v0.16.1

Changelog

6b8a2b7 chore: Publish container image to public ECR registry (#151)
5fbd825 chore: Switch to main branch (#148)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.16.1
• docker pull public.ecr.aws/aquasecurity/harbor-scanner-trivy:0.16.1

v0.16.0

Changelog

d0f7e86 chore: Downgrade Go from 1.15 to 1.14 (#144)
7c7e834 feat(config): Enable Trivy debug mode when log level is set to debug (#145)
e2d181a feat: Add Common Weakness Enumeration (CWE) identifiers to vulnerability report (#146)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.16.0

v0.15.0

Changelog

4bd5e34 chore: Bump up Trivy to v0.13.0 (#140)
cc40c10 chore: Upgrade to Go 1.15 (#141)
2ccad0b feat: Return envs as metadata properties (#142)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.15.0

v0.14.1

Changelog

ecaa161 chore: Pin Go to 1.14.7 (#137)
e2d77cf feat(helm): Do not automount service account token (#136)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.14.1

v0.14.0

Changelog

f5ef542 chore: Pin Trivy action image to 0.9.2 (#133)
04e04a6 feat: Add CVSS info to vulnerability report model (#132)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.14.0

v0.13.0

Notes

There's a breaking change in configuration of the adapter service. Instead of configuring Redis connection pool for the Store and Job Queue separately, we have introduced a single set of environment variables to configure the singleton connection pool:

• SCANNER_REDIS_URL
• SCANNER_REDIS_POOL_MAX_ACTIVE
• SCANNER_REDIS_POOL_MAX_IDLE
• SCANNER_REDIS_POOL_IDLE_TIMEOUT
• SCANNER_REDIS_POOL_CONNECTION_TIMEOUT
• SCANNER_REDIS_POOL_READ_TIMEOUT
• SCANNER_REDIS_POOL_WRITE_TIMEOUT

Changelog

a0400b5 feat: Add support for Sentinel (#129)
e2b46d5 feat: Use a single connection pool for Redis (#130)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.13.0

v0.12.0

Changelog

ba5b470 Add support for Bearer token authentication (#123)
676b5dc refactor: Inject dependencies to gocraft/work worker the right way (#126)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.12.0

v0.11.0

Changelog

f6f4d9a chore: Bump up Trivy to v0.9.0 (#120)
d5b51ce chore: Migrate from Travis CI to GitHub Actions (#119)
24a10de chore: Remove Travis CI configuration (#121)
5d5714f feat: Add mTLS support for API server (#110)
31380c5 fix: Append port to image reference (#116)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.11.0

v0.10.0

Notes

• Bump up Trivy from v0.6.0 to v0.7.0
• Change the behavior of reporting severities in Trivy v0.7.0. Trivy v0.6.0 used the severity from NVD, but v0.7.0 uses the severity from a vendor such as Red Hat and Debian. The NVD severity is the generic one, but vendors usually provide more accurate measures. The number of vulnerabilities is not supposed to be different though.

Changelog

b063d5f release: Prepare v0.10.0 (#112)
ea2537f fix: Handle gracefully scratch and slim images (#111)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.10.0

v0.9.0

Changelog

473a524 release: Prepare v0.9.0 (#105)
1417aa2 feat: Add TRIVY_INSECURE flag to skip verifying registry certificates (#107)
000f9a4 feat: Check read/write access to configurable cache and reports directories (#106)
49a85f0 fix: Do not show DB update dates when not available (#104)
5371371 feat: Configure the minimum version of TLS to 1.2 (#100)

Docker images

• docker pull docker.io/aquasec/harbor-scanner-trivy:0.9.0