Vuls

What's Changed

• feat(detector/exploitdb): add verified field for exploitdb by @MaineK00n in #2298
• chore(deps): bump the others group across 1 directory with 5 updates by @dependabot[bot] in #2297
• feat(detector): support vulncheck with go-cve-dictionary by @MaineK00n in #2300
• chore(deps): bump github.com/aquasecurity/trivy from 0.65.0 to 0.66.0 in the trivy group by @dependabot[bot] in #2304
• chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 in the others group across 1 directory by @dependabot[bot] in #2307
• fix(scanner/lockfile): fix binary lockfile scan on windows by @MaineK00n in #2306
• feat(scanner/lockfile): exch

What's Changed

• fix(scanner/lockfile): remove /tmp/trivy-* directory by @MaineK00n in #2299

Full Changelog: v0.33.3...v0.33.4

Changelog

• 30a8e70 chore(ci): use per-job permissions (#2291)
• 1f02921 chore(deps): bump go.etcd.io/bbolt in the others group (#2293)
• 0f3cf37 feat(os): add EOL for some OSes (#2287)
• bc10750 chore(deps): Force go-getter v1.7.9 to fix CVE-2025-8959 (#2292)
• 2131144 chore(deps): bump the others group across 1 directory with 7 updates (#2288)
• 8f94485 chore(deps): bump helm.sh/helm/v3 (#2285)
• e1ddeb1 chore(deps): bump github.com/aquasecurity/trivy (#2286)
• 65c6962 chore(deps): bump the all group across

What's Changed

• fix(oval): add pseudo server type in NewOVALClient by @MaineK00n in #2254
• chore(deps): bump the others group with 3 updates by @dependabot in #2252
• chore(deps): bump the vuls group across 1 directory with 7 updates by @dependabot in #2258
• chore(deps): bump the trivy group with 2 updates by @dependabot in #2257

Full Changelog: v0.33.1...v0.33.2

What's Changed

• feat!(contrib/trivy): delete image tag from server name when scanning by trivy by @sadayuki-matsuno in #2250

Full Changelog: v0.33.0...v0.33.1

What's Changed

• fix(cmd/discover): fix ping options for windows by @MaineK00n in #2211
• fix(scanner): scan lockfiles by @MaineK00n in #2206
• feat(ubuntu): add 25.04 plucky by @MaineK00n in #2210
• feat(detector/vuls2): should download db when the schema versions are different by @MaineK00n in #2212
• fix(detector/vuls2): get metadata after opening db by @MaineK00n in #2214
• chore(deps): bump github.com/MaineK00n/vuls2 by @MaineK00n in #2215
• chore(ci): update dependabot.yml to group dependencies by @shino in #2216
• chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot

What's Changed

• fix(detector/vuls2): fix cvss v3.1 vector check by @MaineK00n in #2204
• chore(deps): bump github.com/MaineK00n/vuls2 by @MaineK00n in #2197
• Create scorecard.yml by @kotakanbe in #2203
• fix(detector/vuls2): fix postConvert by @MaineK00n in #2205

Full Changelog: v0.31.1...v0.32.0

What's Changed

• fix(ci/goreleaser): set id-token to none for all jobs by @MaineK00n in #2202

Full Changelog: v0.31.0...v0.31.1

What's Changed

• fix(models/cvecontents): a little more accurate sort by @shino in #2122
• chore(ci): review of build flags, increase of runner storage by @MaineK00n in #2123
• feat(scanner/python/uv): add python uv/poetry-v2 support along with updating trivy to 0.59.1 by @dependabot in #2118
• chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #2125
• chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 by @dependabot in #2126
• chore(deps): bump go.etcd.io/bbolt from 1.3.11 to 1.4.0 by @dependabot in #2128
• chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #21

Changelog

• 4e3ee6a feat(contrib/trivy-to-vuls): add version in LibraryFixedIns (#2121)
• fd2f946 add libraryPkg version (#2120)
• 1638c4b chore(deps): bump the aws group across 1 directory with 5 updates (#2119)
• 80b17a3 chore(deps): bump github.com/samber/lo from 1.47.0 to 1.49.1 (#2117)
• ea6384c chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/storage/azblob (#2115)
• f9d176e fix(cmd/discover): add vuls2 section to the generated config.toml (#2113)
• c6779e4 chore(deps): bump the aws group with 5 updates (#2104)
• 8443175

What's Changed

• feat(config/os): update eol by @MaineK00n in #2085
• fix(detector/gost/ubuntu): detection logic when esm etc. are mixed by @MaineK00n in #2090
• chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.1 to 0.9.2 by @dependabot in #2089
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.70.0 to 1.71.0 in the aws group by @dependabot in #2078
• chore(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by @dependabot in #2080
• chore(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0 by @dependabot in #2088
• chore(deps): bump golang.org/x/text from 0.20.0 to 0.21.0 by @dependabot in