshooting $TMPDIR customization ([#2985](https://togithub.com/aquasecurity/trivy/issues/2985)) - [`7309ed0`](https://togithub.com/aquasecurity/trivy/commit/7309ed0a) chore(deps): bump actions/cache from 3.0.8 to 3.0.9 ([#2969](https://togithub.com/aquasecurity/trivy/issues/2969)) - [`9515a5c`](https://togithub.com/aquasecurity/trivy/commit/9515a5ce) chore(deps): bump actions/stale from 5 to 6 ([#2970](https://togithub.com/aquasecurity/trivy/issues/2970)) - [`955aff6`](https://togithub.com/aquasecurity/trivy/commit/955aff66) chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.7.0 ([#2971](https://togithub.com/aquasecurity/trivy/issues/2971)) - [`db56d23`](https://togithub.com/aquasecurity/trivy/commit/db56d238) chore(deps): bump helm/chart-testing-action from 2.3.0 to 2.3.1 ([#2972](https://togithub.com/aquasecurity/trivy/issues/2972)) - [`05a7232`](https://togithub.com/aquasecurity/trivy/commit/05a72324) chore(deps): bump helm/kind-action from 1.3.0 to 1.4.0 ([#2973](https://togithub.com/aquasecurity/trivy/issues/2973)) - [`2c39d47`](https://togithub.com/aquasecurity/trivy/commit/2c39d472) chore: run `go fmt` ([#2897](https://togithub.com/aquasecurity/trivy/issues/2897)) - [`16a7dc1`](https://togithub.com/aquasecurity/trivy/commit/16a7dc10) chore(go): updates wazero to 1.0.0-pre.2 ([#2955](https://togithub.com/aquasecurity/trivy/issues/2955)) - [`ce4ba7c`](https://togithub.com/aquasecurity/trivy/commit/ce4ba7c9) fix(aws): Less function for slice sorting always returns false [#2967](https://togithub.com/aquasecurity/trivy/issues/2967) - [`4ffe746`](https://togithub.com/aquasecurity/trivy/commit/4ffe7464) fix(java): fix unmarshal pom exclusions ([#2936](https://togithub.com/aquasecurity/trivy/issues/2936)) ### [`v0.32.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.32.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.32.0...v0.32.1) #### Changelog - [`8b1cee8`](https://togithub.com/aquasecurity/trivy/commit/8b1cee84) fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps ([#2943](https://togithub.com/aquasecurity/trivy/issues/2943)) - [`f5cbbb3`](https://togithub.com/aquasecurity/trivy/commit/f5cbbb3f) chore: expat lib and go binary deps vulns ([#2940](https://togithub.com/aquasecurity/trivy/issues/2940)) - [`6882bdf`](https://togithub.com/aquasecurity/trivy/commit/6882bdf5) wasm: Removes accidentally exported memory ([#2950](https://togithub.com/aquasecurity/trivy/issues/2950)) - [`6ea9a61`](https://togithub.com/aquasecurity/trivy/commit/6ea9a61c) fix(sbom): fix package name separation for gradle ([#2906](https://togithub.com/aquasecurity/trivy/issues/2906)) - [`3ee4c96`](https://togithub.com/aquasecurity/trivy/commit/3ee4c96f) docs(readme.md): fix broken integrations link ([#2931](https://togithub.com/aquasecurity/trivy/issues/2931)) - [`5745961`](https://togithub.com/aquasecurity/trivy/commit/57459611) fix(image): handle images with single layer in rescan mergedLayers cache ([#2927](https://togithub.com/aquasecurity/trivy/issues/2927)) - [`e01253d`](https://togithub.com/aquasecurity/trivy/commit/e01253d5) fix(cli): split env values with ',' for slice flags ([#2926](https://togithub.com/aquasecurity/trivy/issues/2926)) - [`0c1a42d`](https://togithub.com/aquasecurity/trivy/commit/0c1a42d4) fix(cli): config/helm: also take into account files with `.yml` ([#2928](https://togithub.com/aquasecurity/trivy/issues/2928)) - [`237b8dc`](https://togithub.com/aquasecurity/trivy/commit/237b8dcd) fix(flag): add file-patterns flag for config subcommand ([#2925](https://togithub.com/aquasecurity/trivy/issues/2925)) - [`047a0b3`](https://togithub.com/aquasecurity/trivy/commit/047a0b3d) chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 ([#2902](https://togithub.com/aquasecurity/trivy/issues/2902)) ### [`v0.32.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.32.