Releases
v0.0.1-rf.1
Compare
Sorry, something went wrong.
No results found
Changelog
6b04d3b chore(ci): remove aquasec-only workflows (canary, release-please)
00003c3 Remove Auto Ready For Review file
65a935a Test Fix
e0ae6da Packaging for Trivy Prod
1a285f5 Merge branch 'main' into feat/add-rapidfort-scanner
c0654e1 fix(spdx): guard against nil root component in SPDX marshaler (aquasecurity#10771 )
7ca5a6b ci(helm): bump Trivy version to 0.71.0 for Trivy Helm Chart 0.23.0 (aquasecurity#10768 )
9b49920 release: v0.71.0 [main] (aquasecurity#10638 )
35cefae ci: use only the first line of commit message in release-please workflow (aquasecurity#10766 )
f8a6ddb feat: add WithDriver and WithProvider options to ospkg detector (aquasecurity#10740 )
3ea80c0 chore(deps): bump github.com/google/go-containerregistry to v0.21.6 (aquasecurity#10741 )
203dd94 refactor(secret): normalize configPath once in Init (aquasecurity#10702 )
9ad901d feat(secret): add Maven rules to detect passwords and passphrases in settings.xml and settings-security.xml files (aquasecurity#10704 )
8f049df chore(deps): bump the common group across 1 directory with 25 updates (aquasecurity#10758 )
900ffcb chore: migrate from gomodguard to gomodguard_v2 (aquasecurity#10739 )
3d5bc38 chore(deps): bump the docker group across 1 directory with 2 updates (aquasecurity#10709 )
1c515db chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.302.0 to 1.303.0 in the aws group (aquasecurity#10752 )
984581f ci: scope GitHub App tokens to minimum required permissions (aquasecurity#10755 )
b1626a3 chore(deps): upgrade go-redis from v8 to v9 (aquasecurity#10736 )
9c1cf65 fix(misconf): fix rendering of nested values in terraform plan lists (aquasecurity#10746 )
f099dc4 fix(misconf): skip resources with no after changes (aquasecurity#10352 )
0bc5c6d fix(misconf): reject nil plays during playbook parsing (aquasecurity#10273 )
0e4dc66 fix(nodejs): silently skip subdirectory package.json files with invalid names (aquasecurity#10609 )
f080e1e fix(misconf): skip null cty values in AsMapValue to prevent panic (aquasecurity#10723 )
441251e refactor(misconf): replace custom Helm archive parsing with Helm SDK loaders (aquasecurity#10718 )
7d9d519 chore(deps): bump github.com/containerd/containerd/v2 to v2.3.1 (aquasecurity#10738 )
cdfaf0b chore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 (aquasecurity#10686 )
69e78e2 fix(report): don't produce trailing comma in gitlab.tpl links array (aquasecurity#10728 )
ac2f3d7 fix(cloudformation): propagate AWS::EC2::Instance MetadataOptions (aquasecurity#10731 )
ac79fb9 chore(deps): upgrade github.com/cenkalti/backoff dependency to v5 (aquasecurity#10705 )
8047ef3 chore: bump golangci-lint to v2.12 (aquasecurity#10726 )
f2a1237 feat(spdx): add SHA-512 hash algorithm support to SPDX serializer (aquasecurity#10719 )
04f739e feat(sbom): support for CycloneDX 1.7 (aquasecurity#10715 )
f9ed425 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.300.0 to 1.302.0 in the aws group (aquasecurity#10708 )
e169597 chore: migrate from helm.sh/helm/v3 to helm.sh/helm/v4 (aquasecurity#10678 )
519eac9 fix(image): correctly reconstruct RUN instructions built without BuildKit (aquasecurity#10714 )
0903124 feat(ospkg): update rapidfort scanner implementation and tests
c080ce3 feat(java): support from settings.xml (aquasecurity#10692 )
f8fdb93 fix(java): surface 429 from a remote Maven repository as a fatal error when scanning pom.xml files (aquasecurity#10693 )
f10fad5 chore: bump go to 1.26.3 (aquasecurity#10683 )
451fd99 fix(nodejs): handle legacy license formats in npm lockfile parser (aquasecurity#10684 )
fc1e46f fix(secret): correctly skip secret-scanner config file from scanning (aquasecurity#10666 )
a61feac feat(ubuntu): detect Ubuntu 26.04 LTS (aquasecurity#10592 )
2f940f0 refactor(nodejs): deduplicate license traversal across package managers (aquasecurity#10681 )
39a28ed fix: overwrite OS packages PURLs after overwrite OS (aquasecurity#10298 )
69dcd18 feat(secret): add Azure secret detection rules (aquasecurity#10562 )
9d91b88 fix(misconf): prevent path traversal in Terraform filesystem functions (aquasecurity#10664 )
e4325b1 feat(secret): add a way to customize skipped folders, files and exts (aquasecurity#10550 )
ea7e9ad ci: migrate PAT tokens to GitHub App (aquasecurity#10628 )
cb229e9 chore(deps): bump the aws group across 1 directory with 6 updates (aquasecurity#10598 )
00cebeb chore(deps): bump the docker group across 1 directory with 3 updates (aquasecurity#10596 )
8dff4b7 chore(deps): bump the github-actions group across 2 directories with 9 updates (aquasecurity#10608 )
56b5471 chore(deps): bump github.com/in-toto/in-toto-golang from 0.10.0 to 0.11.0 (aquasecurity#10641 )
10d64d2 chore(deps): bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 (aquasecurity#10648 )
99c0659 ci: migrate PAT tokens to GITHUB_TOKEN for reusable-release workflow (aquasecurity#10655 )
b08bf6a feat(seal): add vendor support for language file detection. (aquasecurity#10297 )
a75a468 fix(misconf): make identifiers in ignore rules case-insensitive (aquasecurity#10375 )
3a2f7fb fix: pull instead of clone when test repo already exists (aquasecurity#10636 )
920fad2 docs: document how to disable check.trivy.dev connections (aquasecurity#10623 )
d4ac98a docs(misconf): fix typo in misconfiguration config (aquasecurity#10619 )
85aa9b7 ci: remove secrets from run block (aquasecurity#10590 )
72c2a23 docs: fix typos (aquasecurity#10605 )
99eabdf refactor(deps): replace archived go-homedir with os.UserHomeDir (aquasecurity#10484 )
28ed214 chore(deps): Bump go-ini and fix the import path. (aquasecurity#10489 )
bb5a8cf chore(deps): bump the github-actions group across 2 directories with 9 updates (aquasecurity#10495 )
a0f71c8 chore(deps): bump github.com/aquasecurity/testdocker (aquasecurity#10543 )
2095d49 docs: convert README demonstration videos to mp4 (aquasecurity#10419 )
4aa938d chore(deps): upgrade vm scan dependency for bug fix (aquasecurity#10575 )
c72b416 docs(nodejs): clarify package.json behavior in image scanning (aquasecurity#10572 )
8e23717 chore(deps): replace xeipuuv/gojsonschema and invopop/jsonschema with google/jsonschema-go (aquasecurity#10528 )
cb4aa9c chore(deps): bump github.com/go-git/go-git/v5 from 5.17.2 to 5.18.0 (aquasecurity#10554 )
73809db chore(deps): bump alpine to 3.23.4 (aquasecurity#10552 )
2459b1d ci(helm): bump Trivy version to 0.70.0 for Trivy Helm Chart 0.22.0 (aquasecurity#10547 )
8a3177a release: v0.70.0 [main] (aquasecurity#10105 )
974de49 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 (aquasecurity#10496 )
2175597 chore(deps): bump github.com/sigstore/timestamp-authority/v2 from 2.0.3 to 2.0.6 (aquasecurity#10526 )
50c7a1e chore(deps): bump the common group across 1 directory with 8 updates (aquasecurity#10540 )
885fbce chore(deps): bump the docker group across 1 directory with 2 updates (aquasecurity#10538 )
7ee3e1e fix: use Development category for GoReleaser discussions (aquasecurity#10530 )
6dbe369 chore(deps): bump testcontainers-go to v0.42.0 (aquasecurity#10531 )
21e6888 chore: update CODEOWNERS (aquasecurity#10529 )
35d28e8 chore(deps): bump helm.sh/helm/v3 from 3.20.1 to 3.20.2 (aquasecurity#10511 )
6d40a98 chore(deps): bump github.com/hashicorp/go-getter from 1.8.5 to 1.8.6 (aquasecurity#10510 )
848f41b chore(deps): bump github.com/moby/buildkit from 0.27.1 to 0.28.1 (aquasecurity#10449 )
aa8d502 ci: migrate from mkdocs-material-insiders to mkdocs-material (aquasecurity#10509 )
d2245de chore: remove aquasecurity/homebrew-trivy tap from GoReleaser (aquasecurity#10508 )
57c9cd3 ci: update runners for workflows that interact with GitHub API (aquasecurity#10502 )
42f73ae ci: rename tokens and update runners (aquasecurity#10500 )
87b62ee ci: trigger helm chart publishing via helm-charts workflow (aquasecurity#10474 )
6be4a27 ci: remove ruleset update step from release-please workflow (aquasecurity#10499 )
1561215 ci: use large runner and replace ORG_REPO_TOKEN in release-please workflow (aquasecurity#10498 )
c24d3eb ci: trigger rpm/deb deployment via trivy-repo workflow (aquasecurity#10476 )
54658b7 fix: address linting issues in rapidfort ospkg detector - Reorder rapidfort import in detect.go to maintain alphabetical order - Use make(map[string]string) over composite literal in rapidfort_test.go
a4fa9bd rapidfort: add RedHat/RPM scanner support with identifier-aware vulnerability filtering (#1 )
bda9710 fix: remove os.Stdout from wazero module config (aquasecurity#10403 )
1a6f7a1 chore(deps): bump the common group across 1 directory with 22 updates (aquasecurity#10408 )
297e7fa chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 (aquasecurity#10407 )
20458b8 fix(flag): validate template file extension (aquasecurity#10296 )
e9e9e8c fix(sbom): preserve Red Hat BuildInfo when scanning SBOMs without layer info (aquasecurity#10378 )
f207ec6 fix: handle Go 1.26 GOEXPERIMENT version format change (aquasecurity#10351 )
4cf4498 fix(python): handle multiple version specifiers in requirements.txt (aquasecurity#10361 )
51c1599 ci: run Trivy version bump in trivy-action (aquasecurity#10272 )
12ab3ce fix(python): nil pointer dereference with optional poetry groups without dependencies (aquasecurity#10359 )
aef4ecc ci: replace personal email with github-actions[bot] in workflows (aquasecurity#10369 )
1962aa9 chore: replace smithy epoch parsing with stdlib time.Unix (aquasecurity#10286 )
891cd79 test: update golden files for purl changes (aquasecurity#10372 )
fb6a83a ci: add zizmor to scan GitHub Actions workflows (aquasecurity#10322 )
778a853 refactor: log statuses as strings (aquasecurity#10285 )
88a91cf ci: add build provenance attestations for release artifacts (aquasecurity#10316 )
33b9d8e fix(sbom): add NOASSERTION for licenseDeclared/licenseConcluded in SPDX non-library packages (aquasecurity#10368 )
e5da6de fix(report): set correct sarif ROOTPATH uri when scanning a git repository (aquasecurity#10366 )
d7fb355 perf(plugin): optimize directory traversal by replacing filepath.Walk with filepath.WalkDir (aquasecurity#10325 )
a96cede docs: correct typos in CHANGELOG and diagram (aquasecurity#10320 )
703de6d chore: delete roadmap wf (aquasecurity#10295 )
66acebb ci(helm): bump Trivy version to 0.69.3 for Trivy Helm Chart 0.21.3 (aquasecurity#10310 )
2a4dfbf fix(cyclonedx): include CVSS v4 vulnerability ratings (aquasecurity#10313 )
77f5cb5 fix: detected vulnerability fields in azure and mariner detector (aquasecurity#10275 )
18e6028 ci: add persist-credentials: false to checkout steps (aquasecurity#10306 )
4391500 rapidfort: Remove debian test cases, not supported yet
2f62c94 ci(helm): bump Trivy version to 0.69.2 for Trivy Helm Chart 0.21.2 (aquasecurity#10270 )
9588325 chore(deps): bump the common group across 1 directory with 8 updates (aquasecurity#10248 )
01295f3 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (aquasecurity#10257 )
a01f109 chore(deps): bump the aws group across 1 directory with 6 updates (aquasecurity#10249 )
5fe09eb chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (aquasecurity#10241 )
835a4ad ci: remove apidiff workflow (aquasecurity#10259 )
