v4.6.0 - 2023-01-20
- 577a55d4: use httputil to construct requests
- 1f1010fe: add automatic memory limit discovery
- ef896eb6: bump actions/stale from 6 to 7
- 5a212ffe: bump peter-evans/create-pull-request from 4.1.4 to 4.2.3
- b883bc2b: bump gsactions/commit-message-checker from 1 to 2
- 33f4fcbd: Bump claircore to v1.4.17
- 54d44908: Bump Claircore to v1.4.16
- 430e6087: Bump Claircore to v1.4.15
- 652d8ce6: Bump Claircore to v1.4.14
- 9f6828cd: Update to Go 1.18 for local-dev
- 1c002bcd: added ppc64le support
- 4b37dcdf: Bump Claircore to v1.4.13
- 9b273420: Bump claircore to v1.4.12
- 1dfb42a0: use extracted git archive
- aff17a4a: update usage of
set-output
- a8a97f80: update cache action
- 7de63a9c: add tests for odd architectures
- e923360c: omit Dockerfile build args
- 14b8f690: enable go1.19
- 5a8128c1: inject version into built
clairctl
binaries - #1649### Clairctl
- a367a7ae: use a better user-agent
- 3b9ff6de: update with new signer
- ddea858f: Add the passed host to the signer
- adbaa567: use signer
- d8ad1ba4: update for httputil changes
- 8b899803: use git-archive for version information
- 9d1a7aab: fix typo in link
- 25ac033f: use new signer scheme in test
- a9228d40: add a
request_id
to logs - #1547### Httputil
- e746ff05: rework request signing and request restriction
- e08f3972: add signer option
- d99f7005: add explicit signer argument
v4.5.1 - 2022-11-22
v4.5.0 - 2022-11-04
- df77d75a: bump peter-evans/create-pull-request from 4.1.3 to 4.1.4
- e0aec666: Remove windows 386 as a binary target for releases
- 0772b85f: v4.5.0 changelog bump
- 070a611a: Bump Claircore to v1.4.11
- 5ff4805a: Bump Claircore to v1.4.10
- 08ad0697: Bump Claircore to v1.4.9
- 731c16f7: bump Claircore to v1.4.8
- 9b0f1a96: unify version information
v4.5.0-rc.0 - 2022-10-10
- 1a1d5662: remove Quay keyserver support
- 224d0698: bump actions/stale from 5 to 6
- 180b887c: bump peter-evans/create-pull-request from 4.1.2 to 4.1.3
- 0537bbc0: bump peter-evans/create-pull-request from 4.1.1 to 4.1.2
- 47a9c1cb: bump peter-evans/create-pull-request from 4.0.4 to 4.1.1
- 3cad3319: bump peter-evans/create-pull-request from 4.0.3 to 4.0.4
- c5975257: bump peter-evans/create-pull-request from 4.0.2 to 4.0.3
- 57dc2378: bump docker/setup-qemu-action from 1 to 2
- c4e2031b: bump docker/login-action from 1 to 2
- a9823a91: bump docker/setup-buildx-action from 1 to 2
- 7c8bafbe: bump docker/build-push-action from 2 to 3
- 4408b1bb: bump actions/download-artifact from 2 to 3
- 4c91a714: bump actions/setup-go from 2 to 3
- 64389db0: bump actions/upload-artifact from 2 to 3
- 1db22a62: bump peter-evans/create-pull-request from 4.0.1 to 4.0.2
- c0953e6f: bump actions/stale from 4 to 5
- 53e944f9: bump peter-evans/create-pull-request from 3.14.0 to 4.0.1
- c76efaee: bump actions/cache from 2 to 3
- 4bb2d332: replace API key request form URL
- 4d4c425b: Bump claircore to v1.4.4
- aae2d839: v4.5.0-rc.0 changelog bump
- 95073d0b: Bump claircore to v1.4.7
- 415b2a17: Add back Publish Binaries to upload clairctl versions
- c9041efa: bump Claircore to v1.4.6
- 039d2073: bump Claircore to v1.4.5
- 4e44f7ef: bump claircore v1.4.2 -> v1.4.3
- e2b8e101: Bump claircore v1.4.1 -> 1.4.2
- 3273a969: bump claircore to v1.3.2
- 45443c8e: fix prerelease conditional
- eea6fea1: fix config tidy check
- 4180d787: update workflows and machinery for go1.18
- b8882f9d: better argument error messages
- #1605### Clairctl
- f0d6a357: fix error reporting for streaming responses
- 677a3137: Don't use flag default combo
- f0e077e0: add "omitempty" tags everywhere
- f1bb53ea: implement TextMarshaler for LogLevel
- 6a99b61a: add top-level docs
- 9612ee67: remove rpmscanner files on startup
- a6609638: First wipe anything that might be left before starting clair indexers
- 6a6fd901: fix DB connection charts
- 6b60eef6: Only count index report creation latency for successful requests
- 17862ae3: Add DB connections to Grafana dashboard
- 37ca1ab0: Add dedicated serviceAccount
- 1d89c032: Wipe all the temporary files in the process of being fetched
- 187764a3: Wipe all the contents of /tmp on container start
- ae7675af: Use the readyz endpoint in startup probes
- Fixes #1488### Docker-Compose
- dfd68db8: remove -mod=vendor flag
- e689241b: strip binaries to reduce size
- 2af2a7f6: fix build with newer ubi8/ubi-minimal image
- f2e209c6: update for 1.18, add trimpath
- 369319cd: note tested
docker-compose
version
- 9258a313: add config reference cross-checking
- 9a74ac8f: add notes on metrics
- d09b3192: add link checker
- d583395e: update claircore version
- 12b676d4: patch update dependencies
- e1833161: update claircore version
- 65dcc39c: update minimum go version
- f34148ad: update discovery endpoint
- 88149118: use less-verbose instrumentation construction
- 51119521: update notification endpoints
- #1523- fa49078d: fix test log panic
- 19fa0aa8: Refactor Matcher to align with indexer
- ce462ea4: handle no notifier in "combo" mode
- 8e5d76d3: Return 4XX status code when Index() returns tarfs.ErrBadFormat
- f4db2610: allow custom health function
- 5c5a1ab4: log when request is rate-limited
- e5cb6a91: Update matcher client to match server definition
- e1664659: Spread clair_http_indexerv1_request_duration buckets
- b6ce5043: rework indexer buckets
- 668f443f: update initialization
- 472e70b6: clone headers on request
v4.4.4 - 2022-06-09
v4.4.3 - 2022-06-06
- 3682f31e: v4.4.3 changelog bump
v4.4.2 - 2022-05-26
- 2a4694bf: v4.4.2 changelog bump
v4.4.1 - 2022-04-04
- 363dca4d: v4.4.1 changelog bump
- cc5a916e: bump claircore to v1.3.2
- #1537### Httptransport
- d314e412: handle no notifier in "combo" mode
- #1531
v4.4.0 - 2022-03-16
- c7075aa4: v4.4.0 changelog bump
v4.4.0-rc.7 - 2022-03-14
- 94fdf1f8: v4.4.0-rc.7 changelog bump
- 87a2421f: use runner context object
v4.4.0-rc.6 - 2022-03-14
- 323e83ce: bump actions/checkout from 2 to 3
- 0ea0e9d5: v4.4.0-rc.6 changelog bump
- d4983fdb: fix extract step
- 5caad7fc: remove unused AffectedManifest handler
v4.4.0-rc.5 - 2022-03-03
- 8d2d1593: v4.4.0-rc.5 changelog bump
v4.4.0-rc.4 - 2022-03-03
- fa6fad70: v4.4.0-rc.4 changelog bump
- 3ba11c9c: checkout repo where needed
v4.4.0-rc.3 - 2022-03-03
- 593b868e: bump peter-evans/create-pull-request from 3.12.1 to 3.14.0
- 6d2dfbea: Update grafana dashboards
- cdb67fb6: matcher add status code label to matcher latency metric
v4.4.0-rc.2 - 2022-02-23
- 5454de31: v4.4.0-rc.2 changelog bump
- 8359de62: fix "chglog" typo
v4.4.0-rc.1 - 2022-02-23
- 6b029ffc: v4.4.0-rc.1 changelog bump
v4.4.0-rc.0 - 2022-02-23
- 496f24c9: bump peter-evans/create-pull-request from 3.12.0 to 3.12.1
- 422d6b4a: bump peter-evans/create-pull-request from 3.11.0 to 3.12.0
- 55dbdd99: bump peter-evans/create-pull-request from 3.10.1 to 3.11.0
- 0d2a60b3: bump peter-evans/create-pull-request from 3.5.1 to 3.10.1
- 5997745c: v4.4.0-rc.0 changelog bump
- bd115483: bump claircore to v1.3.1
- c1d66d61: update claircore version
- 953fa97b: update claircore version
- 74210ca1: update changelog to cope with submodule tags
- 5c44e70c: update claircore version
- 28647ba1: update claircore version
- 3399a752: update actions to use native conditional
- c473c92c: add CI job for config module
- 752988a9: fix output/outputs typo
- a930239b: fix nightly setup
- 6a6df52d: factor out go module and build caching
- dc30ee31: add conditional step hack
- 83f6bcf5: prevent push on unchanged code
- 8b173887: use common documentation action
- f185a9b4: use common expiration action
- bfc1abd3: add caches to release workflow
- 29d9153b: move config into a discrete step
- 9bb8cc7b: add some composite actions
- b9a9d069: use local go for mod check
- f7188e3d: add dependabot for GitHub Actions
- a8c7ebe9: uniform import/export compression
- 872ba0b1: add additional report flags
- ac80e5d8: add retries to manifest fetching
- dc3d1148: internal client improvements
- 1972a877: add DeleteManifests method
- e0f865ad: add deprecation notice to
max_conn_pool
- d2152205: MarshalText on value receiver
- 2cc4af7e: auto-size concurrent request capacity
- 1b4a736d: add tls for http API
- 9d2575d1: update sample config for crda-matcher
- 69e53bae: add documentation to all exported types
- cc7d8a37: consolidate and document default values
- 7bcfc206: move to use Mode and LogLevel types
- 9033bc9f: implement and use validator interface
- 63c26ab8: add linter
- 6759ce5c: add test for struct tags
- c6b2d3c5: swap notifier config structs
- 1f4ed842: use json for unmarshal test
- 11509eef: move notifier structs into this package
- 0439169a: remove yaml.Node in API
- eb64aa50: struct ordering and simplifications
- 579719a3: remove unused FilterSets method
- ae7e5a3b: do base64 encoding smarter
- 45fae9fa: Better visualization of API latency.
