- Update to version 0.31.0:
* fix(flag): add error when there are no supported security checks (#2713)
* fix(vuln): continue scanning when no vuln found in the first application (#2712)
* revert: add new classes for vulnerabilities (#2701)
* feat(secret): detect secrets removed or overwritten in upper layer (#2611)
* fix(cli): secret scanning perf link fix (#2607)
* chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
* feat: Add AWS Cloud scanning (#2493)
* docs: specify the type when verifying an attestation (#2697)
* docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
* fix(rpc): scanResponse rpc conversion for custom resources (#2692)
* feat(rust): Add support for cargo-auditable (#2675)
* feat: Support passing value overrides for configuration checks (#2679)
* feat(sbom): add support for scanning a sbom attestation (#2652)
* chore(image): skip symlinks and hardlinks from tar scan (#2634)
* fix(report): Update junit.tpl (#2677)
* fix(cyclonedx): add nil check to metadata.component (#2673)
* docs(secret): fix missing and broken links (#2674)
* refactor(cyclonedx): implement json.Unmarshaler (#2662)
* chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
* chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
* feat(kubernetes): add option to specify kubeconfig file path (#2576)
* docs: follow Debian's "instructions to connect to a third-party repository" (#2511)
* chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
* chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
* chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
* chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
* chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
* chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
* chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)
OBS-URL: https://build.opensuse.org/request/show/997334
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=31
* fix(flag): add error when there are no supported security checks (#2713)
* fix(vuln): continue scanning when no vuln found in the first application (#2712)
* revert: add new classes for vulnerabilities (#2701)
* feat(secret): detect secrets removed or overwritten in upper layer (#2611)
* fix(cli): secret scanning perf link fix (#2607)
* chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
* feat: Add AWS Cloud scanning (#2493)
* docs: specify the type when verifying an attestation (#2697)
* docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
* fix(rpc): scanResponse rpc conversion for custom resources (#2692)
* feat(rust): Add support for cargo-auditable (#2675)
* feat: Support passing value overrides for configuration checks (#2679)
* feat(sbom): add support for scanning a sbom attestation (#2652)
* chore(image): skip symlinks and hardlinks from tar scan (#2634)
* fix(report): Update junit.tpl (#2677)
* fix(cyclonedx): add nil check to metadata.component (#2673)
* docs(secret): fix missing and broken links (#2674)
* refactor(cyclonedx): implement json.Unmarshaler (#2662)
* chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
* chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
* feat(kubernetes): add option to specify kubeconfig file path (#2576)
* docs: follow Debian's "instructions to connect to a third-party repository" (#2511)
* chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
* chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
* chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
* chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
* chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
* chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
* chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=15
- Update to version 0.29.2:
* chore: skip Visual Studio Code project folder (#2379)
* fix(helm): handle charts with templated names (#2374)
* docs: redirect operator docs to trivy-operator repo (#2372)
* fix(secret): use secret result when determining Failed status (#2370)
* try removing libdb-dev
* run integration tests in fanal
* use same testing images in fanal
* feat(helm): add support for trivy dbRepository (#2345)
* fix: Fix failing test due to deref lint issue
* test: Fix broken test
* fix: Fix makefile when no previous named ref is visible in a shallow clone
* chore: Fix linting issues in fanal
* refactor: Fix fanal import paths and remove dotfiles
* chore: bump defsec version v0.68.1
OBS-URL: https://build.opensuse.org/request/show/987818
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=27
* chore: skip Visual Studio Code project folder (#2379)
* fix(helm): handle charts with templated names (#2374)
* docs: redirect operator docs to trivy-operator repo (#2372)
* fix(secret): use secret result when determining Failed status (#2370)
* try removing libdb-dev
* run integration tests in fanal
* use same testing images in fanal
* feat(helm): add support for trivy dbRepository (#2345)
* fix: Fix failing test due to deref lint issue
* test: Fix broken test
* fix: Fix makefile when no previous named ref is visible in a shallow clone
* chore: Fix linting issues in fanal
* refactor: Fix fanal import paths and remove dotfiles
* chore: bump defsec version v0.68.1
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=6
- Update to version 0.21.3:
* fix(docs): typo (#1488)
* feat(plugin): Add option to update plugin (#1462)
* fix: fixed skipFiles/skipDirs flags for relative path (#1482)
