Releases: aquasecurity/trivy
Releases · aquasecurity/trivy
v0.50.2
Changelog
- 9aa9e17 ci: use tmp dir inside Trivy repo dir for GoReleaser (#6533)
- 058f483 chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 (#6526)
- 9e3d2c5 chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#6523)
- 2ad8e33 fix(java): update logic to detect
pom.xmlfile snapshot artifacts from remote repositories (#6412)
v0.50.1
Changelog
- 5f69937 fix(sbom): fix error when parent of SPDX Relationships is not a package. (#6399)
- 258d153 fix(nodejs): merge
Indirect,Dev,ExternalReferencesfields for same deps frompackage-lock.jsonfiles v2 or later (#6356) - ade033a docs: add info about support for package license detection in
fs/repomodes (#6381) - f85c9fa fix(nodejs): add support for parsing
workspacesfrompackage.jsonas an object (#6231) - 9d7f5c9 fix: use
0600perms for tmp files for post analyzers (#6386) - f148eb1 fix(helm): scan the subcharts once (#6382)
- 97f95c4 docs(terraform): add file patterns for Terraform Plan (#6393)
- abd62ae fix(terraform): сhecking SSE encryption algorithm validity (#6341)
- 7c409fd fix(java): parse modules from
pom.xmlfiles once (#6312) - 1b68327 chore(deps): bump github.com/docker/docker from 25.0.3+incompatible to 25.0.5+incompatible (#6364)
- a2482c1 fix(server): add Locations for
Packagesin client/server mode (#6366) - e866bd5 fix(sbom): add check for
CreationInfoto nil when detecting SPDX created using Trivy (#6346) - 1870f28 fix(report): don't include empty strings in
.vulnerabilities[].identifiers[].urlwhengitlab.tplis used (#6348) - 6c81e55 chore(ubuntu): Add Ubuntu 22.04 EOL date (#6371)
v0.50.0
⚡Release highlights and summary⚡
👉 #6340
Changelog
- 8ec3938 chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#6321)
- f6c5d58 feat(java): add support licenses and graph for gradle lock files (#6140)
- c4022d6 feat(vex): consider root component for relationships (#6313)
- 3177924 fix: increase the default buffer size for scanning dpkg status files by 2 times (#6298)
- dd9620e chore: updates wazero to v1.7.0 (#6301)
- eb3ceb3 feat(sbom): Support license detection for SBOM scan (#6072)
- ab74caa refactor(sbom): use intermediate representation for SPDX (#6310)
- 71da44f docs(terraform): improve documentation for filtering by inline comments (#6284)
- 102b6df fix(terraform): fix policy document retrieval (#6276)
- aa19aaf refactor(terraform): remove unused custom error (#6303)
- 8fcef35 refactor(sbom): add intermediate representation for BOM (#6240)
- fb8c516 fix(amazon): check only major version of AL to find advisories (#6295)
- 96bd7ac fix(db): use schema version as tag only for
trivy-dbandtrivy-java-dbregistries by default (#6219) - 12c5bf0 fix(nodejs): add name validation for package name from
package.json(#6268) - d6c40ce docs: Added install instructions for FreeBSD (#6293)
- 9d2057a feat(image): customer podman host or socket option (#6256)
- 2a9d9bd chore(deps): bump wazero from 1.2.1 to 1.6.0 (#6290)
- 617c3e3 feat(java): mark dependencies from
maven-invoker-pluginintegration tests pom.xml files asDev(#6213) - 56cedc0 fix(license): reorder logic of how python package licenses are acquired (#6220)
- d7d7265 test(terraform): skip cached modules (#6281)
- 6639911 feat(secret): Support for detecting Hugging Face Access Tokens (#6236)
- 337cb75 fix(cloudformation): support of all SSE algorithms for s3 (#6270)
- 9361cdb feat(terraform): Terraform Plan snapshot scanning support (#6176)
- ee01e6e chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.26.6 to 1.27.4 (#6249)
