Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.33.0
->v1.35.1
0.48.0
->0.49.1
3.19.0
->3.19.1
5ebf282
->810dd33
v1.55.2
->v1.56.2
v0.13.0
->v0.14.3
Release Notes
adrienverge/yamllint (adrienverge/yamllint)
v1.35.1
Compare Source
v1.35.0
Compare Source
v1.34.0
Compare Source
aquasecurity/trivy (docker.io/aquasec/trivy)
v0.49.1
Compare Source
Changelog
6ccc0a5
fix: check unescapedBomRef
when matchingPkgIdentifier
(#6025)458c5d9
docs: Fix broken link to "pronunciation" (#6057)5c0ff6d
chore(deps): bump actions/upload-artifact from 3 to 4 (#6047)e2bd7f7
chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 (#6042)f95fbcb
chore(deps): bump k8s.io/api from 0.29.0 to 0.29.1 (#6043)7651bf5
ci: reduceroot-reserve-mb
size formaximize-build-space
(#6064)fc20dfd
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.0 to 1.48.1 (#6041)3bd80e7
chore(deps): bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 (#6039)2900a21
fix: fix cursor usage in Redis Clear function (#6056)85cb9a7
chore(deps): bump github.com/go-openapi/runtime from 0.26.0 to 0.27.1 (#6037)4e962c0
fix(nodejs): add local packages support forpnpm-lock.yaml
files (#6034)aa48a7b
chore(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#6046)8aabbea
chore(deps): bump github.com/go-openapi/strfmt from 0.21.7 to 0.22.0 (#6044)ec02a65
chore(deps): bump actions/cache from 3.3.2 to 4.0.0 (#6048)27d35ba
test: fix flakyTestDockerEngine
(#6054)c3a66da
chore(deps): bump github.com/google/go-containerregistry from 0.17.0 to 0.19.0 (#6040)2000fe2
chore(deps): bump easimon/maximize-build-space from 9 to 10 (#6049)2be6421
chore(deps): bump alpine from 3.19.0 to 3.19.1 (#6051)41c0ef6
chore(deps): bump github.com/moby/buildkit from 0.11.6 to 0.12.5 (#6028)v0.49.0
Compare Source
⚡Release highlights and summary⚡
👉 https://github.com/aquasecurity/trivy/discussions/6033
Changelog
729a051
fix(java): recursive check all nested depManagements with import scope for pom.xml files (#5982)884745b
chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 (#6029)59e5433
fix(cli): inconsistent behavior across CLI flags, environment variables, and config files (#5843)5924c02
feat(rust): Support workspace.members parsing for Cargo.toml analysis (#5285)4df9363
docs: add note about Bun (#6001)70dd572
fix(report): useAWS_REGION
env for secrets inasff
template (#6011)13f797f
fix: check returned error before deferring f.Close() (#6007)adfde63
feat(misconf): add support of buildkit instructions when building dockerfile from image config (#5990)e2eb70e
feat(vuln): enable--vex
for all targets (#5992)f9da021
docs: update link to data sources (#6000)b4b90cf
feat(java): add support for line numbers for pom.xml files (#5991)fb36c4e
refactor(sbom): use newmetadata.tools
struct for CycloneDX (#5981)f6be42b
docs: Update troubleshooting guide with image not found error (#5983)bb6caea
style: update band logos (#5968)189a46a
chore(deps): Update misconfig deps (#5956)91a2547
docs: update cosign tutorial and commands, update kyverno policy (#5929)a96f66f
docs: update command to scan go binary (#5969)2212d14
fix: handle non-parsable images names (#5965)7cad04b
chore(deps): bump aquaproj/aqua-installer from 2.1.2 to 2.2.0 (#5693)fbc1a83
fix(amazon): save system files for pkgs containingamzn
in src (#5951)260aa28
fix(alpine): Add EOL support for alpine 3.19. (#5938)2c9d7c6
feat: allow end-users to adjust K8S client QPS and burst (#5910)ffe2ca7
chore(deps): bump go-ebs-file (#5934)f90d4ee
fix(nodejs): find licenses for packages with slash (#5836)c75143f
fix(sbom): usegroup
field for pom.xml and nodejs files for CycloneDX reports (#5922)a3fac90
fix: ignore no init containers (#5939)b1b4734
docs: Fix documentation of ecosystem (#5940)a2b6549