3d7f0b3 Add RapidFort OS package scanner
2a140f1 chore(deps): bump github.com/docker/cli from 29.1.4+incompatible to 29.2.1+incompatible in the docker group across 1 directory (aquasecurity#10221 )
a0f6962 ci: bump golangci-lint to v2.10 in cache-test-assets (aquasecurity#10243 )
350fe33 feat(java): add support for proxy configuration from Maven settings.xml (aquasecurity#10187 )
ccf5a5a chore(deps): bump the github-actions group across 3 directories with 11 updates (aquasecurity#10242 )
d0a3f63 feat(python): add pylock.toml support (aquasecurity#10137 )
2d92b27 chore: bump SPDX license IDs and exceptions to v3.28.0 (aquasecurity#10233 )
21e6577 docs: fix typos and upgrade insecure HTTP links to HTTPS (aquasecurity#10219 )
a4f7937 chore: bump golangci-lint to v2.10.0 (aquasecurity#10223 )
da94d5f feat(misconf): support for azurerm_network_interface_security_group_association (aquasecurity#10215 )
d758826 ci: pin Docker Engine to v29 for integration tests (aquasecurity#10232 )
aa61dbd feat: extend RapidFort scanner with third-party package support and constraint fix
bd7352a feat: add RapidFort curated image scanner with advisory integration
7acb5f6 feat(go): detect version from ELF symbol table for binaries built with -trimpath (aquasecurity#10197 )
5b54388 docs: migrate private registry documentation from GCR to GAR (aquasecurity#10208 )
1c09181 chore(deps): bump the common group across 1 directory with 24 updates (aquasecurity#10206 )
fb05196 chore(deps): update Docker client SDK to v29 (aquasecurity#10202 )
3a3d750 test: update Docker Engine integration tests for Docker API v0.29.0+ compatibility (aquasecurity#10199 )
0f0d6db fix(misconf): initialize custom annotation field if empty (aquasecurity#10123 )
2c1f65b feat(ubuntu): add eol data for 25.10 (aquasecurity#10181 )
42216b5 docs: fix incorrect count of Python package managers (aquasecurity#10175 )
8662089 chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 (aquasecurity#10179 )
823f363 feat(misconf): resolve Azure resources via resource_id (aquasecurity#10173 )
580c4ac ci(helm): bump Trivy version to 0.69.1 for Trivy Helm Chart 0.21.1 (aquasecurity#10155 )
68c196f refactor: remove unused Insecure field from ServiceOption (aquasecurity#10113 )
0b73503 refactor: reduce complexity of init in detect.go (aquasecurity#10163 )
66bdec4 feat(misconf): adapt ARM k8s clusters (aquasecurity#9696 ) (aquasecurity#10125 )
82019c3 docs: update version endpoint example in client/server documentation (aquasecurity#10151 )
d6e6331 feat(vuln): skip third-party packages in common Detect function (aquasecurity#10129 )
5ffcdfc ci: add composite action for Go setup (aquasecurity#10146 )
b775a1b fix(misconf): apply check aliases when filtering results via .trivyignore (aquasecurity#10112 )
8d3d4ee docs(terraform): add limitation for data sources and computed resource attributes (aquasecurity#10128 )
fa195b4 fix: update PhotonOS feed URL (aquasecurity#10122 )
4c46d41 feat(server): include server version info in JSON output for client/server mode (aquasecurity#10075 )
7415661 chore(deps): bump to alpine:3.23.3 and go-1.25.6 to fix CVEs (aquasecurity#10107 )
fc5f139 refactor: unify scanner error limit and compiler limit (aquasecurity#10106 )
73c64af ci(helm): bump Trivy version to 0.69.0 for Trivy Helm Chart 0.21.0 (aquasecurity#10103 )
9a3e0a8 fix(java): Disable overwriting exclusions (aquasecurity#10088 )
65e151f refactor(rust): use txtar format for cargo analyzer test data (aquasecurity#10104 )
1a72b32 feat(python): add pylock.toml (PEP 751) parser (aquasecurity#9632 )
cc64eeb chore(deps): bump the aws group across 1 directory with 6 updates (aquasecurity#10068 )
b9a8d2d fix(server): exclude JavaDB and CheckBundle from /version endpoint (aquasecurity#10100 )
8fb9191 release: v0.69.0 [main] (aquasecurity#9886 )
ba9feb6 chore: bump trivy-checks to v2 (aquasecurity#9875 )
f00f8de chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 (aquasecurity#10091 )
036c05b fix(repo): return a nil interface for gitAuth if missing (aquasecurity#10097 )
2933b01 fix(java): correctly inherit properties from parent fields for pom.xml files (aquasecurity#9111 )
47d3103 fix(rust): implement version inheritance for Cargo mono repos (aquasecurity#10011 )
676709d feat(activestate): add support ActiveState images (aquasecurity#10081 )
f809066 feat(vex): support per-repo tls configuration (aquasecurity#10030 )
f97ac7e refactor: allow per-request transport options override (aquasecurity#10083 )
8b46122 chore(deps): bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (aquasecurity#10084 )
5d76153 chore(deps): bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 (aquasecurity#10085 )
b9415a3 fix(java): correctly propagate repositories from upper POMs to dependencies (aquasecurity#10077 )
31c4780 feat(rocky): enable modular package vulnerability detection (aquasecurity#10069 )
8025e90 chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 (aquasecurity#10079 )
bf860cd docs: fix mistake in config file example for skip-dirs/skip-files flag (aquasecurity#10070 )
fe7d20a feat(report): add Trivy version to JSON output (aquasecurity#10065 )
d2dc46a fix(rust): add cargo workspace members glob support (aquasecurity#10032 )
1953824 feat: add AnalyzedBy field to track which analyzer detected packages (aquasecurity#10059 )
c233735 fix: use canonical SPDX license IDs from embeded licenses.json (aquasecurity#10053 )
5bb6540 docs: fix link to Docker Image Specification (aquasecurity#10057 )
34baef2 feat(secret): add detection for Symfony default secret key (aquasecurity#9892 )
5602951 refactor(misconf): move common logic to base value and simplify typed values (aquasecurity#9986 )
809db46 fix(java): add hash of GAV+root pom file path for pkgID for packages from pom.xml files (aquasecurity#9880 )
5fced3a feat(misconf): use Terraform plan configuration to partially restore schema (aquasecurity#9623 )
b06ef6d feat(misconf): add action block to Terraform schema (aquasecurity#10035 )
ac061f8 fix(misconf): correct typos in block and attribute names (aquasecurity#9993 )
8c23bfd test(misconf): simplify test values using *Test helpers (aquasecurity#9985 )
a0ecc8e fix(misconf): safely parse rotation_period in google_kms_crypto_key (aquasecurity#9980 )
92d3465 feat(misconf): support for ARM resources defined as an object (aquasecurity#9959 )
37b5da8 feat(misconf): support for azurerm_*_web_app (aquasecurity#9944 )
51f5412 test: migrate private test helpers to export_test.go convention (aquasecurity#10043 )
c3373b1 chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.6.2 (aquasecurity#10048 )
cdb28ee fix(secret): improve word boundary detection for Hugging Face tokens (aquasecurity#10046 )
3c0ab97 fix(go): use ldflags version for all pseudo-versions (aquasecurity#10037 )
f0e23ea chore: switch to ID from AVDID in internal and user-facing fields (aquasecurity#9655 )
6462dc8 refactor(misconf)!: use ID instead of AVDID for providers mapping (aquasecurity#9752 )
4e06c3d fix: move enum into items for array-type fields in JSON Schema (aquasecurity#10039 )
c5b8fef docs: fix incorrect documentation URLs (aquasecurity#10038 )
07ff788 feat(sbom): exclude PEP 770 SBOMs in .dist-info/sboms/ (aquasecurity#10033 )
7f71b57 fix(docker): fix non-det scan results for images with embedded SBOM (aquasecurity#9866 )
60eb3f0 chore(deps): bump the github-actions group with 11 updates (aquasecurity#10001 )
08a3f92 test: fix assertion after 2026 roll over (aquasecurity#10002 )
b46cde0 fix(vuln): skip vulns detection for CentOS Stream family without scan failure (aquasecurity#9964 )
11dd3fa fix(license): normalize licenses for PostAnalyzers (aquasecurity#9941 )
b64d5ad feat(nodejs): parse licenses from package-lock.json file (aquasecurity#9983 )
43d4e55 chore: update reference links to Go Wiki (aquasecurity#9987 )
93915dc refactor: add xslices.Map and replace lo.Map usages (aquasecurity#9984 )
18acf4f fix(image): race condition in image artifact inspection (aquasecurity#9966 )
4caf731 feat(flag): add JSON Schema for trivy.yaml configuration file (aquasecurity#9971 )
517365c refactor(debian): use txtar format for test data (aquasecurity#9957 )
7a6594c chore(deps): bump golang.org/x/tools to v0.40.0 + gopls to v0.21.0 (aquasecurity#9973 )
d3096e7 feat(rootio): Update trivy db to support usage of Severity from root.io feed (aquasecurity#9930 )
74819bf feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (aquasecurity#9932 )
56f93a1 docs: add info that --file-pattern flag doesn't disable default behaviuor (aquasecurity#9961 )
10a50a7 perf(misconf): optimize string concatenation in azure scanner (aquasecurity#9969 )
75c4dc0 chore: add client option to install script (aquasecurity#9962 )
8777252 ci(helm): bump Trivy version to 0.68.2 for Trivy Helm Chart 0.20.1 (aquasecurity#9956 )
5eda0a4 chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (aquasecurity#9952 )
718ec29 docs: update binary signature verification for sigstore bundles (aquasecurity#9929 )
d528250 chore(deps): bump alpine from 3.22.1 to 3.23.0 (aquasecurity#9935 )
f50b96a chore(alpine): add EOL date for alpine 3.23 (aquasecurity#9934 )
d65b504 feat(cloudformation): add support for Fn::ForEach (aquasecurity#9508 )
1a901e5 ci: enable check-latest for setup-go (aquasecurity#9931 )
effc1c0 feat(debian): detect third-party packages using maintainer list (aquasecurity#9917 )
335cc99 fix(vex): add CVE-2025-66564 as not_affected into Trivy VEX file (aquasecurity#9924 )
879e4fc feat(helm): add sslCertDir parameter (aquasecurity#9697 )
18ecf75 fix(misconf): respect .yml files when Helm charts are detected (aquasecurity#9912 )
56b59e8 feat(php): add support for dev dependencies in Composer (aquasecurity#9910 )
f58826f chore(deps): bump the common group across 1 directory with 9 updates (aquasecurity#9903 )
39273f3 chore(deps): bump github.com/docker/cli from 29.0.3+incompatible to 29.1.1+incompatible in the docker group (aquasecurity#9859 )
9db123c fix: remove trailing tab in statefulset template (aquasecurity#9889 )
c2f82ad feat(julia): enable vulnerability scanning for the Julia language ecosystem (aquasecurity#9800 )
9275e15 feat(misconf): initial ansible scanning support (aquasecurity#9332 )
48dfede feat(misconf): Update Azure Database schema (aquasecurity#9811 )
7517112 ci(helm): bump Trivy version to 0.68.1 for Trivy Helm Chart 0.20.0 (aquasecurity#9869 )
32f3df1 chore: update the install script (aquasecurity#9874 )
96290ae release: v0.68.1 [main] (aquasecurity#9867 )
c7accc8 fix: update cosing settings for GoReleaser after bumping cosing to v3 (aquasecurity#9863 )
b503278 chore(deps): bump the testcontainers group with 2 updates (aquasecurity#9506 )
e0fa76d release: v0.68.0 [main] (aquasecurity#9549 )
e74e2b1 feat(aws): Add support for dualstack ECR endpoints (aquasecurity#9862 )
c274f5b fix(vex): use a separate visited set for each DFS path (aquasecurity#9760 )
15a5465 docs: catch some missed docs -> guide (aquasecurity#9850 )
51de2bd refactor(misconf): parse azure_policy_enabled to addonprofile.azurepolicy.enabled (aquasecurity#9851 )
96e7083 chore(cli): Remove Trivy Cloud (aquasecurity#9847 )
7aca801 fix(misconf): ensure value used as ignore marker is non-null and known (aquasecurity#9835 )
