gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 23:26:39 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,824 Commits 29 Branches 178 Tags
b88bccae6e8619c5146a32c4d835d7a6a2be1e7c
Commit Graph

62 Commits

Author SHA1 Message Date
Matthieu Maitre
b88bccae6e feat(python): Include Conda packages in SBOMs (#3379) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-01-10 16:11:17 +02:00
behara
c110c4e028 revert: cache merged layers (#3334) 
This reverts commit 6b4ddaaef2.
 2022-12-28 10:01:01 +02:00
DmitriyLewen
fe3831e0fe feat(ubuntu): added support ubuntu ESM versions (#1893) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-12-27 10:24:28 +02:00
Masahiro331
bbccb4484a feat(sbom): better support for third-party SBOMs (#3262) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-12-15 16:20:21 +02:00
Tamir Kiviti
604a73d325 feat: Export functions for trivy plugin (#3204) 2022-11-22 09:40:09 +02:00
Jose Donizetti
9b0e9794cb feat: add k8s components (#2589) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-10-24 14:51:02 +03:00
chenk
b677d7e2e8 feat: dynamic links support for scan results (#2838) 2022-09-15 10:42:33 +03:00
Teppei Fukuda
6b4ddaaef2 feat: cache merged layers 
igned-off-by: knqyf263 <knqyf263@gmail.com>
 2022-09-06 11:04:00 +03:00
Teppei Fukuda
db67f16ac6 fix: handle empty OS family (#2768) 2022-08-29 08:53:13 +03:00
DmitriyLewen
fcccfced23 fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767) 2022-08-25 10:40:03 +03:00
afdesk
8bc56bf2fc feat(misconf): skipping misconfigurations by AVD ID (#2743) 2022-08-22 11:06:04 +03:00
Teppei Fukuda
aef02aa174 fix(vuln): continue scanning when no vuln found in the first application (#2712) 2022-08-16 08:41:01 +03:00
Teppei Fukuda
ed1fa89117 revert: add new classes for vulnerabilities (#2701) 2022-08-15 21:40:29 +03:00
Teppei Fukuda
f396c677a2 BREAKING: add new classes for vulnerabilities (#2541) 2022-07-31 10:47:08 +03:00
Owen Rumney
a3a66df007 feat: Add support for license scanning (#2418) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2022-07-13 22:36:41 +03:00
chenk
776ef1a31e feat: rbac support k8s sub-command (#2339) 2022-06-23 13:49:14 +03:00
Liam Galvin
094db23a03 refactor: Fix fanal import paths and remove dotfiles 2022-06-20 09:43:33 +01:00
Teppei Fukuda
7cecade3a1 feat: add support for WASM modules (#2195) 2022-06-15 15:23:00 +03:00
AndreyLevchenko
f7d02538f6 refactor(deps): move dependencies to package (#2189) 2022-06-01 16:09:50 +03:00
AndreyLevchenko
4ab696eaa2 feat(report): GitHub Dependency Snapshots support (#1522) 
Co-authored-by: Shira Cohen <97398476+ShiraCohen33@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-05-26 21:34:15 +03:00
Liam Galvin
3679bc358c feat(misconf): Add special output format for misconfigurations (#2100) 2022-05-13 19:59:02 +03:00
Shira Cohen
995024f148 fix(java): handle relative pom modules (#2101) 2022-05-11 16:04:03 +03:00
Liam Galvin
c9f9a346cc fix(misconf): Add missing links for non-rego misconfig results (#2094) 2022-05-10 17:52:34 +03:00
Liam Galvin
5a58e41476 feat(misconf): Added fs.FS based scanning via latest defsec (#2084) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-05-10 15:05:00 +03:00
Teppei Fukuda
5f047f97db feat: add secret scanning (#1901) 
Co-authored-by: VaismanLior <97836016+VaismanLior@users.noreply.github.com>
Co-authored-by: AMF <work@afdesk.com>
 2022-04-22 17:08:18 +03:00
Teppei Fukuda
6fdb554a0d feat(alpine): support apk repositories (#1987) 2022-04-14 09:52:51 +03:00
Teppei Fukuda
88ebc07504 chore: bump up Go to 1.18 (#1862) 2022-03-21 16:38:54 +02:00
Teppei Fukuda
11f4f81123 refactor: move result structs under types (#1696) 2022-02-09 19:31:12 +02:00
Teppei Fukuda
d2827cba06 feat(redhat): support build info in RHEL (#807) 2022-01-28 18:35:00 +02:00
Owen Rumney
7f859afacb Add missing IacMetdata (#1505) 
- Provider and Service added to IacMetadata on misconfiguration
 2021-12-22 17:06:25 +02:00
Owen Rumney
ae4c42b975 feat(iac): Add line information (#1366) 
* feat(iac): Adding resource and Line data

