Anchore Enterprise Release Notes - Version 4.0.2
Anchore Enterprise 4.0.2
Anchore Enterprise v4.0.2 is a patch release containing targeted fixes and improvements. No database upgrade is necessary.
Enterprise Service Changes
Improvements
- Expanded capability for users with an
image-analyzerrole. The role now has the ability to modify image subscriptions. - Added support of space characters in usernames.
- It is now possible to create an account name that contains a forward slash character.
- Added support for policy bundle license gate triggers to differentiate between os and non os components during package license checks.
- Tech Preview: Added the ability to run a stateless vulnerability scan of a sbom via a new API call.
- Added new event types which improve visibility during the image analysis workflow.
user.image.analysis.pendinguser.image.analysis.processinguser.image.analysis.completeuser.image_tag.added
Fixes
- Fixed the growth of log files beyond 10MB and collection of log files when reaching the maximum count of 10 files.
- Fixed the detection of vendored golang modules in built binaries.
- Fixed the analysis of images with binaries built by golang 1.18 to correctly identify the go modules used.
- Improved grypedb to exclude matching entries that have been withdrawn from GitHub Security Advisories.
- Improved grypedb to handle entries without primary vulnerability identifier which may be received from vulnerability feed services.
- Fix ability to update existing ECR registry credentials, no longer reports an 406 error.
UI Updates
Improvements
- The content types within the SBOM tab under Artifact Analysis in the UI are now presented vertically to prevent them being truncated at narrower screen widths.
- It is now possible to create an account name that contains a forward slash character
- In order to improve the filtering and sorting operations within the Mappings tab of the Policy Editor in the UI, source and image mappings are now stored within their own dedicated subtabs.
- Various supporting UI libraries have been updated in order to improve security, performance, and also to remove deprecation warnings from browser and server output logs. Redundant libraries have been removed to reduce the app startup time and overall size.
Fixes
- When resizing the table columns in the UI Applications view, the action controls could be made to overflow the bounds of their cell—this is now fixed.
- Items added via
anchorectlwould occasionally cause an app exception when viewed from within the Applications view in the UI. This issue has now been addressed. - The
JSONentry in the SBOM Report download menu in the UI within the Artifact Analysis view had an extraneous tail pointer, which has now been removed. - The button to download a report from the Vulnerabilities tab in the
Artifacts view in the UI now correctly reads
Vulnerability Reportinstead ofCompliance Report. - The no-results condition in the content view for Malware under the SBOM tab of the Artifact Analysis view in the UI did not disambiguate between no results being found vs. malware scanning not being enabled. If malware scanning is not enabled, the message now indicates this and provides a link to the documentation for this feature.
- As of release
4.0.0, the default behavior when creating a new policy bundle was to add a default source rule and mapping, however this interfered with the upgrade path for users who wanted to upload a pre4.0.0bundle to the system. These default entries are no longer added. - The information and recent creation indicator labels within the Stored Report Items component of the advanced Reports view in the UI are now correctly aligned.
- Switching account context within the UI and then attempting to download a report would result in a fatal app error due to missing privileges on the call that fetches the data. This issue has now been addressed.
- A slight error in the alignment of the header within the UI date picker component has been addressed.