Vuls

What's Changed

• fix(ci/goreleaser): set id-token to none for all jobs by @MaineK00n in #2202

Full Changelog: v0.31.0...v0.31.1

What's Changed

• fix(models/cvecontents): a little more accurate sort by @shino in #2122
• chore(ci): review of build flags, increase of runner storage by @MaineK00n in #2123
• feat(scanner/python/uv): add python uv/poetry-v2 support along with updating trivy to 0.59.1 by @dependabot in #2118
• chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #2125
• chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 by @dependabot in #2126
• chore(deps): bump go.etcd.io/bbolt from 1.3.11 to 1.4.0 by @dependabot in #2128
• chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #21

Changelog

• 4e3ee6a feat(contrib/trivy-to-vuls): add version in LibraryFixedIns (#2121)
• fd2f946 add libraryPkg version (#2120)
• 1638c4b chore(deps): bump the aws group across 1 directory with 5 updates (#2119)
• 80b17a3 chore(deps): bump github.com/samber/lo from 1.47.0 to 1.49.1 (#2117)
• ea6384c chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/storage/azblob (#2115)
• f9d176e fix(cmd/discover): add vuls2 section to the generated config.toml (#2113)
• c6779e4 chore(deps): bump the aws group with 5 updates (#2104)
• 8443175

What's Changed

• feat(config/os): update eol by @MaineK00n in #2085
• fix(detector/gost/ubuntu): detection logic when esm etc. are mixed by @MaineK00n in #2090
• chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.1 to 0.9.2 by @dependabot in #2089
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.70.0 to 1.71.0 in the aws group by @dependabot in #2078
• chore(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by @dependabot in #2080
• chore(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0 by @dependabot in #2088
• chore(deps): bump golang.org/x/text from 0.20.0 to 0.21.0 by @dependabot in

What's Changed

• feat(contrib/snmp2cpe): add --port/-P option by @MaineK00n in #2046
• feat(scanner/windows): support Windows 11 24H2 by @MaineK00n in #2051
• fix(gost/windows): ignore other products that do not have KBs by @MaineK00n in #2054
• chore(deps): bump github.com/aquasecurity/trivy from 0.56.1 to 0.56.2 by @dependabot in #2049
• chore(deps): bump the aws group across 1 directory with 5 updates by @dependabot in #2052
• feat(ubuntu): add 24.10 oracular by @MaineK00n in #2055
• chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #2058
• chore(deps): bump github.com

Changelog

• 087b620 chore(deps): bump github.com/aquasecurity/trivy from 0.55.2 to 0.56.1 (#2044)
• 7c749ea chore(deps): bump the aws group with 5 updates (#2043)
• 939299b chore(deps): bump golang.org/x/text from 0.18.0 to 0.19.0 (#2045)
• 3dd738d feat(detector/microsoft): set WindowsRoughMatch if KB or Version to be fixed is unknown (#2041)
• 80e417b refactor: use std slices, maps package (#2042)
• d5982a2 chore(deps): bump dictionary versions to latest ones (#2040)
• 0e21ce2 fix(detector/cpe): do not overwrite distro advisories (#2039)

What's Changed

• fix(trivy-to-vuls): remove cvss/severity duplicates, list all severities by @MaineK00n in #1929
• feat(reporter/s3): support minio by @MaineK00n in #1930
• feat(ci): group aws-sdk-go-v2 updates, check github actions update by @MaineK00n in #1941
• fix(redhat-based): collect running kernel packages by @MaineK00n in #1950
• fix(debian,ubuntu): collect running kernel source package by @MaineK00n in #1935
• fix(ci): Remove unused files to avoid disk full by @shino in #1957
• feat(config/os): add alpine 3.19, 3.20 EOL by @MaineK00n in #1965
• style(log): saas s3 upload error log by @futur

Changelog

• cb26be1 fix(ci): Remove unused files to avoid disk full (#1957)
• e1fab80 fix(debian,ubuntu): collect running kernel source package (#1935)
• 5af1a22 fix(redhat-based): collect running kernel packages (#1950)
• 0533069 chore(deps): bump docker/setup-buildx-action from 2 to 3 (#1955)
• 3e1f2bc chore(deps): bump docker/setup-qemu-action from 2 to 3 (#1954)
• 368c496 chore(deps): bump docker/metadata-action from 4 to 5 (#1953)
• a99e3af chore(deps): bump golangci/golangci-lint-action from 3 to 6 (#1952)
• 1769107

Changelog

• 6e0a0a9 fix(build): Remove unused files to avoid disk full

This release includes a bug fix and a few additional features.

New feature

• Now modularity label is added in the scan result for Red Hat like OSes
  • This fixed #1915
  • feat(scanner/redhat): each package has modularitylabel by @MaineK00n in #1381
• Vendor severity and every CVSS information are added to cveContents
  • This fixed #1919
  • Both detector and trivy-to-vuls command are changed in similar way
  • feat(detector, contrib/trivy-to-vuls): collect vendor severity and cvss by @MaineK00n in #1921

(Potential) Incompatibilities

• enabledDnfModules element no more exists in scanner results
  • By #1381

Changelog

• ef2be3d feat(detect/redhat): detect unpatched vulnerabilities with oval, stop using gost (#1907)
• 827f2cb chore(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#1910)
• 4cb4ec4 chore(deps): bump golang.org/x/text from 0.14.0 to 0.15.0 (#1909)
• 81f3d5f chore(deps): bump go.etcd.io/bbolt from 1.3.9 to 1.3.10 (#1908)
• f3f6671 feat(ubuntu): add 24.04 noble (#1878)
• bca59ff chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#1903)
• 3f98fbc style(log) fix trivy scan page link (#1902)
• 73dc95f