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.31.3...v0.32.0) ##### Changelog - [`585985e`](https://togithub.com/aquasecurity/trivy/commit/585985ed) docs: add Rekor SBOM attestation scanning ([#2893](https://togithub.com/aquasecurity/trivy/issues/2893)) - [`d30fa00`](https://togithub.com/aquasecurity/trivy/commit/d30fa00a) chore: narrow the owner scope ([#2894](https://togithub.com/aquasecurity/trivy/issues/2894)) - [`38c1513`](https://togithub.com/aquasecurity/trivy/commit/38c1513a) fix: remove a patch number from the recommendation link ([#2891](https://togithub.com/aquasecurity/trivy/issues/2891)) - [`ba29ce6`](https://togithub.com/aquasecurity/trivy/commit/ba29ce64) fix: enable parsing of UUID-only rekor entry ID ([#2887](https://togithub.com/aquasecurity/trivy/issues/2887)) - [`018eda6`](https://togithub.com/aquasecurity/trivy/commit/018eda61) docs(sbom): add SPDX scanning ([#2885](https://togithub.com/aquasecurity/trivy/issues/2885)) - [`20f1e59`](https://togithub.com/aquasecurity/trivy/commit/20f1e599) docs: restructure docs and add tutorials ([#2883](https://togithub.com/aquasecurity/trivy/issues/2883)) - [`192fd78`](https://togithub.com/aquasecurity/trivy/commit/192fd78c) feat(sbom): scan sbom attestation in the rekor record ([#2699](https://togithub.com/aquasecurity/trivy/issues/2699)) - [`597836c`](https://togithub.com/aquasecurity/trivy/commit/597836c3) feat(k8s): support outdated-api ([#2877](https://togithub.com/aquasecurity/trivy/issues/2877)) - [`6c7bd67`](https://togithub.com/aquasecurity/trivy/commit/6c7bd67c) chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 ([#2815](https://togithub.com/aquasecurity/trivy/issues/2815)) - [`4127043`](https://togithub.com/aquasecurity/trivy/commit/41270434) fix(c): support revisions in Conan parser ([#2878](https://togithub.com/aquasecurity/trivy/issues/2878)) - [`b677d7e`](https://togithub.com/aquasecurity/trivy/commit/b677d7e2) feat: dynamic links support for scan results ([#2838](https://togithub.com/aquasecurity/trivy/issues/2838)) - [`8e03bbb`](https://togithub.com/aquasecurity/trivy/commit/8e03bbb4) chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 ([#2818](https://togithub.com/aquasecurity/trivy/issues/2818)) - [`27005c7`](https://togithub.com/aquasecurity/trivy/commit/27005c7d) docs: update archlinux commands ([#2876](https://togithub.com/aquasecurity/trivy/issues/2876)) - [`b6e394d`](https://togithub.com/aquasecurity/trivy/commit/b6e394dc) feat(secret): add line from dockerfile where secret was added to secret result ([#2780](https://togithub.com/aquasecurity/trivy/issues/2780)) - [`9f6680a`](https://togithub.com/aquasecurity/trivy/commit/9f6680a1) feat(sbom): Add unmarshal for spdx ([#2868](https://togithub.com/aquasecurity/trivy/issues/2868)) - [`db0aaf1`](https://togithub.com/aquasecurity/trivy/commit/db0aaf18) chore(deps): bump github.com/aws/aws-sdk-go-v2/config ([#2827](https://togithub.com/aquasecurity/trivy/issues/2827)) - [`bb3220c`](https://togithub.com/aquasecurity/trivy/commit/bb3220c3) fix: revert asff arn and add documentation ([#2852](https://togithub.com/aquasecurity/trivy/issues/2852)) - [`c51f2b8`](https://togithub.com/aquasecurity/trivy/commit/c51f2b82) docs: batch-import-findings limit ([#2851](https://togithub.com/aquasecurity/trivy/issues/2851)) - [`552732b`](https://togithub.com/aquasecurity/trivy/commit/552732b5) chore(deps): bump golang from 1.19.0 to 1.19.1 ([#2872](https://togithub.com/aquasecurity/trivy/issues/2872)) - [`3165c37`](https://togithub.com/aquasecurity/trivy/commit/3165c376) feat(sbom): Add marshal for spdx ([#2867](https://togithub.com/aquasecurity/trivy/issues/2867)) - [`dac2b4a`](https://togithub.com/aquasecurity/trivy/commit/dac2b4a2) build: checkout before setting up Go ([#2873](https://togithub.com/aquasecurity/trivy/issues/2873)) - [`39f83af`](https://togithub.com/aquasecurity/trivy/commit/39f83afe) chore: bump Go to 1.19 ([#2861](https://togithub.com/aquasecurity/trivy/issues/2861)) - [`0ce9583`](https://togithub.com/aquasecurity/trivy/commit/0ce95830) docs: azure doc and trivy ([#2869](https://togithub.com/aquasecurity/trivy/issues/2869)) - [`2f37961`](https://togithub.com/aquasecurity/trivy/commit/2f379616) fix: Scan tarr'd dependencies ([#2857](https://togithub.com/aquasecurity/trivy/issues/2857)) - [`db14ef3`](https://togithub.com/aquasecurity/trivy/commit/db14ef3c) chore(helm): helm test with ingress ([#2630](https://togithub.com/aquasecurity/trivy/issues/2630)) - [`acb65d5`](https://togithub.com/aquasecurity/trivy/commit/acb65d56) feat(report): add secrets to sarif format ([#2820](https://togithub.com/aquasecurity/trivy/issues/2820)) - [`a18cd7c`](https://togithub.com/aquasecurity/trivy/commit/a18cd7c0) chore(deps): bump azure/setup-helm from 1.1 to 3.3 ([#2807](https://togithub.com/aquasecurity/trivy/issues/2807)) - [`2de903c`](https://togithub.com/aquasecurity/trivy/commit/2de903ca) refactor: add a new interface for initializing analyzers ([#2835](https://togithub.com/aquasecurity/trivy/issues/2835)) - [`63c3b8e`](https://togithub.com/aquasecurity/trivy/commit/63c3b8ed) chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 ([#2840](https://togithub.com/aquasecurity/trivy/issues/2840)) - [`6717665`](https://togithub.com/aquasecurity/trivy/commit/6717665a) fix: update ProductArn with account id ([#2782](https://togithub.com/aquasecurity/trivy/issues/2782)) - [`41a8496`](https://togithub.com/aquasecurity/trivy/commit/41a84967) feat(helm): make cache TTL configurable ([#2798](https://togithub.com/aquasecurity/trivy/issues/2798)) - [`0f1f2c1`](https://togithub.com/aquasecurity/trivy/commit/0f1f2c1b) build(): Sign releaser artifacts, not only container manifests ([#2789](https://togithub.com/aquasecurity/trivy/issues/2789)) - [`b389a6f`](https://togithub.com/aquasecurity/trivy/commit/b389a6f4) chore: improve doc about azure devops ([#2795](https://togithub.com/aquasecurity/trivy/issues/2795)) - [`9ef9fce`](https://togithub.com/aquasecurity/trivy/commit/9ef9fce5) chore(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 ([#2804](https://togithub.com/aquasecurity/trivy/issues/2804)) - [`7b3225d`](https://togithub.com/aquasecurity/trivy/commit/7b3225d0) chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.16.11 to 1.16.14 ([#2828](https://togithub.com/aquasecurity/trivy/issues/2828)) - [`37733ed`](https://togithub.com/aquasecurity/trivy/commit/37733edc) chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts ([#2825](https://togithub.com/aquasecurity/trivy/issues/2825)) - [`44d7e8d`](https://togithub.com/aquasecurity/trivy/commit/44d7e8dd) docs: don't push patch versions ([#2824](https://togithub.com/aquasecurity/trivy/issues/2824)) - [`4839075`](https://togithub.com/aquasecurity/trivy/commit/4839075c) feat: add support for conan.lock file ([#2779](https://togithub.com/aquasecurity/trivy/issues/2779)) - [`6b4ddaa`](https://togithub.com/aquasecurity/trivy/commit/6b4ddaae) feat: cache merged layers - [`a18f398`](https://togithub.com/aquasecurity/trivy/commit/a18f398a) chore(deps): bump helm/chart-testing-action from 2.2.1 to 2.3.0 ([#2805](https://togithub.com/aquasecurity/trivy/issues/2805)) - [`4dcce14`](https://togithub.com/aquasecurity/trivy/commit/4dcce140) chore(deps): bump actions/cache from 3.0.5 to 3.0.8 ([#2806](https://togithub.com/aquasecurity/trivy/issues/2806)) - [`db45447`](https://togithub.com/aquasecurity/trivy/commit/db454471) chore(deps): bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 ([#2811](https://togithub.com/aquasecurity/trivy/issues/2811)) - [`a246d0f`](https://togithub.com/aquasecurity/trivy/commit/a246d0f2) chore(deps): bump github.com/aquasecurity/table from 1.7.2 to 1.8.0 ([#2810](https://togithub.com/aquasecurity/trivy/issues/2810)) - [`1800017`](https://togithub.com/aquasecurity/trivy/commit/1800017a) chore(deps): bump github.com/samber/lo from 1.27.0 to 1.27.1 ([#2808](https://togithub.com/aquasecurity/trivy/issues/2808)) - [`218e41a`](https://togithub.com/aquasecurity/trivy/commit/218e41a4) chore(deps): bump github.com/alicebob/miniredis/v2 from 2.22.0 to 2.23.0 ([#2814](https://togithub.com/aquasecurity/trivy/issues/2814)) - [`a000ade`](https://togithub.com/aquasecurity/trivy/commit/a000adee) feat: add support for gradle.lockfile ([#2759](https://togithub.com/aquasecurity/trivy/issues/2759)) - [`43113bc`](https://togithub.com/aquasecurity/trivy/commit/43113bc0) chore(mod): updates