- 3d2f583 fix: typo function name and comment optimization (#6200)
- c4b5ab7 fix(java): don't ignore runtime scope for pom.xml files (#6223)
- 355c1b5 chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#6242)
- 7244ece chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#6243)
- 5cd0566 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.1 to 1.51.1 (#6251)
- ebb74a5 chore(deps): bump github.com/hashicorp/go-uuid from 1.0.1 to 1.0.3 (#6253)
- 24a8d6a chore(deps): bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 (#6250)
- 9d0d7ad chore(deps): bump github.com/containerd/containerd from 1.7.12 to 1.7.13 (#6247)
- e8230e1 chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#6246)
- 04535b5 fix(license): add FilePath to results to allow for license path filtering via trivyignore file (#6215)
- 939e34e chore(deps): Upgrade iac deps (#6255)
- 7cb6c02 feat: add info log message about dev deps suppression (#6211)
- c1d26ec test(k8s): use test-db for k8s integration tests (#6222)
- 4f70468 ci: add maximize-build-space for
Testjob (#6221) - 1dfece8 fix(terraform): fix root module search (#6160)
- e1ea02c test(parser): squash test data for yarn (#6203)
- 64926d8 fix(terraform): do not re-expand dynamic blocks (#6151)
- eb54bb5 docs: update ecosystem page reporting with db app (#6201)
- dc76c6e fix: k8s summary separate infra and user finding results (#6120)
- 1b7e474 fix: add context to target finding on k8s table view (#6099)
- 876ab84 fix: Printf format err (#6198)
- eef7c4f refactor: better integration of the parser into Trivy (#6183)
- 069aae5 chore(deps): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 (#6189)
- 4a9ac6d feat(terraform): Add hyphen and non-ASCII support for domain names in credential extraction (#6108)
- 9c5e5a0 fix(vex): CSAF filtering should consider relationships (#5923)
- 388f476 refactor(report): Replacing
source_locationingithubreport when scanning an image (#5999) - cd3e4bc feat(vuln): ignore vulnerabilities by PURL (#6178)
- ce81c05 feat(java): add support for fetching packages from repos mentioned in pom.xml (#6171)
- cf0f0d0 feat(k8s): rancher rke2 version support (#5988)
- 8a3a113 docs: update kbom distribution for scanning (#6019)
- 19495ba chore: update CODEOWNERS (#6173)
- e787e1a fix(swift): try to use branch to resolve version (#6168)
- 327cf88 fix(terraform): ensure consistent path handling across OS (#6161)
- 8221473 fix(java): add only valid libs from
pom.propertiesfiles fromjars(#6164) - 7694df1 fix(sbom): skip executable file analysis if Rekor isn't a specified SBOM source (#6163)
- 74dc5b6 chore(deps): merge go-dep-parser into Trivy (#6094)
- 32a02a9 docs(report): add remark about
pathto filter licenses using.trivyignore.yamlfile (#6145) - fb79ea7 docs: update template path for gitlab-ci tutorial (#6144)
- c6844a7 feat(report): support for filtering licenses and secrets via rego policy files (#6004)
- a813506 fix(cyclonedx): move root component from scanned cyclonedx file to output cyclonedx file (#6113)
- 14adbb4 refactor(deps): Merge defsec into trivy (#6109)
- efe0e0f chore(deps): bump helm.sh/helm/v3 from 3.14.0 to 3.14.1 (#6142)
- 73dde32 docs: add SecObserve in CI/CD and reporting (#6139)
- aadbad1 fix(alpine): exclude empty licenses for apk packages (#6130)
- 14a0981 docs: add docs tutorial on custom policies with rego (#6104)
- 3ac6388 fix(nodejs): use project dir when searching for workspaces for Yarn.lock files (#6102)
