v0.59.1-dr2

Changelog

• 951c5cb Fix HTML template
• 04ad3ff Merge DR and the latest junit report
• cf00131 feat: add report summary table (aquasecurity#8177)
• fff8c16 chore(deps): bump the github-actions group with 3 updates (aquasecurity#8473)
• be7bde0 refactor(vex): improve SBOM reference handling with project standards (aquasecurity#8457)
• 56ddac7 ci: update GitHub Actions cache to v4 (aquasecurity#8475)
• 1f88a5d feat: add --vuln-severity-source flag (aquasecurity#8269)
• 94687ec fix(os): add mapping OS aliases (aquasecurity#8466)
• 12a082f chore(deps): bump the aws group across 1 directory with 7 updates (aquasecurity#8468)
• d581dea chore(deps): Bump trivy-checks to v1.7.1 (aquasecurity#8467)
• ecae61a refactor(report): write tables after rendering all results (aquasecurity#8357)
• dbbfbac docs: update VEX documentation index page (aquasecurity#8458)
• 1094b6e fix(db): fix case when 2 trivy-db were copied at the same time (aquasecurity#8452)
• 85f4dc6 feat(misconf): render causes for Terraform (aquasecurity#8360)
• 5f7d99e fix(misconf): fix incorrect k8s locations due to JSON to YAML conversion (aquasecurity#8073)
• 6284ce5 feat(cyclonedx): Add initial support for loading external VEX files from SBOM references (aquasecurity#8254)
• 3ea7447 chore(deps): update go-rustaudit location (aquasecurity#8450)
• 04edb9f fix: update all documentation links (aquasecurity#8045)
• fad61bd chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (aquasecurity#8443)
• ad19306 chore(deps): bump the common group with 6 updates (aquasecurity#8411)
• c045b3c fix(k8s): add missed option PkgRelationships (aquasecurity#8442)
• 49403fe fix(sbom): add SBOM file's filePath as Application FilePath if we can't detect its path (aquasecurity#8346)
• 8fe41bd feat(go): fix parsing main module version for go >= 1.24 (aquasecurity#8433)
• 65cfd6c refactor(misconf): make Rego scanner independent of config type (aquasecurity#7517)
• da029f7 fix(image): disable AVD-DS-0007 for history scanning (aquasecurity#8366)
• b0c4fc2 fix(server): secrets inspectation for the config analyzer in client server mode (aquasecurity#8418)
• 520d020 chore: remove mockery (aquasecurity#8417)
• 4bd6a05 test(server): replace mock driver with memory cache in server tests (aquasecurity#8416)
• a235a56 test: replace mock with memory cache and fix non-deterministic tests (aquasecurity#8410)
• 64c80b3 test: replace mock with memory cache in scanner tests (aquasecurity#8413)
• d665c78 test: use memory cache (aquasecurity#8403)
• 21575d1 fix(spdx): init pkgFilePaths map for all formats (aquasecurity#8380)
• 7eabbc9 chore(deps): bump the common group across 1 directory with 11 updates (aquasecurity#8381)
• a071ebf docs: correct Ruby documentation (aquasecurity#8402)
• 794937f chore: bump mockery to update v2.52.2 version and rebuild mock files (aquasecurity#8390)
• 4bec98f fix: don't use scope for trivy registry login command (aquasecurity#8393)
• a56351e fix(go): merge nested flags into string for ldflags for Go binaries (aquasecurity#8368)
• 9719eb6 chore(terraform): export module path on terraform modules (aquasecurity#8374)
• 6053da5 fix(terraform): apply parser options to submodule parsing (aquasecurity#8377)
• 21b3c13 docs: Fix typos in documentation (aquasecurity#8361)
• 77133a8 docs: fix navigate links (aquasecurity#8336)
• 22839e9 ci(helm): bump Trivy version to 0.59.1 for Trivy Helm Chart 0.11.1 (aquasecurity#8354)
• b4a2ecf ci(spdx): add aqua-installer step to fix mage error (aquasecurity#8353)
• eafb7f6 chore: remove debug prints (aquasecurity#8347)
• 0ce0e07 fix(report): remove html escaping for shortDescription and fullDescription fields for sarif reports (aquasecurity#8344)
• 1987e0e chore(deps): bump the github-actions group across 1 directory with 4 updates (aquasecurity#8331)
• 879ba19 fix(misconf): ecs include enhanced for container insights (aquasecurity#8326)
• 553fa1c ci(helm): bump Trivy version to 0.59.0 for Trivy Helm Chart 0.11.0 (aquasecurity#8311)
• dcb95da fix imports and logging after fork update
• 6ffd277 Simplify ignore policies from dir
• 94bacab fix those stupid indents again
• 38a2335 Added release instructions for DataRobot
• 3619970 Added debug logging & merge conflict fix
• 29250e9 Updated error messages.
• 86af316 Ignore policies from a folder
• 3202f18 Update html.tpl
• c48569d Corrected latest manifest
• 28ec617 Added datarobot forked releaser
• 444d1d6 Changed column order based on user feedback
• aef5dc9 Added a CSV template for vulnerabilities
• 2b14a6e Improved JUnit Template with Secrets
• 3a57fd8 Added Target and Package Path to HTML Report
• 5607db8 Added targets
• 313daef Provide explanation
• 68cf061 Remove extra space
• eb6dced Add report on licenses
• dc5c094 Changed column order based on user feedback
• b78a937 Added a CSV template for vulnerabilities
• 8ea6312 Improved JUnit Template with Secrets
• 1ef946f Added Target and Package Path to HTML Report
• 3b9b714 Added targets
• 0f94c99 Added Secrets to the HTML report

