build(aqua-proj): 🌊 minor aqua

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
anchore/syft		minor	v1.18.1 -> v1.38.0
aquaproj/aqua		minor	v2.42.2 -> v2.55.2
aquaproj/aqua-installer	action	patch	v4.0.3 -> v4.0.4
aquaproj/aqua-registry		minor	v4.296.0 -> v4.442.0
charmbracelet/glow		minor	v2.0.0 -> v2.1.1
cli/cli		minor	v2.65.0 -> v2.83.1
direnv/direnv		minor	v2.35.0 -> v2.37.1
git-town/git-town		minor	v17.2.0 -> v17.3.0
golang/go		minor	1.23.5 -> 1.25.4
golangci/golangci-lint		minor	v1.63.4 -> v1.64.8
goreleaser/goreleaser		minor	v2.5.1 -> v2.13.0
mikefarah/yq		minor	v4.45.1 -> v4.49.2
miniscruff/changie		minor	v1.21.0 -> v1.24.0
mvdan/gofumpt		minor	v0.7.0 -> v0.9.2

---

Release Notes

anchore/syft (anchore/syft)

v1.38.0

Compare Source

Added Features

• add support for cataloging GGUF models [#​4184 #​4279 @​spiffcs]
• Support scanning a list of CPEs [#​3890 #​4207 @​chovanecadam]
• Syft does not detect Elixir binary on system [#​4333 #​4334 @​rezmoss]

Bug Fixes

• Support extras statements in Python PDM cataloger [#​4352 @​wagoodman]
• Preserve --from argument order [#​4350 @​wagoodman]
• SBOM generated by Syft 1.28 contains license elements missing id or name (causing CycloneDX parser error) [#​4363]
• empty PURL output in dependency snapshot format breaks sbom-action [#​4311]
• Interface includes constraint elements, can only be used in type parameters [#​4346]
• Upgrade github.com/nwaples/rardecode@​v1.1.3 to 2.2.1 [#​4338]
• Upgrade to Golang 1.25.4 [#​4341]

Additional Changes

• migrate syft to use mholt/archives instead of anchore fork [#​4029 @​Rupikz]
• Add license enrichment from pypi to python packages [#​4295 @​timols]
• license file search [#​4327 @​kzantow]

(Full Changelog)

v1.37.0

Compare Source

Added Features

• Refactor fileresolver to not require base path [#​4298 @​Rupikz]
• Describe cataloger capabilities via test observations [#​4318 @​wagoodman]
• Support Java resource adapter extension .far as a Java archive [#​4183 #​4193 @​kyounghunJang]
• Add Java resource adapter extension ".rar" as supported Java archive [#​4136 #​4137 @​thomassui]

Bug Fixes

• fix empty PURL Github format [#​4312 @​rezmoss]
• Canonicalize Ghostscript CPE/PURL for ghostscript packages from PE Binaries [#​4308 @​kdt523]
• Respect "rpmmod" PURL qualifier [#​4314 @​willmurphyscode]
• fix dpkg packages that are in deinstalled state should not be in SBOM [#​3063 #​4231 @​rkirk-nos]

(Full Changelog)

v1.36.0

Compare Source

Added Features

• Add the ability to fetch remote licenses for pnpm-lock.yaml files [#​4286 @​timols]
• support universal (fat) mach-o binary files [#​4278 @​JoeyShapiro]
• pdm support [#​2709 #​4234 @​paulslaby]

Bug Fixes

• Remove duplicate image source providers [#​4289 @​Rupikz]
• syft can't extract go module information from executables on Windows [#​4271 #​4285 @​JoeyShapiro]

(Full Changelog)

v1.34.2

Compare Source

Bug Fixes

• Extract zip archive with multiple entries [#​4283 @​Rupikz]
• panic while resolving maven properties in archive parser [#​4288 #​4290 @​kzantow]

(Full Changelog)

v1.34.1

Compare Source

Added Features

• feat: enhance setup.py parser to handle unquoted dependencies [#​4255 @​HalaAli198]
• feat: support for identifying ffmpeg/libav libraries [#​4227 @​popey]
• feat: PNPM latest lockfile (version 9.0) [#​3927 #​4256 @​bernardoamc]
• Add Windows ARM64 releases [#​4179 #​4237 @​compnerd]