docs(misconf): multiple ignores in comment (#5926)ae134a9
fix(secret): find aws secrets ending with a comma or dot (#5921)c8c55fe
chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.90 to 1.15.11 (#5885)4d2e785
docs: ✨ Updated ecosystem docs with reference to new community app (#5918)7895657
fix(java): don't remove excluded deps from upper pom's (#5838)37e7e3e
fix(java): check if a version exists when determining GAV by file name forjar
files (#5630)d0c81e2
feat(vex): add PURL matching for CSAF VEX (#5890)958e1f1
fix(secret):AWS Secret Access Key
must include only secrets withaws
text. (#5901)56c4e24
revert(report): don't escape new line characters for sarif format (#5897)92d9b3d
docs: improve filter by rego (#5402)a626cdf
chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892)47b6c28
docs: add_scan2html_to_trivy_ecosystem (#5875)0ebb6c4
fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888)c47ed0d
feat(vex): Add support for CSAF format (#5535)2cdd65d
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.26.2 to 1.26.7 (#5880)cba67d1
chore(deps): bump actions/setup-go from 4 to 5 (#5845)d990e70
chore(deps): bump actions/stale from 8 to 9 (#5846)c72dfbf
chore(deps): bump github.com/open-policy-agent/opa from 0.58.0 to 0.60.0 (#5853)1218984
chore(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#5847)682210a
chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.28.0 (#5854)e1a60cc
chore(deps): bump alpine from 3.18.5 to 3.19.0 (#5849)b508414
chore(deps): bump actions/setup-python from 4 to 5 (#5848)df3e90a
feat(python): parse licenses from dist-info folder (#4724)fa2e883
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 (#5852)30eff9c
feat(nodejs): add yarn alias support (#5818)013df4c
chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#5850)b1489f3
chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#5856)7f2e422
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855)da597c4
refactor: propagate time through context values (#5858)1607eee
refactor: move PkgRef under PkgIdentifier (#5831)b3d516e
fix(cyclonedx): fix unmarshal for licenses (#5828)c17b660
chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830)1f0d629
feat(vuln): include pkg identifier on detected vulnerabilities (#5439)v0.48.3
Compare Source
Changelog
eac7513
chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892)d866b71
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855)34ba96e
chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830)v0.48.2
Compare Source
Changelog
4cdff0e
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from v1.116.0 to v1.134.0 (#5822)be969d4
chore(deps): bump github.com/containerd/containerd from 1.7.7 to 1.7.11 (#5809)81748f5
chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#5805)v0.48.1
Compare Source
Changelog
ba825b2
chore(deps): bump trivy-iac to v0.7.1 (#5797)abf227e
fix(bitnami): use a different comparer for detecting vulnerabilities (#5633)df49ea4
refactor(sbom): disable html escaping for CycloneDX (#5764)f25e2df
refactor(purl): usepub
frompackage-url
(#5784)b5e3b77
docs(python): add note to usingpip freeze
forcompatible releases
(#5760)6cc00c2
fix(report): use OS information for OS packages purl ingithub
template (#5783)c317fe8
fix(report): fix error if miconfigs are empty (#5782)9b4bced
refactor(vuln): don't remove VendorSeverity in JSON report (#5761)be5a550
fix(report): don't mark misconfig passed tests as failed in junit.tpl (#5767)01edbda
docs(k8s): replace --scanners config with --scanners misconfig in docs (#5746)eb97419
fix(report): update Gitlab template (#5721)be1c554
feat(secret): add support of GitHub fine-grained tokens (#5740)a5342da
