·
168 commits
to develop
since this release
dca58ac
This commit was signed with the committer’s verified signature.
| Type | Description | Link |
|---|---|---|
| Improvement | Support disabling deletion of certain CVEs--disable-cve-2021-45105-detection and --disable-cve-2021-44832-detection flags have been added to the delete command to allow for deleting only findings that map to certain CVEs. Some vulnerable files will contain multiple CVEs and so it is advised that the desired combination of --disable-cve-* flags be found by running with --dry-run=true (which is the default value) first. |
#100 |
| Improvement | Some optimisations have been made which should reduce the resource overhead required when inspecting zip files, such as .jars, .wars, .pars, etc. | #94 |
| Fix | A small bug has been fixed where only the directory of a filepath would be passed for pattern matching rather than the whole file when using --filepath-owner. |
#97 |
| Feature | Inspecting large nested archives without a large memory impact can now be enabled by setting --nested-archive-disk-swap-max-size to a positive non-zero value.When a nested zip file is encountered that is above the --nested-archive-max-size, space will be used on disk to write out the archive temporarily to be able to inspected. The location that temporary files are written to can be configured using --nested-archive-disk-swap-dir, which is set to /tmp by default. |
#98 |