Bug Fixes

• fix: SBOM CPE mismatch for Qt5 causes Grype to miss CVE matches [#​4036 #​4093 @​hawkaii]
• fix: use of manifest files present in Snap packages when generating SBOMs [#​4147 #​4151 @​popey]
• fix: Pom xml only archive parser [#​4272 @​douglasclarke]

(Full Changelog)

v1.33.0

Compare Source

Added Features

• Modify RpmDBEntry to include modularityLabel for cyclonedx [#​4212 @​sfc-gh-rmaj]
• Add locations onto packages read from Java native image SBOMs [#​4186 @​rudsberg]

(Full Changelog)

v1.32.0

Compare Source

Added Features

• Catalog entire build list for Go projects, not just packages listed in go.mod [#​432 #​4127 @​spiffcs]
• package.json authors keyword parsing [#​2250 #​4003 @​popey]
• Conda ecosystem support (basic) [#​4002@​SimeonStoykovQC]

Bug Fixes

• When scanning the FFmpeg binary with Syft a new package is now added [#​3988 #​3994 @​popey]
• Warn loudly if SQLite driver is not present when needed [#​3234 #​4150 @​kzantow]

Additional Changes

• Update dependencies to use go.yaml.in/yaml [#​4157 @​n-bes]

(Full Changelog)

v1.31.0

Compare Source

Added Features

• Option to set PackageSupplier in root of SPDX document generated by CLI [#​3098 #​4131 @​spiffcs]

Bug Fixes

• closed reader during java binary detection [#​4129 @​kzantow]
• support multiple letters in openssl patch version [#​4106 @​honigbot]
• Can not have license ID [#​1964 #​4132 @​spiffcs]
• Syft sometimes reports URL for license value when scanning JARs with a URL in Bundle-License field of manifest [#​3186]

(Full Changelog)

v1.30.0

Compare Source

Added Features

• add binary classifier for hashicorp vault [#​4121 @​willmurphyscode]

Bug Fixes

• fix: update nondeterministic Java archive cataloging and improve groupID [#​3521 #​4118 @​kzantow]

(Full Changelog)

v1.29.1

Compare Source

Bug Fixes

• Missing license information for tzdata [#​4102]
• Improve JVM Scan Accuracy for JDK and JRE Detection [#​4071 #​4046 @​kzantow]
• Azul JDK classified as Oracle JRE [#​3893 #​4046 @​kzantow]

(Full Changelog)

v1.29.0

Compare Source

Added Features

• Catalog python uv.lock files [#​3268 #​3763 @​jkugler]

Additional Changes

• Pkg Metadata type unmarshal bug [#​4043 @​houdini91]

(Full Changelog)

v1.28.0

Compare Source

Added Features

• add native support for snap packages [#​1088 #​3929 @​wagoodman]

Additional Changes

• upgrade tablewriter dependency to use new API [#​3990 @​cpanato]

(Full Changelog)

v1.27.1

Compare Source

Bug Fixes

• Allow decoding of enterprise-modified anchorectl json files [#​3997 @​wagoodman]
• Allow decoding of anchorectl json files [#​3973 @​wagoodman]

Additional Changes

• provide separate nonroot image [#​3998 @​kzantow]

(Full Changelog)

v1.27.0

Compare Source

Added Features

• add syft schema version to version command [#​3949 @​spiffcs]

Bug Fixes

• Remove CPE product candidates for phf, prometheus, hyper and Rust crates [#​3967 @​jayvdb]
• Remove CPE product candidates for opentelemetry and redis Rust crates [#​3962 @​jayvdb]
• Harden Container Runtime with Non-Root User [#​3941 @​MikeTheCyberGuy]
• terraform provider lock entries should not require constraints [#​3934 @​ghouscht]
• sbom cataloger returning upstream package [#​3662 #​3981 @​kzantow]
• Syft missing md5 sums and list data for dpkg packages under status.d/ [#​3912]
• Failure to detect dependency relationships between Python packages [#​3958 #​3965 @​christoph-blessing]
• Heavy memory consumption when directory scanning deb source [#​3928 #​3953 @​kzantow]
• In versions 1.25.0 and later, graalvm-native-image-cataloger adds 3-6 hours to Syft [#​3942 #​3944 @​kzantow]
• Syft incorrectly reports multiple APKs as parents of symlinked files [#​3847 #​3923 @​luhring]

