Releases: aquasecurity/trivy-operator
Releases Β· aquasecurity/trivy-operator
v0.29.0
What's Changed
β¨ Notable Changes β¨
- feat(dev): add support for pprof by @simar7 in #2666
- feat(clientServer): add support for extraVolumes in trivy-server by @hichem-belhocine in #2738
- feat: add labels to operator resources by @cHiv0rz in #2667
π Notable Fixes π
- fix: Ensure configFile volume is mounted for initContainer by @bananasplit393 in #2713
- fix(helm): always attempt to create ServiceMonitor when it is enabled by @mdusher in #2745
- fix: add missing permission to get namespaces by @dcoppa in #2728
π Documentation && Miscellaneous π§
- chore: improve release notes by @simar7 in #2692
- chore: migrate to aws-go v2 by @afdesk in #2694
- chore: bump up Go to version 1.24.6 by @afdesk in #2700
- chore: bump up Trivy to version v0.66.0 by @afdesk in #2742
- chore: bump up common k8s deps by @afdesk in #2746
π Dependencies π
- build(deps): bump ubi9/ubi-minimal from
295f920toe6b39b0in /build/trivy-operator by @dependabot[bot] in #2696 - build(deps): bump ubi9/ubi-minimal from
e6b39b0to8d905a9in /build/trivy-operator by @dependabot[bot] in #2701 - build(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 by @dependabot[bot] in #2709
- build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 by @dependabot[bot] in #2714
- build(deps): bump ubi9/ubi-minimal from
8d905a9to2f06ae0in /build/trivy-operator by @dependabot[bot] in #2719 - build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in #2721
- build(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.15 by @dependabot[bot] in #2729
- build(deps): bump ubi9/ubi-minimal from
2f06ae0to7c5495din /build/trivy-operator by @dependabot[bot] in #2753
New Contributors
- @bananasplit393 made their first contribution in #2713
- @hichem-belhocine made their first contribution in #2738
- @mdusher made their first contribution in #2745
- @cHiv0rz made their first contribution in #2667
Full Changelog: v0.28.0...v0.29.0
Contributors
dcoppa, simar7, and 6 other contributors
Assets 20
- 501 Bytes
2025-09-23T07:06:33Z - 3.21 KB
2025-09-23T07:06:35Z - 96 Bytes
2025-09-23T07:06:35Z - 38.3 MB
2025-09-23T07:06:32Z - 3.21 KB
2025-09-23T07:06:33Z - 96 Bytes
2025-09-23T07:06:33Z - 37.3 MB
2025-09-23T07:06:32Z - 3.21 KB
2025-09-23T07:06:34Z - 96 Bytes
2025-09-23T07:06:34Z - 36.5 MB
2025-09-23T07:06:33Z -
2025-09-23T05:05:25Z -
2025-09-23T05:05:25Z - Loading
v0.28.0
What's Changed
β¨ Notable Changes β¨
π Notable Fixes π
- fix: bump ubi9 image to latest release by @simar7 in #2651
- fix: correct output for uncompressed logs by @afdesk in #2652
- fix: Do not error out on invalid rego policies if any by @simar7 in #2670
π Documentation && Miscellaneous π§
- chore: bump up Trivy to version 0.64.1 by @afdesk in #2654
- chore: bump up UBI 9 version to 9.6-1752587672 by @afdesk in #2660
- chore: update for CVE-2025-6965 by @simar7 in #2678
- chore: bump up docker for CVE-2025-54388 by @simar7 in #2679
- chore: update ubi image by @simar7 in #2681
- chore: bump up Trivy to version 0.65.0 by @afdesk in #2686
π Dependencies π
- build(deps): bump ubi9/ubi-minimal from
0d7cfb0to295f920in /build/trivy-operator by @dependabot[bot] in #2688 - build(deps): bump alpine from 3.20.6 to 3.22.1 in /build/trivy-operator by @dependabot[bot] in #2687
New Contributors
Full Changelog: v0.27.3...v0.28.0
Contributors
cyrinux, simar7, and 2 other contributors
Assets 20
v0.27.3
What's Changed
π Notable Fixes π
- fix: bump helm to v3.18.4 by @simar7 in #2647
- fix: correct predicate logic to allow whitelisted ConfigMaps by @nikpivkin in #2631
- fix: Deletion of scanjob before ttl expires by @tom1299 in #2632
