gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(command): add rootfs command (#1271)

Browse Source
This commit is contained in:
Teppei Fukuda
2021-10-05 03:03:34 +09:00
committed by GitHub
parent a463e794ce
commit 1c9ccb5e03
21 changed files with 271 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
docs/vulnerability/detection/language.md
View File

@@ -2,23 +2,23 @@
`Trivy` automatically detects the following files in the container and scans vulnerabilities in the application dependencies.
| Language | File | Image[^6] | Filesystem[^7] | Repository[^8] |Dev dependencies |
|---------|-------------------------|:---------:|:--------------:|:---------------:|-----------------|
| Ruby | Gemfile.lock | - | ✅ | ✅ | included |
| | gemspec | ✅ | ✅ | - | included |
| Python | Pipfile.lock | - | ✅ | ✅ | excluded |
| | poetry.lock | - | ✅ | ✅ | included |
| | requirements.txt | - | ✅ | ✅ | included |
| | egg package[^1] | ✅ | ✅ | - | excluded |
| | wheel package[^2] | ✅ | ✅ | - | excluded |
| PHP | composer.lock | ✅ | ✅ | ✅ | excluded |
| Node.js | package-lock.json | - | ✅ | ✅ | excluded |
| | yarn.lock | - | ✅ | ✅ | included |
| | package.json | ✅ | ✅ | - | excluded |
| .NET | packages.lock.json | ✅ | ✅ | ✅ | included |
| Java | JAR/WAR/EAR[^3][^4] | ✅ | ✅ | ✅ | included |
| Go | Binaries built by Go[^5] | ✅ | ✅ | - | excluded |
| | go.sum | - | ✅ | ✅ | included |
| Language | File | Image[^6] | Rootfs[^7] | Filesysetm[^8] | Repository[^9] |Dev dependencies |
|----------|--------------------------|:---------:|:----------:|:--------------:|:---------------:|-----------------|
| Ruby | Gemfile.lock | - | - | ✅ | ✅ | included |
| | gemspec | ✅ | ✅ | - | - | included |
| Python | Pipfile.lock | - | - | ✅ | ✅ | excluded |
| | poetry.lock | - | - | ✅ | ✅ | included |
| | requirements.txt | - | - | ✅ | ✅ | included |
| | egg package[^1] | ✅ | ✅ | - | - | excluded |
| | wheel package[^2] | ✅ | ✅ | - | - | excluded |
| PHP | composer.lock | ✅ | ✅ | ✅ | ✅ | excluded |
| Node.js | package-lock.json | - | - | ✅ | ✅ | excluded |
| | yarn.lock | - | - | ✅ | ✅ | included |
| | package.json | ✅ | ✅ | - | - | excluded |
| .NET | packages.lock.json | ✅ | ✅ | ✅ | ✅ | included |
| Java | JAR/WAR/EAR[^3][^4] | ✅ | ✅ | ✅ | ✅ | included |
| Go | Binaries built by Go[^5] | ✅ | ✅ | - | - | excluded |
| | go.sum | - | - | ✅ | ✅ | included |
The path of these files does not matter.
@@ -30,5 +30,6 @@ Example: [Dockerfile](https://github.com/aquasecurity/trivy-ci-test/blob/main/Do
[^4]: It requires the Internet access
[^5]: UPX-compressed binaries don't work
[^6]: ✅ means "enabled" and `-` means "disabled" in the image scanning
[^7]: ✅ means "enabled" and `-` means "disabled" in the filesystem scanning
[^8]: ✅ means "enabled" and `-` means "disabled" in the git repository scanning
[^7]: ✅ means "enabled" and `-` means "disabled" in the rootfs scanning
[^8]: ✅ means "enabled" and `-` means "disabled" in the filesystem scanning
[^9]: ✅ means "enabled" and `-` means "disabled" in the git repository scanning