v0.66.0 #9424
aqua-bot
announced in
Announcements
Replies: 1 comment
-
|
The Trivy documentation under https://trivy.dev has not been updated with the updated of this release. We are investigating the issue. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
📑 Table of Contents
🚀 What's new? 🚀
📡 Scan larger files for secrets 🎯
Previously, Trivy struggled with scanning very large files for secrets (which needs to read through the entire file content). The secret scanner now operates in streaming mode, reducing memory usage on large files while preserving detection accuracy. Internal optimizations also cut memory allocations and speed up keyword matching. In project benchmarks (300 MB file), we observed ~94% lower peak memory (2.17 GB → 133 MB) and ~86% faster scans (101 s → 14 s).
⏱️ Timeout Handling for Cache Database 🔒
Trivy now enforces a timeout on cache database (BoltDB) operations to prevent indefinite hangs when the cache is locked by another process. Timeout is set to 5 seconds and clearer error message is displayed (e.g., “cache may be in use by another process”).
See here for details.
🛰️ Leverage local Terraform cache 🛋️
In this version we've enabled the Terraform scanner to load modules from the local
.terraformdirectory instead of downloading them from external sources like the Terraform Registry or GitHub. This makes scanning more reliable and independent of network availability.👷♂️ Notable Fixes 🛠️
package.jsonfile #9349trivy plugin updatecommand removes installed plugins. #9357*.dist-infodir name #9279Metadata.RepoURLfield. #9390fileMetadataComponent #9416Beta Was this translation helpful? Give feedback.
All reactions