gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,871 Commits 29 Branches 177 Tags
main
Commit Graph

79 Commits

Author SHA1 Message Date
David Wittman
78da283c1b Update ASFF template to use label for severity (#1047) 
* Update ASFF template to use label for severity

Use of the `Normalized` and `Product` fields is deprecated in the [ASFF spec](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-attributes.html#asff-severity). Instead, we should just provide the severity as a `Label`, which simplifies the logic in this template quite a bit as well.

* fix(asff): use severity var

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-06-10 12:12:53 +03:00
bmagistro
d2afc206b2 feat: add gitlab codequality template (#895) 
* Add gitlab codequality template

* add unit test for gitlab codequality template

* update line endings to msdos (\r\n) from unix

* update gitlab docs for codeclimate template
 2021-05-31 11:20:59 +03:00
rahul2393
eaf2da20a6 Include target value in Sarif template ruleID (#991) 
* Include target value in Sarif template ruleID

* Fix format
 2021-05-13 20:10:34 +03:00
rahul2393
e26e39a7f8 fix(vuln) unique vulnerabilities from different data sources (#984) 
* Fix duplicate Rule in sarif template

* Fix integration tests

* Fixed tests

* Update certs validity upto 2100

* Moved deduplication logic to Filter

* Fix linting issue

* Fix liniting issue

* fix: deduplicate vulnerabilities

* refactor

* fix: add installed versions to uniq keys

* Fix tests

* Fix Unit tests.

* Revert port change

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2021-05-12 13:10:05 +03:00
Yong Yan
60a4e7e5d4 Update SARIF report template (#935) 
* Update SARIF repot template

* Update test data sarif.golden

* Fix golangci-lint issue

* Add test cases

* Address review feedbacks

* Inline value in assert statement

* Fix location Uri format issue
 2021-04-19 13:35:30 -07:00
Paul T
a6b8ec3134 Fix JUnit template for AWS CodeBuild compatibility (#904) 
* #902 ensure the number of tests matches the number of failures

* #902 tidy up the template and ensure test is aligned
 2021-03-29 11:53:09 +03:00
rahul2393
ee29ffaf4f add package name in ruleID (#913) 2021-03-23 17:27:58 -07:00
aprp
a0cd5d70ae remove SARIF helpUri if empty (#841) (#845) 
* remove SARIF helpUri if empty (#841)

* add tests for primary url
 2021-02-19 12:24:11 -08:00
Maximilian Schlosser
cdabe7fc9e Fix compatibility for Jenkins xunit plugin (#820) 
* Compatibility for Jenkins xunit plugin

* fix test
 2021-02-08 11:10:06 +02:00
Damien Carol
412847d6a2 Fix errors in SARIF format (#801) 
* Fix errors in SARIF format

* Fix one golden file for integration tests

* Fix golden file

* Fix golden again :>

* Update sarif.tpl

* Update alpine-310.sarif.golden
 2021-01-08 14:16:35 -08:00
Teppei Fukuda
b606b621e5 chore: migrate from master to main (#778) 2020-12-17 17:27:36 +02:00
irrandon
cb369727cd HTML template (#567) 
* add html template

* test(integration): use JSONEq only for JSON folden files

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-12-02 10:50:45 +02:00
Teppei Fukuda
4d1894327e feat(vulnerability): add primary URLs (#752) 
* refactor(vulnerability): rename a method

* feat(vulnerability): add primary url

* fix(templates): add primary links

* feat(writer): add url

* refactor(convert): remove an unnecessary function

* feat(rpc): add primary_url

* test(integration): update golden files
 2020-11-26 06:06:26 +02:00
Carlos Eduardo
0285a89c7c Add support for ppc64le architecture (#724) 2020-10-26 17:08:14 -07:00
rahul2393
85e0139f32 Fix: fullDescription field in SARIF output is not correctly escaped (#605) 
* Fixed sarif template fullDescription escape

* Added fix to other possible places

* Added test for escaping character
 2020-08-19 10:23:04 -07:00
rahul2393
675e1b4118 Added test and support of ASFF template (#594) 
* Added test and support of ASFF template

* Improve test coverage

* Fixed/Improved tests

* Removed extra space

* Added NVD score/vectors, Added logic to trim description due to file size restriction

* Included quotations around AccountID
 2020-08-12 13:25:58 +03:00
Simarpreet Singh
467ec46cd3 sarif: Remove extra periods from short descriptions (#590) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-04 22:28:11 -07:00
rahul2393
52feff2213 Added template fucntion to escape string before output (#583) 
* Added template fucntion to escape string before output

* Fixed tests
 2020-07-31 10:12:49 -07:00
Simarpreet Singh
4d721e1410 SARIF: Tweak format for GitHub UI (#571) 
* sarif: Tweak format for GitHub UI

Signed-off-by: Simarpreet Singh <simar@linux.com>

* sarif: Make sarif easier to use with a default template

This will help us use Trivy in places like GitHub Actions where
we cannot specify a template as input.

