Skip to content

Releases: anchore/grype

v0.85.0

21 Nov 15:29
2dd1024
Compare
Choose a tag to compare

Added Features

Bug Fixes

Additional Changes

(Full Changelog)

v0.84.0

05 Nov 15:03
c8d5ffc
Compare
Choose a tag to compare

Added Features

Bug Fixes

  • Docker reports 0 vulnerabilities. Same file reports many vulnerabilites when ran directly on linux server [#2235]
  • Flaky checks on STDIN for purl provider [#2192 #2223 @wagoodman]
  • Missing alpine patch version yields inaccurate results [#2222 #2226 @wagoodman]

Additional Changes

  • update Syft to v1.16.0 [#2237 @anchore-actions-token-generator]

(Full Changelog)

v0.83.0

28 Oct 22:03
0602464
Compare
Choose a tag to compare

Added Features

(Full Changelog)

v0.82.2

21 Oct 18:15
d018ffa
Compare
Choose a tag to compare

Bug Fixes

  • azurelinux considered as comprehensive distro [#2197 @westonsteimel]
  • Java archive cataloger performance in 0.82.x much slower than 0.81.0 [#2200]

Additional Changes

(Full Changelog)

v0.82.1

15 Oct 14:02
50815e5
Compare
Choose a tag to compare

Bug Fixes

Additional Changes

(Full Changelog)

v0.82.0

07 Oct 21:45
6b09bb8
Compare
Choose a tag to compare

Added Features

  • performance: only check for a new DB once every 2 hours (configurable) [#2148 @wagoodman]
  • wordpress-plugin support [#1553 @disc]

Bug Fixes

Breaking Changes

Additional Changes

  • Add a space following the "Name:" label in html.tmpl [#2155 @deftdawg]

(Full Changelog)

v0.81.0

25 Sep 17:06
641982f
Compare
Choose a tag to compare

Added Features

(Full Changelog)

v0.80.2

24 Sep 15:16
468cf12
Compare
Choose a tag to compare

Bug Fixes

Additional Changes

(Full Changelog)

v0.80.1

11 Sep 17:38
9fb2194
Compare
Choose a tag to compare

Bug Fixes

Additional Changes

  • Update Syft to 1.12.2 [#2108]

(Full Changelog)

v0.80.0

20 Aug 18:05
205ccfb
Compare
Choose a tag to compare

Added Features

Bug Fixes

  • correctly close the db file in v4/v5 stores [#2066 @AndreiStefanie]
  • Grype panics with a nil pointer dereference error when given an empty string argument [#2063 #2064 @lucasrod16]
  • Ignoring search results when CPE is not set in the SBOM [#2039 #2040 @aeg]
  • "No vulnerability database update available" when actually the check for an update was unsuccessful [#310 #1247 @shanedell]
  • CycloneDX output metadata.properties set to null instead of empty array or omitted [#1759]

Additional Changes

  • update Syft to v1.11.1 [#2071 @anchore-actions-token-generator]
  • add grype version to db network operations [#2062 @kzantow]

(Full Changelog)