- 56c1fe90: Update grafana dashboard to relect new metrics names
- c88c406f: revert headless service
- 136f8e6b: grafana dashboard updates
- e2ff9a6b: make indexer service headless
- 3af15937: adding missing template variables
- b49b8f75: need to have single braces for strings
- e9a0ded5: add initContainer to wipe VPC on startup
- ded05191: add set podManagementPolicy to Parallel
- eddad2e6: use a real target for generating configMap
- f0e9108e: different directories for template and configmap
- 6c78d1fd: add indentation
- 7c258d39: add grafana configMap
- 7bfc9f94: update config secret
- 30964e6b: update zlog
- 3c2ad90f: add ActiveMQ container
- 16950591: add paused skopeo container
- f4f243f7: use profiles and anchors
- 8cc4bf29: update
max_conn_pool
- 722c0deb: link to upstream go package documentation
- 7d93d376: add crda remote matcher details
- c8024bbd: fix error message
- 9a21b499: use new IndexerV1 handler
- c66e2060: add IndexerV1 type
- 29ad2ba5: add concurrency limiter
- 85b851e9: add instrumentation helper
- 55198e82: add error helper
- d3cbb5ad: fix content negotiation
- #1441- 96bad4f4: error message correction
- 88cf06e5: gofmt simplification
- 6f9ca6bc: simpler codegen for openapi JSON
- 9ca1e8bd: move signed client creation
- 78819116: add DeleteManifests method
- 6562b707: update to new interfaces
- b2d68b39: config changes to restore grafana functionality
- d0ec89d1: quay: update for other config changes
- 2a0943b1: prometheus: update endpoints
- a8348361: pgadmin: update for multiple databases
- c92b02c2: grafana: update endpoint
- 3ee44c14: traefik: use file configuration
- 0fd11207: clair: update default dev config
- 356a4d7d: update targets and docs
- 2e8fc1d3: add cascade constraints
- d1e7791a: update to new interfaces
- fb1c0231: move Service interface here
- 0733900a: change DeleteNotification to CollectNotifications
- 4ba6aca0: use external concurrency in Delivery, Poller, Processor
- df0b2b4a: documentation and simplification pass
- 93a835ec: update OpenAPI spec with delete operations
- dab3735a: update tests
- 164219e8: add Init function
- e0db5ac2: refactor notification methods
- 4650b691: refactor receipt methods
- be87d387: refactor status getters
- 149ec354: refactor status setters
v4.3.6 - 2022-01-14
- 84801fa2: v4.3.6 changelog bump
- 8562653a: update claircore
- ca28de41: clone headers out of Config struct
v4.3.5 - 2021-11-19
- 844bfd24: v4.3.5 changelog bump
- bef331e6: Revert "chore: v3.4.5 changelog bump"
- c01d88c6: v3.4.5 changelog bump
- 8849c613: update claircore version
- #1437
v4.3.4 - 2021-11-05
v4.3.3 - 2021-11-05
v4.3.2 - 2021-10-29
- bfd97186: v4.3.2 changelog bump
v4.3.1 - 2021-10-28
v4.3.0 - 2021-10-01
- ce63ff26: v4.3.0 changelog bump
- 2cee4e1c: update secrets path
- 5493bbc0: remove dumb-init, tar
v4.3.0-rc.0 - 2021-09-28
- b5ea27bc: v4.3.0-rc.0 changelog bump
- d65432d3: update claircore version
- 5ab6c761: automation around v2 issues
- b53aeb71: update claircore version
- f06b0419: update go version
- 7f192003: create expiring, dated image
- 673ab1eb: update go version
- ace31fe6: re-vendor after modifying the module
- 411facfa: use push flag with build
- 7d29f694: add "nightly" workflow
- e36bc822: add script to edit module for nightly
- 66a3137a: update to new API
- b4ec7aa3: add CacheAge field
- 28b78c54: fix typo
- 22a25484: add Cache-Control header to VulnerabilityReport response
- 1d6ce962: documentation updates
- f7fdc906: fix auth test logging
- b3c3e385: default garbage collection on
- 0f6d0e4a: move to ctxlock
- 6b7029df: introduce the new NotifyContext
v4.2.3 - 2021-09-28
v4.2.2 - 2021-08-17
v4.2.1 - 2021-08-16
v4.2.0 - 2021-08-10
- 4cd09528: rate limit index report requests
- 5b129ad9: capture rate-limited requests
v4.2.0-rc.2 - 2021-07-29
- 263d6677: update claircore
- c888a3f2: Fix microdnf install inconsistencies
v4.2.0-rc.1 - 2021-07-20
- 9ce2af3f: remove jzelinskie from codeowners
- 45538e0c: add support for s3 registries using V4
- Fixes #1264### Config
- af6a1f49: omit Authorization header for empty claims
- Fixes #1283### Docker
- 22ee21df: reflect quay Dockerfile updates
- fee8bc5a: remove key management API
- 1e26de57: use new enrichers
- 8d128903: use the response recorder
- dc0b7079: remove package
- 49bfd4d7: disable updaters creates empty updater sets
- Fixes #1273### Migrations
- cef8142a: add future key table removal
- 85ac7bb8: remove KeyStore interface
- 5d032233: fix paths
- #1280### Postgres
- a5ae3426: update to new test database harness
- 6184ce33: update test harness
- 0ca77cec: remove KeyStore implementation and tests
- d1ca564c: remove KeyManager and KeyStore
- b3e490db: disable transport compression in matcher
- 79089a44: remove keymanager usage
v4.1.6 - 2021-09-28
v4.1.5 - 2021-08-17
v4.1.4 - 2021-08-16
v4.1.3 - 2021-08-11
v4.1.2 - 2021-08-06
- 804cbedb: use the response recorder
- #1318### Services
- bc60dcc2: disable transport compression in matcher
v4.1.1 - 2021-06-15
- 343e7da0: add support for s3 registries using V4
- Fixes #1264### Config
- ad9eccf9: omit Authorization header for empty claims
- #1284
v4.1.0 - 2021-05-13
- 66387930: use RateLimiter where it seems appropriate
- bc2b0591: update to use new libvuln API
- ed8ffc50: create package and RateLimiter
- 5df82e19: update call to Libindex contstructor
- ec59a431: enable readiness endpoint
v4.1.0-alpha.3 - 2021-05-04
- 4535b9f4: changelog fixups
- 1f9b5657: validate based on combo mode or not
- 9e67501d: fix LatestUpdateOperations method
v4.1.0-alpha.2 - 2021-04-09
- e0eea383: v4.1.0-alpha.2 changelog bump
- d5cac131: use stdlib time.Time encoding
- Closes #1231### Docs
- 60f9684a: minor updates
- cbdc9caa: update configuration file reference
v4.1.0-alpha.1 - 2021-04-05
- a5bfaeb3: switch to using codec package
- 493beb13: v4.1.0-alpha.1 changelog bump
- 47344357: v4.1.0-alpha.1 changelog bump
- 6e8a8383: bump cc to v0.4.0
- 5a6f1c3b: update claircore version for database fix
- ea0378d4: bump cc v0.3.0
- 6e195c99: fix yaml file indentation issue
- b1145e3a: sort changelog by semver
- 7dc55fa9: bump in go.16, bump out go1.14
- d5e57afb: enable CI on stable branches
- f7737e58: fix openshift ci/cd script
- 30c0311a: update golang container for go-mod in app-sre
- cb656dfb: add notifier to app interface
- 9254ab66: use quay.io image in CI and Dockerfile
- ecd8999c: fix initialization error logging
- dc2f8936: reorganize initialization
- 391c2f76: add Shutdown struct
- f1834212: bump to v0.2.0
- 5740a1b0: Add subpath to clairctl
- bd50a957: remove request body buffering
- ce11fd70: fix panic on request failure
- #1186### Codec
- 1fb6dcfd: add package for codec pooling
- e9390fad: add matchers settings
- eb519e07: allow gc to be disabled
- f2d73134: rework into specific validators
- 0f230f99: add support matrix
- 102ae88d: update cli reference
- 9d0a2b20: fix psk related config references
- 44303dcc: install clairctl correctly
- a3bb1b6d: use correct clairctl subcommands
- Closes #1122### Documentation
- 2e659250: modified testing.md for clarity
- #1180### Httptransport
- 21dc720a: add mime type to indexer and matcher handler
