trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00

Author	SHA1	Message	Date
Nikita Pivkin	520830b51b	fix(server): add licenses to `BlobInfo` message (#5382 )	2023-11-02 01:46:32 +00:00
Teppei Fukuda	44656f2853	refactor: use defined types (#5225 ) * refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-09-22 10:44:39 +00:00
rlubetkin	cb16e23f14	fix(server): add indirect prop to package (#4974 ) * fix(server): add indirect prop to package * fix(server): fix test	2023-08-17 08:57:20 +00:00
Nikita Pivkin	798ef1b64a	fix(server): add licenses to the Result message (#4955 )	2023-08-08 07:21:59 +00:00
Nikita Pivkin	e1c2a8c804	fix(misconf): add missing fields to proto (#4861 ) * fix(misconf): add missing fields to proto * mark deleted fields as reserved	2023-07-30 11:15:36 +00:00
DmitriyLewen	67236f6aac	fix(sbom): add checksum to files (#3888 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-03-30 09:24:27 +03:00
DmitriyLewen	57ed577459	feat: added license parser for dpkg (#2381 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-06-27 13:04:53 +03:00
Liam Galvin	094db23a03	refactor: Fix fanal import paths and remove dotfiles	2022-06-20 09:43:33 +01:00
afdesk	36e24b1858	fix(rpc): add PkgPath field to client / server mode (#1643 )	2022-03-30 14:43:29 +03:00
Masahiro331	7a148089ec	feat(cyclonedx): add vulnerabilities (#1832 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-03-22 20:22:55 +02:00
Teppei Fukuda	11f4f81123	refactor: move result structs under types (#1696 )	2022-02-09 19:31:12 +02:00
Teppei Fukuda	8d5882be03	refactor: migrate to prefixed buckets (#1644 )	2022-01-31 10:05:38 +02:00
afdesk	420f8ab13e	feat(os-pkg): add data sources (#1636 )	2022-01-28 20:41:40 +02:00
Teppei Fukuda	f12446d3ba	feat(report): add package path (#1274 )	2021-10-06 10:28:48 +03:00
Naimuddin Shaik	8d13234554	fix:added layer info in packages (#1248 ) * added layer info in packages * fixed unit cases	2021-09-22 17:17:16 +03:00
Teppei Fukuda	31c45ffc52	refactor: use testing DB instead of mock (#1234 )	2021-09-15 10:06:01 +03:00
santhosh1729	2a4400c147	Add license info to package data (#1176 )	2021-08-15 13:05:37 +03:00
Teppei Fukuda	8b3b5d0290	feat: support plugins (#878 ) * fix(log): set the default logger * feat: support plugins * feat(plugin): add run command * feat(plugin): add uninstall command * test(plugin): add tests * chore(ci): pin go version * chore(ci): disable G204 * refactor: fix lint issues * feat(plugin): skip downloading installed plugins * feat: add TRIVY_RUN_AS_PLUGIN * support Ubuntu 20.10 (#876) * docs(README): update ubuntu versions (#877) * add MkDocs implementation (#870) * mkdocs: add top level nav * mkdocs: add installation nav * mkdocs: add quick-start nav * mkdocs: add examples nav * mkdocs: add CI nav * mkdocs: add vuln-detection nav * mkdocs: add comparison nav * mkdocs: add usage nav * mkdocs: add migration nav * mkdocs: add FAQ nav * mkdocs: add mkdocs.yml * mkdocs: add github workflow * docs: update documents * fix links * chore(ci): use ORG_GITHUB_TOKEN * chore(mkdocs): use mike * chore(ci): support dev * chore(ci): documentation test Co-authored-by: knqyf263 <knqyf263@gmail.com> * docs: add plugins * chore: remove stale workflow * refactor: fix lint issues Co-authored-by: Huang Huang <mozillazg101@gmail.com> Co-authored-by: aprp <doelaudi@gmail.com>	2021-03-10 21:44:08 +02:00
Simarpreet Singh	e6cef75162	NVD: Add timestamps. (#761 ) * (feat): Add NVD published and modified dates Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Fix golden files. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Fix registry_test.go golden files. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Fix distroless-base-ignore-unfixed.json.golden with ignore-unfixed option. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Fix fluentd-multiple-lockfiles.json.golden. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Fix alpine-310.html.golden file. Signed-off-by: Simarpreet Singh <simar@linux.com> * fix(convert): fix disparency between standalone and client/server * test(integration): update trivy.db * test(integration): update golden files * (test): Add a check for non nil date types. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Add a unit test for ConvertFromRPCResults. Signed-off-by: Simarpreet Singh <simar@linux.com> * (test): Add a nil date case for ConvertFromRPCResults. Signed-off-by: Simarpreet Singh <simar@linux.com> * refactor: sort imports Co-authored-by: knqyf263 <knqyf263@gmail.com>	2020-12-14 13:21:09 -08:00
