syself-bot[bot]
commented
3 weeks ago Edited/Blocked Notification
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠️ Warning: custom changes will be lost.
This PR contains the following updates:
0.51.1->0.52.13.19.1->3.20.0v1.58.1->v1.59.1Release Notes
aquasecurity/trivy (docker.io/aquasec/trivy)
### [`v0.52.1`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.52.1) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.52.0...v0.52.1) #### Changelog - [`a3caf06`](https://togithub.com/aquasecurity/trivy/commit/a3caf0658) release: v0.52.1 \[release/v0.52] ([#6877](https://togithub.com/aquasecurity/trivy/issues/6877)) - [`01dbb42`](https://togithub.com/aquasecurity/trivy/commit/01dbb42ae) fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken \[backport: release/v0.52] ([#6888](https://togithub.com/aquasecurity/trivy/issues/6888)) - [`f186d22`](https://togithub.com/aquasecurity/trivy/commit/f186d22bf) fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files \[backport: release/v0.52] ([#6881](https://togithub.com/aquasecurity/trivy/issues/6881)) - [`093c0ae`](https://togithub.com/aquasecurity/trivy/commit/093c0ae02) fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase \[backport: release/v0.52] ([#6878](https://togithub.com/aquasecurity/trivy/issues/6878)) - [`6bfda76`](https://togithub.com/aquasecurity/trivy/commit/6bfda7602) Merge pull request [#6879](https://togithub.com/aquasecurity/trivy/issues/6879) from aquasecurity/backport-pr-6864-to-release/v0.52 - [`53850c8`](https://togithub.com/aquasecurity/trivy/commit/53850c8b2) docs: explain how VEX is applied ([#6864](https://togithub.com/aquasecurity/trivy/issues/6864)) - [`2211962`](https://togithub.com/aquasecurity/trivy/commit/221196202) Merge pull request [#6875](https://togithub.com/aquasecurity/trivy/issues/6875) from aquasecurity/backport-pr-6857-to-release/v0.52 - [`a614b69`](https://togithub.com/aquasecurity/trivy/commit/a614b693d) fix(nodejs): fix infinity loops for `pnpm` with cyclic imports ([#6857](https://togithub.com/aquasecurity/trivy/issues/6857)) ### [`v0.52.0`](https://togithub.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0520-2024-06-03) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.51.4...v0.52.0) ##### Features - Add Julia language analyzer support ([#5635](https://togithub.com/aquasecurity/trivy/issues/5635)) ([fecafb1](https://togithub.com/aquasecurity/trivy/commit/fecafb1fc5bb129c7485342a0775f0dd8bedd28e)) - add support for plugin index ([#6674](https://togithub.com/aquasecurity/trivy/issues/6674)) ([26faf8f](https://togithub.com/aquasecurity/trivy/commit/26faf8f3f04b1c5f9f81c03ffc6b2008732207e2)) - **misconf:** Add support for deprecating a check ([#6664](https://togithub.com/aquasecurity/trivy/issues/6664)) ([88702cf](https://togithub.com/aquasecurity/trivy/commit/88702cfd5918b093defc5b5580f7cbf16f5f2417)) - **misconf:** add Terraform 'removed' block to schema ([#6640](https://togithub.com/aquasecurity/trivy/issues/6640)) ([b7a0a13](https://togithub.com/aquasecurity/trivy/commit/b7a0a131a03ed49c08d3b0d481bc9284934fd6e1)) - **misconf:** register builtin Rego funcs from trivy-checks ([#6616](https://togithub.com/aquasecurity/trivy/issues/6616)) ([7c22ee3](https://togithub.com/aquasecurity/trivy/commit/7c22ee3df5ee51beb90e44428a99541b3d19ab98)) - **misconf:** resolve tf module from OpenTofu compatible registry ([#6743](https://togithub.com/aquasecurity/trivy/issues/6743)) ([ac74520](https://togithub.com/aquasecurity/trivy/commit/ac7452009bf7ca0fa8ee1de8807c792eabad405a)) - **misconf:** support for VPC resources for inbound/outbound rules ([#6779](https://togithub.com/aquasecurity/trivy/issues/6779)) ([349caf9](https://togithub.com/aquasecurity/trivy/commit/349caf96bc3dd81551d488044f1adfdb947f39fb)) - **misconf:** support symlinks inside of Helm archives ([#6621](https://togithub.com/aquasecurity/trivy/issues/6621)) ([4eae37c](https://togithub.com/aquasecurity/trivy/commit/4eae37c52b035b3576361c12f70d3d9517d0a73c)) - **nodejs:** add