gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-05 20:40:16 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,858 Commits 31 Branches 177 Tags
main
Commit Graph

85 Commits

Author SHA1 Message Date
Thomas Grininger
e1f3f28ae4 feat(image): add Sigstore bundle SBOM support (#9516) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-11-25 06:10:06 +00:00
Teppei Fukuda
09ea608a3b test(go): refactor mod_test.go to use txtar format (#9775) 2025-11-11 09:36:47 +00:00
Teppei Fukuda
d70d994d88 feat(db): enable concurrent access to vulnerability database (#9750) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-11-06 13:32:06 +00:00
Teppei Fukuda
d020f2690e feat(report): add image reference to report metadata (#9729) 2025-10-31 07:26:39 +00:00
Teppei Fukuda
758f271040 feat: include registry and repository in artifact ID calculation (#9689) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-28 09:44:32 +00:00
Owen Rumney
719ea29d31 chore: add context to the cache interface (#9565) 2025-10-03 09:37:05 +00:00
Nikita Pivkin
e7c16a756c refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (#9282) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-30 03:33:52 +00:00
Teppei Fukuda
6fa3849c10 test: add HTTP basic authentication to git test server (#9407) 2025-09-01 09:42:41 +00:00
Matthieu MOREL
a19e0aa1ba fix: octalLiteral from go-critic (#8811) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-05-05 13:49:07 +00:00
Matthieu MOREL
6562082e28 fix: unused-parameter rule from revive (#8794) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-04-30 09:17:24 +00:00
Teppei Fukuda
a0dc3b688e refactor: add hook interface for extended functionality (#8585) 2025-04-08 11:49:16 +00:00
Maria Ines Parnisari
b9b27fce42 chore: update Docker lib (#8681) 2025-04-04 17:55:17 +00:00
Teppei Fukuda
24d0e2bf2d test: use memory cache (#8403) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-02-17 07:15:32 +00:00
Teppei Fukuda
b5062f3ae2 feat(fs): use git commit hash as cache key for clean repositories (#8278) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-01-27 08:53:49 +00:00
Nikita Pivkin
5a93a7736b test: replace Go checks with Rego (#7867) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-11-25 22:04:53 +00:00
Teppei Fukuda
bcfc37bb16 test: define constants for test images (#7739) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2024-10-16 23:41:59 +00:00
Nikita Pivkin
3562529ddf feat: support multiple DB repositories for vulnerability and Java DB (#7605) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-10-01 13:16:06 +00:00
Teppei Fukuda
d4edeb5d62 test: use loaded image names (#7617) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-10-01 04:27:02 +00:00
Teppei Fukuda
9d1be410c4 refactor: fix auth error handling (#7615) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-09-30 11:22:59 +00:00
Teppei Fukuda
88ba46047c feat(vex): VEX Repository support (#7206) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2024-07-25 12:18:37 +00:00
Teppei Fukuda
db68d106ce chore: bump golangci-lint from v1.58 to v1.59 (#7077) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-07-02 09:36:54 +00:00
Teppei Fukuda
fc6b3a760b refactor: pass DB dir to trivy-db (#7057) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-07-02 04:32:46 +00:00
Teppei Fukuda
e493fc931a refactor: delete db mock (#6940) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-06-20 04:51:57 +00:00
Teppei Fukuda
b7b8cdc9e9 test: replace embedded Git repository with dynamically created repository (#6824) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-06-03 07:34:28 +00:00
Nikita Pivkin
ebb123f37f chore: replace interface{} with any (#6751) 2024-05-27 02:53:19 +00:00
Teppei Fukuda
65b8a40d0d chore(deps): bump golangci-lint to v1.58.2 (#6719) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-05-20 06:35:34 +00:00
Nikita Pivkin
9361cdb7e2 feat(terraform): Terraform Plan snapshot scanning support (#6176) 
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2024-03-04 22:37:31 +00:00
simar7
14adbb4464 refactor(deps): Merge defsec into trivy (#6109) 
Signed-off-by: Simar <simar@linux.com>
 2024-02-16 08:31:32 +00:00
simar7
7bd3b630bb refactor(deps): Merge trivy-iac into Trivy (#6005) 2024-02-12 11:01:27 +00:00
Masahiro331
4d9b444499 fix(vm): update ext4-filesystem parser for parse multi block extents (#4616) 
* chore(deps): update ext4-filesystem parser for parse multi block extents

* test(vm): update integration-vm test fixtures

* test(vm): add gzip decompresser for sparse file

* test(vm): add mage command update golden file for vm integration test

* chore(magefile): [WIP] change test repository

* Revert "chore(magefile): [WIP] change test repository"

This reverts commit c015c8892f.