- 3c1601b feat(vuln): show suppressed vulnerabilities in table (#6084)
- c107e1a docs: rename governance to principles (#6107)
- b26f217 docs: add governance (#6090)
- 7bd3b63 refactor(deps): Merge trivy-iac into Trivy (#6005)
- 535b5a9 feat(java): add dependency location support for
gradlefiles (#6083) - 428420e chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.11 to 1.15.15 (#6038)
- 7fec991 fix(misconf): get
userfromConfig.User(#6070)
v0.49.1
Changelog
- 6ccc0a5 fix: check unescaped
BomRefwhen matchingPkgIdentifier(#6025) - 458c5d9 docs: Fix broken link to "pronunciation" (#6057)
- 5c0ff6d chore(deps): bump actions/upload-artifact from 3 to 4 (#6047)
- e2bd7f7 chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 (#6042)
- f95fbcb chore(deps): bump k8s.io/api from 0.29.0 to 0.29.1 (#6043)
- 7651bf5 ci: reduce
root-reserve-mbsize formaximize-build-space(#6064) - fc20dfd chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.0 to 1.48.1 (#6041)
- 3bd80e7 chore(deps): bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 (#6039)
- 2900a21 fix: fix cursor usage in Redis Clear function (#6056)
- 85cb9a7 chore(deps): bump github.com/go-openapi/runtime from 0.26.0 to 0.27.1 (#6037)
- 4e962c0 fix(nodejs): add local packages support for
pnpm-lock.yamlfiles (#6034) - aa48a7b chore(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#6046)
- 8aabbea chore(deps): bump github.com/go-openapi/strfmt from 0.21.7 to 0.22.0 (#6044)
- ec02a65 chore(deps): bump actions/cache from 3.3.2 to 4.0.0 (#6048)
- 27d35ba test: fix flaky
TestDockerEngine(#6054) - c3a66da chore(deps): bump github.com/google/go-containerregistry from 0.17.0 to 0.19.0 (#6040)
- 2000fe2 chore(deps): bump easimon/maximize-build-space from 9 to 10 (#6049)
- 2be6421 chore(deps): bump alpine from 3.19.0 to 3.19.1 (#6051)
- 41c0ef6 chore(deps): bump github.com/moby/buildkit from 0.11.6 to 0.12.5 (#6028)
v0.49.0
⚡Release highlights and summary⚡
👉 #6033
Changelog
- 729a051 fix(java): recursive check all nested depManagements with import scope for pom.xml files (#5982)
- 884745b chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 (#6029)
- 59e5433 fix(cli): inconsistent behavior across CLI flags, environment variables, and config files (#5843)
- 5924c02 feat(rust): Support workspace.members parsing for Cargo.toml analysis (#5285)
- 4df9363 docs: add note about Bun (#6001)
- 70dd572 fix(report): use
AWS_REGIONenv for secrets inasfftemplate (#6011) - 13f797f fix: check returned error before deferring f.Close() (#6007)
- adfde63 feat(misconf): add support of buildkit instructions when building dockerfile from image config (#5990)
- e2eb70e feat(vuln): enable
--vexfor all targets (#5992) - f9da021 docs: update link to data sources (#6000)
- b4b90cf feat(java): add support for line numbers for pom.xml files (#5991)
- fb36c4e refactor(sbom): use new
metadata.toolsstruct for CycloneDX (#5981) - f6be42b docs: Update troubleshooting guide with image not found error (#5983)
- bb6caea style: update band logos (#5968)
- 189a46a chore(deps): Update misconfig deps (#5956)
- 91a2547 docs: update cosign tutorial and commands, update kyverno policy (#5929)
- a96f66f docs: update command to scan go binary (#5969)
- 2212d14 fix: handle non-parsable images names (#5965)
- 7cad04b chore(deps): bump aquaproj/aqua-installer from 2.1.2 to 2.2.0 (#5693)
- fbc1a83 fix(amazon): save system files for pkgs containing
amznin src (#5951) - 260aa28 fix(alpine): Add EOL support for alpine 3.19. (#5938)
- 2c9d7c6 feat: allow end-users to adjust K8S client QPS and burst (#5910)