7b2b4d4 fix(misconf): map healthcheck start period flag to --start-period instead of --startPeriod (aquasecurity#9837 )
f5bbb0b chore(deps): bump the docker group with 3 updates (aquasecurity#9776 )
e13d970 chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 (aquasecurity#9827 )
8967622 chore(deps): bump the common group across 1 directory with 20 updates (aquasecurity#9840 )
e1f3f28 feat(image): add Sigstore bundle SBOM support (aquasecurity#9516 )
8876b46 chore(deps): bump the aws group with 7 updates (aquasecurity#9691 )
5f9b695 test(k8s): update k8s integrtion test (aquasecurity#9725 )
3169ebf chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 (aquasecurity#9764 )
d8eaaeb feat(sbom): add support for SPDX attestations (aquasecurity#9829 )
5c42cc5 docs(misconf): Remove duplicate sections (aquasecurity#9819 )
ea2dc58 feat(misconf): Update Azure network schema for new checks (aquasecurity#9791 )
c6d95d7 feat(misconf): Update AppService schema (aquasecurity#9792 )
a6ceff7 fix(misconf): ensure boolean metadata values are correctly interpreted (aquasecurity#9770 )
c8d5ab7 feat(misconf): support https_traffic_only_enabled in Az storage account (aquasecurity#9784 )
9da33b5 docs: restructure docs for new hosting (aquasecurity#9799 )
f64e0da docs(server): fix info about scanning licenses on the client side. (aquasecurity#9805 )
31218f6 ci: remove unused preinstalled software/images for build tests to free up disk space. (aquasecurity#9814 )
cbad9ca feat(report): add fingerprint generation for vulnerabilities (aquasecurity#9794 )
612ee98 chore: trigger the trivy-www workflow (aquasecurity#9737 )
738b2b4 fix: update all documentation links (aquasecurity#9777 )
019af7f feat(suse): Add new openSUSE, Micro and SLES releases end of life dates (aquasecurity#9788 )
3a2a31d test(go): set GOPATH for tests (aquasecurity#9785 )
6048173 feat(flag): add --cacert flag (aquasecurity#9781 )
08d51a8 fix(misconf): handle unsupported experimental flags in Dockerfile (aquasecurity#9769 )
09ea608 test(go): refactor mod_test.go to use txtar format (aquasecurity#9775 )
2c3aca5 docs: Fix typos and linguistic errors in documentation / hacktoberfest (aquasecurity#9586 )
2ce48c7 chore(deps): bump github.com/opencontainers/selinux from 1.12.0 to 1.13.0 (aquasecurity#9778 )
be419c7 chore(deps): bump github.com/containerd/containerd/v2 from 2.1.4 to 2.1.5 (aquasecurity#9763 )
d87d9b9 fix(java): use true as default value for Repository Release|Snapshot Enabled in pom.xml and settings.xml files (aquasecurity#9751 )
0487d8e docs: add info that SSL_CERT_FILE works on Unix systems other than macOS only (aquasecurity#9772 )
14ecdb5 docs: change SecObserve URLs in documentatio (aquasecurity#9771 )
d70d994 feat(db): enable concurrent access to vulnerability database (aquasecurity#9750 )
69f400c feat(misconf): add agentpools to azure container schema (aquasecurity#9714 )
6fb3fde feat(report): switch ReportID from UUIDv4 to UUIDv7 (aquasecurity#9749 )
cb58bf6 feat(misconf): Update Azure Compute schema (aquasecurity#9675 )
c3bfecf feat(misconf): Update azure storage schema (aquasecurity#9728 )
58819c5 feat(misconf): Update SecurityCenter schema (aquasecurity#9674 )
2690ac9 feat(image): pass global context to docker/podman image save func (aquasecurity#9733 )
c03facf chore(deps): bump the github-actions group with 4 updates (aquasecurity#9739 )
bf43629 fix(flag): remove viper.SetDefault to fix IsSet() for config-only flags (aquasecurity#9732 )
012f3d7 feat(license): use separate SPDX ids to ignore SPDX expressions (aquasecurity#9087 )
18c0ee8 feat(dotnet): add dependency graph support for .deps.json files (aquasecurity#9726 )
445cd2b feat(misconf): Add support for configurable Rego error limit (aquasecurity#9657 )
3fb8703 feat(misconf): Add RoleAssignments attribute (aquasecurity#9396 )
d020f26 feat(report): add image reference to report metadata (aquasecurity#9729 )
29f0347 fix(os): Add photon 5.0 in supported OS (aquasecurity#9724 )
212f078 fix(license): handle SPDX WITH exceptions as single license in category detection (aquasecurity#9380 )
89fc7b6 refactor: add case-insensitive string set implementation (aquasecurity#9720 )
758f271 feat: include registry and repository in artifact ID calculation (aquasecurity#9689 )
eff52eb feat(java): add support remote repositories from settings.xml files (aquasecurity#9708 )
fb0593b fix(sbom): don’t panic on SBOM format if scanned CycloneDX file has empty metadata (aquasecurity#9562 )
39051b7 docs: update vulnerability reporting guidelines in SECURITY.md (aquasecurity#9395 )
3cf4bfd docs: add info about java-db subdir (aquasecurity#9706 )
d20216e fix(report): correct field order in SARIF license results (aquasecurity#9712 )
a6010c3 test: improve golden file management in integration tests (aquasecurity#9699 )
e0c0416 ci: get base_sha using base.ref (aquasecurity#9704 )
a282228 refactor(misconf): mark AVDID fields as deprecated and use ID internally (aquasecurity#9576 )
231492d fix(nodejs): fix npmjs parser.pkgNameFromPath() panic issue (aquasecurity#9688 )
fa6f779 fix: close all opened resources if an error occurs (aquasecurity#9665 )
807bbbd refactor(misconf): type-safe parser results in generic scanner (aquasecurity#9685 )
a9a3031 feat(image): add RepoTags support for Docker archives (aquasecurity#9690 )
68ca612 chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.54.1 (aquasecurity#9694 )
43a7546 feat(misconf): Update Azure Container Schema (aquasecurity#9673 )
7ca1b8f ci: use merge commit for apidiff to avoid false positives (aquasecurity#9622 )
197c9e1 feat(misconf): include map key in manifest snippet for diagnostics (aquasecurity#9681 )
c32ddfc refactor(misconf): add ManifestFromYAML for unified manifest parsing (aquasecurity#9680 )
263aee0 test: update golden files for TestRepository* integration tests (aquasecurity#9684 )
559fe1f refactor(cli): Update the cloud config command (aquasecurity#9676 )
2c43425 fix(sbom): add buildInfo info as properties (aquasecurity#9683 )
fc976be feat: add ReportID field to scan reports (aquasecurity#9670 )
fcd8dcd docs: add vulnerability database contribution guide (aquasecurity#9667 )
8e6a7ff feat(cli): Add trivy cloud suppport (aquasecurity#9637 )
84a7d9a feat: add ArtifactID field to uniquely identify scan targets (aquasecurity#9663 )
804ea4a fix(nodejs): use the default ID format to match licenses in pnpm packages. (aquasecurity#9661 )
35db88c feat(sbom): use SPDX license IDs list to validate SPDX IDs (aquasecurity#9569 )
b885d3a fix: use context for analyzers (aquasecurity#9538 )
84518db chore(deps): bump the docker group with 3 updates (aquasecurity#9545 )
fd92773 chore(deps): bump the aws group with 6 updates (aquasecurity#9547 )
ce8d47e ci(helm): bump Trivy version to 0.67.2 for Trivy Helm Chart 0.19.1 (aquasecurity#9641 )
4e1e6fc test(helm): bump up Yamale dependency for Helm chart-testing-action (aquasecurity#9653 )
e18b038 fix: Trim the end-of-range suffix (aquasecurity#9618 )
492797b test(k8s): use a specific bundle for k8s misconfig scan (aquasecurity#9633 )
6e53686 fix: Use fetch-level: 1 to check out trivy-repo in the release workflow (aquasecurity#9636 )
2f695b9 refactor: move the aws config (aquasecurity#9617 )
09162e5 fix(license): don't normalize unlicensed licenses into unlicense (aquasecurity#9611 )
66479f0 fix: using SrcVersion instead of Version for echo detector (aquasecurity#9552 )
cff91ac feat(fs): change artifact type to repository when git info is detected (aquasecurity#9613 )
6def66e fix: add buildInfo for BlobInfo in rpc package (aquasecurity#9608 )
7422cc7 fix(vex): don't use reused BOM (aquasecurity#9604 )
b9e3e0b ci: use pull_request_target for apidiff workflow to support fork PRs (aquasecurity#9605 )
aeeb2a1 fix: restore compatibility for google.protobuf.Value (aquasecurity#9559 )
d7aa84f ci: add API diff workflow (aquasecurity#9600 )
05375d1 chore(deps): update to module-compatible docker-credential-gcr/v2 (aquasecurity#9591 )
3671251 docs: improve documentation for scanning raw IaC configurations (aquasecurity#9571 )
c638fc6 feat: allow ignoring findings by type in Rego (aquasecurity#9578 )
4bef183 docs: bump pygments from 2.18.0 to 2.19.2 (aquasecurity#9596 )
19615a8 refactor(misconf): add ID to scan.Rule (aquasecurity#9573 )
e286c5e fix(java): update order for resolving package fields from multiple demManagement (aquasecurity#9575 )
3962ea4 chore(deps): bump the github-actions group across 1 directory with 9 updates (aquasecurity#9563 )
36ab331 chore(deps): bump the common group across 1 directory with 7 updates (aquasecurity#9590 )
9058d51 chore(deps): Switch to go-viper/mapstructure (aquasecurity#9579 )
719ea29 chore: add context to the cache interface (aquasecurity#9565 )
3dd0ebb ci(helm): bump Trivy version to 0.67.0 for Trivy Helm Chart 0.19.0 (aquasecurity#9554 )
f0fd432 fix: validate backport branch name (aquasecurity#9548 )
adeb362 release: v0.67.0 [main] (aquasecurity#9432 )
78f0d4a fix(vex): don't suppress vulns for packages with infinity loop (aquasecurity#9465 )
fa6f1bf fix(aws): use BuildableClient insead of xhttp.Client (aquasecurity#9436 )
e7c16a7 refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (aquasecurity#9282 )
c446a5c docs: clarify inline ignore limitations for resource-less checks (aquasecurity#9537 )
c0c7a6b fix(k8s): disable parallel traversal with fs cache for k8s images (aquasecurity#9534 )
bfd2f6b fix(misconf): handle tofu files in module detection (aquasecurity#9486 )
e4af279 feat(seal): add seal support (aquasecurity#9370 )
e149094 docs: fix modules path and update code example (aquasecurity#9539 )
a4cbd6a fix: close file descriptors and pipes on error paths (aquasecurity#9536 )
eba48af feat: add documentation URL for database lock errors (aquasecurity#9531 )
92ebc7e fix(db): Dowload database when missing but metadata still exists (aquasecurity#9393 )
42b3bf3 feat(cloudformation): support default values and list results in Fn::FindInMap (aquasecurity#9515 )
8e40d27 fix(misconf): unmark cty values before access (aquasecurity#9495 )
7b663d8 feat(cli): change --list-all-pkgs default to true (aquasecurity#9510 )
404abb3 fix(nodejs): parse workspaces as objects for package-lock.json files (aquasecurity#9518 )
352855e refactor(fs): use underlyingPath to determine virtual files more reliably (aquasecurity#9302 )
d57b160 refactor: remove google/wire dependency and implement manual DI (aquasecurity#9509 )
331cf5d chore(deps): bump the aws group with 6 updates (aquasecurity#9481 )
366910b chore(deps): bump the common group across 1 directory with 24 updates (aquasecurity#9507 )
267a970 fix(misconf): wrap legacy ENV values in quotes to preserve spaces (aquasecurity#9497 )
842ebdc docs: move info about detection priority into coverage section (aquasecurity#9469 )
6d562a3 feat(sbom): added support for CoreOS (aquasecurity#9448 )
c938806 fix(misconf): strip build metadata suffixes from image history (aquasecurity#9498 )
aff03eb feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (aquasecurity#9439 )
8b2575b docs: Fix typo in terraform docs (aquasecurity#9492 )
cb25a07 feat(redhat): add os-release detection for RHEL-based images (aquasecurity#9458 )
