gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-05 20:40:16 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,816 Commits 31 Branches 177 Tags
be419c78a7bfc4e131337a1c051c3668e0de9650
Commit Graph

3816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
be419c78a7 chore(deps): bump github.com/containerd/containerd/v2 from 2.1.4 to 2.1.5 (#9763) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-10 15:00:32 +00:00
DmitriyLewen
d87d9b97d1 fix(java): use true as default value for Repository Release|Snapshot Enabled in pom.xml and settings.xml files (#9751) 2025-11-10 13:51:56 +00:00
DmitriyLewen
0487d8efd8 docs: add info that SSL_CERT_FILE works on Unix systems other than macOS only (#9772) 2025-11-10 09:35:24 +00:00
Stefan Fleckenstein
14ecdb5696 docs: change SecObserve URLs in documentatio (#9771) 2025-11-10 06:55:55 +00:00
Teppei Fukuda
d70d994d88 feat(db): enable concurrent access to vulnerability database (#9750) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-11-06 13:32:06 +00:00
yagreut
69f400c183 feat(misconf): add agentpools to azure container schema (#9714) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-05 14:27:18 +00:00
Teppei Fukuda
6fb3fde916 feat(report): switch ReportID from UUIDv4 to UUIDv7 (#9749) 2025-11-05 09:42:14 +00:00
yagreut
cb58bf639e feat(misconf): Update Azure Compute schema (#9675) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-04 19:26:39 +00:00
yagreut
c3bfecf3ef feat(misconf): Update azure storage schema (#9728) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-04 17:52:16 +00:00
yagreut
58819c5285 feat(misconf): Update SecurityCenter schema (#9674) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-04 14:52:44 +00:00
Derek H.J Ray
2690ac9934 feat(image): pass global context to docker/podman image save func (#9733) 2025-11-04 07:49:07 +00:00
dependabot[bot]
c03facfdb5 chore(deps): bump the github-actions group with 4 updates (#9739) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-03 07:06:46 +00:00
Teppei Fukuda
bf43629d32 fix(flag): remove viper.SetDefault to fix IsSet() for config-only flags (#9732) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-11-03 05:29:27 +00:00
Yuta Tokoi
012f3d7535 feat(license): use separate SPDX ids to ignore SPDX expressions (#9087) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-11-01 08:31:59 +00:00
Alex Lutz
18c0ee86f3 feat(dotnet): add dependency graph support for .deps.json files (#9726) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-11-01 05:54:46 +00:00
simar7
445cd2b6b4 feat(misconf): Add support for configurable Rego error limit (#9657) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-31 09:49:52 +00:00
yagreut
3fb8703f8c feat(misconf): Add RoleAssignments attribute (#9396) 2025-10-31 09:37:16 +00:00
Teppei Fukuda
d020f2690e feat(report): add image reference to report metadata (#9729) 2025-10-31 07:26:39 +00:00
Y.Horie
29f0347965 fix(os): Add photon 5.0 in supported OS (#9724) 2025-10-30 07:41:54 +00:00
DmitriyLewen
212f0781c5 fix(license): handle SPDX WITH exceptions as single license in category detection (#9380) 2025-10-29 12:26:07 +00:00
Teppei Fukuda
89fc7b65a5 refactor: add case-insensitive string set implementation (#9720) 2025-10-29 09:25:35 +00:00
Teppei Fukuda
758f271040 feat: include registry and repository in artifact ID calculation (#9689) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-28 09:44:32 +00:00
DmitriyLewen
eff52eb2e6 feat(java): add support remote repositories from settings.xml files (#9708) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-10-28 08:35:19 +00:00
DmitriyLewen
fb0593bee6 fix(sbom): don’t panic on SBOM format if scanned CycloneDX file has empty metadata (#9562) 2025-10-28 06:22:24 +00:00
Teppei Fukuda
39051b7ed8 docs: update vulnerability reporting guidelines in SECURITY.md (#9395) 2025-10-28 05:57:45 +00:00
DmitriyLewen
3cf4bfda3b docs: add info about java-db subdir (#9706) 2025-10-27 06:33:59 +00:00
Nikita Pivkin
d20216edf6 fix(report): correct field order in SARIF license results (#9712) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-27 05:23:45 +00:00
Teppei Fukuda
a6010c3eda test: improve golden file management in integration tests (#9699) 2025-10-24 07:49:29 +00:00
DmitriyLewen
e0c04168b9 ci: get base_sha using base.ref (#9704) 2025-10-23 11:47:19 +00:00
Nikita Pivkin
a2822280be refactor(misconf): mark AVDID fields as deprecated and use ID internally (#9576) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-23 10:46:35 +00:00
Derek H.J Ray
231492db52 fix(nodejs): fix npmjs parser.pkgNameFromPath() panic issue (#9688) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-10-23 10:06:54 +00:00
Fabrizio Sestito
fa6f779022 fix: close all opened resources if an error occurs (#9665) 
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
 2025-10-23 07:35:18 +00:00
Nikita Pivkin
807bbbdad2 refactor(misconf): type-safe parser results in generic scanner (#9685) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-22 08:19:11 +00:00
Teppei Fukuda
a9a3031675 feat(image): add RepoTags support for Docker archives (#9690) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-22 06:50:13 +00:00
yzc
68ca612db7 chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.54.1 (#9694) 2025-10-22 06:22:20 +00:00
yagreut
43a7546d31 feat(misconf): Update Azure Container Schema (#9673) 2025-10-22 05:36:13 +00:00
Teppei Fukuda
7ca1b8f19e ci: use merge commit for apidiff to avoid false positives (#9622) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-10-22 05:32:42 +00:00
Nikita Pivkin
197c9e1dce feat(misconf): include map key in manifest snippet for diagnostics (#9681) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-21 18:24:11 +00:00
Nikita Pivkin
c32ddfc522 refactor(misconf): add ManifestFromYAML for unified manifest parsing (#9680) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-21 17:18:10 +00:00
Nikita Pivkin
263aee07a3 test: update golden files for TestRepository* integration tests (#9684) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-20 19:12:08 +00:00
Owen Rumney
559fe1fa2c refactor(cli): Update the cloud config command (#9676) 2025-10-20 15:57:08 +00:00
DmitriyLewen
2c43425e05 fix(sbom): add buildInfo info as properties (#9683) 2025-10-20 06:00:39 +00:00
Teppei Fukuda
fc976bea48 feat: add ReportID field to scan reports (#9670) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-17 10:31:22 +00:00
Teppei Fukuda
fcd8dcdd1d docs: add vulnerability database contribution guide (#9667) 2025-10-16 05:11:03 +00:00
Owen Rumney
8e6a7ff670 feat(cli): Add trivy cloud suppport (#9637) 2025-10-15 10:34:39 +00:00
Teppei Fukuda
84a7d9a5d6 feat: add ArtifactID field to uniquely identify scan targets (#9663) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-15 07:04:41 +00:00
DmitriyLewen
804ea4aa57 fix(nodejs): use the default ID format to match licenses in pnpm packages. (#9661) 2025-10-14 11:16:01 +00:00
DmitriyLewen
35db88c81c feat(sbom): use SPDX license IDs list to validate SPDX IDs (#9569) 2025-10-14 06:58:55 +00:00
DmitriyLewen
b885d3a369 fix: use context for analyzers (#9538) 2025-10-14 05:13:48 +00:00
dependabot[bot]
84518dbb7f chore(deps): bump the docker group with 3 updates (#9545) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-14 05:12:43 +00:00