gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 07:29:00 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,765 Commits 29 Branches 178 Tags
aea298b3dc21c0c5ef022232f0eb5a5304fb4f9f
Commit Graph

17 Commits

Author SHA1 Message Date
DmitriyLewen
aea298b3dc feat: add support for swift cocoapods lock files (#2956) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-12-11 19:15:10 +02:00
DmitriyLewen
4839075c28 feat: add support for conan.lock file (#2779) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-09-06 21:59:13 +03:00
Masahiro331
5b821d3b13 feat(sbom): add cyclonedx sbom scan (#2203) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-07-03 20:03:21 +03:00
Liam Galvin
094db23a03 refactor: Fix fanal import paths and remove dotfiles 2022-06-20 09:43:33 +01:00
AndreyLevchenko
3e3c119555 feat(lang): add dependency origin graph (#1970) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-06-16 10:34:26 +03:00
Teppei Fukuda
8d5882be03 refactor: migrate to prefixed buckets (#1644) 2022-01-31 10:05:38 +02:00
Teppei Fukuda
f12446d3ba feat(report): add package path (#1274) 2021-10-06 10:28:48 +03:00
Ankush K
dbc7a83e8c feat(python): add packaging detector and respective hook (#1223) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-09-13 20:59:11 +03:00
Teppei Fukuda
c9f22f4e55 feat(java): support jar/war/ear (#837) 
* refactor(server): remove Detect endpoint

* refactor(library): do not use interface

* refactor: add dbtest package

* test: add bolt fixtures

* feat: support jar scanning

* refactor: rename node to npm

* refactor: fix lint issues

* test(maven): remove some tests

* chore(mod): update fanal

* docs: update README

* chore(mod): update trivy-db

* fix(library/drive): add ecosystem

* fix: do not display 0 vulnerabilities

* refactor(table): split method

* Update README.md (#838)

* fix(app): increase the default value of timeout (#842)

* feat(maven): use go-mvn-version

* test(maven): update tests

* fix(scan): skip files and dirs before vulnerability detection

* fix: display log messages only once per type

* docs(README): add file suffixes

* chore(mod): update go-mvn-version

* feat(log): set go-dep-parser logger

* chore(mod): update fanal

* docs: update README

* docs(README): add java source

* test(maven): fix invalid case
 2021-02-14 18:19:42 +02:00
Teppei Fukuda
b6d5b82c48 fix: version comparison (#740) 
* feat: add comparer

* refactor: rename lang with ecosystem

* feat(bundler): add comparer

* feat(node): add comparer

* feat(bundler): integrate comparer

* feat(cargo): integrate comparer

* feat(composer): add comparer

* feat(ghsa): integrate comparer

* feat(node): integrate comparer

* feat(python): integrate comparer

* test(bundler): add tests

* test(cargo): add tests

* test(composer): add tests

* test(ghsa): add tests

* test(node): add tests

* test(python): add tests

* refactor(utils): remove unnecessary functions

* test(utils): add tests

* test: rename bucket prefixes

* fix(detect): use string

* chore: update dependencies

* docs: add comments

* fix(cargo): handle unpatched vulnerability

* test(db): update trivy-db for integration tests

* test(integration): update a golden file

* test(cargo): Add a case for missing patched version

Signed-off-by: Simarpreet Singh <simar@linux.com>

* refactor(advisory): update comments

* refactor(node/advisory): change the receiver

* chore(mod): update dependencies

* refactor(comparer): unexport MatchVersion

* refactor: fix maligned structs

* test(node): add empty value

* refactor

* refactor: sort imports

* chore(mod): update trivy-db

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-11-17 11:38:58 +02:00
rahul2393
793a1aa3c8 Add linter check support (#679) 
* add linter supports

* add only minor version

* use latest version

* Fix println with format issue

* Fix test

* Fix tests

* For slice with unknown length, preallocating the array

* fix code-coverage

* Removed linter rules

* Reverting linter fixes, adding TODO for later

* Ignore linter error for import

* Remove another err var.

* Ignore shadow error

* Fixes

* Fix issue

* Add back goimports local-prefixes

* Update local prefixes

* Removed extra spaces and merge the imports

* more refactoring

* Update photon.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-10-20 15:20:04 +03:00
rahul2393
6eebed33b2 improve ruby comparison version check. (#552) 
* Implemented ruby comparison version check.

* Added semver package to validate and check version

* Added more tests

* Replaced go-version with semver

* Removing go-version from dependency

* Added check for ruby gem version format

* Updated semver model and patch rewrite process

* Refactoring
 2020-07-19 18:03:56 +03:00
Masahiro331
03ad8a3cd0 Add GHSA support (#467) 
* Change library advisory use github security advisory

* Add java scanner

* Add multi vulnsrc support

* Fix null pointer exception

* Add ghsa mock test

* Delete nuget & java

* Update README

* Fix bug

* refactor: add ghsa

* refactor: Add multi scanner in driver.go

* fix go.mod

* Add scanner.go

* Add parse lockfile

* unexport Driver & delete parse lockfile

* Fix scanner struct

* refactor: scanner -> advisory

* Add Driver

* delete Driver interface

* Add new drivers

* delete types.go

* Fix review

* Merge driver.go ← advisory.go

* Change NewDriver interface

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-05-30 09:34:00 +03:00
Teppei Fukuda
329f245283 fix: replace containers/image with google/go-containerregistry (#456) 
* chore(mod): update dependencies