- ffe2ca7 chore(deps): bump go-ebs-file (#5934)
- f90d4ee fix(nodejs): find licenses for packages with slash (#5836)
- c75143f fix(sbom): use
groupfield for pom.xml and nodejs files for CycloneDX reports (#5922) - a3fac90 fix: ignore no init containers (#5939)
- b1b4734 docs: Fix documentation of ecosystem (#5940)
- a2b6549 docs(misconf): multiple ignores in comment (#5926)
- ae134a9 fix(secret): find aws secrets ending with a comma or dot (#5921)
- c8c55fe chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.90 to 1.15.11 (#5885)
- 4d2e785 docs: ✨ Updated ecosystem docs with reference to new community app (#5918)
- 7895657 fix(java): don't remove excluded deps from upper pom's (#5838)
- 37e7e3e fix(java): check if a version exists when determining GAV by file name for
jarfiles (#5630) - d0c81e2 feat(vex): add PURL matching for CSAF VEX (#5890)
- 958e1f1 fix(secret):
AWS Secret Access Keymust include only secrets withawstext. (#5901) - 56c4e24 revert(report): don't escape new line characters for sarif format (#5897)
- 92d9b3d docs: improve filter by rego (#5402)
- a626cdf chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892)
- 47b6c28 docs: add_scan2html_to_trivy_ecosystem (#5875)
- 0ebb6c4 fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888)
- c47ed0d feat(vex): Add support for CSAF format (#5535)
- 2cdd65d chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.26.2 to 1.26.7 (#5880)
- cba67d1 chore(deps): bump actions/setup-go from 4 to 5 (#5845)
- d990e70 chore(deps): bump actions/stale from 8 to 9 (#5846)
- c72dfbf chore(deps): bump github.com/open-policy-agent/opa from 0.58.0 to 0.60.0 (#5853)
- 1218984 chore(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#5847)
- 682210a chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.28.0 (#5854)
- e1a60cc chore(deps): bump alpine from 3.18.5 to 3.19.0 (#5849)
- b508414 chore(deps): bump actions/setup-python from 4 to 5 (#5848)
- df3e90a feat(python): parse licenses from dist-info folder (#4724)
- fa2e883 chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 (#5852)
- 30eff9c feat(nodejs): add yarn alias support (#5818)
- 013df4c chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#5850)
- b1489f3 chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#5856)
- 7f2e422 chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855)
- da597c4 refactor: propagate time through context values (#5858)
- 1607eee refactor: move PkgRef under PkgIdentifier (#5831)
- b3d516e fix(cyclonedx): fix unmarshal for licenses (#5828)
- c17b660 chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830)
- 1f0d629 feat(vuln): include pkg identifier on detected vulnerabilities (#5439)
v0.48.3
v0.48.2
v0.48.1
Changelog
- ba825b2 chore(deps): bump trivy-iac to v0.7.1 (#5797)
- abf227e fix(bitnami): use a different comparer for detecting vulnerabilities (#5633)
- df49ea4 refactor(sbom): disable html escaping for CycloneDX (#5764)
- f25e2df refactor(purl): use
pubfrompackage-url(#5784) - b5e3b77 docs(python): add note to using
pip freezeforcompatible releases(#5760) - 6cc00c2 fix(report): use OS information for OS packages purl in
githubtemplate (#5783) - c317fe8 fix(report): fix error if miconfigs are empty (#5782)
- 9b4bced refactor(vuln): don't remove VendorSeverity in JSON report (#5761)
- be5a550 fix(report): don't mark misconfig passed tests as failed in junit.tpl (#5767)
- 01edbda docs(k8s): replace --scanners config with --scanners misconfig in docs (#5746)