- 8616cc68: return Accepted when not ready
- 1ac26daf: fix panic in metrics registration
- 7305b3d7: use correct handler for state endpoint
- df5e7f96: check for err before deferring resp.Body.Close()
- b78f954d: bump to opentelemetry 0.16.0
- 1c85589a: remove unintented change in config.yaml
- 9f3d167d: move to zlog throughout
- 858c540b: add Initialized method
- 8e39fa40: remove defcon1 severity
- 8105b033: plumb update retention in
v4.0.6 - 2021-06-15
- cd64d3ff: changelog fixups
v4.0.5 - 2021-04-16
v4.0.4 - 2021-03-25
- 0800ba46: sort changelog by semver
- 7c4787bf: wire up DisableUpdaters option
v4.0.3 - 2021-03-12
v4.0.2 - 2021-02-18
- 5c236e6d: 4.0.2 changelog bump
v4.0.1 - 2021-02-15
v4.0.0 - 2020-12-15
- 73cdf7d9: v4.0.0 changelog bump
- Dockerfile: Get build image from Quay instead of DockerHub
- cicd: use golang image from quay.io
v4.0.0-rc.24 - 2020-12-11
v4.0.0-rc.23 - 2020-12-07
- 30444f3b: use golang image from quay.io
v4.0.0-rc.22 - 2020-12-02
- d962bef8: update links in howto/api
v4.0.0-rc.21 - 2020-12-01
- a576bf29: bump create pull request action
- 835af272: fix and codify import arguments
- b9ef1073: update import and export online help
- 9883e80f: unifiy config, client handling
- dc8ba891: expose notification summary toggle
- bb3cd669: add 'omitempty' to 'updaters' config struct for correct marshalling
- ea564d48: Fix slices in direct notifier
- c18563d9: Get build image from Quay instead of DockerHub
- 425fc38a: add clairctl's new powers to the reference
- f4169c43: Add information about AMQP delivery compatibility
- 550f6b93: fix pgadmin name
- 153f3e36: add summary tests
- dd2e16db: optionally disable per-manifest summary
- 77ca6535: log failed delivery reason
v4.0.0-rc.20 - 2020-11-02
v4.0.0-rc.19 - 2020-10-26
- ecdcc8ea: v4.0.0-rc.19 changelog bump
- 157628df: add custom config marshaling
- 1d4f6c33: new claircore version
v4.0.0-rc.18 - 2020-10-21
- f0881e4a: v4.0.0-rc.18 changelog bump
- 40abaa67: do less work
v4.0.0-rc.17 - 2020-10-19
- 37f77912: claircore bump v0.1.13
- d2bc2b6c: remove deprecated set-env commands
- 0cfda4dd: update documentation action
- 49e01d60: fix container build
- 2363778b: add environment variables for clairctl
- dc4bda49: add Makefile target to build docs website
- 15b607a9: add pgadmin4 container
- 673bd0fe: fix poller loop
v4.0.0-rc.16 - 2020-10-09
- 88407e25: v4.0.0-rc.16 changelog bump
- 96909bf3: exclude darwin/arm64
- 7786d7d3: more debugging
- 89c26ec5: more debugging
- 7a1eeafd: make sure the workspace exists
- 68c0318b: make empty changelog on manual trigger
- 4e5ee290: rig up a workflow_dispatch to help debugging
v4.0.0-rc.15 - 2020-10-09
- 8d87481b: v4.0.0-rc.15 changelog bump
- d7582487: maybe there's some newline issues
v4.0.0-rc.14 - 2020-10-09
- e46b4f89: v4.0.0-rc.14 changelog bump
- 58a987d6: invalid goos+goarch pair
v4.0.0-rc.13 - 2020-10-09
- 63263273: v4.0.0-rc.13 changelog bump
- f6a28c2d: fix goos/goarch
v4.0.0-rc.12 - 2020-10-08
- 61ce6759: v4.0.0-rc.12 changelog bump
- 28dcd944: parallelize release process, keep test failures
- b1fee08e: update some interactive help
- af868db1: update dependencies
- 3b602925: make quay container ignore validations
- Merge pull request #1086 from alecmerdler/webhook-notifier-headers
v4.0.0-rc.11 - 2020-10-02
- f9f86350: v4.0.0-rc.11 changelog bump
- a4e04105: allow HTTP client to specify claims
- 5aba7278: ensure yaml/json struct tag for auth 'Issuer' field are the same
- 57e1ed0a: pass configured client into notifier
- Merge pull request #1078 from alecmerdler/fix-issuer-struct-tag
v4.0.0-rc.10 - 2020-10-01
- 2c54a824: v4.0.0-rc.10 changelog bump
- f04bc76c: api reference check
- 0d8a2a4a: bump api reference
- bd1a3b77: update claircore version
- 2c9762b0: remove redundant method check
v4.0.0-rc.9 - 2020-09-29
- 04fab4a7: build container with local checkout
v4.0.0-rc.8 - 2020-09-29
- 6181cc6c: v4.0.0-rc.8 changelog bump
- 7520b091: fix container building
v4.0.0-rc.7 - 2020-09-29
- 9282d299: v4.0.0-rc.7 changelog bump
- 195ce7a5: move container building out of container
v4.0.0-rc.6 - 2020-09-29
- 2f5756de: v4.0.0-rc.6 changelog bump
- f6aa6e6e: use multiline string for clairctl build command
v4.0.0-rc.5 - 2020-09-29
- 9b9ab323: v4.0.0-rc.5 changelog bump
- 9aa8adc1: fix clairctl builds
v4.0.0-rc.4 - 2020-09-29
- 31adc6de: v4.0.0-rc.4 changelog bump
- d141c5ca: bump claircore to v0.1.9
- cd34ea9e: remove unused files
- 600c737c: constrain changelog
- c447bcce: commit check regexp fix
- 54ee2d25: change log generation and releases
- d34acaf5: update for v4
- e1144aaf: made discovery endpoint more Accepting
- 18e4db2c: doc and commit check fixes
- 7d95067f: remove first update constraint
v4.0.0-rc.3 - 2020-09-23
- f00698ba: psk fixup
- a38501b3: claircore bump to v0.1.8
- 32b327f7: fix nil check
- bc4c3243: use service prefix for simplified path routing
- 4f35fd09: rework mdbook
v4.0.0-rc.2 - 2020-09-11
- f41fba50: bump cc and golang container
v4.0.0-rc.1 - 2020-09-10
- 29ed5f60: use better guesses for "aud" claim
- 6932ad32: add keyserver algorithm allowlist
- dc91ec9e: test multiple PSK signing algorithms
- fb03692e: add integration tests
- 98c8ffd6: wire through new configuration options
- d1b60120: implement quay local development
- 9bd4f4df: test mode implementation
- 4b35c887: log better
- 717f8a0d: correctly close channels after amqp delivery
v4.0.0-alpha.7 - 2020-06-01
- 3ccc6e03: add support for per-scanner configuration
- 5a73cb49: make -mod=vendor opportunisitic (#999)
- #999- de32b072: update to alpine:3.11 for newest rpm
- badcac44: update yaml to v3
- 54c6a6d4: document exposed API
v4.0.0-alpha.6 - 2020-05-01
- ef5fbc4d: bump claircore version for severity fix
v4.0.0-alpha.5 - 2020-04-30
v4.0.0-alpha.4 - 2020-04-20
- 2ed3c2c8: rework auth config
- 5683018f: serve OpenAPI definition
v4.0.0-alpha.3 - 2020-04-14
- fa95f5d8: bump claircore version
- 1ba68911: add differ and refactor client
- b2666e57: set a canonical default port
- 33da12a3: run as unprivledged user by default
- fe324a58: start writing v4-specific docs
- f0039247: add go testing matrix
- ea5873bc: fix gh-pages argument
- cec05a35: more workflow automation
- a19407e4: fix asset name
- Merge pull request #955 from alecmerdler/openapi-fixes
- 74efdf6b: update roadmap
- Fixes #626- ce15f735: gofmt -s
- 5caa821c: remove bzr dependency
- 033cae7d: regenerate bill of materials
- 1f5bc263: rename example config
- d0ca4d1f: added bill-of-materials
- 324ad5f2: move all references in README to HEAD
- 836d37b2: use
path/filepath
instead ofpath
- 51e40862: Create a ROADMAP
- 16a652fa: refresh godeps
- f6baac36: refresh godeps
- 8f7e6585: remove tests from docker file
- 1e1eb921: add postgres 9.4 to travis
- 5fdd9d1a: add metadata support along with NVD CVSS
- 40a7c8a0: refresh godeps
- 4bdbd5e6: fix several tests
- b8b7be3f: remove health checker
- 82175dcf: add missing copyright headers
- 2c150b01: refactor & do initial work towards PostgreSQL implementation
- 8c1d3c9a: Fix
authentification
typo
- 9b1f2058: add stale and issue template enforcement
- 0151dbae: change api port to api addr, rename RunV2 to Run.
