trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 07:29:00 -08:00

Author	SHA1	Message	Date
Katrin Leinweber	38e2fbf7f9	docs: link warning to both timeout config options (#6620 )	2024-05-06 08:26:37 +00:00
DmitriyLewen	14c1024b47	refactor: move setting scanners when using compliance reports to flag parsing (#6619 )	2024-05-03 11:27:37 +00:00
simar7	37da98df45	feat(misconf): Use updated terminology for misconfiguration checks (#6476 ) Signed-off-by: Simar <simar@linux.com>	2024-05-02 18:16:17 +00:00
Teppei Fukuda	f0961d54f6	feat: respect custom exit code from plugin (#6584 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-02 05:07:49 +00:00
Nikita Pivkin	12ec0dfe9e	feat(misconf): loading embedded checks as a fallback (#6502 )	2024-04-19 06:22:31 +00:00
Teppei Fukuda	13e72eca58	refactor: remove parallel walk (#5180 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-04-17 18:24:18 +00:00
Teppei Fukuda	94d6e8ced6	refactor: replace zap with slog (#6466 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>	2024-04-11 18:59:09 +00:00
Jan-Otto Kröpke	53517d622b	feat(misconf): add helm-api-version and helm-kube-version flag (#6332 ) Co-authored-by: Simar <simar@linux.com>	2024-04-06 05:07:56 +00:00
Jeff Rescignano	f23ed77598	feat(misconf): Support private registries for misconf check bundle (#6327 )	2024-04-01 05:45:58 +00:00
Parvez	9d2057a7c2	feat(image): customer podman host or socket option (#6256 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-03-11 04:27:57 +00:00
saso	7694df11fb	fix(sbom): skip executable file analysis if Rekor isn't a specified SBOM source (#6163 )	2024-02-20 06:44:35 +00:00
Teppei Fukuda	99c04c4383	feat(report): output plugin (#4863 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-12-04 11:04:43 +00:00
simar7	b5874e3ad3	feat(misconf): Add `--misconfig-scanners` option (#5670 )	2023-11-29 23:59:17 +00:00
simar7	13362233c8	feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550 ) Signed-off-by: Simar <simar@linux.com>	2023-11-16 02:29:38 +00:00
simar7	e3c28f8ee3	feat(misconf): Add support for `--cf-params` for CFT (#5507 ) Signed-off-by: Simar <simar@linux.com> Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>	2023-11-15 07:04:22 +00:00
Teppei Fukuda	ac0e327492	feat(flag): replace '--slow' with '--parallel' (#5572 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-11-15 06:41:13 +00:00
Michel Meyer	908a4914c7	feat(db): allow passing registry options (#5226 ) * feat(db): allow passing registry options Signed-off-by: Michel Meyer <meyer_michel@outlook.com> * feat(db): pass cli registry options to javaDB --------- Signed-off-by: Michel Meyer <meyer_michel@outlook.com>	2023-09-27 13:17:11 +00:00
Teppei Fukuda	9628b1cbf3	feat: add support for .trivyignore.yaml (#5070 ) * feat: add support for .trivyignore.yaml Signed-off-by: knqyf263 <knqyf263@gmail.com> * add test for trivyignore.yaml * Add doublestar support Signed-off-by: knqyf263 <knqyf263@gmail.com> * go mod tidy Signed-off-by: knqyf263 <knqyf263@gmail.com> * update docs * test: fix Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: load .trivyignore once Signed-off-by: knqyf263 <knqyf263@gmail.com> * feat: add a debug log Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add a table for fields Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: skip empty results Signed-off-by: knqyf263 <knqyf263@gmail.com> * revert the change Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-08-31 11:53:37 +00:00
Nikita Pivkin	e8cf281471	fix(aws): resolve endpoint if endpoint is passed (#4925 ) * fix(aws): resolve endpoint to get identity if endpoint is passed * resolve endpoint for ami and ebs * return an error if aws region is missing	2023-08-08 07:19:40 +00:00
simar7	11618c9408	feat(misconf): Support custom URLs for policy bundle (#4834 ) * feat(misconf): Support custom URLs for policy bundle This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: https://github.com/aquasecurity/trivy/issues/4672 Signed-off-by: Simar <simar@linux.com> * update docs Signed-off-by: Simar <simar@linux.com> * rename flag to `--policy-bundle-repository` Signed-off-by: Simar <simar@linux.com> * fix field * rebase and update docs Signed-off-by: Simar <simar@linux.com> * set policyBundleRepo on client Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com>	2023-07-26 08:45:49 +00:00
Teppei Fukuda	20c2246a61	fix(report): close the file (#4842 ) * fix(report): close the file * refactor: add the format type * fix: return errors in version printing * fix: lint issues * fix: do not fail on bogus cache dir --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-07-23 13:37:18 +00:00
simar7	a7bd7bb65f	feat(misconf): Add support for independently enabling libraries (#4070 ) * feat(misconf): Add support for independently enabling libraries Implements: https://github.com/aquasecurity/trivy/issues/4181 Signed-off-by: Simar <simar@linux.com> * update tests Signed-off-by: Simar <simar@linux.com> * fix lint Signed-off-by: Simar <simar@linux.com> * fix tests Signed-off-by: Simar <simar@linux.com> * update defsec Signed-off-by: Simar <simar@linux.com> * fix test Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-07-23 09:44:59 +00:00
