feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800)

Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2025-12-12 15:50:15 -08:00 · 2025-12-05 05:15:16 -05:00
parent 9275e1532b
commit c2f82add3a
17 changed files with 69 additions and 12 deletions
--- a/docs/guide/coverage/language/julia.md
+++ b/docs/guide/coverage/language/julia.md
@@ -7,7 +7,7 @@ The following scanners are supported.

 | Package manager | SBOM | Vulnerability | License |
 |-----------------|:----:|:-------------:|:-------:|
-| Pkg.jl          |  ✓   |       -       |    -    |
+| Pkg.jl          |  ✓   |       ✓       |    -    |

 The following table provides an outline of the features Trivy offers.

--- a/docs/guide/references/configuration/cli/trivy_filesystem.md
+++ b/docs/guide/references/configuration/cli/trivy_filesystem.md
@@ -171,6 +171,7 @@ trivy filesystem [flags] PATH
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/references/configuration/cli/trivy_image.md
+++ b/docs/guide/references/configuration/cli/trivy_image.md
@@ -192,6 +192,7 @@ trivy image [flags] IMAGE_NAME
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/references/configuration/cli/trivy_kubernetes.md
+++ b/docs/guide/references/configuration/cli/trivy_kubernetes.md
@@ -180,6 +180,7 @@ trivy kubernetes [flags] [CONTEXT]
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/references/configuration/cli/trivy_repository.md
+++ b/docs/guide/references/configuration/cli/trivy_repository.md
@@ -170,6 +170,7 @@ trivy repository [flags] (REPO_PATH | REPO_URL)
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/references/configuration/cli/trivy_rootfs.md
+++ b/docs/guide/references/configuration/cli/trivy_rootfs.md
@@ -172,6 +172,7 @@ trivy rootfs [flags] ROOTDIR
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/references/configuration/cli/trivy_sbom.md
+++ b/docs/guide/references/configuration/cli/trivy_sbom.md
@@ -137,6 +137,7 @@ trivy sbom [flags] SBOM_PATH
                                         - chainguard
                                         - bitnami
                                         - govulndb
+                                         - julia
                                         - echo
                                         - minimos
                                         - rootio
--- a/docs/guide/references/configuration/cli/trivy_vm.md
+++ b/docs/guide/references/configuration/cli/trivy_vm.md
@@ -156,6 +156,7 @@ trivy vm [flags] VM_IMAGE
                                            - chainguard
                                            - bitnami
                                            - govulndb
+                                            - julia
                                            - echo
                                            - minimos
                                            - rootio
--- a/docs/guide/scanner/vulnerability.md
+++ b/docs/guide/scanner/vulnerability.md
@@ -137,6 +137,7 @@ See [here](../coverage/language/index.md#supported-languages) for the supported
 | Dart     | [GitHub Advisory Database (Pub)][pub-ghsa]          |       ✅        |     -     |
 | Elixir   | [GitHub Advisory Database (Erlang)][erlang-ghsa]    |       ✅        |     -     |
 | Swift    | [GitHub Advisory Database (Swift)][swift-ghsa]      |       ✅        |     -     |
+| Julia    | [Open Source Vulnerabilities (Julia)][julia-osv]    |       ✅        |     -     |

 [^1]: Intentional delay between vulnerability disclosure and registration in the DB

@@ -426,13 +427,14 @@ Example logic for the following vendor severity levels when scanning an Alpine i

 [python-osv]: https://osv.dev/list?q=&ecosystem=PyPI
 [rust-osv]: https://osv.dev/list?q=&ecosystem=crates.io
+[julia-osv]: https://osv.dev/list?q=&ecosystem=Julia

 [nvd]: https://nvd.nist.gov/vuln

 [k8s-cve]: https://kubernetes.io/docs/reference/issues-security/official-cve-feed/

 [CVE-2023-32681]: https://nvd.nist.gov/vuln/detail/CVE-2023-32681
-[RHSA-2023:4520]: https://access.redhat.com/errata/RHSA-2023:4520 
+[RHSA-2023:4520]: https://access.redhat.com/errata/RHSA-2023:4520
 [ghsa]: https://github.com/advisories
 [requests]: https://pypi.org/project/requests/
 [precision-recall]: https://developers.google.com/machine-learning/crash-course/classification/precision-and-recall