v9 pnpm lock file support ([#6617](https://togithub.com/aquasecurity/trivy/issues/6617)) ([1e08648](https://togithub.com/aquasecurity/trivy/commit/1e0864842e32a709941d4b4e8f521602bcee684d)) - **plugin:** specify plugin version ([#6683](https://togithub.com/aquasecurity/trivy/issues/6683)) ([d6dc567](https://togithub.com/aquasecurity/trivy/commit/d6dc56732babbc9d7f788c280a768d8648aa093d)) - **python:** add license support for `requirement.txt` files ([#6782](https://togithub.com/aquasecurity/trivy/issues/6782)) ([29615be](https://togithub.com/aquasecurity/trivy/commit/29615be85e8bfeaf5a0cd51829b1898c55fa4274)) - **python:** add line number support for `requirement.txt` files ([#6729](https://togithub.com/aquasecurity/trivy/issues/6729)) ([2bc54ad](https://togithub.com/aquasecurity/trivy/commit/2bc54ad2752aba5de4380cb92c13b09c0abefd73)) - **report:** Include licenses and secrets filtered by rego to ModifiedFindings ([#6483](https://togithub.com/aquasecurity/trivy/issues/6483)) ([fa3cf99](https://togithub.com/aquasecurity/trivy/commit/fa3cf993eace4be793f85907b42365269c597b91)) - **vex:** improve relationship support in CSAF VEX ([#6735](https://togithub.com/aquasecurity/trivy/issues/6735)) ([a447f6b](https://togithub.com/aquasecurity/trivy/commit/a447f6ba94b6f8b14177dc5e4369a788e2020d90)) - **vex:** support non-root components for products in OpenVEX ([#6728](https://togithub.com/aquasecurity/trivy/issues/6728)) ([9515695](https://togithub.com/aquasecurity/trivy/commit/9515695d45e9b5c20890e27e21e3ab45bfd4ce5f)) ##### Bug Fixes - clean up golangci lint configuration ([#6797](https://togithub.com/aquasecurity/trivy/issues/6797)) ([62de6f3](https://togithub.com/aquasecurity/trivy/commit/62de6f3feba6e4c56ad3922441d5b0f150c3d6b7)) - **cli:** always output fatal errors to stderr ([#6827](https://togithub.com/aquasecurity/trivy/issues/6827)) ([c2b9132](https://togithub.com/aquasecurity/trivy/commit/c2b9132a7e933a68df4cc0eb86aab23719ded1b5)) - close APKINDEX archive file ([#6672](https://togithub.com/aquasecurity/trivy/issues/6672)) ([5caf437](https://togithub.com/aquasecurity/trivy/commit/5caf4377f3a7fcb1f6e1a84c67136ae62d100be3)) - close settings.xml ([#6768](https://togithub.com/aquasecurity/trivy/issues/6768)) ([9c3e895](https://togithub.com/aquasecurity/trivy/commit/9c3e895fcb0852c00ac03ed21338768f76b5273b)) - close testfile ([#6830](https://togithub.com/aquasecurity/trivy/issues/6830)) ([aa0c413](https://togithub.com/aquasecurity/trivy/commit/aa0c413814e8915b38d2285c6a8ba5bc3f0705b4)) - **conda:** add support `pip` deps for `environment.yml` files ([#6675](https://togithub.com/aquasecurity/trivy/issues/6675)) ([150a773](https://togithub.com/aquasecurity/trivy/commit/150a77313e980cd63797a89a03afcbc97b285f38)) - **go:** add only non-empty root modules for `gobinaries` ([#6710](https://togithub.com/aquasecurity/trivy/issues/6710)) ([c96f2a5](https://togithub.com/aquasecurity/trivy/commit/c96f2a5b3de820da37e14594dd537c3b0949ae9c)) - **go:** include only `.version`|`.ver` (no prefixes) ldflags for `gobinaries` ([#6705](https://togithub.com/aquasecurity/trivy/issues/6705)) ([afb4f9d](https://togithub.com/aquasecurity/trivy/commit/afb4f9dc4730671ba004e1734fa66422c4c86dad)) - Golang version parsing from binaries w/GOEXPERIMENT ([#6696](https://togithub.com/aquasecurity/trivy/issues/6696)) ([696f2ae](https://togithub.com/aquasecurity/trivy/commit/696f2ae0ecdd4f90303f41249924a09ace70dd78)) - include packages unless it is not needed ([#6765](https://togithub.com/aquasecurity/trivy/issues/6765)) ([56dbe1f](https://togithub.com/aquasecurity/trivy/commit/56dbe1f6768fe67fbc1153b74fde0f83eaa1b281)) - **misconf:** don't shift ignore rule related to code ([#6708](https://togithub.com/aquasecurity/trivy/issues/6708)) ([39a746c](https://togithub.com/aquasecurity/trivy/commit/39a746c77837f873e87b81be40676818030f44c5)) - **misconf:** skip