simar7	4bc8d29c15	feat(misconf): Support custom data for rego policies for cloud (#4745 ) * feat(misconf): Support custom data for cloud policies Signed-off-by: Simar <simar@linux.com> * use policyfs Signed-off-by: Simar <simar@linux.com> * refactor to reduce cyclomatic complexity Signed-off-by: Simar <simar@linux.com> * bump defsec * update docs Signed-off-by: Simar <simar@linux.com> * update test assertion Signed-off-by: Simar <simar@linux.com> * update test Need this as OPA is currently broken on Windows https://github.com/open-policy-agent/opa/issues/4521 Signed-off-by: Simar <simar@linux.com> * fix data path * fix(mapfs): convert volume names into dirs * revert creating temp dirs --------- Signed-off-by: Simar <simar@linux.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2023-07-17 12:34:20 +00:00
Nikita Pivkin	3c7d988d71	feat(cli): add --tf-exclude-downloaded-modules flag (#4810 ) * feat(cli): add --tf-exclude-downloaded-modules flag * fix typo * generate docs	2023-07-16 08:56:03 +00:00
DmitriyLewen	22463ababd	feat(cli): add include-dev-deps flag (#4700 ) * add Dev field for Package * fix integration test * update docs * feat(cli): add include-dev flag * bump go-dep-parser * update docs * add integration test * refactor * refactor * fix integration test * refactor: rename flag to include-dev-deps * update docs * update docs * filter dev deps when scanning packages * add flag support for server mode * refactor: remove comment that might confuse * refactor: move --include-dev-deps to the scanner flag group * refactor: not return apps * docs: update --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-06-29 13:15:52 +00:00
Tung Bui (Leo)	904f1cf24e	fix: Show the correct URL of the secret scanning (#4682 )	2023-06-21 10:57:54 +00:00
Teppei Fukuda	9ef01133c8	feat: add SBOM analyzer (#4210 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-06-02 09:34:07 +03:00
Teppei Fukuda	50fe43f14c	feat(cli): convert JSON reports into a different format (#4452 ) Co-authored-by: Aurelien LAJOIE <aurelien.lajoie@kili-technology.com>	2023-05-24 11:45:26 +03:00
simar7	92f9e98d04	feat(misconf): Add `--reset-policy-bundle` for policy bundle (#4167 )	2023-05-18 11:54:01 +03:00
guangwu	56a01ec6f7	refactor: code-optimization (#4214 )	2023-05-15 14:48:09 +03:00
Peter Engelbert	6a0e152657	feat(image): Add image-src flag to specify which runtime(s) to use (#4047 ) Signed-off-by: Peter Engelbert <pmengelbert@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-05-15 14:42:42 +03:00
Teppei Fukuda	55fb723a6e	feat(image): enforce image platform (#4083 )	2023-05-08 21:04:22 +03:00
Teppei Fukuda	11a5b91a1a	feat(sbom): add VEX support (#4053 )	2023-04-27 10:21:06 +03:00
Adarsh A	0650e0e1d5	feat(license): add new flag for classifier confidence level (#4073 ) Co-authored-by: Aswath S <aswath.s@thoughtworks.com>	2023-04-24 13:41:08 +03:00
Teppei Fukuda	bd0c60364a	perf(misconf): replace with post-analyzers (#4090 ) Signed-off-by: Simar <simar@linux.com> Co-authored-by: Simar <simar@linux.com>	2023-04-23 19:22:46 +03:00
aswath-s-tw	be47b688c7	feat(image): custom docker host option (#3599 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-04-20 22:10:51 +03:00
Teppei Fukuda	f0df725c5a	fix: lock downloading policies and database (#4017 )	2023-04-10 15:37:13 +03:00
DmitriyLewen	67236f6aac	fix(sbom): add checksum to files (#3888 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-03-30 09:24:27 +03:00
Teppei Fukuda	f14bed4532	feat: add auth support for downloading OCI artifacts (#3915 )	2023-03-30 05:53:24 +03:00
Teppei Fukuda	ca0d972cdb	feat(image): add registry options (#3906 )	2023-03-28 07:00:04 +03:00
DmitriyLewen	1fac7bf1ba	fix: disable jar analyzer for scanners other than vuln (#3810 )	2023-03-13 00:11:25 +02:00
DmitriyLewen	6614398ab4	fix(license): disable jar analyzer for licence scan only (#3780 )	2023-03-07 13:22:23 +02:00
Teppei Fukuda	bc0836623c	fix(cli): pass integer to exit-on-eol (#3716 )	2023-03-01 12:18:11 +02:00
Kalyana Krishna Varanasi	302c8ae24c	feat: Adding --module-dir and --enable-modules (#3677 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-03-01 12:09:53 +02:00
Teppei Fukuda	34120f4201	feat: add special IDs for filtering secrets (#3702 )	2023-03-01 09:51:11 +02:00
Teppei Fukuda	b791362871	feat: summarize vulnerabilities in compliance reports (#3651 )	2023-02-28 00:09:00 +02:00
Teppei Fukuda	793cc43d4c	feat(go): license support (#3683 )	2023-02-24 17:52:35 +02:00
chenk	92eaf636ca	feat: config outdated-api result filtered by k8s version (#3578 ) Signed-off-by: chenk <hen.keinan@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-02-22 15:41:37 +02:00
Jack Lin	32acd293fd	feat(flag): add exit-on-eosl option (#3423 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-02-15 10:51:15 +02:00
Alexej Disterhoft	86603bb9c5	fix(cli): make java db repository configurable (#3595 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-02-14 15:01:15 +02:00

1 2 3

117 Commits