- Fixes #446- a378cb07: drop v1 api, changed v2 api for Clair v3.
- fbbffcd2: add opentelemetry hooks
- 59e6c628: refactor fetcher & git pull on update
- 9be305d1: truncate namespace to "vMAJOR.MINOR"
- f8457b98: compile alpine into clair binary
- 3d90cac4: add support for v3.4 YAML schema
- 69c0c843: Rename detector type to DType
- 48427e9b: Add detectors for RPC
- dc6be5d1: remove handleShutdown func
- 30644fcc: remove dependency on graceful
- 58022d97: renamed V2 API to V3 API for consistency.
- c6f0eaa3: fix remote addr shows reverse proxy addr problem
- a4edf385: v2 api with gRPC and gRPC-gateway
- Fixes #98- 6a50bbb8: fix 404 error logging
- 7aa88690: WriteHeader on health endpoint
- Fixes #141- f14e4de4: fix anchor link in docs
- 3563cf90: fix pagination token that's returned to match what has been passed
- 274a1620: log instead of panic when a response could not be marshaled
- 8d767005: add call duration in logs
- 418ab08c: adjust postLayer error codes
- f40f6a5a: add missing link field in vulnerability in getLayer
- 0e9a7e17: close gzip writer to flush it
- db974ae7: fix postLayer response headers
- 6f02119c: add bad requests to insert layer
- ca2b0ccf: support gzip responses
- c7aa7c4d: reorder constants and add comments
- 4516d6fd: make postLayer returns a Layer
- d19a4348: implement fernet encryption of pagination tokens
- b8c534cd: fix putVulnerability (fill missing Namespace.Name and Name fields)
- c2061dc6: fix negative timestamps in notifications
- f68012de: fix 404->500 and NPE issues
- c504d2ed: add FeatureFromDatabaseModel
- f351d630: add "Content-Type" and "Server" headers
- 2d8d9ca4: finish initial work on v1 API
- b9a6da4a: implement delete notification
- 96e96d94: handle last page for notifications
- 3eaae478: implement get notification
- 116ce1a8: fix log message when stopping the API server
- c05848e3: implement put vulnerability
- 8209922c: implement delete vulnerability
- dc99d45f: refactor endpoints and implement get vulnerability
- 6ac9b5e6: fix graceful stop
- 9a8d4aa5: implement post vulnerability
- 38aeed4f: implement get namespaces route
- b916fba4: implement delete layer route
- 04c73519: use pointers in models to get proper
omitempty
semantics - 1a5aa88b: use only one layer envelope
- fa45d516: add JSON tags to API models
- d130d2fa: implement getLayer
- 6b3f95dc: fix /v1 router and some status codes
- be9423b4: add request / response types and rename some fields
- 822ac7ab: add initial work on the new API
- 6e20993b: simplify getLayer route and JSON output
- e8b16175: return 400 if we can't extract a layer
- 99463822: Extracted client cert & HTTP JSON Render to utils.
- 9db0e634: Specify what packages cause the layer to have vulnerabilities.
- a75b8ac7: updated version_format documentation.
- Fixes #514### Api/Database
- 6d2eedf1: add the layer name that add each feature in getLayer
- e444e93c: Add the ability to delete layers
- 83b19b61: add prometheus metrics to API routes
- ebd0170f: fix JSON struct tag misnomer
- d4522e9c: indexed layers for notifications
- 68250f39: create namespace type
- Fixes #99### Api/V3
- 32b11e54: Add feature type to API feature
- f550dd16: remove dependency on google empty message
- d7a751e0: prototool format
- 6b9f668e: document and regenerate protos
- ec5014f8: regen protobufs
- 389b6e99: generate protobufs in docker
- 53e62577: s/Authorization/Headers (#167)
- #167- 9b5afc79: introduce optional authorization
- e78d076d: adjust error codes in postLayer
- 42b1ba9f: use Etag header to communicate indexer state change
- fd5993f9: add "mode" argument
- 40913295: change version information
- 8cbddd18: better introspection server defaults
- c097454c: logging and introspection setup
- a003aa41: add configuration for introspection
- d9db7c15: use "Updaters" config option
- 48daeaea: fix header casing
- fb28e569: remove os.Exit call on clean shutdown
- 8039e1c9: add authorization checking
- 1b413362: update claircore to 0.0.14
- 791610f1: remove goautoneg
- 7b6ef7da: reset writers when pulled from pool
- ad73d747: remove vendor directory
- 00eff59a: rewrite imports
- 1f2ceeb8: create module
- c6497dda: Fix namespace update logic
- 465687fa: Add more logging on ancestry cache hit
- 5b237649: Use builder pattern for constructing ancestry
- 02832401: Implement worker detector support
- 88961527: move worker to top level package
- e5c567f3: mv notifier to top level
- 9c63a639: mv updater clair and mv severity to db
- 343e24eb: remove
types
package - 19e9d123: catch both SIGINT and SIGTERM for graceful shutdown
- fb32dcfa: updated mock tests, extensions, basic logic
- f1c4798b: start on clair cli tool
- 0342a2a3: make pagination key error clearer
- 4f232698: add updaters and tracing options
- 162e8cda: enable suse updater
- 0609ed96: removed worker config
- af2c6886: not properly loaded error (#140)
- #140 - fixes #134- 30055af0: fallover correctly to default config
- 20af7874: fix default fallback
- 4fc32d22: add top-level YAML namespace 'clair'
- Fixes #95- bb7745f3: better document example
- 76b9f8ea: replace old k8s manifests with helm
- ac1cdd03: move grafana and compose here
- 5540d02b: delete unsupported tools
- f3840f30: Revert "Merge pull request #367 from jzelinskie/analyze-layers-v2"
- #367- d76c549d: add missing :=
- #367 - Fixes #368- e772be5f: only extract layers from history
- ff3c6ecc: Catch signals to delete tmp folder in local-analyze-images
- 55e9c0d8: Fix dead link from analyze-local-images' README
- 1040dbbf: Use
return
instead ofos.Exit(1)
in analyze-local-images - Fixes #117- 251df954: Add a ability to force colored output in analyze-local-images
- f0245762: Add vendors to analyze-local-images
- 80ddc7f9: Pretty up analyze-local-images
- e3417102: Add colors / Modify spacing in the analyze-local-images's output
- 93ffc5a1: Show feature line only if there's a vuln in analyze-local-images
- 910288fc: Add minimum severity support to analyze-local-images
- 001c0a73: adapt analyze-local-images for new API
- fee0bb5e: load image history from 'manifest.json' first due to docker 1.10 changes.
- Fixes #69- 75aff038: check-openvz-mirror-with-clair fix license
- 8b137e8a: add copyright in check-openvz-mirror-with-clair
- 7df8e7fb: add copyright in analyze-local-images
- 867279a5: Improve analyze-local-images docs and launch command.
- Fixes #32- 9391417b: Wait for extraction to finish before continuing.
- 8d071e28: Don't pass -z to tar in analyze-local-images
- 46f7645a: Add a tool to analyze local Docker images
- e1035286: use exit(1) when there are vulnerabilities
- 13be17a6: fix the ingress template
- f2ce8325: return nil when detector is empty
- 506698a4: add mapping for Ubuntu Eoan (19.10)
- 1ddc0532: Handle FindAncestryAndRollback datastore.Begin() error
- Fixes #828- 6617f560: Rename affected type to feature type (for Amazon Linux updater)
- 3fafb73c: Split models.go into different files each contains one model
- 1b9ed996: Move db logic to dbutil
- 961c7d46: add test for lock expiration
- a4e7873d: make locks SOI & add Extend method
- 5fa1ac89: Add StorageError type
- f6167535: Update feature model Remove source name/version fields Add Type field to indicate if it's binary package or source package
- 7dd989c0: Rename affected Type to feature type
- 00eed77b: Add feature_type database model
- dd91597f: remove FindLock from mock
- 399deab1: remove FindLock()
- 300bb526: add FindLock dbutil
- 4fbeb9ce: add (Acquire|Release)Lock dbutils
- 6c682da3: add mapping for Ubuntu Cosmic (18.10)
- a3f7387f: Add FindKeyValue function wrapper
- 00fadfc3: Add affected feature type
- f759dd54: Replace Parent Feature with source metadata
- 3fe894c5: Add parent feature pointer to Feature struct
- a3e9b5b5: rename utility functions with commit/rollback
- e657d263: move dbutil and testutil to database from pkg
- db2db8bb: Update database model and interface for detectors
- e1606167: Use LayerWithContent as Layer
- ff930390: changed Notification interface name
- a5c64000: postgres implementation with tests.
