gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,871 Commits 29 Branches 177 Tags
main
Commit Graph

194 Commits

Author SHA1 Message Date
Teppei Fukuda
0954f6b1bb Update README.md (#810) 2021-01-19 06:06:12 +02:00
Oran Moshai
f6afdf0145 Fix readme typo in policy flag (#805) 
Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
 2021-01-11 16:32:33 +02:00
Robert Jacob
e2c483f856 Remove global flags from filesystem command (#772) 
* Remove global flags from subcommands

If the global flags are added to the subcommand as well as being used
globally, their value will be overwritten when the arguments for the
subcommand are parsed. This leads to the value passed to the flag at the
global position being lost.

* Update readme
 2021-01-05 12:49:39 +02:00
justfortee
e517bcc2b2 Update README.md (#735) 
Grammatical error.
 2021-01-03 12:23:42 +02:00
Johannes
08ca1b00b7 Feat: NuGet Scanner (#686) 
* Initial nuget advisory detector code.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Added nuget package to scan.go

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Removed nuget advisory file and instead added csharp/nuget as a driver in driver.go.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Removed nuget package from driver. Added ghasnuget as a source in vulnerability.go

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* Updated nuget driver to use correct name and to initialize with the new generic scanner.

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>

* refactor: cut out to a separate method

* chore(mod): update trivy-db

* fix(driver): add a general driver

* test(ghsa): add nuget

* chore: update README

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-12-21 10:17:15 +02:00
Teppei Fukuda
7b86f81e29 feat(cache): support Redis (#770) 
* feat(config): add --cache-backend

* feat(operation): embed cache.Cache into operation.Cache

* feat(cache): support redis://

* test(integration): add redis test

* chore(README): add --cache-backend

* chore(mod): update

* chore: add disclaimer
 2020-12-21 08:26:19 +02:00
Teppei Fukuda
b606b621e5 chore: migrate from master to main (#778) 2020-12-17 17:27:36 +02:00
Teppei Fukuda
a19a023f1f chore(README): remove experimental (#775) 2020-12-16 06:06:17 +02:00
Jack Kelly
bcc285095d chore(docs): add nix install (#762) 2020-12-04 14:45:31 -08:00
Teppei Fukuda
9bdbeaba66 feat: remove rpm dependency (#753) 
* chore(docker): remove rpm

* chore(README): remove rpm

* fix(scanner): replace rpmcmd with rpm

* chore(goreleaser): remove rpm

* chore(mod): update fanal

* chore(mod): update fanal
 2020-12-02 07:24:43 +02:00
Teppei Fukuda
1bee83ccc4 chore(README): add TRIVY_INSECURE (#760) 
* chore(README): add TRIVY_INSECURE

* chore(README): replace server with registry
 2020-11-30 16:43:33 +02:00
Gianni Carafa
9dfb0fe3a9 updated Readme.md (#737) 
removed unused env var TRIVY_AUTH_URL
 2020-11-12 21:16:42 -08:00
Sinith
c189aa6a0a Update README.md (#731) 2020-10-29 12:24:21 -07:00
Teppei Fukuda
906ab5483e Add GitHub Container Registry to README (#712) 2020-10-25 13:17:16 +02:00
Karan Thanvi
de30c3f8d6 update readme for parallel run issue (#660) 
* update readme for parallel run

* move to Q&A
 2020-10-11 10:24:19 +03:00
Neha Viswanathan
4c3bfb89a4 fix link for Clear images section in README (#659) 2020-10-05 13:59:01 -07:00
Neha Viswanathan
8b21cfe7eb add link to Gitlab CI pipeline in README (#658) 2020-10-05 13:47:49 -07:00
Teppei Fukuda
5e308da81a feat(cli): add --skip-files option (#624) 
* feat(cli): add --skip-files

* test(integration): add --skip-files and --skip-dirs

* chore(docs): update README

* chore(docs): correct a grammar mistake
 2020-09-08 15:04:56 +03:00
Teppei Fukuda
2231e4068d chore(docs): update comparison table (#623) 
* chore(docs): update README

* use
2020-09-02 16:56:30 +03:00
Carol Valencia
89527796f6 fix(Readme) - Results using a template (#622) 
Co-authored-by: Carol Valencia <krol3@users.noreply.github.com>
 2020-09-02 12:40:05 +03:00
Chris Aumann
165d593fdb Improve Gitlab CI installation step in README (#621) 
This improves the installation step in `.gitlab-ci.yml`. 