8dce58c ci(deps): add 3-day cooldown period for Dependabot updates (aquasecurity#9475 )
788f6fa refactor: migrate from go-json-experiment to encoding/json/v2 (aquasecurity#9422 )
1ff9ac7 fix(vuln): compare nuget package names in lower case (aquasecurity#9456 )
78a70e2 chore: Update release flow to include chocolatey (aquasecurity#9460 )
ea0ff34 docs: document eol supportability (aquasecurity#9434 )
4a2be6b docs(report): add nuanses about secret/license scanner in summary table (aquasecurity#9442 )
4359fe0 ci: use environment variables in GitHub Actions for improved security (aquasecurity#9433 )
2185c78 chore: bump Go to 1.24.7 (aquasecurity#9435 )
4517e8c fix(nodejs): use snapshot string as Package.ID for pnpm packages (aquasecurity#9330 )
a70d8e7 ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (aquasecurity#9425 )
7bcb181 release: v0.66.0 [main] (aquasecurity#9289 )
2125895 chore(deps): bump the aws group with 7 updates (aquasecurity#9419 )
29e9ff7 refactor(secret): clarify secret scanner messages (aquasecurity#9409 )
46ab76a fix(cyclonedx): handle multiple license types (aquasecurity#9378 )
1ac9b1f fix(repo): sanitize git repo URL before inserting into report metadata (aquasecurity#9391 )
6fa3849 test: add HTTP basic authentication to git test server (aquasecurity#9407 )
aa7cf43 fix(sbom): add support for file component type of CycloneDX (aquasecurity#9372 )
81d9425 fix(misconf): ensure module source is known (aquasecurity#9404 )
1d646d6 ci: migrate GitHub Actions from version tags to SHA pinning (aquasecurity#9405 )
ce22f54 fix: create temp file under composite fs dir (aquasecurity#9387 )
db19b34 chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (aquasecurity#9403 )
d1de58a refactor: switch to stable azcontainerregistry SDK package (aquasecurity#9319 )
102cbee chore(deps): bump the common group with 7 updates (aquasecurity#9382 )
7278718 refactor(misconf): migrate from custom Azure JSON parser (aquasecurity#9222 )
4f2a44e fix(repo): preserve RepoMetadata on FS cache hit (aquasecurity#9389 )
9594d63 refactor(misconf): use atomic.Int32 (aquasecurity#9385 )
8abde2c chore(deps): bump the aws group with 6 updates (aquasecurity#9383 )
2bbad03 docs: Fix broken link to "Built-in Checks" (aquasecurity#9375 )
5f067ac fix(plugin): don't remove plugins when updating index.yaml file (aquasecurity#9358 )
6e99dd3 fix: persistent flag option typo (aquasecurity#9374 )
d1adbe3 chore(deps): bump the common group across 1 directory with 26 updates (aquasecurity#9347 )
84fbf86 fix(image): use standardized HTTP client for ECR authentication (aquasecurity#9322 )
04abb78 refactor: export systemFileFiltering Post Handler (aquasecurity#9359 )
e2d30fe docs: update links to Semaphore pages (aquasecurity#9352 )
03d039f fix(conda): memory leak by adding closure method for package.json file (aquasecurity#9349 )
235c24e feat: add timeout handling for cache database operations (aquasecurity#9307 )
04ad0c4 fix(misconf): use correct field log_bucket instead of target_bucket in gcp bucket (aquasecurity#9296 )
d3cd101 fix(misconf): ensure ignore rules respect subdirectory chart paths (aquasecurity#9324 )
ea6663a chore(deps): bump alpine from 3.21.4 to 3.22.1 (aquasecurity#9301 )
298a994 feat(terraform): use .terraform cache for remote modules in plan scanning (aquasecurity#9277 )
c9cb3d1 chore: fix some function names in comment (aquasecurity#9314 )
b7b4910 chore(deps): bump the aws group with 7 updates (aquasecurity#9311 )
c3efe5d docs: add explanation for how to use non-system certificates (aquasecurity#9081 )
406c209 chore(deps): bump the github-actions group across 1 directory with 2 updates (aquasecurity#8962 )
1319d8d fix(misconf): preserve original paths of remote submodules from .terraform (aquasecurity#9294 )
c0bd700 refactor(terraform): make Scan method of Terraform plan scanner private (aquasecurity#9272 )
2458d5e fix: suppress debug log for context cancellation errors (aquasecurity#9298 )
5a5e097 feat(secret): implement streaming secret scanner with byte offset tracking (aquasecurity#9264 )
1473e88 fix(python): impove package name normalization (aquasecurity#9290 )
4d4a244 feat(misconf): added audit config attribute (aquasecurity#9249 )
649eb2f refactor(misconf): decouple input fs and track extracted files with fs references (aquasecurity#9281 )
b77d6e2 test(misconf): remove BenchmarkCalculate using outdated check metadata (aquasecurity#9291 )
b9fb7e5 refactor: simplify Detect function signature (aquasecurity#9280 )
44aac2c ci(helm): bump Trivy version to 0.65.0 for Trivy Helm Chart 0.17.0 (aquasecurity#9288 )
b51c789 fix(fs): avoid shadowing errors in file.glob (aquasecurity#9286 )
c4003b2 test(misconf): move terraform scan tests to integration tests (aquasecurity#9271 )
a590743 test(misconf): drop gcp iam test covered by another case (aquasecurity#9285 )
04d018b chore(deps): bump to alpine from 3.21.3 to 3.21.4 (aquasecurity#9283 )
b2b1545 release: v0.65.0 [main] (aquasecurity#9108 )
b4ad00f fix(cli): ensure correct command is picked by telemetry (aquasecurity#9260 )
ed4640e feat(flag): add schema validation for --server flag (aquasecurity#9270 )
1a0c038 chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3+incompatible (aquasecurity#9274 )
011cefc ci: skip undefined labels in discussion triage action (aquasecurity#9175 )
f4b2cf1 feat(repo): add git repository metadata to reports (aquasecurity#9252 )
b4193d0 fix(license): handle WITH operator for LaxSplitLicenses (aquasecurity#9232 )
d2d0ec2 chore: add modernize tool integration for code modernization (aquasecurity#9251 )
54832a7 fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (aquasecurity#9253 )
8f5b560 chore: implement process-safe temp file cleanup (aquasecurity#9241 )
6095984 fix: prevent graceful shutdown message on normal exit (aquasecurity#9244 )
77bab7b fix(misconf): correctly parse empty port ranges in google_compute_firewall (aquasecurity#9237 )
2c05882 feat: add graceful shutdown with signal handling (aquasecurity#9242 )
b5da1b8 chore: update template URL for brew formula (aquasecurity#9221 )
4bd7512 test: add end-to-end testing framework with image scan and proxy tests (aquasecurity#9231 )
5c155e3 refactor(db): use Getter interface with GetParams for trivy-db sources (aquasecurity#9239 )
6737966 ci: specify repository for gh cache delete in canary worklfow (aquasecurity#9240 )
24715ea ci: remove invalid --confirm flag from gh cache delete command in canary builds (aquasecurity#9236 )
7ebc129 fix(misconf): fix log bucket in schema (aquasecurity#9235 )
3ada677 chore(deps): bump the common group across 1 directory with 24 updates (aquasecurity#9228 )
74f92b5 ci: move runner.os context from job-level env to step-level in canary workflow (aquasecurity#9233 )
b4f2457 chore(deps): bump up Trivy-kubernetes to v0.9.1 (aquasecurity#9214 )
110f80e feat(misconf): added logging and versioning to the gcp storage bucket (aquasecurity#9226 )
1163b04 fix(server): add HTTP transport setup to server mode (aquasecurity#9217 )
362be17 chore: update the rpm download Update (aquasecurity#9202 )
861d51e feat(alma): add AlmaLinux 10 support (aquasecurity#9207 )
fe96436 fix(nodejs): don't use prerelease logic for compare npm constraints (aquasecurity#9208 )
6fafbeb fix(rootio): fix severity selection (aquasecurity#9181 )
aa944cc fix(sbom): merge in-graph and out-of-graph OS packages in scan results (aquasecurity#9194 )
adfa879 fix(cli): panic: attempt to get os.Args[1] when len(os.Args) < 2 (aquasecurity#9206 )
51aa022 fix(misconf): correctly adapt azure storage account (aquasecurity#9138 )
263845c feat(misconf): add private ip google access attribute to subnetwork (aquasecurity#9199 )
60723e6 feat(report): add CVSS vectors in sarif report (aquasecurity#9157 )
153318f fix(terraform): for_each on a map returns a resource for every key (aquasecurity#9156 )
e306e2d fix: supporting .egg-info/METADATA in python.Packaging analyzer (aquasecurity#9151 )
85a156c chore: migrate protoc setup from Docker to buf CLI (aquasecurity#9184 )
94c751f ci: delete cache after artifacts upload in canary workflow (aquasecurity#9177 )
a822ace refactor: remove aws flag helper message (aquasecurity#9080 )
0449787 ci: use gh pr view to get PR number for forked repositories in auto-ready workflow (aquasecurity#9183 )
6840eb7 ci: add auto-ready-for-review workflow (aquasecurity#9179 )
99cd4e7 feat(image): add Docker context resolution (aquasecurity#9166 )
fe26969 ci: optimize golangci-lint performance with cache-based strategy (aquasecurity#9173 )
aa5b32a feat: add HTTP request/response tracing support (aquasecurity#9125 )
0ecfed6 fix(aws): update amazon linux 2 EOL date (aquasecurity#9176 )
2555335 chore: Update release workflow to trigger version updates (aquasecurity#9162 )
c6d4607 chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 (aquasecurity#9164 )
4d10a81 fix: also check filepath when removing duplicate packages (aquasecurity#9142 )
75857e9 chore: add debug log to show image source location (aquasecurity#9163 )
4675603 docs: add section on customizing default check data (aquasecurity#9114 )
482d383 chore(deps): bump the common group across 1 directory with 9 updates (aquasecurity#9153 )
e4a3fd2 docs: partners page content updates (aquasecurity#9149 )
bb149fc chore(license): add missed spdx exceptions: (aquasecurity#9147 )
8a1d144 docs: trivy partners page updates (aquasecurity#9133 )
f224de3 fix: migrate from *.list to *.md5sums files for dpkg (aquasecurity#9131 )
2807478 ci(helm): bump Trivy version to 0.64.1 for Trivy Helm Chart 0.16.1 (aquasecurity#9135 )
12d6706 feat(sbom): add SHA-512 hash support for CycloneDX SBOM (aquasecurity#9126 )
42ccd3d fix(misconf): skip rewriting expr if attr is nil (aquasecurity#9113 )
a692f29 fix(license): add missed GFDL-NIV-1.1 and GFDL-NIV-1.2 into Trivy mapping (aquasecurity#9116 )
7041a39 fix(cli): Add more non-sensitive flags to telemetry (aquasecurity#9110 )
82db2fc fix(alma): parse epochs from rpmqa file (aquasecurity#9101 )
c2ddd44 fix(rootio): check full version to detect root.io packages (aquasecurity#9117 )
26a08f5 chore: drop FreeBSD 32-bit support (aquasecurity#9102 )
143da88 fix(sbom): use correct field for licenses in CycloneDX reports (aquasecurity#9057 )
e579746 fix(secret): fix line numbers for multiple-line secrets (aquasecurity#9104 )
d44af8c feat(license): observe pkg types option in license scanner (aquasecurity#9091 )
c752ccc ci(helm): bump Trivy version to 0.64.0 for Trivy Helm Chart 0.16.0 (aquasecurity#9107 )
280491b release: v0.64.0 [main] (aquasecurity#8955 )
a6e9807 docs(python): fix type with METADATA file name (aquasecurity#9090 )
1e1e1b5 feat: reject unsupported artifact types in remote image retrieval (#9052)
7333c46 chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 (#9088)
bac6f7b refactor(misconf): rewrite Rego module filtering using functional filters (#9061)
a9f7dcd feat(terraform): add partial evaluation for policy templates (#8967)
3a0ec0f feat(vuln): add Root.io support for container image scanning (#9073)
41d0f94 feat(sbom): add manufacturer field to CycloneDX tools metadata (#9019)
fd2bc91 fix(cli): add some values to the telemetry call (#9056)