- b99e2b50: Add some missing copyright headers
- 629d2ce6: Mock Datastore interface
- e7b960c0: Allow specifying datastore driver by config
- Fixes #145- 79ba99bb: Fix invalid error message
- 9b191fb5: Find the FeatureVersion we try to insert before doing any lock
- 84319507: use constants to store queries
- 06531e01: disable hash/merge joins in FindLayer
- 18f2d7e6: modify join table in FindLayer to reduce cost by 3.5x
- b5d8f995: fix notification test (wrong signature)
- f0816d2c: add docs about the interface
- d3b14106: ignore insertLayer collisions to make it truly idempotent
- e3a25e53: ignore min versions during new vulnerability insertions
- 883be876: fix Ping() method in PostgreSQL's implementation
- f8b4a52f: make notification tests more robust (old/new, update/delete vulnerabilities)
- ccaaff00: add created_at field for layers and vulnerabilities
- 94ece7bf: fix notification design and add vulnerability history
- 99f35524: add Insert/DeleteVulnerabilityFix
- 03d904c6: improve PostgreSQL test inits and cleanups
- 8f9779e2: cache feature version upon lookup
- 1e4ded6f: add ability to list namespaces
- 35df7ca0: fix feature version cache
- 8be18a0a: write more of the notification system
- d3d689a2: don't prune locks when we renew one
- 26908003: create notification during vulnerability insertion
- 63ebddfd: add vulnerability deletion support
- 21f152c0: fix keyvalue/notification tests
- 563b3825: let handleErrors deal with the not found case
- 5759af5b: test and fix layer updates
- 248fc7df: fix cache collision (feature & feature versions)
- 92b734d0: remove an useless query in FindLayer
- bd17dfb5: ensure that concurrent vulnerability/feature versions insertions work fine
- 74fc5b3e: add missing transaction commits and close opened statement before inserting feature versions.
- c5d1a8e5: update vulnerabilities only when necessary
- 1b53142e: allow removing fixed packages in vulnerabilities
- 7c70fc1c: add initial vulnerability support
- 3a786ae0: add lock support
- 6a9cf21f: log and mask SQL errors
- 970756cd: do insert/find layers (with their features and vulnerabilities)
- 32747a5f: Don't ignore empty results in toValue(s)()
- 3fe3f3a4: Update cayley and use Triple instead of Quad
- 9fc29e29: put missing predicates in consts and un-expose some of them
- Fixes #16- 8285c567: Improve InsertVulnerabilities.
- cfa960d6: Update Cayley to fix slow deletions
- 915903c1: Fix to a locking issue with PostgreSQL
- 8aacc8bf: Ensure that quads in a tx are applied in the desired order.
- 3a1d0602: Use an estimator in Cayley's Size() w/ PostgreSQL
- b0142e19: reduce pruneLocks/Unlock transaction.
- 7f1ff8f9: reduce InsertPackages transaction
- 726bd3c0: add layer deletion support
- 0305dde9: MetadataMap decodes from string
- f229083e: Remove useless log message
- 57b146d0: updated for Clair V3, decoupled interfaces and models
- 627b98ef: fix SQL error reporting
- 8df8170b: convert to pure SQL
- 80f150f9: Add docker-compose.yml
- 2ca92d00: bump Go to 1.13
- c1e0f618: add git dependency
- 8918f405: update deps and move to Go 1.6
- ea193d3a: syntax updates and s/xz/xz-utils
- e56b95ac: use environment variables
- 33b3224d: update for clair v4
- df4f277d: use alpine linux 3.5 (bis)
- 4721e92b: use alpine linux 3.5
- 6b235207: remove useless volume
- 49b5621d: fix typo in running-clair
- 9ee2ff48: add troubleshooting about kernel packages
- 3f91bd2a: turn README into full articles
- 821a608b: add links to contrib tools
- 6e8e6ad2: fix broken link
- 107582c9: Correct docker-compose command
- 12c47e40: split http and json code blocks
- 37a58260: improve GET/POST /v1/layers documentation
- 859b1942: fix the docker cli of running clair in README.md
- fd6fdbd3: update config example
- 93291726: provide information to run Clair in README
- 7b608ced: Add missing field in API Example
- ec0decfc: fix a typo in the model
- Fixes #43### Documentation
- 3e6896c6: fix links to presentations
- Closes #661 - Closes #665 - Closes #560### Documentation
- c1a58bf9: add new 3rd party tool
- 5c585754: Add proxy support
- 8d10d93b: add localhost postgres
- 25078ac8: add CleanAll() utility functions
- 081ae34a: remove duplicate vectorValuesToLetters definition
- 4f0da12b: pass through CVSSv3 impact and exploitability score
- 8efc3e40: remove unneeded use of init()
- 699d1143: fixup incorrect copyright year
- b81e4454: Parse CVSSv3 data from JSON NVD feed
- 14277a8f: Add JSON NVD parsing tests
- aab46f56: Parse NVD JSON feed instead of XML
- 8d5a0131: Use SHA256 instead of SHA1 for fingerprinting
- 53bf19ae: Lister and Detector returns detector info with detected content
- cda3d481: feature detector -> featurefmt
- 71a8b542: misc doc comment fixes
- fb193e1f: namespace detector -> featurens
- d9be34c3: data detector -> imagefmt
- f9b31908: lock all drivers
- 1c40e7d0: Refactor featurefmt testing code
- a057e4a9: Extract source package from rpm database
- 0891bbac: use HTTPS
- d606d85a: fix logging namespace
- 300fe980: add missing version format
- 90f55920: replace arrays with slices
- 34c2d96b: Extract PotentialNamespace
- 0e0d8b38: Extract source packages and binary packages The featurefmt now extracts both binary packages and source packages from the package manager infos.
- 9561d623: use namespace's versionfmt to specify listers
- 947a8aa0: Ensure RHEL is correctly identified
- Fixes #436- 50437f32: fix detecting duplicated namespaces problem
- 75d5d40d: added multiple namespace testing for namespace detector
- 4e49aaf3: lock updater - return correct bool value
- 6a42aba3: add mailing list!
- c7a67edf: add issue template stable release notice
- f6cac473: add issue template
- 24ca12bd: move CONTRIBUTING to github dir
- 11b67e61: Fix git pull on non-git repository directory
- Fixes #641### Glide
- 165c397f: add errgroup and regenerate vendor
- d846c508: refresh dependencies
- ad58dd97: update to latest claircore
- 213468a6: Remove implicit git submodules
- 690d26ed: change postgresql connection string format in configmap template
- Fixes #561- 7a06a7a2: Fixed a typo in maintainers field.
- 710c6553: allow for ingress path configuration in values.yml
- bc6f37f1: Use Secret for config file. Fix some minor issues
- Fixes #581### Imagefmt
- 891ce169: Move layer blob download logic to blob.go
- 500355b5: add basic latency summary
- 8953724b: QoL changes to headers
- 741fc2c4: HTTP correctness changes
- 10d2f547: rename index endpoint
- ac0a0d49: add Accept-Encoding aware middleware
- 3a9ca8e5: add State method
- a5b92feb: add quay enterprise as well
- 015a79fd: replace arrays with slices
- 7ca9127b: default config to /etc/clair/config.yml
- eb7e5d5c: Use configuration file instead of flags and simplify app extension.
- 07a08a4f: add ubuntu mapping
- Fixes #552### Matcher
- 15c098c4: add basic latency summary
- 00179464: return OK instead of Created
- c28d2b3a: add debug output
- a541e964: list vulnerabilities by namespace
- 927af43b: Verify that the given webhook endpoint is an absolute URL
- 2fb815dc: Add proxy parameter to webhook notifier
- 136b9070: add README
- 904ce600: add a timeout on the http client
- 4478f40e: fix notifier error handling and improve web hook error message
- f4a4d417: Rename HTTP to Webhook Notifier
- 2ea86c53: fix a bug that prevented graceful shutdown in certain cases
- 480589a8: retry upon failure
- 3ff8bfaa: Allow custom notifiers to be registered.
- b3828c9c: add ServerName configuration for TLS
- 20a126c8: Refactor and add client certificate authentification support.
- Fixes #23### Notifier/Database
- ad0531ac: refactor notification system and add initial Prometheus support
- c60d0054: draft new notification system
- e953a259: fix the name of a field
- 1949ec3a: lint and update Layer
- d88f7978: avoid colliding with other detectors
- 57a4f977: fixed invalidating vulnerability cache query.