Teppei Fukuda	4d1894327e	feat(vulnerability): add primary URLs (#752 ) * refactor(vulnerability): rename a method * feat(vulnerability): add primary url * fix(templates): add primary links * feat(writer): add url * refactor(convert): remove an unnecessary function * feat(rpc): add primary_url * test(integration): update golden files	2020-11-26 06:06:26 +02:00
rahul2393	793a1aa3c8	Add linter check support (#679 ) * add linter supports * add only minor version * use latest version * Fix println with format issue * Fix test * Fix tests * For slice with unknown length, preallocating the array * fix code-coverage * Removed linter rules * Reverting linter fixes, adding TODO for later * Ignore linter error for import * Remove another err var. * Ignore shadow error * Fixes * Fix issue * Add back goimports local-prefixes * Update local prefixes * Removed extra spaces and merge the imports * more refactoring * Update photon.go Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2020-10-20 15:20:04 +03:00
Simarpreet Singh	5b9d942313	rpc: Add CVSS information to client/server (#564 ) Signed-off-by: Simarpreet Singh <simar@linux.com>	2020-07-26 15:06:25 +03:00
Teppei Fukuda	329f245283	fix: replace containers/image with google/go-containerregistry (#456 ) * chore(mod): update dependencies * fix(internal): remove cleanup * fix: use only diff_id * fix: use string instead of digest * fix: replace LayerID with Layer * test(integration): negotiate API version * feat(conf): add TRIVY_NONSSL * test(integration): update golden files * test(integration): fix the error message * chore(debian): add comments * chore(mod): update dependencies	2020-04-14 13:31:13 +03:00
Teppei Fukuda	aca31dffb3	detector: Add LayerID to detect vulns (#419 ) * detector/alpine: Add LayerID to detect vulns Signed-off-by: Simarpreet Singh <simar@linux.com> * amazon: Add LayerID to DetectedVulns Signed-off-by: Simarpreet Singh <simar@linux.com> * debian: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * oracle: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * photon: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * redhat: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * suse: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * ubuntu: Add LayerID to DetectVulns + tests Signed-off-by: Simarpreet Singh <simar@linux.com> * integration: Fix integration tests to include LayerID Signed-off-by: Simarpreet Singh <simar@linux.com> * fix(rpc): add layer_id * fix(rpc): insert layer_id to the struct * fix(extractor): add cleanup function * fix(library): add layer ID to detected vulnerabilities * test: update mocks * chore(mod): point to the feature branch of fanal * mod: Point to fanal/master Signed-off-by: Simarpreet Singh <simar@linux.com> * scan_test: Include LayerID as part of the assertion Signed-off-by: Simarpreet Singh <simar@linux.com> * docker_engine_test.go: Update an error message to conform with fanal/master. Signed-off-by: Simarpreet Singh <simar@linux.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2020-03-04 19:55:16 +02:00
Teppei Fukuda	18b80e3781	feat(cache): based on JSON (#398 ) * refactor(docker_conf): rename and remove unnecessary options * feat(rpc): define new API * fix(cli): change default timeout * fix(import): fix package names * refactor(vulnerability): remove old mock * refactor(utils): remove un-needed functions * feat(cache): implement cache communicating with a server * refactor(scan): separate scan function as local scanner * test(scanner): add tests for ScanImage * refactor(scan): remove unused options * test(vulnerability): generate mock * refactor(server): split a file * feat(server): implement new RPC server * feat(client): implement new RPC client * fix(cache): use new cache interface * fix(standalone): use new scanner * fix(client): use new scanner * fix(server): pass cache * test(integration): make sure an error is