367564a feat(ubuntu): add end of life date for Ubuntu 25.04 (#9077)
3adfd98 refactor: centralize HTTP transport configuration (#9058)
cd7c595 test: include integration tests in linting and fix all issues (#9060)
6bf7ac4 chore(deps): bump the common group across 1 directory with 26 updates (#9063)
5aade69 feat(java): dereference all maven settings.xml env placeholders (#9024)
99c5151 fix(misconf): reduce log noise on incompatible check (#9029)
371b8cc fix(misconf): .Config.User always takes precedence over USER in .History (#9050)
3f41ffa chore(deps): update Docker to v28.2.2 and fix compatibility issues (#9037)
f23d2f6 docs(misconf): simplify misconfiguration docs (#9030)
a58c36d fix(misconf): move disabled checks filtering after analyzer scan (#9002)
64aea25 docs: add PR review policy for maintainers (#9032)
198789a fix(sbom): remove unnecessary OS detection check in SBOM decoding (#9034)
ae85c40 test: improve and extend tests for iac/adapters/arm (#9028)
7cfdbf0 chore: bump up Go version to 1.24.4 (#9031)
19efa9f feat(cli): add version constraints to annoucements (#9023)
40d017b fix(misconf): correct Azure value-to-time conversion in AsTimeValue (#9015)
87118a0 feat(ubuntu): add eol date for 20.04-ESM (#8981)
87fda76 fix(report): don't panic when report contains vulns, but doesn't contain packages for table format (#8549)
875ec3a fix(nodejs): correctly parse packages array of bun.lock file (#8998)
454b894 refactor: use strings.SplitSeq instead of strings.Split in for-loop (#8983)
15f421f docs: change --disable-metrics to --disable-telemetry in example (#8999) (#9003)
57801d0 feat(misconf): add OpenTofu file extension support (#8747)
b91284a refactor(misconf): set Trivy version by default in Rego scanner (#9001)
e1beba2 docs: fix assets with versioning (#8996)
5d050ce docs: add partners page (#8988)
94b12a8 chore(alpine): add EOL date for Alpine 3.22 (#8992)
4ed78e3 fix: don't show corrupted trivy-db warning for first run (#8991)
a619788 Update installation.md (#8979)
65e155f feat(misconf): normalize CreatedBy for buildah and legacy docker builder (#8953)
521be3a chore(k8s): update comments with deprecated command format (#8964)
14d2b83 chore: fix errors and typos in docs (#8963)
ef5f8de fix: Add missing version check flags (#8951)
48258a7 feat(redhat): Add EOL date for RHEL 10. (#8910)
b813527 fix: Correctly check for semver versions for trivy version check (#8948)
c29bb21 refactor(server): change custom advisory and vulnerability data types fr… (#8923)
c0cc8a2 ci(helm): bump Trivy version to 0.63.0 for Trivy Helm Chart 0.15.0 (#8946)
69093d2 release: v0.63.0 [main] (#8809)
7e9a54c fix(misconf): use argument value in WithIncludeDeprecatedChecks (#8942)
78e3304 chore(deps): Bump trivy-checks (#8934)
22f040f fix(julia): add Relationship field support (#8939)
c2dde33 feat(minimos): Add support for MinimOS (#8792)
104bbc1 feat(alpine): add maintainer field extraction for APK packages (#8930)
c7b8cc3 feat(echo): Add Echo Support (#8833)
906b037 fix(redhat): Also try to find buildinfo in root layer (layer 0) (#8924)
b15d9a6 fix(wolfi): support new APK database location (#8937)
4f1ab23 feat(k8s): get components from namespaced resources (#8918)
5bae262 refactor(cloudformation): remove unused ScanFile method from Scanner (#8927)
4a7ebb7 refactor(terraform): remove result sorting from scanner (#8928)
3b2a397 feat(misconf): Add support for Minimum Trivy Version (#8880)
1d420e6 docs: improve skipping files documentation (#8749)
5a0bf9e feat(cli): Add available version checking (#8553)
7ca656d feat(nodejs): add a bun.lock analyzer (#8897)
8939451 feat: terraform parser option to set current working directory (#8909)
60fef1b perf(secret): only match secrets of meaningful length, allow example strings to not be matched (#8602)
aaecc29 feat(misconf): export raw Terraform data to Rego (#8741)
6c7cb7a refactor(terraform): simplify AllReferences method signature in Attribute (#8906)
93e6680 fix: check post-analyzers for StaticPaths (#8904)
07ef63b feat: add Bottlerocket OS package analyzer (#8653)
ee52230 feat(license): improve work text licenses with custom classification (#8888)
cae79d6 chore(deps): bump github.com/containerd/containerd/v2 from 2.1.0 to 2.1.1 (#8901)
bcf246c chore(deps): bump the common group across 1 directory with 9 updates (#8887)
0229eb7 refactor(license): simplify compound license scanning (#8896)
39f9ed1 feat(license): Support compound licenses (licenses using SPDX operators) (#8816)
fe12771 fix(k8s): use in-memory cache backend during misconfig scanning (#8873)
1dcf816 feat(nodejs): add bun.lock parser (#8851)
c321fdf feat(license): improve work with custom classification of licenses from config file (#8861)
69a5fa1 fix(cli): disable --skip-dir and --skip-files flags for sbom command (#8886)
be8c7b7 fix: julia parser panicing (#8883)
6aff7b0 refactor(db): change logic to detect wrong DB (#8864)
35e8889 fix(cli): don't use allow values for --compliance flag (#8881)
239f65a docs(misconf): Reorganize misconfiguration scan pages (#8206)
38f17c9 fix(server): add missed Relationship field for rpc (#8872)
0b0e406 feat: add JSONC support for comments and trailing commas (#8862)
e97af98 fix(vex): use lo.IsNil to check VEX from OCI artifact (#8858)
26437be feat(go): support license scanning in both GOPATH and vendor (#8843)
9256804 fix(redhat): save contentSets for OS packages in fs/vm modes (#8820)
6ebde88 fix: filter all files when processing files installed from package managers (#8842)
a516775 feat(misconf): add misconfiguration location to junit template (#8793)
c9ba460 docs(vuln): remove OSV for Python from data sources (#8841)
2a21fd8 chore: add an issue template for maintainers (#8838)
3b1426a chore: enable staticcheck (#8815)
6791539 ci(helm): bump Trivy version to 0.62.1 for Trivy Helm Chart 0.14.1 (#8836)
dd6a6e5 feat(license): scan vendor directory for license for go.mod files (#8689)
3bf4f44 docs(java): Update info about dev deps in gradle lock (#8830)
2ab8ae9 chore(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 in the common group (#8822)
8995838 fix(java): exclude dev dependencies in gradle lockfile (#8803)
a19e0aa fix: octalLiteral from go-critic (#8811)
fa1077b fix(redhat): trim invalid suffix from content_sets in manifest parsing (#8818)
e322f21 chore(deps): bump the common group across 1 directory with 10 updates (#8817)
883c63b fix: use-any from revive (#8810)
3ab459e fix: more revive rules (#8814)
296eb3c docs: change in java.md: fix the Trity -to-> Trivy typo (#8813)
5706603 fix(misconf): check if for-each is known when expanding dyn block (#8808)
6e23ca9 ci(helm): bump Trivy version to 0.62.0 for Trivy Helm Chart 0.14.0 (#8802)
6e6af01 release: v0.62.0 [main] (#8669)
bf4cd4f feat(nodejs): add root and workspace for yarn packages (#8535)
6562082 fix: unused-parameter rule from revive (#8794)
573f35c chore(deps): Update trivy-checks (#8798)
43350dd fix: early-return, indent-error-flow and superfluous-else rules from revive (#8796)
7a58ccb fix(k8s): remove using last-applied-configuration (#8791)
471dcc3 refactor(misconf): remove unused methods from providers (#8781)
dd62d4e refactor(misconf): remove unused methods from iac types (#8782)
e10929a fix(misconf): filter null nodes when parsing json manifest (#8785)
ee4f7dc fix: testifylint last issues (#8768)
3ce7d59 fix(misconf): perform operations on attribute safely (#8774)
312649c refactor(ubuntu): update time handling for fixing time (#8780)
427a18e chore(deps): bump golangci-lint to v2.1.2 (#8766)
a95cab0 feat(image): save layers metadata into report (#8394)
7abf5f0 feat(misconf): convert AWS managed policy to document (#8757)
9fbfb04 chore(deps): bump the docker group across 1 directory with 3 updates (#8762)
3032def ci(helm): bump Trivy version to 0.61.1 for Trivy Helm Chart 0.13.1 (#8753)
8c9a92b ci(helm): create a helm branch for patches from main (#8673)
0d3efa5 fix(terraform): hcl object expressions to return references (#8271)
6c6beea chore(terraform): option to pass in instanced logger (#8738)
2849abb ci: use Skitionek/notify-microsoft-teams instead of aquasecurity fork (#8740)
4141013 chore(terraform): remove os.OpenPath call from terraform file functions (#8737)
b7cbbdc chore(deps): bump the common group across 1 directory with 23 updates (#8733)
93efe07 feat(rust): add root and workspace relationships/package for cargo lock files (#8676)
8e25ca0 refactor(misconf): remove module outputs from parser.EvaluateAll (#8587)
efd177b fix(misconf): populate context correctly for module instances (#8656)
b7dfd64 fix(misconf): check if metadata is not nil (#8647)
195880b refactor(misconf): switch to x/json (#8719)
9a5383e fix(report): clean buffer after flushing (#8725)
346a6b7 ci: improve PR title validation workflow (#8720)
4a38d01 refactor(flag): improve flag system architecture and extensibility (#8718)
e25de25 fix(terraform): evaluateStep to correctly set EvalContext for multiple instances of blocks (#8555)
4b84dab refactor: migrate from github.com/aquasecurity/jfather to github.com/go-json-experiment/json (#8591)
9792611 feat(misconf): support auto_provisioning_defaults in google_container_cluster (#8705)
13608ea ci: use github.event.pull_request.user.login for release PR check workflow (#8702)
a0dc3b6 refactor: add hook interface for extended functionality (#8585)
9dcd06f fix(misconf): add missing variable as unknown (#8683)
12cf218 docs: Update maintainer docs (#8674)
8613832 ci(vuln): reduce github action script injection attack risk (#8610)
a032ad6 fix(secret): ignore .dist-info directories during secret scanning (#8646)
36f8d0f fix(server): fix redis key when trying to delete blob (#8649)
f1329c7 chore(deps): bump the testcontainers group with 2 updates (#8650)
c5e03f7 test: use aquasecurity repository for test images (#8677)
a8a7ddb chore(deps): bump the aws group across 1 directory with 5 updates (#8652)
bff0e9b fix(k8s): skip passed misconfigs for the summary report (#8684)
cc47711 fix(k8s): correct compare artifact versions (#8682)
b9b27fc chore: update Docker lib (#8681)
bfa99d2 refactor(misconf): remove unused terraform attribute methods (#8657)
890a360 feat(misconf): add option to pass Rego scanner to IaC scanner (#8369)
ad1c379 chore: typo fix to replace rego with repo on the RepoFlagGroup options error output (#8643)
dd28d4e docs: Add info about helm charts release (#8640)
1d42969 ci(helm): bump Trivy version to 0.61.0 for Trivy Helm Chart 0.13.0 (#8638)
7f41822 release: v0.61.0 [main] (#8507)
5b7704d fix(misconf): Improve logging for unsupported checks (#8634)
1bf0117 feat(k8s): add support for controllers (#8614)
346f5b3 fix(debian): don't include empty licenses for dpkgs (#8623)
ad58cf4 fix(misconf): Check values wholly prior to evalution (#8604)
c76764e chore(deps): Bump trivy-checks (#8619)
dbb6f28 fix(k8s): show report for --report all (#8613)
548a340 chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#8597)
c80310d refactor: rename scanner to service (#8584)
de7eb13 fix(misconf): do not skip loading documents from subdirectories (#8526)
f07030d refactor(misconf): get a block or attribute without calling HasChild (#8586)
ba77dbe fix(misconf): identify the chart file exactly by name (#8590)
