v0.38.8

What's Changed

• build(deps): bump github.com/anchore/grype from 0.96.1 to 0.97.0 by @dependabot[bot] in #1705
• build(deps): bump chainguard.dev/melange from 0.30.2 to 0.30.3 in the chainguard group by @dependabot[bot] in #1704
• build(deps): bump cloud.google.com/go/storage from 1.55.0 to 1.56.0 by @dependabot[bot] in #1695

Full Changelog: v0.38.7...v0.38.8

v0.38.7

What's Changed

• Bump apko and melange + handle apko field renames by @kevinmdavis in #1703

New Contributors

• @kevinmdavis made their first contribution in #1703

Full Changelog: v0.38.6...v0.38.7

v0.38.6

What's Changed

• chore: bump yam to 0.2.26 by @kranurag7 in #1696
• lint: add rule to make sure update identifier matches git repo by @konradzapalowicz in #1693
• build(deps): bump chainguard-dev/actions from 1.4.6 to 1.4.7 by @dependabot[bot] in #1698
• build(deps): bump the chainguard group across 1 directory with 3 updates by @dependabot[bot] in #1694

Full Changelog: v0.38.5...v0.38.6

v0.38.5

What's Changed

• test(linter): reduce error messages ambiguity by @konradzapalowicz in #1686
• Stop considering runtime deps for build order by @jonjohnsonjr in #1676
• build(deps): bump chainguard-dev/actions from 1.4.5 to 1.4.6 by @dependabot[bot] in #1688
• build(deps): bump the chainguard group with 2 updates by @dependabot[bot] in #1687
• build(deps): bump github.com/anchore/grype from 0.95.0 to 0.96.1 by @dependabot[bot] in #1691

New Contributors

• @konradzapalowicz made their first contribution in #1686

Full Changelog: v0.38.4...v0.38.5

v0.38.4

What's Changed

• build(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 by @dependabot[bot] in #1685
• build(deps): bump chainguard.dev/melange from 0.29.6 to 0.29.7 in the chainguard group by @dependabot[bot] in #1684

Full Changelog: v0.38.3...v0.38.4

v0.38.3

What's Changed

• build(deps): bump chainguard-dev/actions from 1.4.3 to 1.4.5 by @dependabot[bot] in #1679
• build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 by @dependabot[bot] in #1675
• build(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 by @dependabot[bot] in #1674
• build(deps): bump github.com/charmbracelet/bubbletea from 1.3.5 to 1.3.6 by @dependabot[bot] in #1671
• build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0 by @dependabot[bot] in #1681
• build(deps): bump sigs.k8s.io/release-utils from 0.11.1 to 0.12.0 by @dependabot[bot] in #1683
• build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @dependabot[bot] in #1682
• build(deps): bump the chainguard group across 1 directory with 4 updates by @dependabot[bot] in #1678

Full Changelog: v0.38.2...v0.38.3

v0.38.2

What's Changed

• scan: make max db allowed build age configurable by @hectorj2f in #1677

Full Changelog: v0.38.1...v0.38.2

v0.38.1

What's Changed

• feat: Add linter to check for potentially hanging tests by @antitree in #1649

New Contributors

• @antitree made their first contribution in #1649

Full Changelog: v0.38.0...v0.38.1

v0.38.0

What's Changed

• feat(scan): deduplicate vulnerability findings with different IDs by @luhring in #1666
• build(deps): bump the chainguard group with 4 updates by @dependabot in #1669

Full Changelog: v0.37.9...v0.38.0

v0.37.9

What's Changed

• build(deps): bump the chainguard group with 3 updates by @dependabot in #1661
• build(deps): bump chainguard-dev/actions from 1.4.2 to 1.4.3 by @dependabot in #1659
• build(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2 by @dependabot in #1658
• build(deps): bump github.com/savioxavier/termlink from 1.4.2 to 1.4.3 by @dependabot in #1660
• build(deps): bump github.com/anchore/syft from 1.27.1 to 1.28.0 by @dependabot in #1664
• build(deps): bump github.com/anchore/grype from 0.94.0 to 0.95.0 by @dependabot in #1665

Full Changelog: v0.37.8...v0.37.9