$ trivy image --format=sarif alpine:3.10.1

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Revert "sarif: Make sarif easier to use with a default template"

This reverts commit 5b5d1c8f7d.

* .dockerignore: Add un-needed large directories

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Dockerfile: Add sarif template.

This will let users run and save the output through the docker image

Example:
```
docker run --rm -it -v $(pwd):/tmp aquasec/trivy:latest image -f template --template "@contrib/sarif.tpl" --output="/tmp/sarif.test" alpine:3.10.2
```

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-28 11:22:03 -07:00
Teppei Fukuda
9c6f077818 feat(report): support OPA to filter vulnerabilities (#562) 
* feat(cli): add --filter option

* feat(opa): support OPA

* test(opa): add a test case with OPA

* test: update a mock

* chore(mod): update dependencies

* chore(filter): add example Rego files

* chore(README): update

* chore(rego): apply opa fmt

* refactor: replace filter with policy

* chore(policy): update rego files

* fix(vulnerability): evaluate each vulnerability

* chore(README): update

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* chore(README): update a TOC link

* fix: replace allow with ignore

* chore(README): update

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2020-07-22 21:10:44 +03:00
rahul2393
43085a80bc Added sarif template (#558) 
* Added sarif template

* Updated readme

* fixed tests

* Added integration tests and fixed all sarif validations issues

* Added tests for endWithPeriod

* Fixed tests, and added sarif golden file

* removed optional newline sequence
 2020-07-17 11:08:50 -07:00
rahul2393
ccd9b2d2c5 Added function to escape string in failure message title and descriptions (#551) 
* Added function to escape string in failure message title and descriptions

* updated template to use xml.EscapeText

* Renamed template function
 2020-07-06 12:43:11 +03:00
rahul2393
ec770cd819 Added JUNIT support (#541) 
* added template for junit

* updated readme and junit format

* Added severity in testcase name instead of separate failure block
 2020-06-25 17:23:04 +03:00
Manuel Rüger
34a95c1556 contrib/gitlab.tpl: Add new id field (#468) 
* contrib/gitlab.tpl: Add new id field

https://docs.gitlab.com/ee/user/application_security/container_scanning/#reports-json-format

vulnerabilities[].id	Unique identifier of the vulnerability.
vulnerabilities[].cve	(DEPRECATED - use vulnerabilities[].id instead) A fingerprint string value that represents a concrete occurrence of the vulnerability. It’s used to determine whether two vulnerability occurrences are same or different. May not be 100% accurate. This is NOT a CVE.

Signed-off-by: Manuel Rüger <manuel@rueg.eu>

* Update integration test for Gitlab

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-04-30 20:22:14 +03:00
Takuya N
80bbe47774 fix(gitlab): fix json generation on loop (#409) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-02-18 14:32:56 +02:00
Takuya N
9707c7bcb1 Initial GitLab CI template to deeply integrated with GitLab Container Scanning (#376) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
 2020-01-26 16:08:44 +02:00
Takuya N
f7db00c1eb Modify template for GitLab Container Scanning (#387) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
 2020-01-26 10:04:27 +02:00
Teppei Fukuda
5a8749cd5b chore: add install script (#370) 
* chore: add install script

* installer: change perms to include +x

Signed-off-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-01-19 09:13:36 +02:00
Manuel Rüger
63a8c6d26b Integrate with Gitlab Container Scanning (#367) 
This PR integrates trivy with Gitlab Container Scanning and provides a
similar report. It adds the required template to the release tarball for easy
consumption.

https://docs.gitlab.com/ee/user/application_security/container_scanning/
https://gitlab.com/gitlab-org/gitlab/issues/11947
 2020-01-14 11:46:14 +02:00