7bafdca test: use table-driven tests in Helm scanner tests (#8592)
68b164d refactor(misconf): Simplify misconfig checks bundle parsing (#8533)
8e1019d chore(deps): bump the common group across 1 directory with 10 updates (#8566)
400a79c fix(misconf): do not use cty.NilVal for non-nil values (#8567)
fe400ea docs(cli): improve flag value display format (#8560)
1f05b45 fix(misconf): set default values for AWS::EKS::Cluster.ResourcesVpcConfig (#8548)
6973da6 docs: remove slack (#8565)
8b88238 fix: use --file-patterns flag for all post analyzers (#7365)
e8c32de docs(python): Mention pip-compile (#8484)
9913465 feat(misconf): adapt aws_opensearch_domain (#8550)
0d9865f feat(misconf): adapt AWS::EC2::VPC (#8534)
9bedd98 docs: fix a broken link (#8546)
c228307 fix(fs): check postAnalyzers for StaticPaths (#8543)
126d6cd refactor(misconf): remove unused methods for ec2.Instance (#8536)
b57eccb feat(misconf): adapt aws_default_security_group (#8538)
8bf6caf feat(fs): optimize scanning performance by direct file access for known paths (#8525)
8112cdf feat(misconf): adapt AWS::DynamoDB::Table (#8529)
124e161 style: Fix MD syntax in self-hosting.md (#8523)
7b96351 perf(misconf): retrieve check metadata from annotations once (#8478)
573502e feat(misconf): Add support for aws_ami (#8499)
c7814f1 fix(misconf): skip Azure CreateUiDefinition (#8503)
19e2c10 refactor(misconf): use OPA v1 (#8518)
41512f8 fix(misconf): add ephemeral block type to config schema (#8513)
0e5e909 perf(misconf): parse input for Rego once (#8483)
529957e feat: replace TinyGo with standard Go for WebAssembly modules (#8496)
fe09410 chore: replace deprecated tenv linter with usetesting (#8504)
e5072f1 fix(spdx): save text licenses into otherLicenses without normalize (#8502)
a930561 chore(deps): bump the common group across 1 directory with 13 updates (#8491)
463b117 chore: use go.mod for managing Go tools (#8493)
2998dcd ci(helm): bump Trivy version to 0.60.0 for Trivy Helm Chart 0.12.0 (#8494)
a4009f6 release: v0.60.0 [main] (#8327)
85cca8c fix(sbom): improve logic for binding direct dependency to parent component (#8489)
9892d04 chore(deps): remove missed replace of trivy-db (#8492)
8a89b2b chore(deps): bump alpine from 3.21.0 to 3.21.3 in the docker group across 1 directory (#8490)
57b08d6 chore(deps): update Go to 1.24 and switch to go-version-file (#8388)
453c66d docs: add abbreviation list (#8453)
f670602 chore(terraform): assign *terraform.Module 'parent' field (#8444)
dd54f80 feat: add report summary table (#8177)
ab1cf03 chore(deps): bump the github-actions group with 3 updates (#8473)
1f85b27 refactor(vex): improve SBOM reference handling with project standards (#8457)
da0b876 ci: update GitHub Actions cache to v4 (#8475)
d464807 feat: add --vuln-severity-source flag (#8269)
6b4cebe fix(os): add mapping OS aliases (#8466)
af1ea64 chore(deps): bump the aws group across 1 directory with 7 updates (#8468)
09cdae6 chore(deps): Bump trivy-checks to v1.7.1 (#8467)
3d3a3d6 refactor(report): write tables after rendering all results (#8357)
036ab75 docs: update VEX documentation index page (#8458)
bb3cca6 fix(db): fix case when 2 trivy-db were copied at the same time (#8452)
a99498c feat(misconf): render causes for Terraform (#8360)
a994453 fix(misconf): fix incorrect k8s locations due to JSON to YAML conversion (#8073)
4820eb7 feat(cyclonedx): Add initial support for loading external VEX files from SBOM references (#8254)
3840d90 chore(deps): update go-rustaudit location (#8450)
49456ba fix: update all documentation links (#8045)
b3521e8 chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#8443)
50364b8 chore(deps): bump the common group with 6 updates (#8411)
f987e41 fix(k8s): add missed option PkgRelationships (#8442)
ecc01bb fix(sbom): add SBOM file's filePath as Application FilePath if we can't detect its path (#8346)
e58dcfc feat(go): fix parsing main module version for go >= 1.24 (#8433)
9c609c4 refactor(misconf): make Rego scanner independent of config type (#7517)
a3cd693 fix(image): disable AVD-DS-0007 for history scanning (#8366)
a1c4bd7 fix(server): secrets inspectation for the config analyzer in client server mode (#8418)
613fc71 chore: remove mockery (#8417)
e9b3f0b test(server): replace mock driver with memory cache in server tests (#8416)
10b8127 test: replace mock with memory cache and fix non-deterministic tests (#8410)
5ed6fc6 test: replace mock with memory cache in scanner tests (#8413)
24d0e2b test: use memory cache (#8403)
72ea4b0 fix(spdx): init pkgFilePaths map for all formats (#8380)
9637286 chore(deps): bump the common group across 1 directory with 11 updates (#8381)
a3a68c6 docs: correct Ruby documentation (#8402)
3e503a0 chore: bump mockery to update v2.52.2 version and rebuild mock files (#8390)
8715e5d fix: don't use scope for trivy registry login command (#8393)
b675b06 fix(go): merge nested flags into string for ldflags for Go binaries (#8368)
f9c5043 chore(terraform): export module path on terraform modules (#8374)
398620b fix(terraform): apply parser options to submodule parsing (#8377)
02ebb4c docs: Fix typos in documentation (#8361)
7b10def docs: fix navigate links (#8336)
04c80a6 ci(helm): bump Trivy version to 0.59.1 for Trivy Helm Chart 0.11.1 (#8354)
f7b3f87 ci(spdx): add aqua-installer step to fix mage error (#8353)
ffa3023 chore: remove debug prints (#8347)
5695eb2 fix(misconf): do not log scanners when misconfig scanning is disabled (#8345)
3eb0b03 fix(report): remove html escaping for shortDescription and fullDescription fields for sarif reports (#8344)
3e13633 chore(deps): bump Go to v1.23.5 (#8341)
10cd98c fix(python): add poetry v2 support (#8323)
9b74384 chore(deps): bump the github-actions group across 1 directory with 4 updates (#8331)
39789ff fix(misconf): ecs include enhanced for container insights (#8326)
bd5baaf fix(sbom): preserve OS packages from multiple SBOMs (#8325)
1d5ab92 ci(helm): bump Trivy version to 0.59.0 for Trivy Helm Chart 0.11.0 (#8311)
a58d685 release: v0.59.0 [main] (#8041)
73bd20d feat(image): return error early if total size of layers exceeds limit (#8294)
0031a38 chore(deps): Bump trivy-checks (#8310)
87f3751 chore(terraform): add accessors to underlying raw hcl values (#8306)
2e8e38a fix: improve conversion of image config to Dockerfile (#8308)
f258fd5 docs: replace short codes with Unicode emojis (#8296)
db9e57a feat(k8s): improve artifact selections for specific namespaces (#8248)
da7bba9 chore: update code owners (#8303)
0a3887c fix(misconf): handle heredocs in dockerfile instructions (#8284)
846498d fix: de-duplicate same dpkg packages with different filePaths from different layers (#8298)
d749b62 chore(deps): bump the aws group with 7 updates (#8299)
13fe2ee chore(deps): bump the common group with 12 updates (#8301)
60491f8 chore: enable int-conversion from perfsprint (#8194)
b5062f3 feat(fs): use git commit hash as cache key for clean repositories (#8278)
aec8885 fix(spdx): use the hasExtractedLicensingInfos field for licenses that are not listed in the SPDX (#8077)
715575d chore: use require.ErrorContains when possible (#8291)
509e030 feat(image): prevent scanning oversized container images (#8178)
cc66d6d chore(deps): use aqua forks for github.com/liamg/jfather and github.com/liamg/iamgo (#8289)
eafd810 fix(fs): fix cache key generation to use UUID (#8275)
f12054e fix(misconf): correctly handle all YAML tags in K8S templates (#8259)
4316bcb feat: add support for registry mirrors (#8244)
2acd8e3 chore(deps): bump the common group across 1 directory with 29 updates (#8261)
2d30dd7 refactor(license): improve license expression normalization (#8257)
c002327 feat(misconf): support for ignoring by inline comments for Dockerfile (#8115)
6d84e0c feat: add a examples field to check metadata (#8068)
4f77e01 chore(deps): bump alpine from 3.20.0 to 3.21.0 in the docker group across 1 directory (#8196)
011012a ci: add workflow to restrict direct PRs to release branches (#8240)
ae28398 fix(suse): SUSE - update OSType constants and references for compatility (#8236)
92697c7 ci: fix path to main dir for canary builds (#8231)
ca41a28 chore(secret): add reported issues related to secrets in junit template (#8193)
243e5a3 refactor: use trivy-checks/pkg/specs package (#8226)
0aa2607 ci(helm): bump Trivy version to 0.58.1 for Trivy Helm Chart 0.10.0 (#8170)
23dc3a6 fix(misconf): allow null values only for tf variables (#8112)
a0429f7 feat(misconf): support for ignoring by inline comments for Helm (#8138)
f352f6b fix(redhat): check usr/share/buildinfo/ dir to detect content sets (#8222)
f9a6a71 chore(alpine): add EOL date for Alpine 3.21 (#8221)
670fbf2 fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field (#8207)
bbc5a85 fix(misconf): disable git terminal prompt on tf module load (#8026)
70f3faa chore: remove aws iam related scripts (#8179)
e8085ba docs: Updated JSON schema version 2 in the trivy documentation (#8188)
4f111b9 refactor(python): use once + debug for License acquired from METADATA... logs (#8175)
03db7fc refactor: use slices package instead of custom function (#8172)
eedefdd chore(deps): bump the common group with 6 updates (#8162)
49c54b4 feat(python): add support for uv dev and optional dependencies (#8134)
774e04d feat(python): add support for poetry dev dependencies (#8152)
735335f fix(sbom): attach nested packages to Application (#8144)
9fd5cc5 docs(vex): use debian minor version in examples (#8166)
b5859d3 refactor: add generic Set implementation (#8149)
e6d0ba5 chore(deps): bump the aws group across 1 directory with 6 updates (#8163)
a034d26 fix(python): skip dev group's deps for poetry (#8106)
7558df7 fix(sbom): use root package for unknown dependencies (if exists) (#8104)
30c7cb1 chore(deps): bump golang.org/x/net from v0.32.0 to v0.33.0 (#8140)
95f7a56 chore(vex): suppress CVE-2024-45338 (#8137)
c4a4a5f feat(python): add support for uv (#8080)
49f3540 chore(deps): bump the docker group across 1 directory with 3 updates (#8127)
dcf28a1 chore(deps): bump the common group across 1 directory with 14 updates (#8126)
e79e73d chore: bump go to 1.23.4 (#8123)
17827db test: set dummy value for NUGET_PACKAGES (#8107)
f0b3a99 chore(deps): bump github.com/CycloneDX/cyclonedx-go from v0.9.1 to v0.9.2 (#8105)
e7507f0 chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#8103)
2200f38 fix: wasm module test (#8099)
d7ac286 fix: CVE-2024-45337 : Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088)
328db73 chore(vex): suppress CVE-2024-45337 (#8101)
f5e4291 fix(license): always trim leading and trailing spaces for licenses (#8095)
f9fceb5 fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635)
4202c4b fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063)
156a2aa fix: enable err-error and errorf rules from perfsprint linter (#7859)
e8b31bf chore(deps): bump the aws group across 1 directory with 6 updates (#8074)
9bd6ed7 perf: avoid heap allocation in applier findPackage (#7883)
2c41ac8 fix: Updated twitter icon (#7772)
11dbf54 docs(k8s): add a note about multi-container pods (#7815)
da17dc7 feat: add --distro flag to manually specify OS distribution for vulnerability scanning (#8070)
90f1d8d fix(oracle): add architectures support for advisories (#4809)