v0.59.1-dr1

Full Changelog: v0.57.0-dr1...v0.59.1-dr1

v0.57.0-dr1

What's Changed

• Update to v0.57.0 by @dstrelbytskyi in #8

Full Changelog: v0.54.1-dr1...v0.57.0-dr1

v0.54.1-dr1

Changelog

• d4590db fix imports and logging after fork update
• 004625c Simplify ignore policies from dir
• f664d31 fix those stupid indents again
• e0aed22 Added release instructions for DataRobot
• 1de0a03 Added debug logging & merge conflict fix
• 0a55f40 Updated error messages.
• ca37fe0 Ignore policies from a folder
• aa01e2a Update html.tpl
• e87c3a4 Corrected latest manifest
• 8813106 Added datarobot forked releaser
• 5c84af2 Changed column order based on user feedback
• 7f427d9 Added a CSV template for vulnerabilities
• 1bb3ba4 Improved JUnit Template with Secrets
• 58ce809 Added Target and Package Path to HTML Report
• e850523 Added targets
• fcb0414 Added Secrets to the HTML report

v0.50.0-dr1

Changelog

• 8bcd9fd Simplify ignore policies from dir
• 9168514 fix those stupid indents again
• f19cf6c Added release instructions for DataRobot
• 89d4c10 Added debug logging & merge conflict fix
• be34c2b Updated error messages.
• 81cc797 Ignore policies from a folder
• b96487f Update html.tpl
• 36fdbda Corrected latest manifest
• dc94dd4 Added datarobot forked releaser
• c4528a4 Changed column order based on user feedback
• b5d23df Added a CSV template for vulnerabilities
• e67a7d5 Improved JUnit Template with Secrets
• fa857f1 Added Target and Package Path to HTML Report
• 7033bfd Added targets
• 592b149 Added Secrets to the HTML report

v0.48.3-dr1

Changelog

• db52e80 Added debug logging
• b6179df Updated error messages.
• e5b8598 Ignore policies from a folder
• 1ebc3d9 Update html.tpl
• abdf3ee Corrected latest manifest
• 9c64217 Added datarobot forked releaser
• 00dc5b7 hopefully this fixes the indentation issue
• 3920e62 filter secrets and licenses based on rego policy
• edf0bd2 Changed column order based on user feedback
• bdb80cb Added a CSV template for vulnerabilities
• 43f1400 Improved JUnit Template with Secrets
• 67bc08e Added Target and Package Path to HTML Report
• 2c7d044 Added targets
• 5f67ca0 Added Secrets to the HTML report
• dff68f3 feat(vuln): include pkg identifier on detected vulnerabilities (aquasecurity#5439)

v0.48.1-dr1

Changelog

• 6bbce10 Corrected latest manifest
• 46b103e Added datarobot forked releaser
• ed32f8e hopefully this fixes the indentation issue
• b5b9c10 filter secrets and licenses based on rego policy
• 522d781 Changed column order based on user feedback
• ca5208a Added a CSV template for vulnerabilities
• 46cb363 Improved JUnit Template with Secrets
• b123b10 Added Target and Package Path to HTML Report
• ed5523c Added targets
• 06848f4 Added Secrets to the HTML report
• 1f0d629 feat(vuln): include pkg identifier on detected vulnerabilities (aquasecurity#5439)
• 4cdff0e chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from v1.116.0 to v1.134.0 (aquasecurity#5822)
• be969d4 chore(deps): bump github.com/containerd/containerd from 1.7.7 to 1.7.11 (aquasecurity#5809)
• 81748f5 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (aquasecurity#5805)
• ba825b2 chore(deps): bump trivy-iac to v0.7.1 (aquasecurity#5797)
• abf227e fix(bitnami): use a different comparer for detecting vulnerabilities (aquasecurity#5633)
• df49ea4 refactor(sbom): disable html escaping for CycloneDX (aquasecurity#5764)
• f25e2df refactor(purl): use pub from package-url (aquasecurity#5784)
• b5e3b77 docs(python): add note to using pip freeze for compatible releases (aquasecurity#5760)
• 6cc00c2 fix(report): use OS information for OS packages purl in github template (aquasecurity#5783)
• c317fe8 fix(report): fix error if miconfigs are empty (aquasecurity#5782)
• 9b4bced refactor(vuln): don't remove VendorSeverity in JSON report (aquasecurity#5761)
• be5a550 fix(report): don't mark misconfig passed tests as failed in junit.tpl (aquasecurity#5767)
• 01edbda docs(k8s): replace --scanners config with --scanners misconfig in docs (aquasecurity#5746)
• eb97419 fix(report): update Gitlab template (aquasecurity#5721)
• be1c554 feat(secret): add support of GitHub fine-grained tokens (aquasecurity#5740)
• a5342da fix(misconf): add an image misconf to result (aquasecurity#5731)
• 108a5b0 feat(secret): added support of Docker registry credentials (aquasecurity#5720)
• 6080e24 chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.25.11 (aquasecurity#5717)
• e27ec32 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.21.0 to 1.24.1 (aquasecurity#5701)