not nil before calling the method * fix(mod): update dependencies * test(integration): ensure the image load finishes * feat(docker): support DOCKER_HOST and DOCKER_CERT_PATH * chore(mod): update dependencies * refactor(rpc): remove old client * feat(server): support old API for backward compatibility * fix(server): check a schema version of JSON cache * fix(rpc): add a version to packages * feat(rpc): add PutImage * test: rename expectations * refactor(cache): rename LayerCache to ImageCache * refactor: rename ImageInfo to ImageReference * fix(applier): pass image_id to ApplyLayer * feat(cache): handle image cache * chore(mod): update dependencies * refactor(server): pass only config * feat(cli): add -removed-pkgs option * refactor(err): wrap errors	2020-02-27 23:17:55 +02:00
Teppei Fukuda	74717b888e	feat: support client/server mode (#295 ) * chore(app): change dir * feat(rpc): add a proto file and auto-generated files * chore(dep): add dependencies * fix(app): fix import path * fix(integration): fix import path * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * refactor: split functions for client/server (#296) * refactor(db): split db.Download * refactor(standalone): create a different package * refactor(vulnerability): split FillAndFilter * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * fix(db): remove an unused variable * fix(db): expose the github client as an argument of constructor * refactor(vulnerability): add the detail message * feat(rpc): add rpc client (#302) * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * feat(rpc): convert types * feat(rpc): add rpc client * token: Refactor to handle bad headers being set Signed-off-by: Simarpreet Singh <simar@linux.com> * feat(rpc): add rpc server (#303) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * test(mock): add mocks * test(rpc/server): add tests * test(rpc/ospkg/server): add tests * tets(os/detector): add tests * refactor(library): move directories * chore(dependency): add google/wire * refactor(library): introduce google/wire * refactor(ospkg/detector): move directory * feat(rpc): add eosl * refactor(ospkg): introduce google/wire * refactor(wire): bind an interface * refactor(client): use wire.Struct * chore(Makefile): fix wire * test(server): add AssertExpectations * test(server): add AssertExpectations * refactor(server): remove debug log * refactor(error): add more context messages * test(server): fix error message * refactor(test): create a constructor of mock * refactor(config): remove an unused variable * test(config): add an assertion to test the config struct * feat(client/server): add sub commands (#304) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * feat(client/server): add sub commands * merge(server3) * test(scan): remove an unused mock * refactor(client): generate the constructor by wire * fix(cli): change the default port * fix(server): use auto-generated constructor * feat(ospkg): return eosl * test(integration): add integration tests for client/server (#306) * fix(server): remove unnecessary options * test(integration): add integration tests for client/server * fix(server): wrap an error * fix(server): change the update interval * fix(server): display the error detail * test(config): add an assertion to test the config struct * fix(client): returns an error when failing to initizlie a logger * test(ospkg/server): add eosl * Squashed commit of the following: * test(server): refactor and add tests (#307) * test(github): create a mock * test(db): create a mock * test(server): add tests for DB hot update * chore(db): add a log message * refactor(db): introduce google/wire * refactor(rpc): move directory * refactor(injector): fix import name * refactor(import): remove new lines * fix(server): display the error detail * fix(server): change the update interval * fix(server): wrap an error * test(integration): add integration tests for client/server * fix(server): remove unnecessary options * refactor(server): return an error when failing to initialize a logger * refactor(server): remove unused error * fix(client/server): fix default port * chore(README): add client/server * chore(README): update	2019-12-13 15:00:11 +02:00

26 Commits