(Full Changelog)

A HUGE thank you to @​rezmoss for his help identifying and solving an issue causing excessive time and memory consumption with large numbers of symlinks! ❤️

v1.26.1

Compare Source

Bug Fixes

• Dotnet deps binary cataloger hangs [#​3919 #​3930 @​kzantow]

(Full Changelog)

v1.26.0

Compare Source

Added Features

• Read version resources from non-.NET DLLs and executables [#​3842 #​3911 @​wagoodman]

Bug Fixes

• pkg.JavaArchive.PomProperties is being populated even though no pom.properties file was present for analysis [#​3922 @​wagoodman]
• syft 1.24.0 debug container - wget fails TLS [#​3891 #​3915 @​spiffcs]

(Full Changelog)

v1.25.1

Compare Source

Additional Changes

• remove go-rpmdb replace directive [#​3908 @​wagoodman]

(Full Changelog)

v1.25.0

Compare Source

Added Features

• Add PHP interpreter + extensions cataloger [#​2585 @​LaurentGoderre]

Bug Fixes

• update license content filtering default case to be 'none' for no content [#​3903 @​spiffcs]
• Distinguish openjdk vs jdk when using file source [#​3895 @​adammcclenaghan]
• Make it discoverable if Native Image contains no embedded SBOM [#​3731 #​3805 @​sathiya06]

(Full Changelog)

v1.24.0

Compare Source

Added Features

• Add cataloger for Dart pubspec [#​3292 @​LaurentGoderre]
• Translate Portage license strings to SPDX expressions [#​1763 @​wagoodman]
• Use package ID from decoded SBOMs when provided [#​1872 @​jneate]
• Annotate visible/hidden paths when all-layers scope [#​3855 @​wagoodman]
• Add support for PHP Pear [#​2775 @​LaurentGoderre]
• Detect whether full license text or a license name has been provided [#​3088 #​3876 @​spiffcs #​3450 @​spiffcs]
• Add Cataloger for Homebrew on macOS [#​3632 #​3724 @​rezmoss]
• Provide a way to get the LayerID the package was first found in [#​435 #​3858 @​wagoodman #​3138 @​tomersein]
• Go binaries that currently get (devel) as the version should instead stub UNKNOWN based on the compliance policy [#​3324 #​3873 @​wagoodman]
• Upgrade base Docker image to gcr.io/distroless/static-debian12 [#​3840 #​3862 @​bgoareguer]
• Return full license string instead of SHA256 hash when license string exceeds 64 characters [#​3780 #​3844 @​spiffcs]
• Detect nix dependencies [#​3814 #​3837 @​wagoodman]

Bug Fixes

• update license sort to be stable with contents field [#​3860 @​spiffcs]
• Improve detection of erlang binary in alpine Linux [#​3839 @​avodotiiets]
• Do not search for main module versions within binary contents by default [#​3874 @​wagoodman]
• dpkg license improvement for non SPDX licenses [#​3090 #​3888 @​spiffcs]
• CycloneDX group field not symmetrically handled by encoder/decoders [#​2981 #​3853 @​kzantow]
• Syft crash [signal SIGSEGV: segmentation violation code=0x80 addr=0x0 pc=0x123a0da] [#​3872 #​3875 @​wagoodman]
• Syft 1.23.1 shows version (devel) for grafana 12.0.0 [#​3864]
• .NET cataloger does not always pair up PE binaries and deps.json packages, resulting in duplicate packages on some runs [#​3866 #​3869 @​wagoodman]
• Propagate error in FileSourceProvider instead of warn log [#​3831 #​3845 @​Rupikz]
• Update github.com/Masterminds/semver package [#​3829 #​3836 @​popey]
• go-module-file-cataloger fails if symlinks in path [#​3614 #​3783 @​VictorHuu]
• Support fluent-bit some versions of arm/s390x images [#​3793 #​3817 @​VictorHuu]

