Releases
v0.36.0
Changelog
4813cf5 docs: improve compliance docs (#3340 )
025e509 feat(deps): add yarn lock dependency tree (#3348 )
4d59a1e fix: compliance change id and title naming (#3349 )
eaa5bcf feat: add support for mix.lock files for elixir language (#3328 )
a888440 feat: add k8s cis bench (#3315 )
62b369e test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322 )
c110c4e revert: cache merged layers (#3334 )
bc759ef feat(cyclonedx): add recommendation (#3336 )
fe3831e feat(ubuntu): added support ubuntu ESM versions (#1893 )
b0cebec fix: change logic to build relative paths for skip-dirs and skip-files (#3331 )
a66d3fe chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265 )
5190f95 feat: Adding support for Windows testing (#3037 )
b00f3c6 feat: add support for Alpine 3.17 (#3319 )
a70f885 docs: change PodFile.lock to Podfile.lock (#3318 )
1ec1fe6 fix(sbom): support for the detection of old CycloneDX predicate type (#3316 )
68eda79 feat(secret): Use .trivyignore for filtering secret scanning result (#3312 )
b95d435 chore(go): remove experimental FS API usage in Wasm (#3299 )
ac6b7c3 ci: add workflow to add issues to roadmap project (#3292 )
cfabdf9 fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275 )
56e3d8d chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250 )
bbccb44 feat(sbom): better support for third-party SBOMs (#3262 )
e879b06 docs: add information about languages with support for dependency locations (#3306 )
e92266f feat(vm): add region
option to vm scan to be able to scan any region's ami and ebs snapshots (#3284 )
01c7fb1 chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251 )
23d0613 fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255 )
407c240 docs: remove comparisons (#3289 )
93c5d2d feat: add support for Wolfi Linux (#3215 )
2809794 ci: add go.mod to canary workflow (#3288 )
08b55c3 feat(python): skip dev dependencies (#3282 )
52300e6 chore: update ubuntu version for Github action runnners (#3257 )
a7ac6ac fix(go): skip dep without Path for go-binaries (#3254 )
4436a20 feat(rust): add ID for cargo pgks (#3256 )
34d505a chore(deps): bump github.com/samber/lo from 1.33.0 to 1.36.0 (#3263 )
ea95602 chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 (#3253 )
aea298b feat: add support for swift cocoapods lock files (#2956 )
c67fe17 fix(sbom): use proper constants (#3286 )
f907255 chore(deps): bump golang.org/x/term from 0.1.0 to 0.3.0 (#3278 )
8f95743 test(vm): import relevant analyzers (#3285 )
8744534 feat: support scan remote repository (#3131 )
c278d86 docs: fix typo in fluxcd (#3268 )
fa2281f docs: fix broken "ecosystem" link in readme (#3280 )
a3eece4 feat(misconf): Add compliance check support (#3130 )
7a6cf5a docs: Adding Concourse resource for trivy (#3224 )
dd26bd2 chore(deps): change golang from 1.19.2 to 1.19 (#3249 )
cbba6d1 fix(sbom): duplicate dependson (#3261 )
fa2e3ac chore(deps): bump alpine from 3.16.2 to 3.17.0 (#3247 )
5c43475 chore(go): updates wazero to 1.0.0-pre.4 (#3242 )
d29b0ed feat(report): add dependency locations to sarif format (#3210 )
967e32f fix(rpm): add rocky to osVendors (#3241 )
9477416 docs: fix a typo (#3236 )
97ce61e feat(dotnet): add dependency parsing for nuget lock files (#3222 )
17e13c4 docs: add pre-commit hook to community tools (#3203 )
b1a2c4e feat(helm): pass arbitrary env vars to trivy (#3208 )
You can’t perform that action at this time.