* feat (plugin): add list and info command for plugin (#1452)
* fix: set up a vulnerability severity (#1458)
* chore: add arm64 deb package (#1480)
* Link to trivy tutorial on Semaphore (#1449)
* refactor(helm): externalize env vars to configMap (#1345)
* docs: provide more information on scanning Google's GCR (#1426)
* docs(misconfiguration): added instruction for misconfiguration detection (#1428)
* Update git-repository.md (#1430)
* fix(hooks): exclude unrelated lib types from system files filtering (#1431)
* chore: run `go fmt` (#1429)
* fix(sarif): change `help` field in the sarif template. (#1423)
* Update fanal with cfsec version update (#1425)
* Replace deprecated option in goreleaser (#1406)
* feat(alpine): support 3.15 (#1422)
* chore: test the helm chart in the PR and used the commit hash (#1414)
* chore(deps): bump alpine from 3.14 to 3.15.0 (#1417)
* chore(release): add ubuntu older versions to deploy script (#1416)
OBS-URL: https://build.opensuse.org/request/show/941786
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=12
- Update to version 0.21.1:
* chore(mod): tidy (#1415)
* fix(rpc): fix nil layer transmit (#1410)
* Lang advisory order (#1409)
* chore: add support for s390x arch (#1304)
* fix(chart): ingress helm manifest-update trivy image (#1323)
* docs: Add comparison for cfsec (#1388)
* remove: delete unused functions in utils package (#1379)
* fix(sarif): fix validation errors (#1376)
* docs: add Bitbucket Pipelines (#1374)
* docs: add community integrations (#1361)
* Use a stable SARIF identifier (#1230)
* fix(python): fix parsing of requirements.txt with hash checking mode available in pip since version 8.0
* feat(iac): Add line information (#1366)
* feat(cloudformation): Adding support for cfsec IaC scanning (#1360)
* chore: send debug and info logs to stdout in install.sh, not stderr. (#1264)
* Update containerd to v1.5.7 and docker-cli to v20.10.9 (#1356)
* chore: update SBOM generation (#1349)
OBS-URL: https://build.opensuse.org/request/show/935778
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=11
- Update to version 0.20.2:
* docs: update builtin.md (#1335)
* chore: fix issues with Homebrew formula (#1329)
* chore: bump GoReleaser to v0.183.0 (#1328)
* docs: update iac.md for a typo (#1326)
* docs: typo fix (#1308)
* Add new networking API features to Ingress (#1262)
* chore(release): bump up GoReleaser to v0.182.1 (#1299)
* fix(yarn): support quoted version (#1298)
* feat(custom-forward): Forward the extended advisory data (#1247)
* feat(javascript) : Initialize npm driver for javascript packages (#1289)
* fix(cli): fix incorrect comparision of DB metadata type. (#1286)
* docs: add footer to readme (#1281)
* feat(report): add package path (#1274)
* feat(command): add rootfs command (#1271)
* fix: update fanal (#1272)
* feat(commands): remove deprecated options (#1270)
* Aggregate jar result for table (#1269)
* BREAKING(report): migrate to new json schema (#1265)
* feat: improve --skip-dirs and --skip-files (#1249)
* fix(gobinary): skip large files (#1259)
* Disable library analyzer for OS only scan type (#1191)
* chore: update trivy version (#1252)
* refactor: move from io/ioutil to io and os package (#1245)
* fix: brew test command (#1253)
* fix:added layer info in packages (#1248)
* fix(go/binary): improve debug messages (#1244)
* Update db.go (#1199)
* fix(deps): fix CVE-2021-32760 for github.com/containerd/containerd (#1243)
* feat(debian): support the versions that reached EOL (#1237)
OBS-URL: https://build.opensuse.org/request/show/930653
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=10
- Update to version 0.18.3:
* chore(ci): change to more granular tokens (#1014)
* chore(ci): add Go scanning and update dependencies (#1001)
* docs: Add HIGH severity to Trivy command in GitLab CI example to match comment (#1013)
* fix(image): disable go.sum scanning (#1007)
* fix(gomod): handle go.sum with an empty line (#1006)
* feat: prepare for config scanning (#1005)
* Clarify that dev dependencies are excluded (#986)
* Include target value in Sarif template ruleID (#991)
* chore(mkdocs): allow workflow_dispatch (#989)
* fix(vuln) unique vulnerabilities from different data sources (#984)
* feat(go): added support of gomod analyzer (#978)
OBS-URL: https://build.opensuse.org/request/show/898184
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=8
- Update to version 0.13.0:
* fix(oracle): handle ksplice advisories (#745)
* fix: version comparison (#740)
* updated Readme.md (#737)
* Add suse sles 15.2 to the EOL list as well (#734)
* Update README.md (#731)
* Warn when a user attempts to use trivy without a detectable lockfile (#729)
* Add back support for FreeBSD & OpenBSD (#728)
* Add support for ppc64le architecture (#724)
* Skip packages from unsupported repository (remi) (#695)
* Skip downloading DB if a remote DB is not updated (#717)
* Sunsetting VendorVectors (#718)
* Add GitHub Container Registry to README (#712)
* update BUG_REPORT.md using H2 instead of bold formatting (#714)
* fix(ci/deb): do not remove old packages for EOL versions (#706)
* Add linter check support (#679)
* Optimize images (#696)
* Update triage.md (#701)
- remove 0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch (merged)
OBS-URL: https://build.opensuse.org/request/show/851108
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=5