Releases: anchore/grype
Releases · anchore/grype
v0.65.2
v0.65.2 (2023-08-17)
Additional Changes
- Update Syft to v0.87.1
- Add a simple JUnit XML template [PR #1422] [YevheniiPokhvalii]
- Update semver regular expression constraint to allow for 1.20rc1 cases no '-' [PR #1434] [spiffcs]
v0.65.1
v0.65.1 (2023-08-04)
Bug Fixes
- Grype cannot read SPDX documents generated by SPDX-maven-plugin [Issue #1306]
v0.65.0
Changelog
v0.65.0 (2023-07-31)
Added Features
- feat: implement secondary sorting for default json output [PR #1403] [spiffcs]
- Consistent sort order for grype output [Issue #709] [PR #1400] [spiffcs]
Bug Fixes
- Grype reading SPDX file with json output gets UnknownScheme error [Issue #948]
- grype 0.64.0 doesn't list vulnerabilties if
--fail-on
fails [Issue #1392] [PR #1395] [willmurphyscode]
Additional Changes
- chore: bump quality gate label dataset [PR #1404] [westonsteimel]
v0.64.2
Changelog
v0.64.2 (2023-07-20)
Bug Fixes
- grype 0.64.0 doesn't list vulnerabilties if
--fail-on
fails [Issue #1392] [PR #1395] [willmurphyscode]
v0.64.1
Changelog
v0.64.1 (2023-07-17)
Bug Fixes
- stop truncating template files Issue #1388 PR #1391 willmurphyscode
Additional Changes
v0.64.0
Changelog
v0.64.0 (2023-07-13)
Added Features
- You can now list multiple output formats and files to write to disk with one command, like Syft: "-o format1=file1 -o format1=file2" [Issue #648] [PR #1346] [olivierboudet]
Bug Fixes
- Correctly detect format of CycloneDX XML SBOM with no components [Issue #1005]
- Fix vulnerability summary counts to be less confusing. [Issue #1360]
Additional Changes
v0.63.1
v0.63.0
Changelog
v0.63.0 (2023-06-21)
Added Features
- Always include the specific package name and version used in the vulnerability search in the matchDetails section of the output [PR #1339] [westonsteimel]
- Expose Go template file that produces the table report [Issue #629] [PR #1343] [jneate]
- Add a folder for community Go templates (see templates/README.md for more details) [Issue #1316]
Breaking Changes
- update Syft to v0.84.0: stereoscope platform fix and artifact ID padding [PR #1354] [anchore-actions-token-generator]
v0.62.3
Changelog
v0.62.3 (2023-06-05)
Bug Fixes
- Suppressed vulnerabilties are now correctly hidden, unless the --show-suppressed option is provided.
[Issue #1053] [Issue #1278] [PR #1322] [jamestran201]