* fix(test): update fixtures and golden file

* fix(test): revert fixVersion and PkgID
 2023-06-18 16:41:55 +00:00
Teppei Fukuda
bd0c60364a perf(misconf): replace with post-analyzers (#4090) 
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
 2023-04-23 19:22:46 +03:00
Masahiro331
22d92e4ad6 feat: add virtual machine scan command (#2910) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-11-27 11:45:00 +02:00
Teppei Fukuda
c26a3e481f refactor(internal): export internal packages (#887) 
* refactor: export internal packages

* refactor(server): define Server

* refactor: fix lint issues

* test(integration): fix imports
 2021-03-14 17:04:01 +02:00
Teppei Fukuda
8b3b5d0290 feat: support plugins (#878) 
* fix(log): set the default logger

* feat: support plugins

* feat(plugin): add run command

* feat(plugin): add uninstall command

* test(plugin): add tests

* chore(ci): pin go version

* chore(ci): disable G204

* refactor: fix lint issues

* feat(plugin): skip downloading installed plugins

* feat: add TRIVY_RUN_AS_PLUGIN

* support Ubuntu 20.10 (#876)

* docs(README): update ubuntu versions (#877)

* add MkDocs implementation (#870)

* mkdocs: add top level nav

* mkdocs: add installation nav

* mkdocs: add quick-start nav

* mkdocs: add examples nav

* mkdocs: add CI nav

* mkdocs: add vuln-detection nav

* mkdocs: add comparison nav

* mkdocs: add usage nav

* mkdocs: add migration nav

* mkdocs: add FAQ nav

* mkdocs: add mkdocs.yml

* mkdocs: add github workflow

* docs: update documents

* fix links

* chore(ci): use ORG_GITHUB_TOKEN

* chore(mkdocs): use mike

* chore(ci): support dev

* chore(ci): documentation test

Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs: add plugins

* chore: remove stale workflow

* refactor: fix lint issues

Co-authored-by: Huang Huang <mozillazg101@gmail.com>
Co-authored-by: aprp <doelaudi@gmail.com>
 2021-03-10 21:44:08 +02:00
Teppei Fukuda
fcb9a93d05 fix: allow the latest tag (#864) 
* fix: allow the latest tag

* docs: update README
 2021-02-25 16:23:11 +02:00
Teppei Fukuda
425eaf8a2a feat: disable analyzers (#846) 
* feat: pass disabled analyzers

* refactor(run): split into functions

* feat(run): pass disabled analyzers

* chore(mod): update fanal

* chore(mod): update fanal

* refactor
 2021-02-24 11:02:24 +02:00
Teppei Fukuda
c9f22f4e55 feat(java): support jar/war/ear (#837) 
* refactor(server): remove Detect endpoint

* refactor(library): do not use interface

* refactor: add dbtest package

* test: add bolt fixtures

* feat: support jar scanning

* refactor: rename node to npm

* refactor: fix lint issues

* test(maven): remove some tests

* chore(mod): update fanal

* docs: update README

* chore(mod): update trivy-db

* fix(library/drive): add ecosystem

* fix: do not display 0 vulnerabilities

* refactor(table): split method

* Update README.md (#838)

* fix(app): increase the default value of timeout (#842)

* feat(maven): use go-mvn-version

* test(maven): update tests

* fix(scan): skip files and dirs before vulnerability detection

* fix: display log messages only once per type

* docs(README): add file suffixes

* chore(mod): update go-mvn-version

* feat(log): set go-dep-parser logger

* chore(mod): update fanal

* docs: update README

* docs(README): add java source

* test(maven): fix invalid case
 2021-02-14 18:19:42 +02:00
Teppei Fukuda
3047c524d9 fix(app): increase the default value of timeout (#842) 2021-02-14 08:15:53 +02:00
Christian Zunker
1f17e71dce Parse redis backend url (#804) 
As suggested by the go-redis client, parse the url to get the config.
This will fix problems, when the url contains a username and/or password.