- Removes unnecessary installation and use of `curl` (replaces it with `wget`)
- Removes storing the intermediate file by using a pipe to `tar`
 2020-09-02 12:39:05 +03:00
Teppei Fukuda
80d5df0ceb chore(docs): add AWS Security Hub (#598) 
* chore(docs): add AWS Security Hub

* Update docs/integration/security-hub.md

Co-authored-by: Simarpreet Singh <simar@linux.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-08-19 13:19:24 +03:00
Teppei Fukuda
96af6dc499 feat: add --skip-directories option (#595) 
* feat: add --skip-directories option

* chore(README): update

* refactor: rename skip-directories to skip-dirs

* Update internal/app.go

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>

* refactor: add some context in the warning message

* chore(README): update

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-08-12 14:03:12 +03:00
rahul2393
675e1b4118 Added test and support of ASFF template (#594) 
* Added test and support of ASFF template

* Improve test coverage

* Fixed/Improved tests

* Removed extra space

* Added NVD score/vectors, Added logic to trim description due to file size restriction

* Included quotations around AccountID
 2020-08-12 13:25:58 +03:00
Sebastian Gumprich
9a25f4fbe4 Fix comparison table to use words instead of symbols (#587) 
fixes #301
 2020-08-05 10:38:45 +03:00
rahul2393
add65f2f0c Revert Dockerfile changes (#581) 2020-07-30 22:04:31 +03:00
rahul2393
20f2bae49b Fix non-root directory permission denied error (#578) 
* Fix non-root directory permission denied error

* Updated Readme

* Fixed Readme

* Updated readme to use latest tag for QA error

* updated Dockerfile

* Moved error to others section
 2020-07-30 12:57:44 +03:00
Simarpreet Singh
8eb9df8447 .circleci: Add code coverage (#572) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-29 15:09:27 -07:00
rahul2393
88aaffa957 Added support of list-all-packages (#574) 
* Added support of list-all-packages

* updated Readme

* Added library packages and fixed import name

* updated env var name

* Sorting packages in scan
 2020-07-29 22:11:38 +03:00
Teppei Fukuda
4a34f72f22 Update README.md (#575) 2020-07-29 10:31:49 +03:00
Teppei Fukuda
9c6f077818 feat(report): support OPA to filter vulnerabilities (#562) 
* feat(cli): add --filter option

* feat(opa): support OPA

* test(opa): add a test case with OPA

* test: update a mock

* chore(mod): update dependencies

* chore(filter): add example Rego files

* chore(README): update

* chore(rego): apply opa fmt

* refactor: replace filter with policy

* chore(policy): update rego files

* fix(vulnerability): evaluate each vulnerability

* chore(README): update

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* chore(README): update a TOC link

* fix: replace allow with ignore

* chore(README): update

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2020-07-22 21:10:44 +03:00
rahul2393
43085a80bc Added sarif template (#558) 
* Added sarif template

* Updated readme

* fixed tests

* Added integration tests and fixed all sarif validations issues

* Added tests for endWithPeriod

* Fixed tests, and added sarif golden file

* removed optional newline sequence
 2020-07-17 11:08:50 -07:00
Liz Rice
4b57c0d4e6 docs: fix markdown (#553) 
Correct markdown for MicroScanner link
 2020-07-07 16:27:51 +03:00
rahul2393
ec770cd819 Added JUNIT support (#541) 
* added template for junit

* updated readme and junit format

* Added severity in testcase name instead of separate failure block
 2020-06-25 17:23:04 +03:00
Teppei Fukuda
b7ec633fb2 chore(docs): mention air-gapped environment (#544) 
* chore(docs): mention air-gapped environment

