chore(deps): update ghcr.io/aquasecurity/trivy docker tag to v0.55.0
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
ghcr.io/aquasecurity/trivy (source) | image-name | minor |
0.54.1 -> 0.55.0
|
Release Notes
aquasecurity/trivy (ghcr.io/aquasecurity/trivy)
v0.55.0
⚠ BREAKING CHANGES
- cli: delete deprecated SBOM flags (#7266)
Features
- cli: delete deprecated SBOM flags (#7266) (7024572)
-
go: use
toolchain
asstdlib
version forgo.mod
files (#7163) (2d80769) -
java: add
test
scope support forpom.xml
files (#7414) (2d97700) - misconf: Add support for using spec from on-disk bundle (#7179) (be86126)
- misconf: ignore duplicate checks (#7317) (9ef05fc)
- misconf: iterator argument support for dynamic blocks (#7236) (fe92072)
- misconf: port and protocol support for EC2 networks (#7146) (98e136e)
- misconf: scanning support for YAML and JSON (#7311) (efdbd8f)
- misconf: support for ignore by nested attributes (#7205) (44e4686)
- misconf: support for policy and bucket grants (#7284) (a817fae)
- misconf: variable support for Terraform Plan (#7228) (db2c955)
- python: use minimum version for pip packages (#7348) (e9b43f8)
- report: export modified findings in JSON (#7383) (7aea79d)
- sbom: set User-Agent header on requests to Rekor (#7396) (af1d257)
-
server: add internal
--path-prefix
flag for client/server mode (#7321) (24a4563) - server: Make Trivy Server Multiplexer Exported (#7389) (4c6e8ca)
- vm: Support direct filesystem (#7058) (45b3f34)
- vm: support the Ext2/Ext3 filesystems (#6983) (35c60f0)
-
vuln: Add
--detection-priority
flag for accuracy tuning (#7288) (fd8348d)
Bug Fixes
- aws: handle ECR repositories in different regions (#6217) (feaef96)
-
flag: incorrect behavior for deprected flag
--clear-cache
(#7281) (2a0e529) -
helm: explicitly define
kind
andapiVersion
ofvolumeClaimTemplate
element (#7362) (da4ebfa) - java: Return error when trying to find a remote pom to avoid segfault (#7275) (49d5270)
- license: add license handling to JUnit template (#7409) (f80183c)
- logger initialization before flags parsing (#7372) (c929290)
- misconf: change default TLS values for the Azure storage account (#7345) (aadb090)
- misconf: do not filter Terraform plan JSON by name (#7406) (9d7264a)
- misconf: do not recreate filesystem map (#7416) (3a5d091)
- misconf: do not register Rego libs in checks registry (#7420) (a5aa63e)
- misconf: do not set default value for default_cache_behavior (#7234) (f0ed5e4)
- misconf: fix infer type for null value (#7424) (0cac3ac)
- misconf: init frameworks before updating them (#7376) (b65b32d)
- misconf: load only submodule if it is specified in source (#7112) (a4180bd)
- misconf: support deprecating for Go checks (#7377) (2a6c7ab)
- misconf: use module to log when metadata retrieval fails (#7405) (0799770)
- misconf: wrap Azure PortRange in iac types (#7357) (c5c62d5)
-
nodejs: check all
importers
to detect dev deps from pnpm-lock.yaml file (#7387) (fd9ed3a) - plugin: do not call GitHub content API for releases and tags (#7274) (b3ee6da)
-
report: escape
Message
field inasff.tpl
template (#7401) (dd9733e) - safely check if the directory exists (#7353) (05a8297)
-
sbom: use
NOASSERTION
for licenses fields in SPDX formats (#7403) (c96dcdd) -
secret: use
.eyJ
keyword for JWT secret (#7410) (bf64003) - secret: use only line with secret for long secret lines (#7412) (391448a)
- terraform: add aws_region name to presets (#7184) (bb2e26a)
Performance Improvements
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot. The local configuration can be found in the local Renovate Bot repository.