gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-05 20:40:16 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,858 Commits 31 Branches 177 Tags
main
Commit Graph

72 Commits

Author SHA1 Message Date
Nikita Pivkin
a2822280be refactor(misconf): mark AVDID fields as deprecated and use ID internally (#9576) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-23 10:46:35 +00:00
DmitriyLewen
6def66e002 fix: add buildInfo for BlobInfo in rpc package (#9608) 2025-10-08 09:47:12 +00:00
Teppei Fukuda
aeeb2a1f84 fix: restore compatibility for google.protobuf.Value (#9559) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-07 12:19:15 +00:00
Teppei Fukuda
5a5e0972c7 feat(secret): implement streaming secret scanner with byte offset tracking (#9264) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-08-01 08:17:54 +00:00
Teppei Fukuda
85a156c995 chore: migrate protoc setup from Docker to buf CLI (#9184) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-07-11 09:27:56 +00:00
Naimuddin Shaik
c29bb21973 refactor(server): change custom advisory and vulnerability data types fr… (#8923) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-05-30 04:54:11 +00:00
DmitriyLewen
38f17c945e fix(server): add missed Relationship field for rpc (#8872) 2025-05-15 05:47:04 +00:00
DmitriyLewen
a95cab0eab feat(image): save layers metadata into report (#8394) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-04-23 16:31:43 +00:00
Teppei Fukuda
dd54f80d3f feat: add report summary table (#8177) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-03-04 09:26:06 +00:00
DmitriyLewen
d464807321 feat: add --vuln-severity-source flag (#8269) 2025-03-03 10:59:30 +00:00
Nikita Pivkin
a99498cdd9 feat(misconf): render causes for Terraform (#8360) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-02-28 07:01:01 +00:00
iamtraining
a1c4bd746f fix(server): secrets inspectation for the config analyzer in client server mode (#8418) 2025-02-19 09:31:44 +00:00
Teppei Fukuda
da17dc7278 feat: add --distro flag to manually specify OS distribution for vulnerability scanning (#8070) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-12-09 11:46:49 +00:00
Gunesh Shanbhag
e0f2054f9d feat: add cvss v4 score and vector in scan response (#7968) 2024-11-21 10:51:55 +00:00
santhosh1729
461a68afd6 fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871) 2024-11-21 07:56:05 +00:00
simar7
c70b6fa166 refactor(misconf): Deprecate EXCEPTIONS for misconfiguration scanning (#7776) 
Signed-off-by: Simar <simar@linux.com>
 2024-10-29 22:29:42 +00:00
afdesk
4926da79de fix(license): stop spliting a long license text (#7336) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-09-05 10:20:29 +00:00
Teppei Fukuda
5c37361600 feat(vuln): add --pkg-relationships (#7237) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-07-29 06:18:59 +00:00
DmitriyLewen
7cbdb0a0b5 feat(cli): rename --vuln-type flag to --pkg-types flag (#7104) 2024-07-09 08:06:29 +00:00
Teppei Fukuda
56dbe1f676 fix: include packages unless it is not needed (#6765) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-05-28 07:22:45 +00:00
Teppei Fukuda
3eecfc6b6e refactor: unify Library and Package structs (#6633) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-05-07 12:25:52 +00:00
Teppei Fukuda
998f750432 feat: introduce package UIDs for improved vulnerability mapping (#6583) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-05-03 11:14:34 +00:00
DmitriyLewen
a2482c14e1 fix(server): add Locations for Packages in client/server mode (#6366) 2024-03-24 09:46:56 +00:00
Teppei Fukuda
1607eee77c refactor: move PkgRef under PkgIdentifier (#5831) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2023-12-29 06:52:36 +00:00
Juan Ariza Toledano
1f0d6290c3 feat(vuln): include pkg identifier on detected vulnerabilities (#5439) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-12-27 07:54:56 +00:00
Nikita Pivkin
520830b51b fix(server): add licenses to BlobInfo message (#5382) 2023-11-02 01:46:32 +00:00
rlubetkin
cb16e23f14 fix(server): add indirect prop to package (#4974) 
* fix(server): add indirect prop to package