fix(misconf): add an image misconf to result (#5731)108a5b0
feat(secret): added support of Docker registry credentials (#5720)6080e24
chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.25.11 (#5717)e27ec32
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.21.0 to 1.24.1 (#5701)golangci/golangci-lint (golangci/golangci-lint)
v1.56.2
Compare Source
go-critic
: from 0.11.0 to 0.11.1gosec
: from 2.18.2 to 2.19.0testifylint
: from 1.1.1 to 1.1.2usestdlibvars
: from 1.24.0 to 1.25.0wsl
: from 4.2.0 to 4.2.1v1.56.1
Compare Source
errcheck
: from 1.6.3 to 1.7.0govet
: disableloopclosure
with go1.22revive
: from 1.3.6 to 1.3.7testifylint
: from 1.1.0 to 1.1.1v1.56.0
Compare Source
spancheck
linter https://github.com/jjti/go-spancheckdepguard
: from 2.1.0 to 2.2.0exhaustive
: from 0.11.0 to 0.12.0exhaustruct
: from 3.1.0 to 3.2.0gci
: from 0.11.2 to 0.12.1ginkgolinter
: from 0.14.1 to 0.15.2go-check-sumtype
: from 0.1.3 to 0.1.4go-critic
: from 0.9.0 to 0.11.0go-errorlint
: from 1.4.5 to 1.4.8go-spancheck
: from 0.4.2 to 0.5.2goconst
: from 1.6.0 to 1.7.0godot
: from 1.4.15 to 1.4.16gofumpt
: from 0.5.0 to 0.6.0inamedparam
: from 0.1.2 to 0.1.3ineffassign
: from 0.0.0-20230610083614-0e73809eb601 to 0.1.0ireturn
: from 0.2.2 to 0.3.0misspell
: add mode optionmusttag
: from v0.7.2 to v0.8.0paralleltest
: from 1.0.8 to 1.0.9perfsprint
: from 0.2.0 to 0.6.0protogetter
: from 0.2.3 to 0.3.4revive
: from 1.3.4 to 1.3.6sloglint
: add static-msg optionsloglint
: from 0.1.2 to 0.4.0testifylint
: from 0.2.3 to 1.1.0unparam
: from2022122
-7455f1af531d to2024010
-c549a3470d14whitespace
: update after moving to theanalysis
packagewsl
: from 3.4.0 to 4.2.0zerologlint
: from 0.1.3 to 0.1.5exhaustruct
struct regular expressions are expected to match the entirepackage/name/structname
Important
testifylint
has breaking changes about enabling/disabling checks:If you were using the option
enable
with a filtered list of checks, you should either adddisable-all: true
(1) or usedisable
field (2).Example (1)
- suite-dont-use-pkg
Example (2)
lycheeverse/lychee (lycheeverse/lychee)
v0.14.3
: Version 0.14.3Compare Source
What's Changed
Miscellaneous and Others 🔔
New Contributors
Full Changelog: lycheeverse/lychee@v0.14.2...v0.14.3
v0.14.2
: Version 0.14.2Compare Source
Overview
Minor bug fixes and improvements.
What's Changed
Miscellaneous and Others 🔔
--format=json
by @mre in https://github.com/lycheeverse/lychee/pull/1356include_mail
flag into config by @mre in https://github.com/lycheeverse/lychee/pull/1357New Contributors
Full Changelog: lycheeverse/lychee@v0.14.1...v0.14.2
v0.14.1
: Version 0.14.1Compare Source
Overview
This is a quick patch release with an important fix for the
accept
setting in the configuration, whichallows overwriting the accepted HTTP status codes.
We re-enabled support for integers:
You can also mix and match strings (e.g. for ranges) and integers now:
Ranges behave just like other ranges in Rust. See Range expression docs.
Special thanks to @Techassi for the quick turnaround on this one. 👍
What's Changed
Miscellaneous and Others 🔔
Full Changelog: lycheeverse/lychee@v0.14.0...v0.14.1
v0.14.0
: Version 0.14.0Compare Source
What's Changed
Breaking Changes and Bugs 🚨
Enhancements and Performance Improvements 🚀
srcset
parsing by @mre in https://github.com/lycheeverse/lychee/pull/1160Documentation and Maintenance 📚🔧
Miscellaneous and Others 🔔
Cargo.toml
by @Colerar in https://github.com/lycheeverse/lychee/pull/1251--accept
option / config field by @Techassi in https://github.com/lycheeverse/lychee/pull/1167New Contributors
Full Changelog: lycheeverse/lychee@v0.13.0...v0.14.0
Configuration
📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.