|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## [0.70.0](https://github.com/aquasecurity/trivy/compare/v0.69.0...v0.70.0) (2026-03-16) |
| 4 | + |
| 5 | + |
| 6 | +### Features |
| 7 | + |
| 8 | +* **go:** detect version from ELF symbol table for binaries built with -trimpath ([#10197](https://github.com/aquasecurity/trivy/issues/10197)) ([7acb5f6](https://github.com/aquasecurity/trivy/commit/7acb5f6f095a11cb9911af5a0bc03aecc7c88f8f)) |
| 9 | +* **java:** add support for proxy configuration from Maven settings.xml ([#10187](https://github.com/aquasecurity/trivy/issues/10187)) ([350fe33](https://github.com/aquasecurity/trivy/commit/350fe3345129f0f341ab80438f66f951b602364a)) |
| 10 | +* **misconf:** adapt ARM k8s clusters ([#9696](https://github.com/aquasecurity/trivy/issues/9696)) ([#10125](https://github.com/aquasecurity/trivy/issues/10125)) ([66bdec4](https://github.com/aquasecurity/trivy/commit/66bdec4f6af6100b6ab991ca417b0c801cb5cd80)) |
| 11 | +* **misconf:** resolve Azure resources via resource_id ([#10173](https://github.com/aquasecurity/trivy/issues/10173)) ([823f363](https://github.com/aquasecurity/trivy/commit/823f3634ae8f41a17be8695ceabcb8ca52f82a63)) |
| 12 | +* **misconf:** support for azurerm_network_interface_security_group_association ([#10215](https://github.com/aquasecurity/trivy/issues/10215)) ([da94d5f](https://github.com/aquasecurity/trivy/commit/da94d5f38676885264787fe22f3ed8ab42511b2a)) |
| 13 | +* **python:** add pylock.toml (PEP 751) parser ([#9632](https://github.com/aquasecurity/trivy/issues/9632)) ([1a72b32](https://github.com/aquasecurity/trivy/commit/1a72b326bba9e0959d5f3b63367bb311f064d795)) |
| 14 | +* **python:** add pylock.toml support ([#10137](https://github.com/aquasecurity/trivy/issues/10137)) ([d0a3f63](https://github.com/aquasecurity/trivy/commit/d0a3f63b84e6a8cd9067e85344097f9179c14b0d)) |
| 15 | +* **server:** include server version info in JSON output for client/server mode ([#10075](https://github.com/aquasecurity/trivy/issues/10075)) ([4c46d41](https://github.com/aquasecurity/trivy/commit/4c46d418c58c9a070a87b9d3c88966d40e435329)) |
| 16 | +* **ubuntu:** add eol data for 25.10 ([#10181](https://github.com/aquasecurity/trivy/issues/10181)) ([2c1f65b](https://github.com/aquasecurity/trivy/commit/2c1f65bdeec62baef45e93f58cc8e5eca7d84d26)) |
| 17 | +* **vuln:** skip third-party packages in common Detect function ([#10129](https://github.com/aquasecurity/trivy/issues/10129)) ([d6e6331](https://github.com/aquasecurity/trivy/commit/d6e6331abba28fe22f6d8d3bc36f7821601ff8ad)) |
| 18 | + |
| 19 | + |
| 20 | +### Bug Fixes |
| 21 | + |
| 22 | +* **cyclonedx:** include CVSS v4 vulnerability ratings ([#10313](https://github.com/aquasecurity/trivy/issues/10313)) ([2a4dfbf](https://github.com/aquasecurity/trivy/commit/2a4dfbf18a71a17de2c22c02afc5742466f6d799)) |
| 23 | +* detected vulnerability fields in azure and mariner detector ([#10275](https://github.com/aquasecurity/trivy/issues/10275)) ([77f5cb5](https://github.com/aquasecurity/trivy/commit/77f5cb5abda49844b936322e85829b256cb4599c)) |
| 24 | +* **java:** Disable overwriting exclusions ([#10088](https://github.com/aquasecurity/trivy/issues/10088)) ([9a3e0a8](https://github.com/aquasecurity/trivy/commit/9a3e0a845db68a79f4fd0e71f5cb7d8ca3976bbe)) |
| 25 | +* **misconf:** apply check aliases when filtering results via .trivyignore ([#10112](https://github.com/aquasecurity/trivy/issues/10112)) ([b775a1b](https://github.com/aquasecurity/trivy/commit/b775a1b63cd7afeda8dec2c1c8b8b6d422418bc6)) |
| 26 | +* **misconf:** initialize custom annotation field if empty ([#10123](https://github.com/aquasecurity/trivy/issues/10123)) ([0f0d6db](https://github.com/aquasecurity/trivy/commit/0f0d6dbff4825f7b0ea7744b2229e0157af52972)) |
| 27 | +* **python:** handle multiple version specifiers in requirements.txt ([#10361](https://github.com/aquasecurity/trivy/issues/10361)) ([4cf4498](https://github.com/aquasecurity/trivy/commit/4cf44985c58575850138c9cc3780b201dfad7c09)) |
| 28 | +* **python:** nil pointer dereference with optional poetry groups without dependencies ([#10359](https://github.com/aquasecurity/trivy/issues/10359)) ([12ab3ce](https://github.com/aquasecurity/trivy/commit/12ab3cee257f89b3b180c38bc2d765dc4c7918a1)) |
| 29 | +* **report:** set correct sarif ROOTPATH uri when scanning a git repository ([#10366](https://github.com/aquasecurity/trivy/issues/10366)) ([e5da6de](https://github.com/aquasecurity/trivy/commit/e5da6deee9904d00cb4fd5ea1f67e8a1711ec8dd)) |
| 30 | +* **sbom:** add NOASSERTION for licenseDeclared/licenseConcluded in SPDX non-library packages ([#10368](https://github.com/aquasecurity/trivy/issues/10368)) ([33b9d8e](https://github.com/aquasecurity/trivy/commit/33b9d8ec318bb1f4081371a0a5fd46071080aef1)) |
| 31 | +* **server:** exclude JavaDB and CheckBundle from /version endpoint ([#10100](https://github.com/aquasecurity/trivy/issues/10100)) ([b9a8d2d](https://github.com/aquasecurity/trivy/commit/b9a8d2d80adc47bf9f48e13c2738b099c907518b)) |
| 32 | +* update PhotonOS feed URL ([#10122](https://github.com/aquasecurity/trivy/issues/10122)) ([fa195b4](https://github.com/aquasecurity/trivy/commit/fa195b4d11d946b0212900b2a153a1abf381e8a2)) |
| 33 | + |
| 34 | + |
| 35 | +### Performance Improvements |
| 36 | + |
| 37 | +* **plugin:** optimize directory traversal by replacing filepath.Walk with filepath.WalkDir ([#10325](https://github.com/aquasecurity/trivy/issues/10325)) ([d7fb355](https://github.com/aquasecurity/trivy/commit/d7fb3558db610dc08ef1c3e22dd37082180368b2)) |
| 38 | + |
3 | 39 | ## [0.69.0](https://github.com/aquasecurity/trivy/compare/v0.68.1...v0.69.0) (2026-01-30) |
4 | 40 |
|
5 | 41 |
|
|
0 commit comments