wazero to 1.0.0-pre.1 [#2791](https://togithub.com/aquasecurity/trivy/issues/2791) - [`5f0bf14`](https://togithub.com/aquasecurity/trivy/commit/5f0bf144) feat: move file patterns to a global level to be able to use it on any analyzer ([#2539](https://togithub.com/aquasecurity/trivy/issues/2539)) - [`2580ea1`](https://togithub.com/aquasecurity/trivy/commit/2580ea15) Fix url validaton failures ([#2783](https://togithub.com/aquasecurity/trivy/issues/2783)) - [`2473b2c`](https://togithub.com/aquasecurity/trivy/commit/2473b2c8) fix(image): add logic to detect empty layers ([#2790](https://togithub.com/aquasecurity/trivy/issues/2790)) - [`9d018d4`](https://togithub.com/aquasecurity/trivy/commit/9d018d44) feat(rust): add dependency graph from Rust binaries ([#2771](https://togithub.com/aquasecurity/trivy/issues/2771)) ### [`v0.31.3`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.31.3) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.31.2...v0.31.3) #### Changelog - [`db67f16`](https://togithub.com/aquasecurity/trivy/commit/db67f16a) fix: handle empty OS family ([#2768](https://togithub.com/aquasecurity/trivy/issues/2768)) - [`77616be`](https://togithub.com/aquasecurity/trivy/commit/77616beb) fix: fix k8s summary report ([#2777](https://togithub.com/aquasecurity/trivy/issues/2777)) - [`fcccfce`](https://togithub.com/aquasecurity/trivy/commit/fcccfced) fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag ([#2767](https://togithub.com/aquasecurity/trivy/issues/2767)) - [`8bc215c`](https://togithub.com/aquasecurity/trivy/commit/8bc215cc) chore: bump trivy-kubernetes ([#2770](https://togithub.com/aquasecurity/trivy/issues/2770)) - [`d8d8e62`](https://togithub.com/aquasecurity/trivy/commit/d8d8e627) fix(secret): Consider secrets in rpc calls ([#2753](https://togithub.com/aquasecurity/trivy/issues/2753)) - [`b0e89d4`](https://togithub.com/aquasecurity/trivy/commit/b0e89d4c) fix(java): check depManagement from upper pom's ([#2747](https://togithub.com/aquasecurity/trivy/issues/2747)) - [`da6f1b6`](https://togithub.com/aquasecurity/trivy/commit/da6f1b6f) fix(php): skip `composer.lock` inside `vendor` folder ([#2718](https://togithub.com/aquasecurity/trivy/issues/2718)) - [`2f2952c`](https://togithub.com/aquasecurity/trivy/commit/2f2952c6) fix: fix k8s rbac filter ([#2765](https://togithub.com/aquasecurity/trivy/issues/2765)) - [`8bc56bf`](https://togithub.com/aquasecurity/trivy/commit/8bc56bf2) feat(misconf): skipping misconfigurations by AVD ID ([#2743](https://togithub.com/aquasecurity/trivy/issues/2743)) - [`9c1ce5a`](https://togithub.com/aquasecurity/trivy/commit/9c1ce5af) chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue ([#2741](https://togithub.com/aquasecurity/trivy/issues/2741)) - [`3cd10b2`](https://togithub.com/aquasecurity/trivy/commit/3cd10b23) docs: add MacPorts install instructions ([#2727](https://togithub.com/aquasecurity/trivy/issues/2727)) - [`f369bd3`](https://togithub.com/aquasecurity/trivy/commit/f369bd3e) docs: typo ([#2730](https://togithub.com/aquasecurity/trivy/issues/2730)) ### [`v0.31.2`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.31.2) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.31.1...v0.31.2) #### Changelog - [`fefe7c4`](https://togithub.com/aquasecurity/trivy/commit/fefe7c4a) fix: Correctly handle recoverable AWS scanning errors ([#2726](https://togithub.com/aquasecurity/trivy/issues/2726)) - [`9c92e3d`](https://togithub.com/aquasecurity/trivy/commit/9c92e3d1) docs: Remove reference to SecurityAudit policy for AWS scanning ([#2721](https://togithub.com/aquasecurity/trivy/issues/2721)) ### [`v0.31.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.31.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.31.0...v0.31.1) #### Changelog - [`d343d13`](https://togithub.com/aquasecurity/trivy/commit/d343d13a) fix: upgrade defsec to v0.71.7 for elb scan panic ([#2720](https://togithub.com/aquasecurity/trivy/issues/2720))Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.