Rego errors with a nil location ([#6638](https://togithub.com/aquasecurity/trivy/issues/6638)) ([a2c522d](https://togithub.com/aquasecurity/trivy/commit/a2c522ddb229f049999c4ce74ef75a0e0f9fdc62)) - **misconf:** skip Rego errors with a nil location ([#6666](https://togithub.com/aquasecurity/trivy/issues/6666)) ([a126e10](https://togithub.com/aquasecurity/trivy/commit/a126e1075a44ef0e40c0dc1e214d1c5955f80242)) - node-collector high and critical cves ([#6707](https://togithub.com/aquasecurity/trivy/issues/6707)) ([ff32deb](https://togithub.com/aquasecurity/trivy/commit/ff32deb7bf9163c06963f557228260b3b8c161ed)) - **plugin:** initialize logger ([#6836](https://togithub.com/aquasecurity/trivy/issues/6836)) ([728e77a](https://togithub.com/aquasecurity/trivy/commit/728e77a7261dc3fcda1e61e79be066c789bbba0c)) - **python:** add package name and version validation for `requirements.txt` files. ([#6804](https://togithub.com/aquasecurity/trivy/issues/6804)) ([ea3a124](https://togithub.com/aquasecurity/trivy/commit/ea3a124fc7162c30c7f1a59bdb28db0b3c8bb86d)) - **report:** hide empty tables if all vulns has been filtered ([#6352](https://togithub.com/aquasecurity/trivy/issues/6352)) ([3d388d8](https://togithub.com/aquasecurity/trivy/commit/3d388d8552ef42d4d54176309a38c1879008527b)) - **sbom:** fix panic for `convert` mode when scanning json file derived from sbom file ([#6808](https://togithub.com/aquasecurity/trivy/issues/6808)) ([f92ea09](https://togithub.com/aquasecurity/trivy/commit/f92ea096856c7c262b05bd4d31c62689ebafac82)) - use of specified context to obtain cluster name ([#6645](https://togithub.com/aquasecurity/trivy/issues/6645)) ([39ebed4](https://togithub.com/aquasecurity/trivy/commit/39ebed45f8c218509d264bd3f3ca548fc33d2b3a)) ##### Performance Improvements - **misconf:** parse rego input once ([#6615](https://togithub.com/aquasecurity/trivy/issues/6615)) ([67c6b1d](https://togithub.com/aquasecurity/trivy/commit/67c6b1d473999003d682bdb42657bbf3a4a69a9c)) ### [`v0.51.4`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.4) #### Changelog - [`c06f467`](https://togithub.com/aquasecurity/trivy/commit/c06f467e6) chore: downgrade trivy-checks and trivy-aws - [`df4f760`](https://togithub.com/aquasecurity/trivy/commit/df4f7604a) build: use main package instead of main.go ([#6766](https://togithub.com/aquasecurity/trivy/issues/6766)) - [`bf7a8ed`](https://togithub.com/aquasecurity/trivy/commit/bf7a8ede3) chore(deps): bump the common group across 1 directory with 29 updates ([#6756](https://togithub.com/aquasecurity/trivy/issues/6756)) - [`acb22c6`](https://togithub.com/aquasecurity/trivy/commit/acb22c60a) chore(deps): bump the aws group with 8 updates ([#6738](https://togithub.com/aquasecurity/trivy/issues/6738)) - [`9a3510f`](https://togithub.com/aquasecurity/trivy/commit/9a3510ffd) chore(deps): bump the docker group with 2 updates ([#6739](https://togithub.com/aquasecurity/trivy/issues/6739)) - [`7806b37`](https://togithub.com/aquasecurity/trivy/commit/7806b37e2) ci: add `generic` dir to deb deploy script ([#6636](https://togithub.com/aquasecurity/trivy/issues/6636)) ### [`v0.51.2`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.51.2) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.51.1...v0.51.2) #### Changelog - [`eadc6fb`](https://togithub.com/aquasecurity/trivy/commit/eadc6fb64) fix: node-collector high and critical cves ([#6707](https://togithub.com/aquasecurity/trivy/issues/6707)) - [`cc489b1`](https://togithub.com/aquasecurity/trivy/commit/cc489b1af) Merge pull request from GHSA-xcq4-m2r3-cmrj - [`013f71a`](https://togithub.com/aquasecurity/trivy/commit/013f71a6a) chore: auto-bump golang patch versions ([#6711](https://togithub.com/aquasecurity/trivy/issues/6711)) - [`113a5b2`](https://togithub.com/aquasecurity/trivy/commit/113a5b216) fix(misconf): don't shift ignore rule related to code ([#6708](https://togithub.com/aquasecurity/trivy/issues/6708)) - [`733e5ac`](https://togithub.com/aquasecurity/trivy/commit/733e5ac1f) fix(go): include only `.version`|`.ver` (no prefixes) ldflags for `gobinaries` ([#6705](https://togithub.com/aquasecurity/trivy/issues/6705)) - [`d311e49`](https://togithub.com/aquasecurity/trivy/commit/d311e49bc) fix(go): add only non-empty root modules for `gobinaries` ([#6710](https://togithub.com/aquasecurity/trivy/issues/6710)) - [`cf1a7bf`](https://togithub.com/aquasecurity/trivy/commit/cf1a7bf30) refactor: unify package addition and vulnerability scanning ([#6579](https://togithub.com/aquasecurity/trivy/issues/6579)) - [`d465d9d`](https://togithub.com/aquasecurity/trivy/commit/d465d9d1e) fix: Golang version parsing from binaries w/GOEXPERIMENT ([#6696](https://togithub.com/aquasecurity/trivy/issues/6696)) - [`0af225c`](https://togithub.com/aquasecurity/trivy/commit/0af225ccf) fix(conda): add support `pip` deps for `environment.yml` files ([#6675](https://togithub.com/aquasecurity/trivy/issues/6675)) - [`6f64d55`](https://togithub.com/aquasecurity/trivy/commit/6f64d5518) fix(misconf): skip Rego errors with a nil location ([#6666](https://togithub.com/aquasecurity/trivy/issues/6666)) - [`8c27430`](https://togithub.com/aquasecurity/trivy/commit/8c27430a2) fix(misconf): skip Rego errors with a nil location ([#6638](https://togithub.com/aquasecurity/trivy/issues/6638)) - [`c2b46d3`](https://togithub.com/aquasecurity/trivy/commit/c2b46d3c2) refactor: unify Library and Package structs ([#6633](https://togithub.com/aquasecurity/trivy/issues/6633)) - [`4368f11`](https://togithub.com/aquasecurity/trivy/commit/4368f11e0) fix: use of specified context to obtain cluster name ([#6645](https://togithub.com/aquasecurity/trivy/issues/6645)) - [`5ec62f8`](https://togithub.com/aquasecurity/trivy/commit/5ec62f863) docs: fix usage of image-config-scanners ([#6635](https://togithub.com/aquasecurity/trivy/issues/6635))golangci/golangci-lint (golangci/golangci-lint)
### [`v1.59.1`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1591) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.59.0...v1.59.1) 1. Updated linters - `go-errorlint`: from 1.5.1 to 1.5.2 - `gomnd`: deprecated configuration compatibility - `intrange`: add `style` preset - `misspell`: from 0.5.1 to 0.6.0 - `sloglint`: from 0.7.0 to 0.7.1 - `testifylint`: from 1.3.0 to 1.3.1 - `unparam`: bump to HEAD - `usestdlibvars`: from 1.25.0 to 1.26.0 2. Fixes - SARIF: init empty result slice - SARIF: issue column >= 1 3. Documentation - update `revive` configuration ### [`v1.59.0`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1590) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.2...v1.59.0) 1. Enhancements - Add SARIF output format - Allow the analysis of generated files (`issues.exclude-generated: disable`) 2. Updated linters - `errcheck`: fix deprecation warning - `go-critic`: from 0.11.3 to 0.11.4 - `gosec`: from 2.20.0 to [`5f0084e`](https://togithub.com/golangci/golangci-lint/commit/5f0084eb01a9) (fix G601 and G113 performance issues) - `sloglint`: from 0.6.0 to 0.7.0 (new option `forbidden-keys`) - `testifylint`: from 1.2.0 to 1.3.0 (new checker `negative-positive` and new option `go-require.ignore-http-handlers`) 3. Misc. - ️️⚠️ Deprecate `github-action` output format - ️️⚠️ Deprecate `issues.exclude-generated-strict` option (replaced by `issues.exclude-generated: strict`) - ️️⚠️ Add warning about disabled and deprecated linters (level 2) ### [`v1.58.2`](https://togithub.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1582) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) 1. Updated linters - `canonicalheader`: from 1.0.6 to 1.1.1 - `gosec`: from 2.19.0 to 2.20.0 - `musttag`: from 0.12.1 to 0.12.2 - `nilnil`: from 0.1.8 to 0.1.9 2. Documentation - Improve integrations and install pagesConfiguration
📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.