- 0731df97: Remove unused test code
- dfa07f6d: Move notification to its module
- 921acb26: Split vulnerability.go to files in vulnerability module
- 7cc83ccb: Split ancestry.go to files in ancestry module
- 497b79a2: Add test for migrations
- ea418cff: Split layer.go to files in layer module
- 176c69e5: Move namespace to its module
- 98e81ff5: Move keyvalue to keyvalue module
- ba50d7c6: Move lock to lock module
- 0b32b36c: Move detector to pgsql/detector module
- c50a2339: Split feature.go to table based files in feature module
- 43f3ea87: Move batch queries to corresponding modules
- a3305063: Move extra logic in pgsql.go to util folder
- 8bebea36: Split testutil.go into multiple files
- b03f1bc3: Fix failed tests
- ed9c6baf: Fix pgsql test
- 5bf8365f: Prevent inserting invalid entry to database
- 8aae73f1: Remove unnecessary logs
- 79af05e6: Fix postgres queries for feature_type
- 073c685c: Add proper tests for database migration
- c6c8fce3: Add feature_type to initial schema
- a57d8067: fix unchecked error
- 0c1b80b2: Implement database queries for detector relationship
- 9c49d9dc: Move queries to corresponding files
- dca2d4e5: Add detector to database schema
- 53433090: update the query format
- aea74550: Expand layer, namespace column widths
- ca9f340a: only select distinct layers
- ea73aa15: searchNotificationLayerIntroducingVulnerability order by layer ID
- 7a3dd5c8: Disable hashjoins to get introducing layers for notifications
- dc8f7102: Reduce cost of GetNotification by 2.5
- ec0aad9b: Use booleans instead of varchar to return creation status
- cd23262e: Do not insert entry in Vulnerability_FixedIn_Feature if existing
- Fixes #238- b8865b21: Replace liamstask/goose by remind101/migrate
- Fixes #93- 5d8336ac: use subquery to plan GetNotification query (#182)
- #182- 51f9c5dc: remove unnecessary join used in GetNotification (#179)
- #179### Pgsql/Migrations
- 224ff825: fix dpkg default versionfmt
- eeb13a02: add index on Vulnerability_Notification.deleted_at
- 7cff31a0: add ldfv compound index
- c3904c96: Add fsutil to contian file system utility functions
- 78cef02f: cerrors -> commonerr
- 03bac0f1: utils/tar.go -> pkg/tarutil
- c2d887f9: init
- 00e4f709: init from utils.Stopper
- 45ecf188: init
- 4f0f8136: fix grafana's updater notes graph
- cf3573cf: correct notifier latency metric in grafana
- 3defe644: add quantile to grafana
- 0c5cdab0: update grafana
- baed60e1: add initial Prometheus support
- 9338f28e: fix ordering
- 4db72b8c: fixed issues address
- 6c3b3986: fix IRC copypasta
- f36aa120: clean up after README refactor
- 3b2c4e5e: improve readability
- 346c22fe: s/Namespace/Feature Namespace
- 6c906358: update to reflect ext directory
- 67be72b9: rm images from repo
- a1bbd7db: add git dependency
- 805f620b: add alpine data sources
- 861cba0f: s/1.2.2/1.2.4
- 4bc64161: include data licenses for data sources (#219)
- #219- c4281b3a: add reference to Klar tool
- 4246c524: add master branch warning
- 4ab49ee0: Fix Kubernetes instructions
- 9ce0956f: add instructions for kubernetes
- e72f0e69: Reduce logo size
- 9573acbc: Add logo
- f6ba17df: Update Docker Compose instructions
- 20ecc847: Add FeatureDetector and NamespaceDetector
- 440b5d58: fix godoc badge copypasta
- ec8cf9fb: add documentation with links
- fe1e0666: nitpick
- 6b8e198e: fix link
- 80977f23: add go report card
- c61eebaf: move diagram to architecture section
- 6e196e41: add diagram & custom data sources
- ef7ccd37: minor grammar/spelling tweaks
- a10260c8: add container badge
- e9eb761d: refresh with current priorities
- a8c58d4e: add various talks & slides
- 93f7f10b: replace latest by v1.2.2 and add reference to container repositories
- 49fa75a6: split "Related Links" into projects/slides (#177)
- #177 - Fixes #173- b3837673: add dependencies to getting started
- 0979b01a: add terminology and generic customization
- d47616a3: make API description consistence
- af0ddcea: s/notification/notifications
- 2140995a: clarify "marked as read" notifications
- f48f94cb: continue to nitpick
- cadc182c: add travis-ci badge
- ce8d31bb: override match for RHEL hosts
- 4a990372: move updaters and notifier into ext
- bd68578b: Fix typo in headline
- a3a37072: convert all filename specs to regexps
- afd7fe25: allow file names to be specified by regexp
- fixes #456### Travis
- 52ecf35c: fail if not gofmt -s
- 7492aa31: fail unformatted protos
- 4fab3273: add matrix for postgres
- 2d0be7cc: update to use Go 1.7, glide
- bed3662e: allow golang 'tip' failures (#202)
- #202- 0423f976: test against Go 1.6
- 02d38843: disable install step
- 1b55d387: add missing rpm dependency
- 5873ab89: initial travis.yml
- 870e8123: Drop support for postgres 9.4 postgres 9.4 doesn't support ON CONFLICT, which is required in our implementation.
- 1105102b: talk about SUSE support
- 435d0539: networking.k8s.io/v1beta1
- 7084a226: extract deduplicate function
- e16d17dd: remove original RunUpdate()
- 0d41968a: reimplement fetch() with errgroup
- 6c5be7e1: refactor to use errgroup
- 2236b0a5: Add vulnsrc affected feature type
- 0d18a629: sleep before continuing the lock loop
- Fixes #415- edfadc2f: Log fetch completion
- b792eb61: copy whole namespace when deduping vulns
- 96398465: Set vulns' Severity from NVD metadata fetcher if unknown
- 1c3daa23: minimize vulns' lock duration in the NVD metadata fetcher
- be97db52: enable fetching of RHEL 5 vulnerabilities (#217)
- #217 - Fixes #215- 34f62ef1: delete Ubuntu's repository upon bzr errors
- Fixes #169- 45ed80df: remove useless error
- 2126259c: use a better link for Ubuntu vulnerabilities and rename some constants
- 431c0ccb: add a clean function to fetchers
- 3ecb8b69: ignore "ubuntu-core" in the Ubuntu fetcher
- 8e852348: ensure that ubuntu's notes are unique
- 99de7592: namespace and split Ubuntu/RHEL vulnerabilities
- 847c6492: update RHEL fetcher and add not-affected capability
- ea59b0e4: update Ubuntu fetcher and add not-affected capability
- 7e72eb10: ignore Debian's "temp" vulnerabilities
- 77387af2: port updater and its fetchers
- 452f7018: move each fetcher to its own package
- e91365f4: fix typos
- 712aa11b: Add support for Ubuntu Vivid Core and ignore Vivid PhoneOverlay
- c055c33c: Fix Ubuntu's partial update bug.
- a7b683d4: Refactor and merge fetcher responses
- Fixes #17 - #19- 2452a8fc: Always use
bzr revno
to get Ubuntu db's revision number. - Fixes #7### Updater
- a14b3728: fix stuck updater process
- f64bd117: minor cleanups
- 7c11e4eb: do not create notifications during the initial update
- 0cb8fc94: add alpine secdb fetcher
- 85fa3f9a: adapt several tests
- db5dbbe4: 1.10-alpine
- 3e4dc383: remove string.go
- c2f4a440: rm exec.go
- e7f72ef5: rm prometheus.go
- 1faf27ba: Fix OVAL's log statements
- 02e2c582: remove unused pkg
- 4fd4049f: update documented error codes
- 452c32d7: pagination now deterministic
- dc431c22: add readme
- 771e35de: return object on PUT/POST
- c06df1af: 200 on PUT
- 88f50691: Analyze layer content in parallel
- dd239762: Move services to top of the file
- 9f5d1ea4: associate feature and namespace with detector
- 41063221: Update gopkg.in/yaml.v2 package
- 34d0e516: Add golang-set dependency
- 55ecf1e5: regenerate after removing graceful
- 1533dd1d: updated vendor dir for grpc v2 api
- 35df9d58: regenerate vendor directory with glide
- 50d07ccf: rm everything to prep for regeneration
- 1e9f14ae: remove leading digit requirement
- db8a133d: handle a tilde correctly
- ce6b0088: update NVD URLs
- Fixes #575### Vulnsrc
- 72674ca8: Refactor vulnerability sources to use utility functions
- bd7102d9: handle "none" CVE impact
- 456af5f4: use new git-based ubuntu tracker
- 3503ddb9: one vulnerability per CVE
- #495 - #499### Vulnsrc_rhel
- c4ffa0c3: cve impact
- a90db713: add test
- 8b3338ef: minor changes
- 4e4e98f3: minor changes
- ac86a367: rhsa_ID by default
- 4ab98cfe: one vulnerability by CVE
- Fixes #495### Webhook
- 8c282fdb: add JSON envelope
- 23ccd9b5: Fix tests for feature_type
- f0e21df7: fixed duplicated ns and ns not inherited bug
- ce6eba9f: Rewrite unknown namespace warning
- 8bedd0a3: ns detectors now support VersionFormat
- de1f09e8: clarify maxFileSize purpose
- Fixes #237- 2cb23ced: bump engine version
- 8551a0a3: Mock datastore in worker's tests
- bae5a5e3: remove duplicated tests
- c2605e0b: verify download status code
- 41736e46: DetectData should return an error if the supported detector failed
- 98ed0419: remove double error
- 9b51f7f4: raise worker version number
- 2f57f0d4: change worker errors to bad request errors
- b3ddfbc3: remove namespace whitelist
- 90fe137d: move each data detector to their own packages and remove image format whitelist
- 34842fd8: fix dpkg detector and adapt tests
- 343ce398: detect the status code when downloading a layer and expect 2XX.
