Releases: cerbos/reimage
Releases · cerbos/reimage
v0.12.1
Immutable
release. Only release title and notes can be modified.
v0.12.0
Immutable
release. Only release title and notes can be modified.
Reimage 0.12.0
This release includes a breaking change to the vulnerability scanning options. The default now attempts to run grype rather than trivy. If you want to switch back to trivy you can use:
reimage -vulncheck-command "trivy image -f json" -vulncheck-format trivy-json
We should be able to add some more powerful options for processing arbitrary json formats in future.
Checking of CVEs with no associated CVSS will now default to a score of 5.0 (a sensible options stolen from grype).
Changelog
Features
- 5555012 feat(vulncheck): include the description in the log, makes it easier to cut and paste
- deeebbb feat(vulncheck): switch default to grype, support grype of trivy output formats
Bug fixes
- f1c5546 fix(build): remove unused update-mtime
- 5d73003 fix(lint): fix some lint warnings
- 05747e1 fix(log): fix incorrect log line
- fe0f1b4 fix(vulncheck): fix the handling of per-image CVEs
- 554a3d1 fix(vulncheck): make it easier to copy/paste vuln info
Chores
- c16a4f4 chore(actions): update checkout action
- 1f345b3 chore(actions): update github actions
- 9fd7659 chore(deps): bump github.com/anchore/quill from 0.5.1 to 0.7.1
- 27cbe7e chore(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2
- 4ebc799 chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3
- 7b10afa chore(deps): general deps update
- 3b36c4a chore(deps): include org wide rennovate setup
- a321109 chore(deps): update deps
Others
- 9a05bb6 Merge pull request #52 from cerbos/dependabot/go_modules/github.com/anchore/quill-0.7.1
- bb26913 Merge pull request #53 from cerbos/dependabot/go_modules/google.golang.org/grpc-1.79.3
- 5c5adaa Merge pull request #55 from cerbos/updategithub
- 632190e Merge pull request #56 from cerbos/dependabot/go_modules/github.com/buger/jsonparser-1.1.2
- 600ba4c Merge pull request #57 from cerbos/deps
- 424d3f0 Merge pull request #58 from cerbos/renovate
- 95efab3 Merge pull request #59 from cerbos/actions1
- 41d2e35 Merge pull request #60 from cerbos/renovate/migrate-config
- b753e27 Merge pull request #62 from cerbos/renovate/gh-actions-deps
- d68e37c Merge pull request #63 from cerbos/renovate/gh-actions-deps
- 6bc8197 Merge pull request #67 from cerbos/imagescan
- e377b75 Merge pull request #68 from cerbos/depsupdate
- 52151ad Migrate config .github/renovate.json
- a613753 Update GitHub Actions deps
- bd97f5e Update GitHub Actions deps
v0.11.0
Immutable
release. Only release title and notes can be modified.
Reimage 0.11.0
Changelog
Chores
- 3a01f9f chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
- 0488553 chore(deps): bump github.com/go-git/go-git/v5 from 5.14.0 to 5.16.5
- 75a4671 chore(deps): bump github.com/theupdateframework/go-tuf/v2
Others
- d725558 Merge pull request #45 from cerbos/modupdate
- 40c7c24 Merge pull request #46 from cerbos/modupdate2
- 01939ef Merge pull request #47 from cerbos/dependabot/go_modules/github.com/theupdateframework/go-tuf/v2-2.4.1
- c460d8b Merge pull request #48 from cerbos/dependabot/go_modules/github.com/go-git/go-git/v5-5.16.5
- c750b42 Merge pull request #49 from cerbos/dependabot/go_modules/github.com/cloudflare/circl-1.6.3
- 04a7317 Update deps and run go fix
- e95df7e disable prealloc linter
- 8e931fb fix copyright headers
- 234010e more dep updates
- fb454c6 update and pin GH actions
- edc5d02 update deps
- c734a80 update go deps
- c47845c update xz for dependabot
v0.10.0
v0.9.2
2e8a275
This commit was signed with the committer’s verified signature.
tcolgate
Tristan Colgate-McFarlane
Reimage 0.9.2
Changelog
Chores
- 6d411b1 chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4
- 795382e chore(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3
- 0f573f0 chore(deps): update deps
- 2e8a275 chore(deps): update deps for goreleaser
- 981f3f9 chore(deps): update required go version, for vulncheck