Thanks to visit codestin.com
Credit goes to github.com

Skip to content

grype 0.95.0 #228872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 2, 2025
Merged

grype 0.95.0 #228872

merged 2 commits into from
Jul 2, 2025

Conversation

@BrewTestBot
Copy link
Member

@BrewTestBot BrewTestBot commented Jul 2, 2025

Created by brew bump

Created with brew bump-formula-pr.

release notes 
### Added Features

    

  • Add string severity to db search json results [#2730 @wagoodman]
    • 

  • Add package specifier overrides for kb, dpkg, and apkg [#2742 @westonsteimel]
    • 



Bug Fixes


    

  • show related NVD records for non-NVD matches [#2755 @kzantow]
    • 

  • assume that a vulnerability with no ranges is always vulnerable [#2759 @wagoodman]
    • 

  • DB should hydrate for when the client has new features [#2758 @wagoodman]
    • 

  • show relationship back to NVD for all CVE ids [#2756 @westonsteimel]
    • 

  • properly escape CPE segments [#2731 @kzantow]
    • 

  • msrc matcher should search by package ecosystem, not by distro [#2748 @westonsteimel]
    • 

  • Grype does not report any vulnerabilities for CPEs with target_sw field set to value that does not correspond to known package type [#2768 #2772 @willmurphyscode]
    • 

  • malformed CPE in grype db search output [#2767 #2769 @westonsteimel]
    • 

  • vex documents from the --vex flag do get processed or applied to the output correctly [#1836 #2741 @willmurphyscode]
    • 



Additional Changes


    

  • replace deprecated GoReleaser configurations [#2729 @emmanuel-ferdman]
    • 

  • specify types for all match details [#2762 @wagoodman]
    • 

  • Refactor the version package [#2735 @wagoodman]
    • 



(Full Changelog)

View the full release notes at https://github.com/anchore/grype/releases/tag/v0.95.0.

@github-actions github-actions bot added go Go use is a significant feature of the PR or issue bump-formula-pr PR was created using `brew bump-formula-pr` labels Jul 2, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Jul 2, 2025

🤖 An automated task has requested bottles to be published to this PR.

Please do not push to this PR branch before the bottle commits have been pushed, as this results in a state that is difficult to recover from. If you need to resolve a merge conflict, please use a merge commit. Do not force-push to this PR branch.

@github-actions github-actions bot added the CI-published-bottle-commits The commits for the built bottles have been pushed to the PR branch. label Jul 2, 2025
@BrewTestBot BrewTestBot enabled auto-merge July 2, 2025 20:45
@BrewTestBot BrewTestBot added this pull request to the merge queue Jul 2, 2025
Merged via the queue into main with commit 1049f80 Jul 2, 2025
17 checks passed
@BrewTestBot BrewTestBot deleted the bump-grype-0.95.0 branch July 2, 2025 20:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@branchvincent branchvincent branchvincent approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

bump-formula-pr PR was created using `brew bump-formula-pr` CI-published-bottle-commits The commits for the built bottles have been pushed to the PR branch. go Go use is a significant feature of the PR or issue

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@BrewTestBot @branchvincent