Additional Changes

• update rust test fixtures to latest [#​3852 @​spiffcs]

(Full Changelog)

v1.23.1

Compare Source

Additional Changes

• Resolve owned file paths when searching for overlaps [#​3828 @​wagoodman]

(Full Changelog)

v1.23.0

Compare Source

Added Features

• Support skipping archive extraction with file source [#​3795 @​adammcclenaghan]
• Use the R cataloger in directory scans [#​3774 @​spiffcs]
• Add support for detecting javascript assets in .NET projects using libman [#​3825 @​wagoodman]
• Parse GitHub actions comments [#​3776 @​wagoodman]
• Support chrome binary detection [#​3174 #​3136 @​lem-onade]
• Add support for detecting undeclared license files scanning from python installations [#​2624 #​3779 @​wagoodman]

Bug Fixes

• .NET cataloger should consider compile target paths from deps.json [#​3821 @​wagoodman]
• Skip license scanner injection [#​3796 @​adammcclenaghan]
• Delete collection name/type key entries when empty [#​3797 @​adammcclenaghan]
• Use module name over relative paths in go.mod replace directives [#​3812 @​VictorHuu]
• Correct variable names for Conan lock parsing version handling [#​3802 @​musangk]
• Consider DLL claims for dependencies of .NET packages from deps.json [#​3822 @​wagoodman]
• Empty source during decoding an SBOM document should not be fatal [#​3791 @​wagoodman]
• Dpkg are not detected when scanning a directory [#​3726 #​3820 @​VictorHuu]
• Support golang tip image [#​3681 #​3757 @​VictorHuu]
• syft cataloger list should flatten options [#​3801 #​3804 @​kzantow]
• Unable to generate a correct SBOM for C++ project [#​3755]

(Full Changelog)

v1.22.0

Compare Source

Added Features

• Improve .NET package CPE generation [#​3764 @​wagoodman]
• Catalog deb archives directly [#​3315 #​3704 @​popey]

Bug Fixes

• Dotnet-Portable-Executable-Cataloger uses wrong component version for dotnet runtime libraries [#​3282 #​3768 @​wagoodman]
• Dotnet deps cataloger returns "wrong" dotnet-framework dependencies and misses out on the runtime (for applications) [#​2347 #​3768 @​wagoodman]
• .NET deps.json should be considered as installation evidence [#​3570 #​3563 @​wagoodman]
• Dotnet PE binary cataloger is detecting false positives [#​3469 #​3563 @​wagoodman]
• Long Processing Time in dpkg-db-cataloger with all-layers Option (Syft 1.20.0) [#​3683 #​3636 @​kzantow]

(Full Changelog)

v1.21.0

Compare Source

Added Features

• Support extracting symbols in .dynsym section for GraalVM Native Images [#​3647 @​rudsberg]
• Support fluent-bit 1.7.0 dev, rc [#​3133 #​3701 @​popey]

Bug Fixes

• Suppress "file already closed" errors [#​3695 @​wagoodman]
• Add set ID to dotnet (lock) packages [#​3719 @​houdini91]
• Location order on packages should consider evidence annotations when sorting [#​3720 @​wagoodman]
• Fix /etc/redhat-release file parsing when resolving distro details [#​3688 @​wagoodman]
• Syft fileresolver.containsPath allocates unnecessarily [#​3729 #​3730 @​yoav-orca]
• Dart: Syft incorrectly generates SBOM with version 0.0.0 for SDK dependencies [#​3158 #​3572 @​sgreg]
• Download location is not a valid URI [#​3696 #​3697 @​stgrace]

Additional Changes

• Update rustaudit module name [#​3689 @​tofay]
• bump golang.org/x/net from 0.35.0 to 0.36.0 [#​3709 @​dependabot]