51f2123 fix: handle BLOW_UNKNOWN error to download DBs (#8060)
ffe24e1 feat(misconf): generate placeholders for random provider resources (#8051)
fd07074 fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052)
5e68bdc fix(flag): skip hidden flags for --generate-default-config command (#8046)
9d9f80d fix(java): correctly overwrite version from depManagement if dependency uses project.* props (#8050)
7389961 feat(nodejs): respect peer dependencies for dependency tree (#7989)
1feb81c ci(helm): bump Trivy version to 0.58.0 for Trivy Helm Chart 0.10.0 (#8038)
21b68e1 fix: respect GITHUB_TOKEN to download artifacts from GHCR (#7580)
71391a5 chore(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 in the docker group (#8029)
07b2d7f fix(misconf): use log instead of fmt for logging (#8033)
775f954 docs: add commercial content (#8030)
cd01f23 release: v0.58.0 [main] (#7874)
54130dc fix(misconf): wrap AWS EnvVar to iac types (#7407)
a16270c chore(deps): Upgrade trivy-checks (#8018)
511b7d3 refactor(misconf): Remove unused options (#7896)
eaf8d41 docs: add terminology page to explain Trivy concepts (#7996)
d622ca2 feat: add workspaceRelationship (#7889)
0627992 refactor(sbom): simplify relationship generation (#7985)
c238c51 chore: remove Go checks (#7907)
745be1a docs: improve databases documentation (#7732)
f5bdc79 refactor: remove support for custom Terraform checks (#7901)
ad0ff5d docs: fix dead links (#7998)
7e2a8cb docs: drop AWS account scanning (#7997)
aeeba70 fix(aws): change CPU and Memory type of ContainerDefinition to a string (#7995)
4cfb2a9 fix(cli): Handle empty ignore files more gracefully (#7962)
fbc42a0 fix(misconf): load full Terraform module (#7925)
fe3a897 fix(misconf): properly resolve local Terraform cache (#7983)
44c7fdd refactor(k8s): add v prefix for Go packages (#7839)
5a93a77 test: replace Go checks with Rego (#7867)
e9a899a feat(misconf): log causes of HCL file parsing errors (#7634)
9054303 chore(deps): bump the aws group across 1 directory with 7 updates (#7991)
83cb3da chore(deps): bump github.com/moby/buildkit from 0.17.0 to 0.17.2 in the docker group across 1 directory (#7990)
53d12bc chore(deps): update csaf module dependency from csaf-poc to gocsaf (#7992)
32951f9 chore: downgrade the failed block expand message to debug (#7964)
de3b7ea fix(misconf): do not erase variable type for child modules (#7941)
5448ba2 feat(go): construct dependencies of go.mod main module in the parser (#7977)
bcdc0bb feat(go): construct dependencies in the parser (#7973)
e0f2054 feat: add cvss v4 score and vector in scan response (#7968)
de523ff docs: add overview page for others (#7972)
461a68a fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871)
45d3b40 feat(suse): Align SUSE/OpenSUSE OS Identifiers (#7965)
9688370 chore(deps): bump the common group with 4 updates (#7949)
b9b383e feat(oracle): add flavors support (#7858)
9988147 fix(misconf): Update trivy-checks default repo to mirror.gcr.io (#7953)
6565bef chore(deps): Bump up trivy-checks to v1.3.0 (#7959)
797b36f fix(k8s): check all results for vulnerabilities (#7946)
516e7cb ci(helm): bump Trivy version to 0.57.1 for Trivy Helm Chart 0.9.0 (#7945)
132d9df feat(secret): Add built-in secrets rules for Private Packagist (#7826)
afd7216 docs: Fix broken links (#7900)
9169f6f docs: fix mistakes/typos (#7942)
5ba9a83 feat: Update registry fallbacks (#7679)
07915da fix(alpine): add UID for removed packages (#7887)
58fdab2 chore(deps): bump the aws group with 6 updates (#7902)
40f6e35 chore(deps): bump the common group with 6 updates (#7904)
d982e6a fix(debian): infinite loop (#7928)
38775a5 fix(redhat): don't return error if root/buildinfo/content_manifests/ contains files that are not contentSets files (#7912)
a5f0ef5 docs: add note about temporary podman socket (#7921)
94791f8 docs: combine trivy.dev into trivy docs (#7884)
0d3d934 test: change branch in spdx schema link to check in integration tests (#7935)
c8add84 docs: add Headlamp to the Trivy Ecosystem page (#7916)
19aea4b fix(report): handle git@github.com schema for misconfigs in sarif report (#7898)
bdfcc19 chore(k8s): enhance k8s scan log (#6997)
611558e fix(terraform): set null value as fallback for missing variables (#7669)
99b2db3 fix(misconf): handle null properties in CloudFormation templates (#7813)
ab32297 fix(fs): add missing defered Cleanup() call to post analyzer fs (#7882)
6018461 chore(deps): bump the common group across 1 directory with 20 updates (#7876)
6e3252b chore: bump containerd to v2.0.0 (#7875)
eda4d76 fix: Improve version comparisons when build identifiers are present (#7873)
b1c7f55 feat(k8s): add default commands for unknown platform (#7863)
ed2288f chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#7868)
2529b58 refactor(secret): optimize performance by moving ToLower operation outside loop (#7862)
a6a45b3 test: save containerd image into archive and use in tests (#7816)
a9b557d chore(deps): bump the github-actions group across 1 directory with 2 updates (#7854)
4da59bd chore: bump golangci-lint to v1.61.0 (#7853)
efec326 release: v0.57.0 [main] (#7710)
7632625 chore: lint errors.Join (#7845)
5e78b6c feat(db): append errors (#7843)
dc44946 docs(java): add info about supported scopes (#7842)
7654b2e docs: add example of creating whitelist of checks (#7821)
194d4ab chore(deps): Bump trivy-checks (#7819)
e872ec0 fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733)
7882776 fix(k8s): skip resources without misconfigs (#7797)
f2bb9c6 fix(sbom): use Annotation instead of AttributionTexts for SPDX formats (#7811)
b661d68 fix(cli): add config name to skip-policy-update alias (#7820)
6fab88d fix(helm): properly handle multiple archived dependencies (#7782)
c70b6fa refactor(misconf): Deprecate EXCEPTIONS for misconfiguration scanning (#7776)
c434775 fix(k8s)!: support k8s multi container (#7444)
7a4f4d8 fix(k8s): support kubernetes v1.31 (#7810)
63dd3d6 docs: add Windows install instructions (#7800)
a16b830 ci(helm): auto public Helm chart after PR merged (#7526)
ad3c09e feat: add end of life date for Ubuntu 24.10 (#7787)
c0d79fa feat(report): update gitlab template to populate operating_system value (#7735)
f75c0d1 feat(misconf): Show misconfig ID in output (#7762)
9514148 feat(misconf): export unresolvable field of IaC types to Rego (#7765)
010b213 refactor(k8s): scan config files as a folder (#7690)
f6acdf7 fix(license): fix license normalization for Universal Permissive License (#7766)
57e24aa fix: enable usestdlibvars linter (#7770)
8d5dbc9 fix(misconf): properly expand dynamic blocks (#7612)
c225883 feat(cyclonedx): add file checksums to CycloneDX reports (#7507)
35fd018 fix(misconf): fix for Azure Storage Account network acls adaptation (#7602)
cd44bb4 refactor(misconf): simplify k8s scanner (#7717)
a7baa93 feat(parser): ignore white space in pom.xml files (#7747)
922949a test: use forked images (#7755)
778df82 fix(java): correctly inherit version and scope from upper/root depManagement and dependencies into parents (#7541)
c8c14d3 fix(misconf): check if property is not nil before conversion (#7578)
9da84f5 fix(misconf): change default ACL of digitalocean_spaces_bucket to private (#7577)
2eaa17e feat(misconf): ssl_mode support for GCP SQL DB instance (#7564)
bcfc37b test: define constants for test images (#7739)
83e5b83 docs: add note about disabled DS016 check (#7724)
ad91412 feat(misconf): public network support for Azure Storage Account (#7601)
633a7ab feat(cli): rename trivy auth to trivy registry (#7727)
31aa20a docs: apt-transport-https is a transitional package (#7678)
c78f45b refactor(misconf): introduce generic scanner (#7515)
672e886 fix(cli): clean --all deletes only relevant dirs (#7704)
27117f8 feat(cli): add trivy auth (#7664)
1f2e91b fix(sbom): add options for DBs in private registries (#7660)
55b5a7e docs(report): fix reporting doc format (#7671)
fdf203c fix(repo): git clone output to Stderr (#7561)
a585e95 fix(redhat): include arch in PURL qualifiers (#7654)
015bb88 fix(report): Fix invalid URI in SARIF report (#7645)
ab3a3b2 docs(report): Improve SARIF reporting doc (#7655)
2c87f0c fix(db): fix javadb downloading error handling (#7642)
cb0b3a9 feat(cli): error out when ignore file cannot be found (#7624)
d246401 release: v0.56.0 [main] (#7447)
fcaea74 fix(misconf): not to warn about missing selectors of libraries (#7638)
69bf7e0 feat: support RPM archives (#7628)
3e1fa21 fix(secret): change grafana token regex to find them without unquoted (#7627)
8735242 chore(deps): Bump trivy-checks to v1.1.0 (#7631)
82e2adc fix(misconf): Disable deprecated checks by default (#7632)
1faf529 chore: add prefixes to log messages (#7625)
c0e8da3 feat(misconf): Support --skip-* for all included modules (#7579)
3562529 feat: support multiple DB repositories for vulnerability and Java DB (#7605)
7602d14 ci: don't use cache for setup-go (#7622)
d4edeb5 test: use loaded image names (#7617)
b836232 feat(java): add empty versions if pom.xml dependency versions can't be detected (#7520)
60725f8 feat(secret): enhance secret scanning for python binary files (#7223)
9d1be41 refactor: fix auth error handling (#7615)
cb16d43 ci: split save and restore cache actions (#7614)
de40df9 fix(misconf): disable DS016 check for image history analyzer (#7540)
efdb68d feat(suse): added SUSE Linux Enterprise Micro support (#7294)
ef0a27d feat(misconf): add ability to disable checks by ID (#7536)
ea0cf03 fix(misconf): escape all special sequences (#7558)
9baf658 test: use a local registry for remote scanning (#7607)
a8fbe46 fix: allow access to '..' in mapfs (#7575)
13ef3e7 fix(db): check DownloadedAt for trivy-java-db (#7592)
3fa24e8 chore(deps): bump the common group across 1 directory with 20 updates (#7604)
1fdf30a ci: add workflow_dispatch trigger for test workflow. (#7606)
fea7250 ci: cache test images for integration, VM and module tests (#7599)
bbc8e1d chore(deps): remove broken replaces for opa and discovery (#7600)
8128ecc docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (#7458)
37d549e fix(misconf): Fixed scope for China Cloud (#7560)
1f9fc13 perf(misconf): use port ranges instead of enumeration (#7549)
5dd94eb fix(sbom): export bom-ref when converting a package to a component (#7340)
dbd2dd6 refactor(misconf): pass options to Rego scanner as is (#7529)
aeb7039 fix(sbom): parse type framework as library when unmarshalling CycloneDX files (#7527)
d1d7132 chore(deps): bump go-ebs-file (#7513)
56db43c fix(misconf): Fix logging typo (#7473)
f768d3a feat(misconf): Register checks only when needed (#7435)
e6f45cd refactor: split .egg and packaging analyzers (#7514)
5442949 fix(java): use dependencyManagement from root/child pom's for dependencies from parents (#7497)
0efd202 chore(vex): add CVE-2024-34155, CVE-2024-34156 and CVE-2024-34158 in trivy.openvex.json (#7510)
701dbda chore(deps): bump alpine from 3.20.0 to 3.20.3 (#7508)
42748c4 chore(vex): suppress openssl vulnerabilities (#7500)
04a854c docs: refine go docs (#7442)
b0222fe revert(java): stop supporting of test scope for pom.xml files (#7488)
8876e70 docs(db): add a manifest example (#7485)
6472e3c feat(license): improve license normalization (#7131)