Fixes #798

Signed-off-by: Christian Zunker <christian.zunker@codecentric.cloud>
 2021-01-21 09:08:53 +02:00
Robert Jacob
e2c483f856 Remove global flags from filesystem command (#772) 
* Remove global flags from subcommands

If the global flags are added to the subcommand as well as being used
globally, their value will be overwritten when the arguments for the
subcommand are parsed. This leads to the value passed to the flag at the
global position being lost.

* Update readme
 2021-01-05 12:49:39 +02:00
Christian Zunker
8de09ddf37 Fix formatting of log message (#785) 
Signed-off-by: Christian Zunker <christian.zunker@codecentric.cloud>
 2020-12-25 16:26:23 +02:00
Teppei Fukuda
7b86f81e29 feat(cache): support Redis (#770) 
* feat(config): add --cache-backend

* feat(operation): embed cache.Cache into operation.Cache

* feat(cache): support redis://

* test(integration): add redis test

* chore(README): add --cache-backend

* chore(mod): update

* chore: add disclaimer
 2020-12-21 08:26:19 +02:00
Huang Huang
ca6f196001 Skip downloading DB if a remote DB is not updated (#717) 
* Skip downloading DB if a remote DB is not updated

* Apply suggestions from code review

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* update github.com/aquasecurity/trivy-db version

* fix lint

* Use UTC datetime

* display DownloadedAt info in debug log

* refactor(db): merge isLatestDB into isNewDB

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-10-26 09:07:30 +02:00
rahul2393
793a1aa3c8 Add linter check support (#679) 
* add linter supports

* add only minor version

* use latest version

* Fix println with format issue

* Fix test

* Fix tests

* For slice with unknown length, preallocating the array

* fix code-coverage

* Removed linter rules

* Reverting linter fixes, adding TODO for later

* Ignore linter error for import

* Remove another err var.

* Ignore shadow error

* Fixes

* Fix issue

* Add back goimports local-prefixes

* Update local prefixes

* Removed extra spaces and merge the imports

* more refactoring

* Update photon.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-10-20 15:20:04 +03:00
Teppei Fukuda
188e108d7c fix(cli): show help for subcommands (#629) 2020-09-21 14:03:25 +03:00
Huang Huang
7d7842f2f3 Add --skip-update option to fs and repo subcommand (#641) 2020-09-18 14:49:47 -07:00
Masahiro331
095b5ce97c fix(cli): show help when no argument is passed (#628) 
* Fix subcommands help

* refactor: call ShowAppHelpAndExit

* refactor: remove an unused error

* test: remove exit cases

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-09-08 17:32:20 +03:00
Teppei Fukuda
5e308da81a feat(cli): add --skip-files option (#624) 
* feat(cli): add --skip-files

* test(integration): add --skip-files and --skip-dirs

* chore(docs): update README

* chore(docs): correct a grammar mistake
 2020-09-08 15:04:56 +03:00
Teppei Fukuda
96af6dc499 feat: add --skip-directories option (#595) 
* feat: add --skip-directories option

* chore(README): update

* refactor: rename skip-directories to skip-dirs

* Update internal/app.go

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>

* refactor: add some context in the warning message

* chore(README): update

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-08-12 14:03:12 +03:00
Carol Valencia
8ca484f538 fix: remove error using no options (#539) 
* fix: remove error using no options

* chore: return error in Init

* chore: return custom error ErrNoTarget

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/artifact/image.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* chore - remove error using no options

* fix(config): typo

* test(config): change the log level

* test(config): revert removed tests

Co-authored-by: Carol <krol3@users.noreply.github.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-08-09 10:39:27 +03:00