v0.43.0 #4741
aqua-bot
announced in
Announcements
v0.43.0
#4741
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
🚀 What's new? 🚀
⎈ KBOM - Kubernetes bill of materials 🖥️
Trivy now supports the generation of Kubernetes Bill of Materials (KBOM) for kubernetes cluster control plane components, node components and addons in
cyclonedx
formatOutput
for more details click here
⎈ Kubernetes - private registries support 🚩
Trivy k8s now support authentication for cluster images stored in private registries.
Usage:
📚 Capture Licenses from pom.xml 📝
Trivy has now added the ability to parse licenses specified in pom.xml for Java projects. This enhancement allows Trivy to capture more comprehensive license information for Java dependencies.
🧶 Support for Yarn Workspaces 📦
Trivy now supports Yarn workspaces. When using workspaces, Yarn creates a yarn.lock file only in the root of the mono repository. Since the package.json of the mono repository does not contain information about dependencies in workspaces, they were previously skipped. This enhancement allows Trivy to capture all the dependencies from the package.json of workspaces.
🛠️ Add
--include-dev-deps
Flag 🚩Trivy now includes an
--include-dev-deps
flag. The--include-dev-deps
flag allows users to include these dev dependencies in their scan results and detect vulnerabilities in these dependencies.See here for the detail.
⏭ Skipping Services in Cloud scanning ☁
It's now possible to skip selective services in Cloud scanning. Can specify multiple services using
--skip-service A --skip-service B
or using a comma separated list such as--skip-service=A,B
Usage:
Will scan everything except
iam
ands3
.It is also possible to specify both
--skip-service
and--service
together.♍️ Include success in JSON output 🔣
You can now optionally include successes in cloud scanning within the JSON output. This can be enabled by using
--include-non-failures
flag.🎗Support new
import
andcheck
blocks for Terraform scanning 📐Trivy will now be able to scan terraform config files that have
import
andcheck
. You can find more info on how to use these new blocks here and here.Thanks to @nishigori for the help.
👷♂️ Notable Fixes 🛠️
Beta Was this translation helpful? Give feedback.
All reactions