Releases · stackrox/scanner

Update Debian name mappings by @RTann in #719
Update ScannerDB image by @RTann in #705
UBI 8.6 by @RTann in #722
Create /docker-entrypoint-initdb.d in the scanner-db-slim container by @jvdm in #726
Bump github.com/golangci/golangci-lint from 1.45.2 to 1.46.0 in /tools/linters by @dependabot in #724
Bump google.golang.org/api from 0.78.0 to 0.79.0 by @dependabot in #725
Remove non-existent image for now by @RTann in #728
ROX-10924: Add automated tests for slim scanner by @RTann in #727
ROX-9614: Add slim updater by @jvdm in #714
fix: Remove path and use filepath by @jvdm in #732
Add -trimpath to go build by @RTann in #730
ROX-10959: Update builder image by @RTann in #731
Add dependabot for docker images by @janisz in #733
Bump github.com/golangci/golangci-lint from 1.46.0 to 1.46.2 in /tools/linters by @dependabot in #735
Bump google.golang.org/api from 0.79.0 to 0.80.0 by @dependabot in #738
Bump github.com/prometheus/client_golang from 1.12.1 to 1.12.2 by @dependabot in #739
Bump github.com/lib/pq from 1.10.5 to 1.10.6 by @dependabot in #737
Bump google.golang.org/grpc from 1.46.0 to 1.46.2 by @dependabot in #741
ROX-10991: Fix block alignment for disk overflow by @RTann in #740
Elf check shall not hide io error by @c-du in #742
Do not attempt to retrieve ELF metadata for small files by @RTann in #744
ROX-11056: Onboard style checks to OpenShift CI by @RTann in #749
ROX-11078: add alpine:v3.16 support by @RTann in #750
Bump github.com/hashicorp/go-version from 1.4.0 to 1.5.0 by @dependabot in #755
Bump cloud.google.com/go/storage from 1.22.0 to 1.22.1 by @dependabot in #757
Bump google.golang.org/api from 0.80.0 to 0.81.0 by @dependabot in #756
ROX-11080: onboard unit-tests to OpenShift CI by @RTann in #754
Remove Active Vuln mgmt feature flag by @RTann in #759
Bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in #761
Update apollo-ci image by @Roxbot in #760
Update BUILD_IMAGE_VERSION by @RTann in #763
Bump google.golang.org/api from 0.81.0 to 0.83.0 by @dependabot in #768
Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in #769
update ubuntu:22.04 test by @RTann in #765
ROX-11037: Add manual entry for CVE-2017-5638 by @jvdm in #767
Update apollo-ci image by @Roxbot in #771
Update apollo-ci image by @Roxbot in #777
Add OSCI build_root Dockerfile by @RTann in #778
ROX-8603: update CVE link for Alpine by @daynewlee in #773
Separate DB integration tests to a separate job by @RTann in #776
Bump google.golang.org/api from 0.83.0 to 0.84.0 by @dependabot in #783
ROX-11331: update nvdtools to fix cvss3 equation by @RTann in #770
Bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in #785
Bump google.golang.org/api from 0.84.0 to 0.85.0 by @dependabot in #787
Bump github.com/stretchr/testify from 1.7.2 to 1.7.4 by @dependabot in #786
Add JUnit output to E2E test results by @RTann in #788
Bump cloud.google.com/go/storage from 1.22.1 to 1.23.0 by @dependabot in #791
Add JUnit output to unit-tests by @RTann in #789
Remove DockerHub from pulls/push and style tests by @connorgorman in #790
ROX-11335: Move Scanner DB secret out of main Scanner DB container by @RTann in #774
Update dispatch.sh to require jobs to be defined in scripts/ci/jobs by @RTann in #794
ROX-11519: Onboard E2E tests to OSCI by @RTann in #784
ROX-9309: Require a password for any local connections to postgres by @RTann in #775
ROX-10929: Add support for RHEL9 images by @jvdm in #752
Bump github.com/hashicorp/go-version from 1.5.0 to 1.6.0 by @dependabot in #798
Bump github.com/stretchr/testify from 1.7.4 to 1.7.5 by @dependabot in #797
Bump google.golang.org/api from 0.85.0 to 0.86.0 by @dependabot in #799
Add runAsNonRoot to pod's security context by @RTann in #793
ROX-11538, ROX-11539: Migrate slim and scale tests to OSCI by @RTann in #795
chown nobody:nobody genesis_manifests.json by @RTann in #800
use https instead of ssh for git by @RTann in #802
Remove need for service account for StackRox GCP vuln source by @RTann in #804
Bump github.com/stretchr/testify from 1.7.5 to 1.8.0 by @dependabot in #806
Bump E2E and Slim E2E test timeout by @RTann in #808
Support stale Debian 9 vulns by @RTann in #807

