chore(deps): update ghcr.io/google/osv-scanner docker tag to v1.8.3
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
ghcr.io/google/osv-scanner | image-name | minor |
v1.7.4 -> v1.8.3
|
Release Notes
google/osv-scanner (ghcr.io/google/osv-scanner)
v1.8.3
Features:
- Feature #889 OSV-Scanner now provides "vertical" output format!
Fixes:
-
Bug #1115 Ensure that
semantic
is passed a validmodels.Ecosystem
. - Bug #1140 Add Maven dependency management to override client.
- Bug #1149 Handle Maven parent relative path.
Misc:
- Feature #1091 Improved the runtime of DiffVulnerabilityResults. Thanks @neilnaveen!
- Feature #1125 Workflow for stale issue and MR management.
v1.8.2
Features:
- Feature #1014 Adding CycloneDX 1.4 and 1.5 output format. Thanks @marcwieserdev!
Fixes:
-
Bug #769 Fixed missing vulnerabilities for debian purls for
--experimental-local-db
. -
Bug #1055 Ensure that
package
exists inaffected
property. - Bug #1072 Filter out unimportant vulnerabilities from vuln group.
- Bug #1077 Fix rate osv-scanner deadlock.
- Bug #924 Ensure that npm dependencies retain their "production" grouping.
v1.8.1
Features:
-
Feature #35
OSV-Scanner now scans transitive dependencies in Maven
pom.xml
files! See our documentation for more information. -
Feature #944
The
osv-scanner.toml
configuration file can now filter specific packages with new[[PackageOverrides]]
sections:[[PackageOverrides]]
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Renovate Bot