- eb97419 fix(report): update Gitlab template (#5721)
- be1c554 feat(secret): add support of GitHub fine-grained tokens (#5740)
- a5342da fix(misconf): add an image misconf to result (#5731)
- 108a5b0 feat(secret): added support of Docker registry credentials (#5720)
- 6080e24 chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.25.11 (#5717)
- e27ec32 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.21.0 to 1.24.1 (#5701)
v0.48.0
⚡Release highlights and summary⚡
👉 #5724
Changelog
- f2aa9bf chore(deps): bump sigstore/cosign-installer from 4a861528be5e691840a69536975ada1d4c30349d to 1fc5bd396d372bee37d608f955b336615edf79c8 (#5696)
- 6d7e2f8 chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.1 (#5694)
- 0ff5f96 feat: filter k8s core components vuln results (#5713)
- a54d1e9 feat(vuln): remove duplicates in Fixed Version (#5596)
- 99c04c4 feat(report): output plugin (#4863)
- 70078b9 chore(deps): bump alpine from 3.18.4 to 3.18.5 (#5700)
- 49e83a6 chore(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 (#5704)
- af32cb3 chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.10.1 (#5699)
- 1766271 chore(deps): bump actions/github-script from 6 to 7 (#5697)
- 7ee8547 chore(deps): bump easimon/maximize-build-space from 8 to 9 (#5695)
- 654147f docs: typo in modules.md (#5712)
- 2569575 feat: Add flag to configure node-collector image ref (#5710)
- c061009 chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.1 to 1.9.0 (#5702)
- aedbd85 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.31.0 (#5698)
- e018b9c chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 (#5706)
- b5874e3 feat(misconf): Add
--misconfig-scannersoption (#5670) - 075d8f6 chore: bump Go to 1.21 (#5662)
- 16b757d feat: Packagesprops support (#5605)
- 372efc9 chore(deps): Bump up trivy misconf deps (#5656)
- edad5f6 docs: update adopters discussion template (#5632)
- ed9d340 docs: terraform tutorial links updated to point to correct loc (#5661)
- 8ff574e fix(secret): add
secand space to secret prefix foraws-secret-access-key(#5647) - ad977a4 fix(nodejs): support protocols for dependency section in yarn.lock files (#5612)
- b1dc60b fix(secret): exclude upper case before secret for
alibaba-access-key-id(#5618) - 65351d4 docs: Update Arch Linux package URL in installation.md (#5619)
- c866f1c chore: add prefix to image errors (#5601)
- ed0022b docs(vuln): fix link anchor (#5606)
- 3c81727 docs: Add Dagger integration section and cleanup Ecosystem CICD docs page (#5608)
- 2145464 fix: k8s friendly error messages kbom non cluster scans (#5594)
- 44d0b28 feat: set InstalledFiles for DEB and RPM packages (#5488)
- ae4bcf6 fix(report): use time.Time for CreatedAt (#5598)
- b6fafa0 test: retry containerd initialization (#5597)
- 1336223 feat(misconf): Expose misconf engine debug logs with
--debugoption (#5550) - 7105186 test: mock VM walker (#5589)
- d9d7f3f chore: bump node-collector v0.0.9 (#5591)
- e3c28f8 feat(misconf): Add support for
--cf-paramsfor CFT (#5507) - ac0e327 feat(flag): replace '--slow' with '--parallel' (#5572)
- 5372067 fix(report): add escaping for Sarif format (#5568)
- a389529 chore: show a deprecation notice for
--scanners config(#5587) - f4dd062 feat(report): Add CreatedAt to the JSON report. (#5542) (#5549)
- d005f5a test: mock RPM DB (#5567)
- a96ec35 feat: add aliases to '--scanners' (#5558)
- 950e431 refactor: reintroduce output writer (#5564)
- 2310f0d chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#5543)
- 04b93e9 chore: not load plugins for auto-generating docs (#5569)