(Full Changelog)

v1.20.0

Compare Source

Added Features

• Add file catalogers to selection configuration [#​3505 @​wagoodman]
• Configuration for including license contents in SBOM [#​3626 #​3631 @​spiffcs]
• Support Bitnami embedded SBOMs [#​3065 #​3341 @​juan131] [#​3676 @​willmurphyscode]

Bug Fixes

• Version parse caused by line breaks on different platforms [#​3672 @​idhyt]
• License files which do not match an SPDX expression are erroneously handled as 'unlicensed' [#​3412 #​3366 @​HeyeOpenSource]
• Incorrect URL encoding of package url (purl) [#​3533 #​3678 @​kzantow]
• syft should not warn on known bad package.json [#​3470 #​3645 @​kzantow]
• Scanning a project with many DLLs is slow [#​3455 #​3677 @​rogueai]
• cyclone-dx presenter drops files, includes only packages [#​3435 #​3539 @​spiffcs]
• "syft config" output swaps comments for search-indexed-archives / search-unindexed-archives [#​3624 #​3630 @​spiffcs]
• dpkg license improvement for non SPDX licenses [#​3090 #​3366 @​HeyeOpenSource]
• RPM-based PURLs sometimes have incorrect namespace (specifically OpenSUSE) [#​3534 #​3615 @​mprpic]

Additional Changes

• update to go 1.24.x [#​3660 @​westonsteimel]
• replace all shorthand tags of mapstruct -> mapstructure [#​3633 @​spiffcs]

(Full Changelog)

v1.19.0

Compare Source

Added Features

• add license parsing from vendor dirs [#​3522 @​dschmidt]
• Support cataloging NuGet packages [#​373 #​3484 @​Kemosabert]

Bug Fixes

• Syft generates invalid PURLs when name contains : [#​3577 #​3596 @​spiffcs @​jkugler]
• warn instead of error if zero package catalogers are select - user might still run file metadata cataloger, for example [#​3128 #​3468 @​tomersein]
• sbom report: missing licenses [#​3527 #​3549 @​kzantow]

Additional Changes

• bump stereoscope to v0.0.13 [#​3601 @​spiffcs]

(Full Changelog)

aquaproj/aqua (aquaproj/aqua)

v2.55.2

Compare Source

Performance Improvement

#​4342 Skip packages that cannot provide the desired exe @​refi64

Others

#​4312 Update Go to 1.25.4

v2.55.1

Compare Source

🐛 Bug Fixes

#​4274 #​4276 exec: Fix the command name (args[0])

Dependency Updates

#​4220 #​4266 Update github.com/google/go-github/v74 to v76
#​4233 #​4251 #​4261 Update Go to 1.25.2

Others

Release Cosign Bundle file *.bundle

v2.55.0

Compare Source

Features

#​4195 #​4213 Support verifying the integrity of GitHub Releases

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/verifying-the-integrity-of-a-release
https://aquaproj.github.io/docs/reference/security/github-immutable-release

v2.54.1

Compare Source

🐛 Bug Fixes

#​4182 Fix a bug of generate-registry command that arm64 is replaced to arm incorrectly

v2.54.0

Compare Source

Features

#​4173 ghtkn integration

https://aquaproj.github.io/docs/reference/security/ghtkn/

Now aqua can get a GitHub App User Access Token by ghtkn integration.
Stop risking token leaks - Use secure, short-lived GitHub tokens for local development.

Requirements

The ghtkn integration requires:

• Keyring

This feature doesn't depend on ghtkn CLI.

Limitation

The integration requires the user interaction when creating an access token via Device Flow, so it's unavailable in CI.

Set up

For more details, please see https://github.com/suzuki-shunsuke/ghtkn .

