chore(deps): update ghcr.io/google/osv-scanner docker tag to v1.8.5
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
ghcr.io/google/osv-scanner | image-name | patch |
v1.8.3 -> v1.8.5
|
Release Notes
google/osv-scanner (ghcr.io/google/osv-scanner)
v1.8.5
Features:
- Feature #1160 Support fetching snapshot versions from a Maven registry.
- Feature #1177 Support composite-based package overrides. This allows for ignoring entire manifests when scanning.
- Feature #1210 Add FIXED-VULN-IDS to guided remediation non-interactive output.
Fixes:
- Bug #1220 Fix govulncheck calls on C code.
- Bug #1236 Alpine package scanning now falls back to latest release version if no release version can be found.
v1.8.4
Features:
-
Feature #1177 Adds
--upgrade-config
flag for configuring allowed upgrades on a per-package basis. Also hide & deprecate previous--disallow-major-upgrades
and--disallow-package-upgrades
flags.
Fixes:
- Bug #1123 Issue when running osv-scanner on project running with golang 1.22 #1123
Misc:
- Feature #638 Update go policy to use stable go version for builds (updated to go 1.23)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Renovate Bot