* fix(internal): remove cleanup

* fix: use only diff_id

* fix: use string instead of digest

* fix: replace LayerID with Layer

* test(integration): negotiate API version

* feat(conf): add TRIVY_NONSSL

* test(integration): update golden files

* test(integration): fix the error message

* chore(debian): add comments

* chore(mod): update dependencies
 2020-04-14 13:31:13 +03:00
Teppei Fukuda
aca31dffb3 detector: Add LayerID to detect vulns (#419) 
* detector/alpine: Add LayerID to detect vulns

Signed-off-by: Simarpreet Singh <simar@linux.com>

* amazon: Add LayerID to DetectedVulns

Signed-off-by: Simarpreet Singh <simar@linux.com>

* debian: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* oracle: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* photon: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* redhat: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* suse: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* ubuntu: Add LayerID to DetectVulns + tests

Signed-off-by: Simarpreet Singh <simar@linux.com>

* integration: Fix integration tests to include LayerID

Signed-off-by: Simarpreet Singh <simar@linux.com>

* fix(rpc): add layer_id

* fix(rpc): insert layer_id to the struct

* fix(extractor): add cleanup function

* fix(library): add layer ID to detected vulnerabilities

* test: update mocks

* chore(mod): point to the feature branch of fanal

* mod: Point to fanal/master

Signed-off-by: Simarpreet Singh <simar@linux.com>

* scan_test: Include LayerID as part of the assertion

Signed-off-by: Simarpreet Singh <simar@linux.com>

* docker_engine_test.go: Update an error message to conform with fanal/master.

Signed-off-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-03-04 19:55:16 +02:00
Teppei Fukuda
42043a0888 fix(client): add image name and build time (#402) 
* WIP: Add imageName and BuildTime for Remote detector

Signed-off-by: Simarpreet Singh <simar@linux.com>

* wip

Signed-off-by: Simarpreet Singh <simar@linux.com>

* change name from build_time to created

* remove an unused function

* fix(library): add image_name and created_at

* fix(ospkg): add image_name and created_at

* fix(scan): add image_name and created_at

* fix(library): remove unused param

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-02-16 10:35:53 +02:00
Teppei Fukuda
74717b888e feat: support client/server mode (#295) 
* chore(app): change dir

* feat(rpc): add a proto file and auto-generated files

* chore(dep): add dependencies

* fix(app): fix import path

* fix(integration): fix import path

* fix(protoc): use enum for severity

* chore(Makefile): add fmt andd protoc

* chore(clang): add .clang-format

* refactor: split functions for client/server (#296)

* refactor(db): split db.Download

* refactor(standalone): create a different package

* refactor(vulnerability): split FillAndFilter

* fix(protoc): use enum for severity

* chore(Makefile): add fmt andd protoc

* chore(clang): add .clang-format

* fix(db): remove an unused variable

* fix(db): expose the github client as an argument of constructor

* refactor(vulnerability): add the detail message

* feat(rpc): add rpc client (#302)

* fix(protoc): use enum for severity

* chore(Makefile): add fmt andd protoc

* chore(clang): add .clang-format

* feat(rpc): convert types

* feat(rpc): add rpc client

* token: Refactor to handle bad headers being set

Signed-off-by: Simarpreet Singh <simar@linux.com>

* feat(rpc): add rpc server (#303)

* feat(rpc): add rpc server

* feat(utils): add CopyFile

* feat(server/config): add config struct

* feat(detector): add detector

* feat(scanner): delegate procedures to detector

* fix(scanner): fix the interface

* test(mock): add mocks

* test(rpc/server): add tests

* test(rpc/ospkg/server): add tests

* tets(os/detector): add tests

* refactor(library): move directories

* chore(dependency): add google/wire

* refactor(library): introduce google/wire

* refactor(ospkg/detector): move directory

* feat(rpc): add eosl

* refactor(ospkg): introduce google/wire

* refactor(wire): bind an interface

* refactor(client): use wire.Struct

* chore(Makefile): fix wire

* test(server): add AssertExpectations

* test(server): add AssertExpectations

* refactor(server): remove debug log

* refactor(error): add more context messages

* test(server): fix error message

* refactor(test): create a constructor of mock

* refactor(config): remove an unused variable

* test(config): add an assertion to test the config struct

* feat(client/server): add sub commands (#304)

* feat(rpc): add rpc server

* feat(utils): add CopyFile

* feat(server/config): add config struct

* feat(detector): add detector

* feat(scanner): delegate procedures to detector

* fix(scanner): fix the interface

* feat(client/server): add sub commands

* merge(server3)

* test(scan): remove an unused mock

* refactor(client): generate the constructor by wire

* fix(cli): change the default port

* fix(server): use auto-generated constructor

* feat(ospkg): return eosl

* test(integration): add integration tests for client/server (#306)

* fix(server): remove unnecessary options

* test(integration): add integration tests for client/server

* fix(server): wrap an error

* fix(server): change the update interval

* fix(server): display the error detail

* test(config): add an assertion to test the config struct

* fix(client): returns an error when failing to initizlie a logger

* test(ospkg/server): add eosl

* Squashed commit of the following:

* test(server): refactor and add tests (#307)

* test(github): create a mock

* test(db): create a mock

* test(server): add tests for DB hot update

* chore(db): add a log message

* refactor(db): introduce google/wire

* refactor(rpc): move directory

* refactor(injector): fix import name

* refactor(import): remove new lines

* fix(server): display the error detail

* fix(server): change the update interval

* fix(server): wrap an error

* test(integration): add integration tests for client/server

* fix(server): remove unnecessary options

* refactor(server): return an error when failing to initialize a logger

* refactor(server): remove unused error

* fix(client/server): fix default port

* chore(README): add client/server

* chore(README): update
 2019-12-13 15:00:11 +02:00