- cccaa15 chore: sort supported AWS services (#5570)
- 3891e3d fix: no schedule toleration (#5562)
- 138feb0 fix(cli): set correct
scannersfork8starget (#5561) - cb241a8 fix(sbom): add
FilesAnalyzedandPackageVerificationCodefields for SPDX (#5533) - e7f6a5c refactor(misconf): Update refactored dependencies (#5245)
- 2f5afa5 feat(secret): add built-in rule for JWT tokens (#5480)
- 91fc8da fix: trivy k8s parse ecr image with arn (#5537)
- 05df244 fix: fail k8s resource scanning (#5529)
- a1b4744 refactor(misconf): don't remove Highlighted in json format (#5531)
- 7712f8f docs(k8s): fix link in kubernetes.md (#5524)
- 043fbfc docs(k8s): fix whitespace in list syntax (#5525)
v0.47.0
⚡Release highlights and summary⚡
👉 #5520
Changelog
- d6df5fb docs: add info that license scanning supports file-patterns flag (#5484)
- 156d4cc docs: add Zora integration into Ecosystem session (#5490)
- 772d1d0 fix(sbom): Use UUID as BomRef for packages with empty purl (#5448)
- df47073 ci: use maximize build space for K8s tests (#5387)
- fed4710 fix: correct error mismatch causing race in fast walks (#5516)
- 46f1b9e docs: k8s vulnerability scanning (#5515)
- fdb3a15 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.23.2 to 1.25.0 (#5506)
- d0d956f chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.2.2 to 2.3.0 (#5493)
- 68b0797 docs: remove glad for java datasources (#5508)
- 474167c chore(deps): bump github.com/testcontainers/testcontainers-go/modules/localstack from 0.21.0 to 0.26.0 (#5475)
- 7299867 chore: remove unused logger attribute in amazon detector (#5476)
- 8656bd9 fix: correct error mismatch causing race in fast walks (#5482)
- 2e10cd2 chore(deps): bump goreleaser/goreleaser-action from 4 to 5 (#5502)
- 13df746 chore(deps): bump docker/build-push-action from 4 to 5 (#5500)
- b0141cf chore(deps): bump github.com/package-url/packageurl-go from 0.1.2-0.20230812223828-f8bb31c1f10b to 0.1.2 (#5491)
- 520830b fix(server): add licenses to
BlobInfomessage (#5382) - 9a6e125 chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#5501)
- 6e59272 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.17.18 to 1.21.0 (#5497)
- f3de7bc feat: scan vulns on k8s core component apps (#5418)
- e2fb3dd fix(java): fix infinite loop when
relativePathfield points topom.xmlbeing scanned (#5470) - 3e833be chore(deps): bump github.com/docker/docker from 24.0.5+incompatible to 24.0.7+incompatible (#5472)
- ca50b77 fix(sbom): save digests for package/application when scanning SBOM files (#5432)
- 048150d docs: fix the broken link (#5454)
- 013d901 docs: fix error when installing
PyYAMLfor gh pages (#5462) - 26b4959 fix(java): download java-db once (#5442)
- 57fa701 chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.57.1 (#5447)
- 53c9a7d docs(misconf): Update
--tf-exclude-downloaded-modulesdescription (#5419) - 01c98d1 feat(misconf): Support
--ignore-policyin config scans (#5359) - 05b3c86 docs(misconf): fix broken table for
Use container imagesection (#5425) - 1a15a3a feat(dart): add graph support (#5374)
- f2a12f5 refactor: define a new struct for scan targets (#5397)
- 6040d9f fix(sbom): add missed
primaryURLandsource severityfor CycloneDX (#5399) - e5317c7 fix: correct invalid MD5 hashes for rpms ending with one or more zero bytes (#5393)
- 9fba79f chore(deps): move to aws-sdk-go-v2 (#5381)
- 00f2059 docs: remove --scanners none (#5384)
- 57a1022 docs: Update container_image.md #5182 (#5193)
- 5b2b4ea feat(report): Add
InstalledFilesfield to Package (#4706)