d589856 docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (#7449)
7ff9aff fix(report): fix error with unmarshal of ExperimentalModifiedFindings (#7463)
927c6e0 fix(report): change a receiver of MarshalJSON (#7483)
dd0a64a fix(oracle): Update EOL date for Oracle 7 (#7480)
3642fe1 chore(deps): bump the aws group with 6 updates (#7468)
5375cd2 chore(deps): bump the common group across 1 directory with 19 updates (#7436)
e2118e8 chore(helm): bump up Trivy Helm chart (#7441)
412fb76 refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (#7451)
4926da7 fix(license): stop spliting a long license text (#7336)
7a1e8b8 release: v0.55.0 [main] (#7271)
2d80769 feat(go): use toolchain as stdlib version for go.mod files (#7163)
f80183c fix(license): add license handling to JUnit template (#7409)
2d97700 feat(java): add test scope support for pom.xml files (#7414)
870523d chore(deps): Bump trivy-checks and pin OPA (#7427)
da4ebfa fix(helm): explicitly define kind and apiVersion of volumeClaimTemplate element (#7362)
af1d257 feat(sbom): set User-Agent header on requests to Rekor (#7396)
1a6295c test: add integration plugin tests (#7299)
fd9ed3a fix(nodejs): check all importers to detect dev deps from pnpm-lock.yaml file (#7387)
c929290 fix: logger initialization before flags parsing (#7372)
feaef96 fix(aws): handle ECR repositories in different regions (#6217)
0cac3ac fix(misconf): fix infer type for null value (#7424)
bf64003 fix(secret): use .eyJ keyword for JWT secret (#7410)
3a5d091 fix(misconf): do not recreate filesystem map (#7416)
39c8024 chore(deps): Bump trivy-checks (#7417)
a5aa63e fix(misconf): do not register Rego libs in checks registry (#7420)
c96dcdd fix(sbom): use NOASSERTION for licenses fields in SPDX formats (#7403)
7aea79d feat(report): export modified findings in JSON (#7383)
4c6e8ca feat(server): Make Trivy Server Multiplexer Exported (#7389)
84118d0 chore: update CODEOWNERS (#7398)
391448a fix(secret): use only line with secret for long secret lines (#7412)
344dafd chore: fix allow rule of ignoring test files to make it case insensitive (#7415)
98e136e feat(misconf): port and protocol support for EC2 networks (#7146)
9d7264a fix(misconf): do not filter Terraform plan JSON by name (#7406)
44e4686 feat(misconf): support for ignore by nested attributes (#7205)
0799770 fix(misconf): use module to log when metadata retrieval fails (#7405)
dd9733e fix(report): escape Message field in asff.tpl template (#7401)
be86126 feat(misconf): Add support for using spec from on-disk bundle (#7179)
45a9627 docs: add pkg flags to config file page (#7370)
e9b43f8 feat(python): use minimum version for pip packages (#7348)
2a6c7ab fix(misconf): support deprecating for Go checks (#7377)
b65b32d fix(misconf): init frameworks before updating them (#7376)
9ef05fc feat(misconf): ignore duplicate checks (#7317)
bfdf5cf refactor(misconf): use slog (#7295)
6fe6727 chore(deps): bump trivy-checks (#7350)
24a4563 feat(server): add internal --path-prefix flag for client/server mode (#7321)
3f0e7eb chore(deps): bump the aws group across 1 directory with 7 updates (#7358)
05a8297 fix: safely check if the directory exists (#7353)
db2c955 feat(misconf): variable support for Terraform Plan (#7228)
efdbd8f feat(misconf): scanning support for YAML and JSON (#7311)
c5c62d5 fix(misconf): wrap Azure PortRange in iac types (#7357)
0c6687d refactor(misconf): highlight only affected rows (#7310)
aadb090 fix(misconf): change default TLS values for the Azure storage account (#7345)
0047dbf chore(deps): bump the common group with 9 updates (#7333)
ee339b5 docs(misconf): Update callsites to use correct naming (#7335)
08cc14b docs: update air-gapped docs (#7160)
59c1541 refactor: replace ftypes.Gradle with packageurl.TypeGradle (#7323)
2b6d8d9 perf(misconf): optimize work with context (#6968)
65d991c docs: update links to packaging.python.org (#7318)
7278abd docs: update client/server docs for misconf and license scanning (#7277)
ac3eb9d chore(deps): bump the common group across 1 directory with 7 updates (#7305)
fe92072 feat(misconf): iterator argument support for dynamic blocks (#7236)
f0ed5e4 fix(misconf): do not set default value for default_cache_behavior (#7234)
a817fae feat(misconf): support for policy and bucket grants (#7284)
a4180bd fix(misconf): load only submodule if it is specified in source (#7112)
c766831 perf(misconf): use json.Valid to check validity of JSON (#7308)
13789b7 refactor(misconf): remove unused universal scanner (#7293)
85dadf5 perf(misconf): do not convert contents of a YAML file to string (#7292)
bb2e26a fix(terraform): add aws_region name to presets (#7184)
555ac8c docs: add auto-generated config (#7261)
fd8348d feat(vuln): Add --detection-priority flag for accuracy tuning (#7288)
e95152f refactor(misconf): remove file filtering from parsers (#7289)
2a0e529 fix(flag): incorrect behavior for deprected flag --clear-cache (#7281)
49d5270 fix(java): Return error when trying to find a remote pom to avoid segfault (#7275)
b3ee6da fix(plugin): do not call GitHub content API for releases and tags (#7274)
35c60f0 feat(vm): support the Ext2/Ext3 filesystems (#6983)
7024572 feat(cli)!: delete deprecated SBOM flags (#7266)
45b3f34 feat(vm): Support direct filesystem (#7058)
ff403a3 release: v0.54.0 [main] (#7075)
b3ee4bc docs: update ecosystem page reporting with plopsec.com app (#7262)
3b7aad3 chore(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 (#7136)
c2fd2e0 feat(vex): retrieve VEX attestations from OCI registries (#7249)
4a2f492 feat(sbom): add image labels into SPDX and CycloneDX reports (#7257)
f198cf8 refactor(flag): return error if both --download-db-only and --download-java-db-only are specified (#7259)
54bb8bd fix(nodejs): detect direct dependencies when using latest version for files yarn.lock + package.json (#7110)
4e54a7e fix(java): avoid panic if deps from pom in it dir are not found (#7245)
805592d chore: show VEX notice for OSS maintainers in CI environments (#7246)
5c37361 feat(vuln): add --pkg-relationships (#7237)
f35f4a5 docs: show VEX cli pages + update config file page for VEX flags (#7244)
d76feba fix(dotnet): show nuget package dir not found log only when checking nuget packages (#7194)
8d5ba3f chore(deps): bump the common group across 1 directory with 17 updates (#7230)
88ba460 feat(vex): VEX Repository support (#7206)
174b1e3 fix(secret): skip regular strings contain secret patterns (#7182)
bff317c feat: share build-in rules (#7207)
c3036de fix(report): hide empty table when all secrets/license/misconfigs are ignored (#7171)
7fa5e7d fix(cli): error on missing config file (#7154)
8c87194 fix(secret): update length of hugging-face-access-token (#7216)
efb1f69 feat(sbom): add vulnerability support for SPDX formats (#7213)
0e286f0 ci: use free runner for all tests except build tests (#7215)
051ac39 chore(deps): bump the docker group across 1 directory with 2 updates (#7208)
92b13be fix(secret): trim excessively long lines (#7192)
9269563 chore(vex): update subcomponents for CVE-2023-42363 /42364/42365/42366 (#7201)
9d52018 fix(server): pass license categories to options (#7203)
5cbc452 feat(mariner): Add support for Azure Linux (#7186)
5f78045 docs: updates config file (#7188)
5f78ea4 refactor(fs): remove unused field for CompositeFS (#7195)
5bc662b fix(dotnet): don't include non-runtime libraries into report for *.deps.json files (#7039)
b76a725 chore(deps): bump goreleaser from v2.0.0 to v2.1.0 (#7162)
c8a7abd fix: add missing platform and type to spec (#7149)
7066f5e chore(deps): bump the aws group with 6 updates (#7166)
d1ec89d feat(misconf): enabled China configuration for ACRs (#7156)
2a577a7 fix: close file when failed to open gzip (#7164)
4308a0a docs: Fix PR documentation to use GitHub Discussions, not Issues (#7141)
d1f8967 docs(misconf): add info about limitations for terraform plan json (#7143)
a3a6de2 chore: add VEX for Trivy images (#7140)
e674c93 chore(deps): bump the common group across 1 directory with 7 updates (#7125)
d2f4da8 chore: add VEX document and generator for Trivy (#7128)
f27c236 fix(misconf): do not evaluate TF when a load error occurs (#7109)
7cbdb0a feat(cli): rename --vuln-type flag to --pkg-types flag (#7104)
5a9f1a6 refactor(secret): move warning about file size after IsBinary check (#7123)
ab0fd0d chore(deps): bump the docker group with 2 updates (#7116)
17b5dbf feat: add openSUSE tumbleweed detection and scanning (#6965)
a64993e test: add missing advisory details for integration tests database (#7122)
dc68a66 fix: Add dependencyManagement exclusions to the child exclusions (#6969)
ec3e0ca chore(deps): bump the aws group with 4 updates (#7115)
25f8143 fix: ignore nodes when listing permission is not allowed (#7107)
a7a304d fix(java): use go-mvn-version to remove Package duplicates (#7088)
cb89fbb refactor(secret): add warning about large files (#7085)
03ac93d feat(nodejs): add license parser to pnpm analyser (#7036)
266d9b1 refactor(sbom): add sbom prefix + filepaths for decode log messages (#7074)
1f5f348 feat: add log.FilePath() function for logger (#7080)
db68d10 chore: bump golangci-lint from v1.58 to v1.59 (#7077)
91f2237 chore(deps): bump the common group across 1 directory with 23 updates (#7066)
acbec05 perf(debian): use bytes.Index in emptyLineSplit to cut allocation (#7065)
fc6b3a7 refactor: pass DB dir to trivy-db (#7057)
6a307bb docs: navigate to the release highlights and summary (#7072)
c464726 chore(deps): bump the github-actions group with 2 updates (#7067)
c55b0e6 release: v0.53.0 [main] (#6855)
654217a feat(conda): add licenses support for environment.yml files (#6953)
3d4ae8b fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051)
55ccd06 feat: add memory cache backend (#7048)
14d71ba fix(sbom): use package UIDs for uniqueness (#7042)
edc556b feat(php): add installed.json file support (#4865)
4f8b399 docs: ✨ Updated ecosystem docs with reference to new community app (#7041)
137c916 fix: use embedded when command path not found (#7037)
9e4927e chore(deps): bump trivy-kubernetes version (#7012)
4be02ba refactor: use google/wire for cache (#7024)
e9fc3e3 fix(cli): show info message only when --scanners is available (#7032)
0ccdbfb chore: enable float-compare rule from testifylint (#6967)
9045f24 docs: Add sudo on commands, chmod before mv on install docs (#7009)
3d02a31 fix(plugin): respect --insecure (#7022)
8d618e4 feat(k8s)!: node-collector dynamic commands support (#6861)
a76e328 fix(sbom): take pkg name from purl for maven pkgs (#7008)
eb636c1 chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 (#7018)
8d0ae1f feat!: add clean subcommand (#6993)
de201dc chore: use ! for breaking changes (#6994)
979e118 feat(aws)!: Remove aws subcommand (#6995)
648ead9 refactor: replace global cache directory with parameter passing (#6986)
7eabb92 fix(sbom): use purl for bitnami pkg names (#6982)
333087c chore: bump Go toolchain version (#6984)
6dff422 refactor: unify cache implementations (#6977)
9dc8a2b docs: non-packaged and sbom clarifications (#6975)
b58d42d BREAKING(aws): Deprecate trivy aws as subcmd in favour of a plugin (#6819)
6469d37 docs: delete unknown URL (#6972)
30bcb95 refactor: u...
You can’t perform that action at this time.