v1.1.4

• This release fixes an issue that caused the example workflow to fail when no vulnerabilities were detected (see issue 85 and PR #86).

• Minor improvements to the Dockerfile markdown report (#92, #93, #94)

v1.1.5

This patch release resolve an issue in which the vulnerability counts were incorrectly rendered on the step summary report.

See #98 and issue #89 for more information.

v1.1.3

This patch release improves parsing and rendering of the Inspector vulnerability summary report (#72, #75, #77, #78):

• Added new column Source which denotes the vendor that provided the vulnerability severity, such as NVD, MITRE, or Amazon Inspector.
• Resolved issue that was causing vulnerability severity to be empty when the severity was provided by a source other than NVD.

v1.1.2

Resolves an issue that prevented the action from executing on aarch64 systems. #62

v1.1.1

The vulnerability step summary is now displayed when zero vulnerabilities are present. #60

v1.1.0

This release adds support for a new vulnerability finding type: Dockerfile security configuration issues.

This action will scan stand alone Dockerfiles in your project, archive, or container image for vulnerabilities.

Additionally, this action will scan an image's build history for security issues.

Release version 1.0.0

Vulnerability Scan GitHub Action for Amazon Inspector

Amazon Inspector is a vulnerability management service that scans AWS workloads
and CycloneDX SBOMs for known software vulnerabilities.

This GitHub Action allows you to scan supported artifacts for software vulnerabilities using Amazon Inspector from your
GitHub Actions workflows.

An active AWS account is required to use this action.