Anchore Engine Release Notes - Version 0.9.1

Anchore Engine 0.9.1

Anchore Engine 0.9.1 bug fixes, and improvements. The latest summary can always be found in the Anchore Engine CHANGELOG on github.

Added - Ability to block image analysis operations if the image’s compressed size is above a configured value. Fixes #786

Improved - Updated output messages and description for vulnerability_data_unavailable trigger and stale_feeds_data trigger to clarify only OS packages impacted. Fixes #879
Improved - Do not allow selectors to be empty unless using max_images_per_account_rule. Fixes #863
Improved - Updates Syft to version 0.12.4 to fix several issues in image analysis including empty package names/versions in invalid package.json files and java jar parent references being Nil.
Improved - Require user to set explicit default admin password at bootstrap instead of defaulting to a value if none found. Fixes #810
Improved - Update PyYAML to 5.4.1
Improved - Update Passlib to 1.7.4
Improved - Update to use Python 3.8
Improved - Update base image to UBI 8.3. Fixes #888

Fixed - Failed analysis due to incorrect manifest mime types due to bug in buildah. Fixes #850
Fixed - External API service swagger spec for GetRegistry response is inconsistent with actual returned JSON. Fixes #846
Fixed - Fixed analysis archive rules that did not fire if delete transition rule present. Fixes #883
Fixed - Force re-analysis of tag and digest rejected if create_at_override timestamp not provided. Fixes #861
Additional minor fixes and improvements

Was this page helpful?

Sorry to hear that. Please tell us how we can improve.