11 Pull requests merged by 5 people

• fix(misconf): wrap AWS EnvVar to iac types

  #7407 merged Dec 2, 2024

• chore(deps): Upgrade trivy-checks

  #8018 merged Nov 30, 2024

• refactor(misconf): Remove unused options

  #7896 merged Nov 29, 2024

• docs: add terminology page to explain Trivy concepts

  #7996 merged Nov 29, 2024

• feat: add workspaceRelationship

  #7889 merged Nov 29, 2024

• refactor(sbom): simplify relationship generation

  #7985 merged Nov 28, 2024

• chore: remove Go checks

  #7907 merged Nov 27, 2024

• docs: improve databases documentation

  #7732 merged Nov 27, 2024

• refactor: remove support for custom Terraform checks

  #7901 merged Nov 27, 2024

• docs: fix dead links

  #7998 merged Nov 26, 2024

• docs: drop AWS account scanning

  #7997 merged Nov 26, 2024

6 Pull requests opened by 4 people

• docs: add scan assets

  #8022 opened Nov 29, 2024

• chore(deps): bump aquaproj/aqua-installer from 3.0.1 to 3.1.0 in the github-actions group

  #8025 opened Dec 1, 2024

• fix(misconf): disable git terminal prompt on tf module load

  #8026 opened Dec 2, 2024

• chore(deps): bump the aws group with 6 updates

  #8028 opened Dec 2, 2024

• chore(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 in the docker group

  #8029 opened Dec 2, 2024

• docs: add commercial content

  #8030 opened Dec 2, 2024

5 Issues closed by 3 people

• feat(docs): Add examples as unit tests

  #4255 closed Nov 30, 2024

• chore(misconf): Remove Go checks

  #7718 closed Nov 30, 2024

• refactor(misconf): Remove unused options

  #7849 closed Nov 29, 2024

• tfignore is not considered [aws-rds-enable-iam-auth]

  #8016 closed Nov 29, 2024

• bug(java): dependOn contains extra dependencies for `pom.xml` files with modules when using SBOM formats

  #7802 closed Nov 29, 2024

4 Issues opened by 2 people

• bug(misconf): Terraform resolver should not request credentials when resolving external module

  #8023 opened Nov 29, 2024

• refactor(checks): Deprecate AVD-DS-0024

  #8017 opened Nov 29, 2024

• feat(cargo): add workspaces as dependencies and use `workspace` relationship for them

  #8013 opened Nov 29, 2024

• feat(yarn): add workspace as dependencies and use `workspace` relationship for them

  #8012 opened Nov 29, 2024

17 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• docs(k8s): a note about k8s credentials

  #7394 commented on Nov 28, 2024 • 1 new comment

• refactor: use UUID for Packages from `pom.xml` files.

  #7879 commented on Dec 2, 2024 • 0 new comments

• release: v0.58.0 [main]

  #7874 commented on Dec 2, 2024 • 0 new comments

• fix: respect GITHUB_TOKEN to download artifacts from GHCR

  #7580 commented on Nov 30, 2024 • 0 new comments

• refactor(misconf): make Rego scanner independent of config type

  #7517 commented on Dec 3, 2024 • 0 new comments

• chore(deps): bump the docker group across 1 directory with 2 updates

  #7511 commented on Dec 1, 2024 • 0 new comments

• test(checks): Add automated bundle testing in pipeline

  #7031 commented on Dec 3, 2024 • 0 new comments

• feat(checks): Schedule automated releases for trivy-checks bundles

  #7030 commented on Dec 3, 2024 • 0 new comments

• feat(terraform): support for `random` provider

  #5357 commented on Dec 3, 2024 • 0 new comments

• feat(misconf): Add support for AWS Client VPN Endpoint Banner Options

  #5863 commented on Dec 3, 2024 • 0 new comments

• feat(misconf): Add support for AWS Identity Center Permission Set

  #5884 commented on Dec 3, 2024 • 0 new comments

• feat(misconf): Add support for fallback for trivy-checks

  #7960 commented on Dec 3, 2024 • 0 new comments

• feat(java): use remote repositories from `settings.xml` for `pom.xml` files

  #7807 commented on Dec 3, 2024 • 0 new comments

• feat(redhat): migrate to CSAF VEX

  #7452 commented on Nov 28, 2024 • 0 new comments

• bug(sbom): Duplicate SBOM packages for multi-module pom.xml files

  #7824 commented on Nov 28, 2024 • 0 new comments

• enhancement(report): include/exclude dev deps in analyzers

  #7476 commented on Nov 28, 2024 • 0 new comments

• bug(scan): `--file-patterns` doesn't work for some `post-analyzers`

  #6962 commented on Nov 28, 2024 • 0 new comments