Skip to content

cupdate

v0.24.5 Feature

This release adds 1 notable feature for engineering teams evaluating rollout.

Published 1mo Containers & Orchestration
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

docker kubernetes self-hosted update

Summary

AI summary

Docker Hardened Images support with OCI referrers API for vulnerability scanning.

Full changelog

Thanks to everyone who created feature requests, bug reports and tested fixes. Your help is instrumental to continue to improve Cupdate!

Post release patches

  • v0.24.5
    • Dependency updates, go updates, action updates, osv-scanner updates
      • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate
  • v0.24.4
    • Fix Kubernetes reference identification issue (see a91104683d35edcfec19f0fee3af5a56e712bd54)
    • Dependency updates, go updates, node updates, action updates
      • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate
  • v0.24.3
    • Fix compatibility issue with a new feature of some registries(i.e. codeberg returning multiple WWW-Authenticate headers)
    • Fix compatibility issue with new Docker Hub API change
    • Add maskable icon to better suite some platforms display of the PWA icon
    • Dependency updates, go updates, node updates, action updates, osv-scanner updates
      • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate
  • v0.24.2
    • Dependency updates, go updates, node updates, action updates, osv-scanner updates
      • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate
  • v0.24.1
    • Don't show the version from the annotation in the image card and image page if the annotation matches the version itself
    • Dependency updates, go updates, node updates, action updates
      • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate

Features

Docker Hardened Images

Cupdate now supports Docker Hardened Images and other images that use the OCI referrers API to signal SBOMs and other attestations.

This means that Cupdate is now able to scan these images as well, to let you know about any vulnerabilities.

Thanks @thespad for reporting #461!

Improvements and fixes

  • Dependency updates, go updates, node updates, action updates
    • Fixes vulnerabilities in third-party dependencies that did not affect Cupdate

Full Changelog: https://github.com/AlexGustafsson/cupdate/compare/v0.24.4..v0.24.5

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track cupdate

Get notified when new releases ship.

Sign up free

About cupdate

A service to keep container images secure and up-to-date. Made for Kubernetes and Docker.

All releases →

Related context

Beta — feedback welcome: [email protected]