* fix(server): fix test
 2023-08-17 08:57:20 +00:00
Nikita Pivkin
798ef1b64a fix(server): add licenses to the Result message (#4955) 2023-08-08 07:21:59 +00:00
Nikita Pivkin
e1c2a8c804 fix(misconf): add missing fields to proto (#4861) 
* fix(misconf): add missing fields to proto

* mark deleted fields as reserved
 2023-07-30 11:15:36 +00:00
Teppei Fukuda
232ba823e1 feat(vuln): support vulnerability status (#4867) 
* feat: support vulnerability status

* feat: show status in table

* don't add `fixed` status in debian/redhat

* update test golden files

* add Status in rpc

* update docs

* update ignore-status example

* add ignore-status in integration test

* docs: add the explanation for statuses

---------

Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-07-26 11:55:03 +00:00
DmitriyLewen
22463ababd feat(cli): add include-dev-deps flag (#4700) 
* add Dev field for Package

* fix integration test

* update docs

* feat(cli): add include-dev flag

* bump go-dep-parser

* update docs

* add integration test

* refactor

* refactor

* fix integration test

* refactor: rename flag to include-dev-deps

* update docs

* update docs

* filter dev deps when scanning packages

* add flag support for server mode

* refactor: remove comment that might confuse

* refactor: move --include-dev-deps to the scanner flag group

* refactor: not return apps

* docs: update

---------

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-06-29 13:15:52 +00:00
DmitriyLewen
67236f6aac fix(sbom): add checksum to files (#3888) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-03-30 09:24:27 +03:00
Teppei Fukuda
e1076085d9 refactor: rename security-checks to scanners (#3467) 2023-01-23 16:53:06 +02:00
DmitriyLewen
fe3831e0fe feat(ubuntu): added support ubuntu ESM versions (#1893) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-12-27 10:24:28 +02:00
Liam Galvin
b22e37e0c6 chore: Switch github.com/liamg dependencies to github.com/aquasecurity (#3069) 2022-10-25 11:17:47 +03:00
afdesk
2c39d4729a chore: run go fmt (#2897) 2022-10-02 09:33:21 +03:00
DmitriyLewen
b6e394dc80 feat(secret): add line from dockerfile where secret was added to secret result (#2780) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-09-15 10:13:20 +03:00
Ankush K
d8d8e62793 fix(secret): Consider secrets in rpc calls (#2753) 2022-08-25 09:36:51 +03:00
Owen Rumney
a3a66df007 feat: Add support for license scanning (#2418) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2022-07-13 22:36:41 +03:00
DmitriyLewen
57ed577459 feat: added license parser for dpkg (#2381) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-06-27 13:04:53 +03:00
Josh Soref
d6d0a60d16 chore: fix spelling errors (#2352) 2022-06-20 09:56:13 +03:00
AndreyLevchenko
cb76acbd9f fix(lang): fix dependency graph in client server mode (#2336) 2022-06-16 13:05:55 +03:00
Teppei Fukuda
6fdb554a0d feat(alpine): support apk repositories (#1987) 2022-04-14 09:52:51 +03:00
afdesk
36e24b1858 fix(rpc): add PkgPath field to client / server mode (#1643) 2022-03-30 14:43:29 +03:00
afdesk
9154b819ac feat(cache): remove temporary cache after filesystem scanning (#1868) 2022-03-27 11:31:54 +03:00
Masahiro331
7a148089ec feat(cyclonedx): add vulnerabilities (#1832) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-03-22 20:22:55 +02:00
Ankush K
de6c3cbb6c fix(rpc): Supports RPC calls for new identifier CustomResource (#1605) 2022-02-13 11:20:51 +02:00
Yuval Goldberg
3b0b2ed4ce build: Make make protoc be consistent (#1682) 
Signed-off-by: Yuval Goldberg <yuvigoldi@gmail.com>
 2022-02-10 11:07:30 +02:00
Teppei Fukuda
8d5882be03 refactor: migrate to prefixed buckets (#1644) 2022-01-31 10:05:38 +02:00
afdesk
420f8ab13e feat(os-pkg): add data sources (#1636) 2022-01-28 20:41:40 +02:00