Skip to content

Releases: anchore/syft

v0.15.1

22 Apr 21:21
@anchoreops anchoreops
v0.15.1
032cecb
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.15.1

Changelog

v0.15.1 (2021-04-22)

Full Changelog

Implemented enhancements:

  • Account for known mappings of package name to CPE products #393
  • Implement binary package identification #372
  • Report package DB verification metadata #371
  • Implement selective "retrieve files" cataloger #369
  • Add hyphen replacement in CPE generator #361
  • Cataloger for Rust crates from Cargo.lock #338
  • Add file metadata cataloger #335
  • Introduce an additional command line switch so that syft command understands I am passing a directory #277
  • Add for known bad CPE field combinations for jenkins package #405 (wagoodman)
  • Add additional cases for categorizing jenkins package type by group id #404 (wagoodman)
  • Enhance CPE generation for java GroupId and filtering #402 (wagoodman)
  • Add hyphen replacement logic for CPE generation #397 (wagoodman)
  • Add ability to pull images directly from a registry #378 (wagoodman)
  • Add secrets cataloger #362

Fixed bugs:

  • Using pom groupId leading to bad CPEs for plugins, leading to false positives #395
  • Registry credentials should require username and password #385
  • Malformed Python package metadata can cause parse failure #365
  • Java cataloger missing packages when parsing partially fails #349
  • Syft BOM ordering is not always consistent #331
  • Update parent pom persistence with regard to shaded jars #403 (wagoodman)
  • Refactor pom properties handling relative to parent package #392 (wagoodman)
  • Safely join paths derived from archive headers #386 (wagoodman)
  • Add manifest + repo digests on registry source #382 (wagoodman)
  • Ensure credentials are not HTML encoded #368 (wagoodman)
  • Ensure pkg.Catalog path index deduplicates real vs virtual paths #356 (wagoodman)

* This Changelog was automatically generated by github_changelog_generator

Docker images

  • docker pull anchore/syft:latest
  • docker pull anchore/syft:v0.15.1
  • docker pull anchore/syft:v0
  • docker pull anchore/syft:v0.15
Assets 9
Loading

v0.14.0

20 Mar 16:56
@anchoreops anchoreops
v0.14.0
26a4dd3
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.14.0

Changelog

v0.14.0 (2021-03-20)

Full Changelog

Implemented enhancements:

  • Add Docker image to release process #344 (wagoodman)
  • Added Photon OS to the list of distros #341 (thehh1974)
  • Add distroless image identification #44

Fixed bugs:

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.13.1

26 Feb 21:38
@anchoreops anchoreops
v0.13.1
40e9c4b
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.13.1

Changelog

v0.13.1 (2021-02-26)

Full Changelog

Fixed bugs:

  • Ignore ownership for shared copyright resources #334 (wagoodman)

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.13.0

25 Feb 20:28
@anchoreops anchoreops
v0.13.0
6d5ff0f
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.13.0

Changelog

v0.13.0 (2021-02-25)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Failure when working on odoo:latest #309
  • global incremental ID creates issues for consumers #166

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.7

22 Feb 18:55
@anchoreops anchoreops
v0.12.7
c5e3b63
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.7

Changelog

v0.12.7 (2021-02-17)

Full Changelog

Fixed bugs:

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.6

05 Feb 18:10
@anchoreops anchoreops
v0.12.6
8d838b1
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.6

Changelog

v0.12.6 (2021-02-05)

Full Changelog

Fixed bugs:

  • Missing support for path prefixes during import to Anchore API #315

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.5

01 Feb 18:01
@anchoreops anchoreops
v0.12.5
b22fd98
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.5

Changelog

v0.12.5 (2021-02-01)

Full Changelog

Fixed bugs:

  • Bring in fix from stereoscope for zero-layers panic #316 (luhring)

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.4

27 Jan 17:04
@anchoreops anchoreops
v0.12.4
407769e
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.4

Changelog

v0.12.4 (2021-01-27)

Full Changelog

Fixed bugs:

  • SIGSEGV in discoverPkgsFromPomProperties on parsing Java pom.properties #252

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.3

22 Jan 21:59
@anchoreops anchoreops
v0.12.3
7bcdafe
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.3

Changelog

v0.12.3 (2021-01-22)

Full Changelog

Fixed bugs:

  • Partial package.json files lead to empty packages in output #311 (luhring)

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading

v0.12.2

06 Jan 02:49
@anchoreops anchoreops
v0.12.2
0f62888
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.2

Changelog

v0.12.2 (2021-01-06)

Full Changelog

Fixed bugs:

  • Prefer real paths over those with links for glob results #308 (wagoodman)
  • Duplicate reference readers for duplicate location resolutions #307 (wagoodman)

* This Changelog was automatically generated by github_changelog_generator

Assets 9
Loading