2.21.2

• Fix python attributes panic for invalid author email

2.21.1

• Update Genesis Manifest to embed CVE-2021-44228 and CVE-2021-45046 in the database from the start.

2.21.0

• Rewrite language analyzers to operate in a streaming fashion (#506)
• ROX-7171: Check specific language or empty in post validation (#513)
• Change base image to UBI 8.5 (#521)
• ROX-8396: Make Central the single-source of vuln updates (#512)
• Update PG download to RHEL 8.5 (#522)
• Support Ubuntu 21.10 (#524)

2.20.1

Use user nobody (65534) in docker image

2.20.0

• Scanner and Scanner DB container images are now RHEL-based only (#470)
  • Alpine-based images are no longer released
• Scanner now outputs its version in the logs (#472)
• Fix "token too large" error in dpkg analysis (#475)
• Scanner is now using go1.17.1 (#481)
• Cleanup various error logs (#484, #485)
• Active Vulnerability Management feature flag is enabled by default (#488)
• Oracle Linux is no longer supported (#471)

2.19.1

Bump go1.17.0 to go1.17.1

2.18.4

• Bump go1.16.5 to go1.16.8

2.19.0

• Add Active Vulnerability Management functionality behind feature flag
  • List package-provided executables for packages managed by dpkg, apk, and rpm
• Scanner is now pushed to Quay.io
• Fixed deadlock in rhelv2_package table insert operation
• Added various prometheus metrics for better usage insight
• Changed default Central endpoint to central.stackrox.svc
• Optimize RHELv2 DB operations via prepared statements
• Bump Go version to 1.17
• Delete old CVEs when Red Hat advisories are updated

2.18.3

• Push image to Quay.io

2.18.2

• CI updates to account for Quay.io images