- ac0e68ef: Add a missing CleanURL
- a38fbf6c: Move upgrade detection logic out of database to worker
- Merge pull request #199 from openSUSE/feature/opensuse
- v1: pagination now deterministic
- Merge pull request #949 from alecmerdler/PROJQUAY-494
- Merge pull request #936 from ldelossa/louis/interface-refactor
- Merge pull request #933 from ldelossa/louis/config-and-make
- Merge pull request #930 from ldelossa/louis/middleware-packaging
- Merge pull request #929 from ldelossa/louis/cc-bump-v0.0.17
- Merge pull request #924 from ldelossa/louis/severity-mapping
- Merge pull request #903 from ldelossa/louis/environment-api
- Merge pull request #897 from ldelossa/louis/state-json
- Merge pull request #890 from ldelossa/louis/remove-healthhandler
- Merge pull request #877 from mtougeron/update-ingress-apiversion
- Merge pull request #873 from coreos/code-owners-update
- Merge pull request #867 from andrewsharon/ubuntu19.10
- Merge pull request #861 from thekbb/fix-broken-link-i-missed
- Merge pull request #856 from thekbb/fix-links
- Merge pull request #860 from jzelinskie/bump-v2-master
- Merge pull request #851 from Allda/log-fix
- Merge pull request #774 from Allda/updater_fix
- Merge pull request #839 from noahklein/nvd-status-error
- Merge pull request #829 from peacocb/peacocb-828-dos-on-ancestry-post
- Merge pull request #831 from MVrachev/patch-1
- Merge pull request #818 from vsamidurai/master
- Merge pull request #822 from imlonghao/bullseye
- Merge pull request #817 from ldelossa/remove-detectors
- Merge pull request #755 from Allda/openshift_cert
- Merge pull request #808 from coreos/add-louis
- Merge pull request #797 from jzelinskie/drone
- Merge pull request #805 from ldelossa/remove-ancestry-copy
- Merge pull request #794 from ldelossa/local-dev-readme-update
- Merge pull request #793 from ldelossa/local-dev-clair-db
- Merge pull request #788 from ldelossa/helm-local-dev
- Merge pull request #780 from jzelinskie/CODEOWNERS
- Merge pull request #779 from jzelinskie/mailing-list
- Merge pull request #773 from flumm/disco
- Merge pull request #671 from ericysim/amazon
- Merge pull request #766 from Allda/lock_timeout
- Merge pull request #742 from bluelabsio/path-templating
- Merge pull request #739 from joelee2012/master
- Merge pull request #749 from cnorthwood/tarutil-glob
- Merge pull request #741 from KeyboardNerd/parallel_download
- Merge pull request #738 from Allda/potentialNamespaceAncestry
- Merge pull request #721 from KeyboardNerd/cache
- Merge pull request #735 from jzelinskie/fix-sweet32
- Merge pull request #722 from Allda/feature_ns
- Merge pull request #724 from KeyboardNerd/ref
- Merge pull request #728 from KeyboardNerd/fix
- Merge pull request #727 from KeyboardNerd/master
- Merge pull request #725 from KeyboardNerd/license_test
- Merge pull request #723 from jzelinskie/lock-tx
- Merge pull request #720 from KeyboardNerd/update_ns
- Merge pull request #695 from saromanov/fix-unchecked-error
- Merge pull request #712 from KeyboardNerd/builder
- Merge pull request #672 from KeyboardNerd/source_package/feature_type
- Merge pull request #685 from jzelinskie/updater-cleanup
- Merge pull request #701 from dustinspecker/patch-1
- Merge pull request #700 from traum-ferienwohnungen/master
- Merge pull request #680 from Allda/slices
- Merge pull request #687 from jzelinskie/suse-config
- Merge pull request #686 from jzelinskie/fix-presentations
- Merge pull request #679 from kubeshield/master
- Merge pull request #506 from openSUSE/reintroduce-suse-opensuse
- Merge pull request #681 from Allda/rhel_severity
- Merge pull request #667 from travelaudience/helm-tolerations
- Merge pull request #656 from glb/elsa_CVEID
- Merge pull request #650 from Katee/add-ubuntu-cosmic
- Merge pull request #653 from brosander/helm-dep
- Merge pull request #648 from HaraldNordgren/go_versions
- Merge pull request #647 from KeyboardNerd/spkg/cvrf
- Merge pull request #644 from KeyboardNerd/bug/git
- Merge pull request #645 from Katee/include-cvssv3
- Merge pull request #646 from KeyboardNerd/spkg/model
- Merge pull request #640 from KeyboardNerd/sourcePackage
- Merge pull request #639 from Katee/update-sha1-to-sha256
- Merge pull request #638 from KeyboardNerd/featureTree
- Merge pull request #633 from coreos/roadmap-1
- Merge pull request #620 from KeyboardNerd/feature/detector
- Merge pull request #627 from haydenhughes/master
- Merge pull request #624 from jzelinskie/probot
- Merge pull request #621 from jzelinskie/gitutil
- Merge pull request #610 from MackJM/wip/master_nvd_httputil
- Merge pull request #499 from yebinama/rhel_CVEID
- Merge pull request #619 from KeyboardNerd/sidac/rm_layer
- Merge pull request #617 from jzelinskie/grpc-refactor
- Merge pull request #614 from KeyboardNerd/sidac/simplify
- Merge pull request #613 from jzelinskie/pkg-pagination
- Merge pull request #611 from jzelinskie/drop-graceful
- Merge pull request #605 from KeyboardNerd/sidchen/feature
- Merge pull request #606 from MackJM/wip/master_httputil
- Merge pull request #607 from jzelinskie/gofmt
- Merge pull request #604 from jzelinskie/nvd-urls
- Merge pull request #601 from KeyboardNerd/sidchen/status
- Merge pull request #594 from reasonerjt/fix-alpine-url
- Merge pull request #578 from naibaf0/fix/helmtemplate/configmap/postgresql
- Merge pull request #586 from robertomlsoares/update-helm-chart
- Merge pull request #582 from brosander/helm-alpine-postgres
- Merge pull request #571 from ErikThoreson/nvdupdates
- Merge pull request #574 from hongli-my/fix-nvd-path
- Merge pull request #572 from arno01/multi-stage
- Merge pull request #540 from jzelinskie/document-proto
- Merge pull request #569 from jzelinskie/ubuntu-git
- Merge pull request #553 from qeqar/master
- Merge pull request #551 from usr42/upgrade_to_1.10-alpine
- Merge pull request #538 from jzelinskie/dockerize-protogen
- Merge pull request #537 from tomer-1/patch-1
- Merge pull request #532 from KeyboardNerd/readme_typo
- Merge pull request #508 from joerayme/bug/436
- Merge pull request #528 from KeyboardNerd/helm_typo
- Merge pull request #522 from vdboor/master
- Merge pull request #521 from yebinama/paclair
- Merge pull request #518 from traum-ferienwohnungen/master
- Merge pull request #513 from leandrocr/patch-1
- Merge pull request #517 from KeyboardNerd/master
- Merge pull request #505 from ericchiang/coc
- Merge pull request #484 from odg0318/master
- Merge pull request #498 from bkochendorfer/contributing-link
- Merge pull request #482 from yfoelling/patch-1
- Merge pull request #487 from ajgreenb/db-connection-backoff
- Merge pull request #488 from caulagi/patch-1
- Merge pull request #485 from yebinama/proxy
- Merge pull request #481 from coreos/stable-release-issue-template
- Merge pull request #479 from yebinama/nvd_vectors
- Merge pull request #477 from bseb/master
- Merge pull request #469 from zamarrowski/master
- Merge pull request #475 from dctrud/clair-singularity
- Merge pull request #467 from grebois/master
- Merge pull request #465 from jzelinskie/github
- Merge pull request #463 from brunomcustodio/fix-ingress
- Merge pull request #459 from arthurlm44/patch-1
- Merge pull request #458 from jzelinskie/linux-vulns
- Merge pull request #450 from jzelinskie/move-token
- Merge pull request #454 from InTheCloudDan/helm-tls-option
- Merge pull request #455 from zmarouf/master
- Merge pull request #449 from jzelinskie/helm
- Merge pull request #447 from KeyboardNerd/ancestry_
- Merge pull request #448 from jzelinskie/woops
- Merge pull request #444 from jzelinskie/docs-refresh
- Merge pull request #432 from KeyboardNerd/ancestry_
- Merge pull request #442 from arminc/add-integration-clari-scanner
- Merge pull request #433 from mssola/portus-integration
- Merge pull request #408 from KeyboardNerd/grpc
- Merge pull request #423 from jzelinskie/sleep-updater
- Merge pull request #418 from KeyboardNerd/multiplens
- Merge pull request #410 from KeyboardNerd/xforward