1. Create a GitHub App
2. Create a configuration file of ghtkn
3. Set the environment variable AQUA_GHTKN_ENABLED=true

export AQUA_GHTKN_ENABLED=true

Then aqua gets a user access token using ghtkn Go SDK when aqua calls GitHub APIs.

v2.53.11

Compare Source

Performance Improvement

#​4159 Update github.com/gdamore/tcell/v2 to reduce startup time @​refi64

Benchmark

$ git rev-parse HEAD
380a2334230ec9fd22adac3f4e137a4cf47d42b2

$ go version
go version go1.25.1 darwin/arm64

$ hyperfine --version
hyperfine 1.19.0

$ ls dist                         
aqua  aqua-25310

aqua.yaml

registries:
- type: standard
  ref: v4.408.0 # renovate: depName=aquaproj/aqua-registry
packages:
- name: suzuki-shunsuke/mkghtag@v0.1.11
- name: suzuki-shunsuke/cmdx@v2.0.2

$ hyperfine --warmup=20 -N 'dist/aqua'{-25310,}' exec -- mkghtag -version'
Benchmark 1: dist/aqua-25310 exec -- mkghtag -version
  Time (mean ± σ):      24.7 ms ±   1.3 ms    [User: 2.7 ms, System: 1.6 ms]
  Range (min … max):    23.5 ms …  29.6 ms    125 runs
 
  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.
 
Benchmark 2: dist/aqua exec -- mkghtag -version
  Time (mean ± σ):      10.8 ms ±   1.4 ms    [User: 2.4 ms, System: 1.6 ms]
  Range (min … max):     9.2 ms …  17.1 ms    250 runs
 
Summary
  dist/aqua exec -- mkghtag -version ran
    2.30 ± 0.33 times faster than dist/aqua-25310 exec -- mkghtag -version

$ hyperfine --warmup=20 -N 'dist/aqua'{-25310,}' exec -- cmdx -v'         
Benchmark 1: dist/aqua-25310 exec -- cmdx -v
  Time (mean ± σ):      25.7 ms ±   1.3 ms    [User: 3.5 ms, System: 1.7 ms]
  Range (min … max):    24.5 ms …  31.7 ms    120 runs
 
  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.
 
Benchmark 2: dist/aqua exec -- cmdx -v
  Time (mean ± σ):      11.2 ms ±   1.0 ms    [User: 3.1 ms, System: 1.6 ms]
  Range (min … max):    10.2 ms …  15.9 ms    253 runs
 
  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.
 
Summary
  dist/aqua exec -- cmdx -v ran
    2.30 ± 0.24 times faster than dist/aqua-25310 exec -- cmdx -v

v2.53.10

Compare Source

🛡️ Starting from this release, Immutable Release is enabled!

#​4147 Update Go to v1.25.1
#​4145 Update aqua-proxy to v1.2.12

🐛 Bug Fixes

#​4140 Fix error messages

v2.53.9

Compare Source

Pull Requests | Issues | aquaproj/aqua@v2.53.8...v2.53.9

🐛 Bug Fixes

#​4064 Fix a bug that environment variables aren't passed to gh attestation verify

Others

#​4065 Update Go to v1.24.6
#​4065 Update aqua-proxy to v1.2.11

go1.24.6 (released 2025-08-06) includes security fixes to the database/sql and os/exec packages, as well as bug fixes to the runtime.
See the Go 1.24.6 milestone on our issue tracker for details.

v2.53.8

Compare Source

Pull Requests | Issues | aquaproj/aqua@v2.53.7...v2.53.8

🐛 Bug Fixes

#​4047 cp: Add missing .exe on Windows @​W1M0R

v2.53.7

Compare Source

Pull Requests | Issues | aquaproj/aqua@v2.53.6...v2.53.7

Fixes

#​4038 Fix a bug that it fails to verify GitHub Artifact Attestations on GitHub Enterprise Server @​yamoyamoto

v2.53.6

Compare Source

Pull Requests | Issues | aquaproj/aqua@v2.53.5...v2.53.6

🐛 Bug Fixes

#​4024 #​4025 Fix a bug that aqua works without registries' ref
#​4019 Set User-Agent to GitHub Release downloads @​yanolab

[!WARNING]
About #​4019 , unfortunately the bug is still remaining. But maybe #​4019 mitigates the bug to some extent.

v2.53.5

Compare Source

Pull Requests | [Issues](h

---

Configuration

📅 Schedule: Branch creation - "after 10pm on monday,before 3am on monday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

This PR was generated by Mend Renovate. View the repository job log.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.