- fix(deploy): remove hardcoded namespace from pvc-template by @SamuelWy in #2646
- fix: add ubi9 images for nightly testing by @simar7 in #2650
New Contributors
Full Changelog: v0.27.2...v0.27.3
Contributors
simar7, tom1299, and 2 other contributors
Assets 20
v0.27.2
What's Changed
π Notable Fixes π
- fix(ci): use multiline syntax to print logs on failure by @nikpivkin in #2637
π Documentation && Miscellaneous π§
- chore: update UBI to version 9.6-1750782676 by @afdesk in #2625
- chore: bump up some deps by @afdesk in #2618
- chore: use a correct default repo for node-collector by @afdesk in #2619
- docs: fix typo in RELEASING.md for Helm chart file name by @nikpivkin in #2642
- chore: bump up UBI version to 9.6-1751286687 by @afdesk in #2643
π Dependencies π
- build(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @dependabot in #2630
Full Changelog: v0.27.1...v0.27.2
Contributors
afdesk, dependabot, and nikpivkin
Assets 20
v0.27.1
What's Changed
π Documentation && Miscellaneous π§
- chore: bump helm chart version by @simar7 in #2605
- chore: bump up Go version to 1.24.4 by @afdesk in #2608
- chore: show log on scan jobs by @afdesk in #2591
- docs: add a note about valid time units by @afdesk in #2606
Full Changelog: v0.27.0...v0.27.1
Contributors
simar7 and afdesk
Assets 20
v0.27.0
What's Changed
β¨ Notable Changes β¨
- feat: add using Trivy config files by @afdesk in #2529
- feat: copying over original alternate store writing to rebased main branch by @mleykin-squarespace in #2578
- feat: Add ability to control scanJobsInSameNamespace in the helm chart by @dcoppa in #2564
- feat: Provide credentials in imagePullSecret without global access by @maltemorgenstern in #2161
π Notable Fixes π
- perf: skip ConfigMap reading from cache by @afdesk in #2551
- fix: enable staticcheck linters by @mmorel-35 in #2560
- fix: enable errorlint linters by @mmorel-35 in #2561
- fix(policy): remove oci artifact construction at startup by @tanderson in #2569
- fix: enable contextcheck and usetesting linters by @mmorel-35 in #2562
- fix: enable more revive rules by @mmorel-35 in #2581
- fix: enable nolintlint linter by @mmorel-35 in #2583
- fix: enable more go-critic rules by @mmorel-35 in #2582
- fix: login private registry instead of download JavaDB by @afdesk in #2590
- fix(ci): remove unneeded delete cluster command by @afdesk in #2598
π Documentation && Miscellaneous π§
- chore(deps): bump golangci-lint to v2.1.2 by @simar7 in #2558
- chore: bumps up UBI to version 9 by @afdesk in #2567
- chore(deps): bump golangci-lint to v2.1.6 by @mmorel-35 in #2559
π Dependencies π
- build(deps): bump the github-actions group across 1 directory with 5 updates by @dependabot in #2537
- build(deps): bump the common group across 1 directory with 5 updates by @dependabot in #2580
New Contributors
- @mmorel-35 made their first contribution in #2559
- @tanderson made their first contribution in #2569
- @mleykin-squarespace made their first contribution in #2578
- @dcoppa made their first contribution in #2564
Full Changelog: v0.26.1...v0.27.0
Contributors
tanderson, dcoppa, and 6 other contributors
Assets 20
v0.26.1
What's Changed
π Notable Fixes π
π Documentation && Miscellaneous π§
- chore(deps): Update deps for trivy patch release by @simar7 in #2547
- docs(helm): Add trivy.existingSecret to README by @peschmae in #2533
- docs: update trivy fs source by @emmanuel-ferdman in #2521
New Contributors
- @peschmae made their first contribution in #2533
- @emmanuel-ferdman made their first contribution in #2521
Full Changelog: v0.26.0...v0.26.1
Contributors
peschmae, simar7, and 2 other contributors
Assets 20
v0.26.0
What's Changed