- adding line in file information to the misconfiguration result
- updating tfsec and cfsec versions to provide this additional info

* Add usage of IaC metadata

* update the fanal version
 2021-11-11 08:00:13 +02:00
Teppei Fukuda
f12446d3ba feat(report): add package path (#1274) 2021-10-06 10:28:48 +03:00
Masahiro331
1ebb3296ee Aggregate jar result for table (#1269) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2021-10-04 11:30:12 +03:00
Teppei Fukuda
da905108b4 feat: improve --skip-dirs and --skip-files (#1249) 2021-10-03 13:08:09 +03:00
Ankush K
8edcc62a8d feat(nodejs): support package.json (#1225) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-09-15 14:23:35 +03:00
Ankush K
d8cc8b550b feat(ruby): support gemspec (#1224) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-09-14 23:16:19 +03:00
Ankush K
dbc7a83e8c feat(python): add packaging detector and respective hook (#1223) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-09-13 20:59:11 +03:00
Ankush K
19c0b70d26 feat(license): Added support to new License field of go-dep-parser's library (#1167) 2021-09-09 14:32:50 +03:00
AndreyLevchenko
214fe82c7e feat(report): add end of service life flag to OS metadata (#1142) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-07-27 17:08:57 +03:00
Teppei Fukuda
eae4bafff3 fix(scan): change unknown os from info to debug (#1109) 2021-07-12 12:26:48 +03:00
Teppei Fukuda
9e08bd44fb docs: add misconfiguration (#1101) 
Co-authored-by: Itay Shakury <itay@itaysk.com>
 2021-07-12 03:14:17 +03:00
Teppei Fukuda
e6f7e556e8 feat(config): support --trace (#1106) 2021-07-11 16:07:30 +03:00
Teppei Fukuda
a0e5c3a2e2 feat: support config scanning (#931) 2021-07-09 08:18:53 +03:00
Teppei Fukuda
1b66b77f69 feat: prepare for config scanning (#1005) 
* temp: disable config scanning
 2021-05-20 09:05:36 +03:00
rahul2393
04e7ccabea feat(go): added support of gomod analyzer (#978) 
* Added support of gomod analyzer.

* add imports

* fix gocyclo

* Ran go fmt
 2021-05-11 04:18:13 +03:00
Masahiro331
c88bbbd6cc feat(go): support binary scan (#948) 
* feature(gobinary) support gobinary scan

* chore(mod): update fanal

* update(go.mod) update trivy-db

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-04-29 19:47:50 +03:00
Teppei Fukuda
6d22387727 break(cli): use StringSliceFlag for skip-dirs/files (#916) 
* fix(cli): use StringSliceFlag for skip-dirs/files

* test(scanner): rename

* test(integration): fix
 2021-03-29 10:25:30 +03:00
Teppei Fukuda
965bb6d08a feat(cache): introduce versioned cache (#865) 
* refactor(scan): rename image to artifact

* refactor(scan): trim version suffixes for debug info

* chore(mod): update fanal

* refactor: reduce complexity

* chore(mod): update fanal

* refactor(scan): early return
 2021-02-28 12:18:56 +02:00
Teppei Fukuda
c9f22f4e55 feat(java): support jar/war/ear (#837) 
* refactor(server): remove Detect endpoint

* refactor(library): do not use interface

* refactor: add dbtest package

* test: add bolt fixtures

* feat: support jar scanning

* refactor: rename node to npm

* refactor: fix lint issues

* test(maven): remove some tests

* chore(mod): update fanal

* docs: update README

* chore(mod): update trivy-db

* fix(library/drive): add ecosystem

* fix: do not display 0 vulnerabilities

* refactor(table): split method

* Update README.md (#838)

* fix(app): increase the default value of timeout (#842)

* feat(maven): use go-mvn-version

* test(maven): update tests

* fix(scan): skip files and dirs before vulnerability detection

* fix: display log messages only once per type

* docs(README): add file suffixes

* chore(mod): update go-mvn-version

* feat(log): set go-dep-parser logger

* chore(mod): update fanal

* docs: update README

* docs(README): add java source

* test(maven): fix invalid case
 2021-02-14 18:19:42 +02:00
Johannes
08ca1b00b7 Feat: NuGet Scanner (#686) 
* Initial nuget advisory detector code.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Added nuget package to scan.go

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Removed nuget advisory file and instead added csharp/nuget as a driver in driver.go.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Removed nuget package from driver. Added ghasnuget as a source in vulnerability.go

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Updated nuget driver to use correct name and to initialize with the new generic scanner.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* refactor: cut out to a separate method

* chore(mod): update trivy-db

* fix(driver): add a general driver

* test(ghsa): add nuget

* chore: update README

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-12-21 10:17:15 +02:00