8000 Release v1.27.0 · anchore/syft · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

v1.27.0
Compare
Choose a tag to compare
@github-actions github-actions released this 09 Jun 18:45
· 15 commits to main since this release
v1.27.0
18f9b5a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Added Features

Bug Fixes

  • Remove CPE product candidates for phf, prometheus, hyper and Rust crates [#3967 @jayvdb]
  • Remove CPE product candidates for opentelemetry and redis Rust crates [#3962 @jayvdb]
  • Harden Container Runtime with Non-Root User [#3941 @MikeTheCyberGuy]
  • terraform provider lock entries should not require constraints [#3934 @ghouscht]
  • sbom cataloger returning upstream package [#3662 #3981 @kzantow]
  • Syft missing md5 sums and list data for dpkg packages under status.d/ [#3912]
  • Failure to detect dependency relationships between Python packages [#3958 #3965 @christoph-blessing]
  • Heavy memory consumption when directory scanning deb source [#3928 #3953 @kzantow]
  • In versions 1.25.0 and later, graalvm-native-image-cataloger adds 3-6 hours to Syft [#3942 #3944 @kzantow]
  • Syft incorrectly reports multiple APKs as parents of symlinked files [#3847 #3923 @luhring]

(Full Changelog)

A HUGE thank you to @rezmoss for his help identifying and solving an issue causing excessive time and memory consumption with large numbers of symlinks! ❤️

Contributors

jayvdb, kzantow, and 6 other contributors
Assets 27
Loading
0