* Update docs/air-gap.md

Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-06-24 17:15:17 +03:00
Teppei Fukuda
7aabff1236 chore(README): add programming languages (#543) 2020-06-23 20:52:43 +03:00
Liz Rice
11ae6b29d5 docs: add more CI options to README (#535) 
Add GitHub Actions and AWS CodePipeline to CI section of Readme
Correct a broken link to "Data sources"
 2020-06-21 11:26:22 +03:00
Teppei Fukuda
65cbe3cac3 fix(alpine): support 3.12 (#517) 2020-06-08 17:17:38 +03:00
Teppei Fukuda
f94e8dcf04 chore(README): prepare for v0.9.0 (#507) 
* chore(README): prepare for v0.9.0

* chore(README): replace 'artifacts' with 'containers and other artifacts'

* chore: more detail for filesystem scan

Co-authored-by: Liz Rice <liz@lizrice.com>

* chore: more detail for embedding Trivy in the Dockerfile

Co-authored-by: Liz Rice <liz@lizrice.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

* chore(README): add a new line

* chore(README): revert TOC and add blog links

* chore(README): add Microscanner link

Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-06-08 16:20:44 +03:00
Masahiro331
03ad8a3cd0 Add GHSA support (#467) 
* Change library advisory use github security advisory

* Add java scanner

* Add multi vulnsrc support

* Fix null pointer exception

* Add ghsa mock test

* Delete nuget & java

* Update README

* Fix bug

* refactor: add ghsa

* refactor: Add multi scanner in driver.go

* fix go.mod

* Add scanner.go

* Add parse lockfile

* unexport Driver & delete parse lockfile

* Fix scanner struct

* refactor: scanner -> advisory

* Add Driver

* delete Driver interface

* Add new drivers

* delete types.go

* Fix review

* Merge driver.go ← advisory.go

* Change NewDriver interface

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-05-30 09:34:00 +03:00
Simarpreet Singh
78b7529172 Add image subcommand (#493) 
* config_test: Add missing assertions for TestNew

Signed-off-by: Simarpreet Singh <simar@linux.com>

* integration: Add integration tests for image subcommand.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* refactor: bump up urfave/cli to v2.0

* refactor: apply DIY to image flags

* refactor: reorder sub commands

* feat: set hidden to global image options

* test(integration): insert --cache-dir before sub command

* README: update readme to reflect new usage

Signed-off-by: Simarpreet Singh <simar@linux.com>

* chore(README): add image subcommand

* fix(flags): define aliases according to urfave/cli v2.0 style

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-05-25 12:06:15 +03:00
Teppei Fukuda
3e0779a78d chore(doc): update README (#490) 2020-05-12 15:17:06 +03:00
Teppei Fukuda
415b99dab3 feat: support OCI Image Format (#475) 
* chore(wire): specify package names

* fix(extractor): remove types.GetDockerOption

* chore(README): mention OCI support

* chore(mod): update dependencies

* test(integration): fix an error message

* test(integration): revert the error message

* chore(mod): tidy

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-05-03 11:30:49 +03:00
Simarpreet Singh
7629f7f0d6 docs: Update installation docs for pointing to Trivy Releases. (#463) 
Fixes: https://github.com/aquasecurity/trivy/issues/461
Signed-off-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-04-16 11:44:52 +03:00
Alexandre Sieira
e5ff5ec895 Fix CircleCI example in README.md (#451) 
After trying to run trivy using CircleCI based on the sample configuration and failing, I want to suggest the following updates:

* `docker:18.09-git` no longer exists and causes workflow to fail, replaced with `stable-git` instead.
* added  `setup_remote_docker` or else the docker commands fail in the rest of the execution, as per https://circleci.com/docs/2.0/building-docker-images/#overview

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-04-01 10:32:00 +03:00
Andrii Soldatenko
4ee7a1e173 fix circleci example (#431) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-03-16 11:56:06 +02:00
Liz Rice
623eb79080 Remove outdated license section from README 2020-03-13 10:26:05 +00:00
Liz Rice
51b8fd8393 Change license to Apache 2.0, continued 2020-03-13 09:49:19 +00:00
Teppei Fukuda
b83174f32d chore(README): add explanation for self-compiled binaries/packages (#413) 2020-02-20 10:08:15 +02:00
Takuya N
db2136b17c doc: Add Alpine Linux 3.11 to supported OS docs (#407) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
 2020-02-18 12:14:06 +02:00