- Merge pull request #416 from tianon/debian-buster
- Merge pull request #413 from transcedentalia/master
- Merge pull request #403 from KeyboardNerd/multiplens
- Merge pull request #407 from swestcott/kubernetes-config-fix
- Merge pull request #394 from KeyboardNerd/multiplens
- Merge pull request #382 from caipre/patch-1
- Merge pull request #395 from knqyf263/handle_tilde
- Merge pull request #392 from jzelinskie/https-sec-db
- Merge pull request #390 from KeyboardNerd/fernet
- Merge pull request #389 from jzelinskie/revendor
- Merge pull request #387 from jzelinskie/rm-analyze-local-images
- Merge pull request #385 from KeyboardNerd/logrus
- Merge pull request #381 from KeyboardNerd/bill-of-materials
- Merge pull request #373 from josuesdiaz/fix_analyze_local
- Merge pull request #378 from jzelinskie/oracle-update-fix
- Merge pull request #374 from tianon/new-ubuntu-releases
- Merge pull request #371 from caipre/add-logging
- Merge pull request #370 from jzelinskie/featurens
- Merge pull request #369 from jzelinskie/fix-ali
- Merge pull request #367 from jzelinskie/analyze-layers-v2
- Merge pull request #366 from jzelinskie/fixoracle
- Merge pull request #361 from jzelinskie/ROADMAP.md
- Merge pull request #363 from davidxia/patch-1
- Merge pull request #362 from jzelinskie/malformedpkg
- Merge pull request #360 from jzelinskie/cleanup
- Merge pull request #359 from matslina/patch-1
- Merge pull request #357 from jzelinskie/readme-reboot
- Merge pull request #352 from kevinburke/fix-404
- Merge pull request #354 from kevinburke/change-readme-text
- Merge pull request #347 from jzelinskie/composeup
- Merge pull request #348 from supereagle/update-image-spec-url
- Merge pull request #341 from pizzarabe/Readme_Alpine35
- Merge pull request #340 from coreos/philips-patch-1
- Merge pull request #338 from pgburt/paulb-prod-users-integrations
- Merge pull request #335 from jzelinskie/fixns
- Merge pull request #334 from supereagle/update-dockerfile
- Merge pull request #331 from supereagle/insecure-tls
- Merge pull request #328 from jgsqware/master
- Merge pull request #327 from jzelinskie/bad-ns-copy
- Merge pull request #326 from Quentin-M/alpine_dfile
- Merge pull request #324 from Quentin-M/log_ns
- Merge pull request #325 from Quentin-M/alpine_dfile
- Merge pull request #316 from jzelinskie/fix-alpine
- Merge pull request #305 from jzelinskie/ext
- Merge pull request #309 from jzelinskie/fixmigration6
- Merge pull request #308 from jzelinskie/fixpagination
- Merge pull request #307 from jzelinskie/layeridorder
- Merge pull request #302 from jzelinskie/rmimage
- Merge pull request #301 from jzelinskie/readme-git
- Merge pull request #298 from jzelinskie/versions
- Merge pull request #300 from miketheman/patch-1
- Merge pull request #299 from alexei-led/master
- Merge pull request #295 from jzelinskie/fixmigrationorder
- Merge pull request #290 from Djelibeybi/oraclelinux-support
- Merge pull request #288 from jzelinskie/200mb
- Merge pull request #289 from jzelinskie/revert-suse
- Merge pull request #287 from jzelinskie/enginebump
- Merge pull request #272 from jzelinskie/alpine
- Merge pull request #282 from jzelinskie/layer-sort-id
- Merge pull request #280 from coreos/add_idx_deleted_at
- Merge pull request #281 from coreos/dis_hashjoins_introducing
- Merge pull request #277 from jzelinskie/travispg
- Merge pull request #279 from coreos/searchintro_optimize
- Merge pull request #278 from jzelinskie/layerdiffindex
- Merge pull request #276 from jzelinskie/index
- Merge pull request #274 from JensPiegsa/patch-1
- Merge pull request #271 from Quentin-M/nvd_severity
- Merge pull request #270 from Quentin-M/imp_docs
- Merge pull request #263 from Quentin-M/rhel_unique_fixedin
- Merge pull request #261 from Quentin-M/replace_goose
- Merge pull request #262 from jzelinskie/travis
- Merge pull request #257 from mattmoor/yakkety
- Merge pull request #199 from openSUSE/feature/opensuse
- Merge pull request #236 from robszumski/doc-link
- Merge pull request #235 from jzelinskie/doc-move
- Merge pull request #229 from vbatts/redhatrelease_detector
- Merge pull request #216 from optiopay/doc-klar-ref
- Merge pull request #205 from Quentin-M/readme_v122
- Merge pull request #206 from Quentin-M/godeps_implsubmod
- Merge pull request #186 from Quentin-M/delete_ubuntu_repository
- Merge pull request #196 from jgsqware/integrate-glide
- Merge pull request #188 from databus23/patch-1
- Merge pull request #165 from Quentin-M/db_registration
- Merge pull request #166 from jzelinskie/authlayer
- Merge pull request #158 from Quentin-M/contrib_cleanup_signals
- Merge pull request #143 from jzelinskie/travis
- Merge pull request #142 from jzelinskie/healthfix
- Merge pull request #139 from coreos/webhook_proxy
- Merge pull request #137 from coreos/fix_k8s
- Merge pull request #126 from harsha-y/master
- Merge pull request #118 from coreos/cleanup_contrib
- Merge pull request #123 from coreos/contrib_fix_deadlink
- Merge pull request #116 from BWITS/master
- Merge pull request #110 from jzelinskie/config-fixes
- Merge pull request #111 from jzelinskie/dockerfile-update
- Merge pull request #108 from philips/add-k8s-contrib
- Merge pull request #107 from Quentin-M/reduce_logo
- Merge pull request #106 from Quentin-M/logo
- Merge pull request #105 from coreos/crtrb_forcecolor
- Merge pull request #104 from coreos/ctrb_minseverity
- Merge pull request #103 from jzelinskie/fix-config
- Merge pull request #101 from Quentin-M/ctrb_minseverity
- Merge pull request #100 from jzelinskie/namespaces
- Merge pull request #96 from jzelinskie/rootyamlkey
- Merge pull request #85 from keloyang/allowHost
- Merge pull request #94 from unageanu/support-docker-compose
- Merge pull request #82 from liangchenye/getvulns
- Merge pull request #91 from Quentin-M/fix_pprof
- Merge pull request #90 from jzelinskie/README-deps
- Merge pull request #89 from Quentin-M/fv_find_before_lock
- Merge pull request #83 from coreos/readme-feature-namespace
- Merge pull request #81 from coolljt0725/fix_readme
- Merge pull request #79 from liangchenye/v1doc
- Merge pull request #77 from coreos/simplify
- Merge pull request #76 from coreos/sp
- Merge pull request #71 from Quentin-M/sql
- Merge pull request #75 from sjourdan/fix_vuln_typo
- Merge pull request #73 from maxking/doc
- Merge pull request #74 from mnuessler/causedByPackage
- Merge pull request #70 from liangchenye/read-manifest
- Merge pull request #67 from Quentin-M/master
- Merge pull request #65 from jzelinskie/fixdockerfile
- Merge pull request #49 from liangchenye/master
- Merge pull request #59 from davidxia/patch1
- Merge pull request #52 from Quentin-M/custom_notifiers
- Merge pull request #53 from coreos/ubdater
- Merge pull request #46 from coreos/fix_sql_tovalue
- Merge pull request #47 from coreos/sn
- Merge pull request #51 from coolljt0725/update_analyze_local_image_doc
- Merge pull request #50 from coolljt0725/fix_stop
- Merge pull request #44 from Quentin-M/configfile
- Merge pull request #42 from Quentin-M/triple
- Merge pull request #35 from mrqwer88/check_openvz_mirror_with_clair
- Merge pull request #29 from Quentin-M/notifier_tls
- Merge pull request #22 from Quentin-M/predcst
- Merge pull request #41 from coreos/travisfix
- Merge pull request #33 from Quentin-M/insertvulns
- Merge pull request #36 from coreos/gc
- Merge pull request #39 from coreos/travis
- Merge pull request #37 from Quentin-M/updater_refactor
- Merge pull request #38 from Quentin-M/causedby
- Merge pull request #26 from stapelberg/patch-1
- Merge pull request #25 from fatalbanana/patch-1
- Merge pull request #21 from coreos/updatefix
- Merge pull request #24 from coreos/jonboulle-patch-1
- Merge pull request #18 from Quentin-M/local-analysis
- Merge pull request #11 from Quentin-M/bzr_parsing
- Merge pull request #6 from Quentin-M/reduce_tx
- Merge pull request #4 from Quentin-M/reduce_tx