New Contributors

@janisz made their first contribution in #733
@daynewlee made their first contribution in #773

Full Changelog: 2.24.0...2.25.0

Contributors

jvdm, janisz, and 5 other contributors

Assets 2

14 Jun 18:44

RTann

2.24.1

513ba41

2.24.1

What's Changed

Update tests by @RTann in #781

Full Changelog: 2.24.0...2.24.1

Contributors

RTann

Assets 2

04 May 17:44

RTann

2.24.0

f150667

2.24.0

What's Changed

ROX-8823: Push slim images to stackrox.io by @RTann in #645
ROX-9629: Add repo2cpe to scanner-slim and add component analysis logs by @RTann in #649
Update the CI build & test image to one based on centos:stream8 by @gavin-stackrox in #644
Update apollo-ci image by @Roxbot in #651
Update apollo-ci image by @Roxbot in #653
Update .NET FixedBy in E2E test by @RTann in #654
update README links by @RTann in #658
Update apollo-ci image by @Roxbot in #657
Add genesis dump release make target by @jvdm in #648
Minor nit updates in README by @RTann in #659
Fix genesis dump workflow param in README by @jvdm in #660
Update CVE-2020-9488 and add CVE-2020-36518 in tests by @RTann in #662
ROX-9757: Add CVE-2022-0811 by @RTann in #661
update genesis make commands by @RTann in #663
New Genesis Dump 2022-03-23 by @RTann in #665
Add CoC file with link by @keyallis in #666
ROX-9609: Add scale test to nightly by @c-du in #667
Update lint tools by @RTann in #669
Create LICENSE by @mfosterrox in #679
Add gitattributes by @RTann in #675
Update CVE-2020-36518 FixedBy by @RTann in #670
Add dockerignore by @RTann in #674
Move lint tools to separate go module by @RTann in #676
Add CVE-2022-22965 by @RTann in #681
Add editorconfig for Makefiles by @RTann in #673
Add CVE-2022-22963 by @RTann in #682
Fix cron time for nightly by @c-du in #683
Push images to the public registry by @gavin-stackrox in #684
Add stackrox-io creds for hourly by @RTann in #685
Add Dependabot by @RTann in #677
Use stackrox/stackrox instead of stackrox/rox by @connorgorman in #687
ROX-9598: Scanner ubi minimal by @RTann in #692
deps: Correct replace path and sync bleve versions by @RTann in #694
Bump cloud.google.com/go/storage from 1.12.0 to 1.22.0 by @dependabot in #696
Bump github.com/guregu/null from 3.0.2-0.20160228005316-41961cea0328+incompatible to 4.0.0+incompatible by @dependabot in #695
Bump github.com/containers/image/v5 from 5.19.1 to 5.21.0 by @dependabot in #697
Update Dependabot reviewers by @RTann in #700
Bump github.com/lib/pq from 1.10.4 to 1.10.5 by @dependabot in #698
Bump github.com/prometheus/client_golang from 1.11.0 to 1.12.1 by @dependabot in #699
Bump github.com/PuerkitoBio/goquery from 1.5.1 to 1.8.0 by @dependabot in #701
Bump github.com/pborman/uuid from 1.2.0 to 1.2.1 by @dependabot in #702
Bump github.com/mholt/archiver/v3 from 3.5.0 to 3.5.1 by @dependabot in #703
Update Alpine tests for latest vuln data by @RTann in #689
ROX-10021: Ignore RHCOS nodes by @RTann in #688
Downgrade containers/image/v5 to match stackrox repo by @RTann in #706
Bump github.com/google/go-cmp from 0.5.7 to 0.5.8 by @dependabot in #710
Bump google.golang.org/api from 0.74.0 to 0.76.0 by @dependabot in #711
Bump google.golang.org/grpc from 1.45.0 to 1.46.0 by @dependabot in #709
ROX-9497: Copy custom trusted CA bundles injected by OpenShift Network Operator by @0x656b694d in #712
Protect from potential "zip slip" by @RTann in #708
ROX-10710, ROX-10743: Add Ubuntu 22.04 support and move 12.04, 20.10, and 21.04 to stale by @RTann in #718
Bump google.golang.org/api from 0.76.0 to 0.78.0 by @dependabot in #720
New Genesis Dump 2022-05-04 by @RTann in #721