v1.2.1

Improvements/Fixes

• Downgrade default ruby version to 3.1.4

Full Changelog: v1.2.0...v1.2.1

v1.2.0

New

• Trunk Tools: Hermetic runtime and CLI manager
• Linux arm64 support
• trivy secret scanning (disabled by default)
• New linter: pmd
• New action: trufflehog-pre-commit

Improvements/Fixes

• Better output for trivy
• Osv-scanner output improvements and optimizations
• Better support for Windows
• Fix run_linter_from for golangci-lint, gokart, buf-breaking

Full Changelog: v1.1.0...v1.2.0

v1.1.1

Improvements/Fixes

• Add support for private packages to golangci-lint

Full Changelog: v1.1.0...v1.1.1

v1.1.0

New

• New security linter: dustilock
• New security linter: trufflehog-git (a variant of trufflehog)
• New formatter: prisma

Improvements/Fixes

• Improve Windows CI tests
• Fix bandit to respect config files
• Fix osv-scanner line number reporting
• Fix trufflehog line number off-by-one errors
• Add downloads for Linux arm64
• Deprecate kube-linter@<0.6.1. Please update your config accordingly
• Trigger buf generate on changes to buf.gen.yaml and buf.work.yaml
• Fix autopep8 integration by pinning pycodestyle version

Full Changelog: v1.0.0...v1.1.0

v1.0.0

Improvements/Fixes

• Add additional arm64 downloads
• Improve messaging for trufflehog issues
• Add downloads and configuration to support Windows beta
• Setup automated testing for Windows
• Fix ruff configuration to create ruff.toml on enable if it doesn't already exist

Full Changelog: v0.0.22...v1.0.0

v0.0.22

New

• New linter: graphql-schema-linter
• New linter: perltidy
• New linter: perlcritic

Improvements/Fixes

• Add arm64 downloads for python runtime and several linters
• Update java jdk to 13, add download for jdk-17
• Fix osv-scanner parser for new linter versions
• Support tflint for versions >=0.47.0
• Include line information in trufflehog output
• Forward ssh auth variables in LFS git hooks
• Fix rome config filename
• Add a new parser for rubocop to improve diagnostics
• Remove support for older versions of gitleaks

New Contributors

• @dex4er made their first contribution in #342
• @brunowego made their first contribution in #360

Full Changelog: v0.0.21...v0.0.22

v0.0.21

Improvements/Fixes

• Fix bandit to read output from a tmp file

Full Changelog: v0.0.20...v0.0.21

v0.0.20

Improvements/Fixes

• Remove nancy from the list of auto-recommended linters.
• Use hermetic python3 stems rather than python when invoking parsers

Full Changelog: v0.0.19...v0.0.20

v0.0.19

Improvements/Fixes

• Fix trivy PATH setup
• Fix action git-blame-ignore-revs on Linux

Full Changelog: v0.0.18...v0.0.19

v0.0.18

New

• New formatter: txtpbfmt
• New action: npm-check-pre-push

Improvements/Fixes

• Fix trivy parsing when there are no vulnerabilities
• Bump LLVM version for clang-tidy and clang-format
• Update known good version for go linters
• Fix run_linter_from for tfsec
• Forward proxy env vars to runtimes if set
• Forward NODE_OPTIONS to node runtime if set
• Expand terrascan to work for multiple languages and filetypes
• Add python-interface as a python filetype
• Make osv-scanner diagnostics more concise
• Fix off-by-one errors for newer versions of ruff
• Enable trufflehog by default instead of gitleaks and fix trufflehog command
• Improve testing framework to keep security linters more up to date
• Improve messaging when running truck-check-pre-push-always
• Run npm install as a pre-push hook before running tests
• Make checkov a security linter
• Recommend enabling security linters by default

New Contributors

• @Ryang20718 made their first contribution in #292
• @pat-trunk-io made their first contribution in #298

Full Changelog: v0.0.17...v0.0.18