Update aquasec/trivy Docker tag to v0.53.0
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
aquasec/trivy | minor |
0.52.2 -> 0.53.0
|
|
aquasec/trivy | ironbank-docker | minor |
0.52.2 -> 0.53.0
|
aquasec/trivy | stage | minor |
0.52.2 -> 0.53.0
|
Release Notes
aquasecurity/trivy (aquasec/trivy)
v0.53.0
⚠ BREAKING CHANGES
- k8s: node-collector dynamic commands support (#6861)
- add clean subcommand (#6993)
- aws: Remove aws subcommand (#6995)
Features
- add clean subcommand (#6993) (8d0ae1f)
- Add local ImageID to SARIF metadata (#6522) (f144e91)
- add memory cache backend (#7048) (55ccd06)
- aws: Remove aws subcommand (#6995) (979e118)
-
conda: add licenses support for
environment.yml
files (#6953) (654217a) - dart: use first version of constraint for dependencies using SDK version (#6239) (042d6b0)
- image: Set User-Agent header for Trivy container registry requests (#6868) (9b31697)
-
java: add support for
maven-metadata.xml
files for remote snapshot repositories. (#6950) (1f8fca1) - java: add support for sbt projects using sbt-dependency-lock (#6882) (f18d035)
- k8s: node-collector dynamic commands support (#6861) (8d618e4)
- misconf: add metadata to Cloud schema (#6831) (02d5404)
- misconf: add support for AWS::EC2::SecurityGroupIngress/Egress (#6755) (55fa610)
- misconf: API Gateway V1 support for CloudFormation (#6874) (8491469)
- misconf: support of selectors for all providers for Rego (#6905) (bc3741a)
- php: add installed.json file support (#4865) (edc556b)
- plugin: add support for nested archives (#6845) (622c67b)
-
sbom: migrate to
CycloneDX v1.6
(#6903) (09e50ce)
Bug Fixes
-
c: don't skip conan files from
file-patterns
and scan.conan2
cache dir (#6949) (38b35dd) - cli: show info message only when --scanners is available (#7032) (e9fc3e3)
-
cyclonedx: trim non-URL info for
advisory.url
(#6952) (417212e) - debian: take installed files from the origin layer (#6849) (089b953)
-
image: parse
image.inspect.Created
field only for non-empty values (#6948) (0af5730) -
license: return license separation using separators
,
,or
, etc. (#6916) (52f7aa5) - misconf: fix caching of modules in subdirectories (#6814) (0bcfedb)
- misconf: fix parsing of engine links and frameworks (#6937) (ec68c9a)
- misconf: handle source prefix to ignore (#6945) (c3192f0)
- misconf: parsing numbers without fraction as int (#6834) (8141a13)
-
nodejs: fix infinite loop when package link from
package-lock.json
file is broken (#6858) (cf5aa33) -
nodejs: fix infinity loops for
pnpm
with cyclic imports (#6857) (7d083bc) -
plugin: respect
--insecure
(#7022) (3d02a31) - purl: add missed os types (#6955) (2d85a00)
-
python: compare pkg names from
poetry.lock
andpyproject.toml
in lowercase (#6852) (faa9d92) -
sbom: don't overwrite
srcEpoch
when decoding SBOM files (#6866) (04af59c) - sbom: fix panic when scanning SBOM file without root component into SBOM format (#7051) (3d4ae8b)
-
sbom: take pkg name from
purl
for maven pkgs (#7008) (a76e328) -
sbom: use
purl
forbitnami
pkg names (#6982) (7eabb92) - sbom: use package UIDs for uniqueness (#7042) (14d71ba)
-
secret:
Asymmetric Private Key
shouldn't start with space (#6867) (bb26445) - suse: Add SLES 15.6 and Leap 15.6 (#6964) (5ee4e9d)
- use embedded when command path not found (#7037) (137c916)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.