Releases: anchore/scan-action
Releases · anchore/scan-action
v3.2.2
v3.2.1
New in scan-action v3.2.1
- Remove SARIF processing (#148)
v3.2.0
v3.1.0
New in scan-action v3.1.0
- Update Grype to 0.22.0 - this includes the ability to ignore vulnerability matches (#121)
v3.0.0
v2.0.4
New in scan-action v2.0.4
- bump grype to 0.7.0 (#81)
2.0.3
Release v2.0.2
Minor bug-fix release:
- Update
actions/core
to use version1.2.6
(Issue #71)
Release v2.0.1
Minor bug-fix release.
Fixes:
- Removes unnecessary constraint in deduplication for SARIF reporting
- Allows defining and referencing the location of the SARIF report file
- Fixes multiple instances where undefined items in the reporting would break scanning
Release v2.0.0
New major version of scan action based on new Grype tool from Anchore that is much faster for scanning compared to v1.x and adds some new capabilities and more metadata about the matches.
- Significantly faster performance for scans
- New vulnerabilities output format is the JSON output from Grype directly
- Adds support for scanning directories as well as Docker containers, so you can do the same checks pre-and post-build of the container.
- Supports Automatic Code Scanning/SARIF for exposing results via your repository's Security tab.
This is a breaking change from v1.x, as indicated by the major version revision:
- Use
image
input parameter Instead ofimage-reference
dockerfile-path
is no longer supported and not necessary for the vulnerability scanscustom-policy-path
is no longer supportedinclude-app-packages
is no longer necessary or supported. Application packages are on by default and will receive vulnerability matches.- Outputs:
billofmaterials
is no longer output. V2 is focused on vulnerability scanning and another action may be introduced for BoM support with its own options/config.policycheck
is no longer output