π Notable Fixes π
- fix(config): correct init policy loader by @afdesk in #2487
- fix: skip excluded images in client server mode by @pascal-hofmann in #2516
- fix(misconfig): ordering policies for hash by @afdesk in #2520
π Documentation && Miscellaneous π§
- chore: bump up base alpine image to 3.20.6 by @rgoltz in #2481
- chore(test): update images for integration tests by @afdesk in #2482
- chore(deps): bump golang.org/x/oauth2 from 0.25.0 to 0.27.0 - resolve CVE-2025-22868 by @rgoltz in #2480
- chore(deps): Bump
trivy-*deps by @simar7 in #2507 - docs: change docs about ttl for scanned reports by @iamhalje in #2503
- chore: improve cache for policies by @afdesk in #2526
- chore(deps): bump up Trivy versions to v0.62.0 by @afdesk in #2528
- chore(ci): Free up space to build by @simar7 in #2539
- chore(ci): Free up additional space by @simar7 in #2543
- chore(ci): Clear up space prior to build by @simar7 in #2544
π Dependencies π
- build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 by @dependabot in #2495
- build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in #2497
- build(deps): bump github.com/containerd/containerd from 1.7.25 to 1.7.27 by @dependabot in #2498
- build(deps): bump github.com/containerd/containerd/v2 from 2.0.2 to 2.0.4 by @dependabot in #2499
- build(deps): bump the k8s group across 1 directory with 2 updates by @dependabot in #2512
- build(deps): bump the common group across 1 directory with 6 updates by @dependabot in #2513
New Contributors
- @rgoltz made their first contribution in #2481
- @iamhalje made their first contribution in #2503
- @pascal-hofmann made their first contribution in #2516
Full Changelog: v0.25.0...v0.26.0
Contributors
simar7, pascal-hofmann, and 4 other contributors
Assets 20
v0.25.0
What's Changed
π Notable Fixes π
- fix: using
trivyoperatornamespace for custom checks by @afdesk in #2440 - fix(test): correct assertion and clean up test cases for eval policies by @afdesk in #2458
- fix: parseImageRef tag absence issue when digest in imageRef by @danchenko-dmitry in #2418
- fix(helm): use map for
scanJobAffinityin the Helm Chart by @afdesk in #2469
π Documentation && Miscellaneous π§
- chore: Update CODEOWNERS by @simar7 in #2467
- chore: bump up Trivy version to v0.60.0 by @afdesk in #2476
π Dependencies π
- build(deps): bump the common group across 1 directory with 5 updates by @dependabot in #2466
- build(deps): bump the github-actions group with 3 updates by @dependabot in #2463
- build(deps): bump the k8s group with 6 updates by @dependabot in #2461
- build(deps): bump the common group across 1 directory with 4 updates by @dependabot in #2478
New Contributors
- @danchenko-dmitry made their first contribution in #2418
Full Changelog: v0.24.1...v0.25.0
Contributors
simar7, afdesk, and 2 other contributors
Assets 20
v0.24.1
What's Changed
β¨ Notable Changes β¨
π Notable Fixes π
- fix(ci): update python action for Helm chart testing by @afdesk in #2424
- fix: update default values for configmap by @afdesk in #2439
- fix: sync stdout buffer to file by @daanschipper in #2191
π Documentation && Miscellaneous π§
- docs: correct example ConfigMap for custom policy by @nikpivkin in #2445
π Dependencies π
- build(deps): bump sigs.k8s.io/controller-runtime from 0.20.0 to 0.20.1 by @dependabot in #2404
- build(deps): bump actions/setup-python from 5.3.0 to 5.4.0 by @dependabot in #2433
New Contributors
- @nikpivkin made their first contribution in #2445
- @daanschipper made their first contribution in #2191
- @Kouzi99 made their first contribution in #2397
Full Changelog: v0.24.0...v0.24.1
Contributors
daanschipper, afdesk, and 3 other contributors