trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00

Author	SHA1	Message	Date
Teppei Fukuda	cbad9ca3a8	feat(report): add fingerprint generation for vulnerabilities (#9794 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2025-11-17 07:23:43 +00:00
Teppei Fukuda	d020f2690e	feat(report): add image reference to report metadata (#9729 )	2025-10-31 07:26:39 +00:00
Teppei Fukuda	758f271040	feat: include registry and repository in artifact ID calculation (#9689 ) Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>	2025-10-28 09:44:32 +00:00
Nikita Pivkin	a2822280be	refactor(misconf): mark AVDID fields as deprecated and use ID internally (#9576 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-10-23 10:46:35 +00:00
Teppei Fukuda	fc976bea48	feat: add ReportID field to scan reports (#9670 ) Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>	2025-10-17 10:31:22 +00:00
Teppei Fukuda	84a7d9a5d6	feat: add ArtifactID field to uniquely identify scan targets (#9663 ) Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>	2025-10-15 07:04:41 +00:00
Nikita Pivkin	c638fc646c	feat: allow ignoring findings by type in Rego (#9578 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-10-06 18:17:23 +00:00
Teppei Fukuda	f4b2cf10e9	feat(repo): add git repository metadata to reports (#9252 ) Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2025-07-29 11:49:58 +00:00
Teppei Fukuda	d2d0ec2b6d	chore: add modernize tool integration for code modernization (#9251 ) Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>	2025-07-29 07:13:54 +00:00
DmitriyLewen	14d2b83d4b	chore: fix errors and typos in docs (#8963 )	2025-06-03 05:36:44 +00:00
DmitriyLewen	35e88890c3	fix(cli): don't use allow values for `--compliance` flag (#8881 )	2025-05-16 10:15:32 +00:00
DmitriyLewen	a95cab0eab	feat(image): save layers metadata into report (#8394 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2025-04-23 16:31:43 +00:00
Teppei Fukuda	529957eac1	feat: replace TinyGo with standard Go for WebAssembly modules (#8496 )	2025-03-07 10:10:15 +00:00
Teppei Fukuda	dd54f80d3f	feat: add report summary table (#8177 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2025-03-04 09:26:06 +00:00
DmitriyLewen	d464807321	feat: add `--vuln-severity-source` flag (#8269 )	2025-03-03 10:59:30 +00:00
Nikita Pivkin	509e03030c	feat(image): prevent scanning oversized container images (#8178 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2025-01-27 06:38:52 +00:00
Teppei Fukuda	da17dc7278	feat: add `--distro` flag to manually specify OS distribution for vulnerability scanning (#8070 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-12-09 11:46:49 +00:00
simar7	c70b6fa166	refactor(misconf): Deprecate `EXCEPTIONS` for misconfiguration scanning (#7776 ) Signed-off-by: Simar <simar@linux.com>	2024-10-29 22:29:42 +00:00
DmitriyLewen	7ff9aff273	fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (#7463 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-09-11 06:16:51 +00:00
afdesk	4926da79de	fix(license): stop spliting a long license text (#7336 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-09-05 10:20:29 +00:00
Teppei Fukuda	7aea79dd93	feat(report): export modified findings in JSON (#7383 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-08-29 10:35:04 +00:00
Teppei Fukuda	fd8348d610	feat(vuln): Add `--detection-priority` flag for accuracy tuning (#7288 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-08-02 10:41:56 +00:00
Teppei Fukuda	5c37361600	feat(vuln): add `--pkg-relationships` (#7237 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-07-29 06:18:59 +00:00
DmitriyLewen	7cbdb0a0b5	feat(cli): rename `--vuln-type` flag to `--pkg-types` flag (#7104 )	2024-07-09 08:06:29 +00:00
chenk	8d618e48a2	feat(k8s)!: node-collector dynamic commands support (#6861 ) Signed-off-by: chenk <hen.keinan@gmail.com>	2024-06-26 07:04:50 +00:00
Teppei Fukuda	983ac15f22	ci: add depguard (#6963 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 02:48:08 +00:00
Teppei Fukuda	56dbe1f676	fix: include packages unless it is not needed (#6765 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-28 07:22:45 +00:00
Nikita Pivkin	ebb123f37f	chore: replace interface{} with any (#6751 )	2024-05-27 02:53:19 +00:00
Teppei Fukuda	6a72dd47ae	refactor: move artifact types under artifact package to avoid import cycles (#6652 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-09 16:18:37 +00:00
Teppei Fukuda	f0961d54f6	feat: respect custom exit code from plugin (#6584 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-02 05:07:49 +00:00
Teppei Fukuda	8fcef352b3	refactor(sbom): add intermediate representation for BOM (#6240 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-03-12 06:56:10 +00:00
Teppei Fukuda	3c1601b6cb	feat(vuln): show suppressed vulnerabilities in table (#6084 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-02-13 12:35:06 +00:00
Teppei Fukuda	1607eee77c	refactor: move PkgRef under PkgIdentifier (#5831 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-12-29 06:52:36 +00:00
Juan Ariza Toledano	1f0d6290c3	feat(vuln): include pkg identifier on detected vulnerabilities (#5439 ) Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-12-27 07:54:56 +00:00
DmitriyLewen	9b4bcedf0e	refactor(vuln): don't remove VendorSeverity in JSON report (#5761 )	2023-12-12 12:33:41 +00:00
Teppei Fukuda	ae4bcf6a06	fix(report): use time.Time for CreatedAt (#5598 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-11-16 05:42:30 +00:00
Y.Horie	f4dd062f58	feat(report): Add CreatedAt to the JSON report. (#5542 ) (#5549 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-11-15 04:11:09 +00:00
Teppei Fukuda	a96ec35572	feat: add aliases to '--scanners' (#5558 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-11-15 00:53:22 +00:00
DmitriyLewen	a1b47441a5	refactor(misconf): don't remove Highlighted in json format (#5531 )	2023-11-07 23:40:42 +00:00
Teppei Fukuda	f2a12f5f90	refactor: define a new struct for scan targets (#5397 )	2023-10-20 01:43:15 +00:00
Teppei Fukuda	cbbd1ce1f0	feat(k8s): add support for vulnerability detection (#5268 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Signed-off-by: chenk <hen.keinan@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: chenk <hen.keinan@gmail.com>	2023-10-14 12:32:55 +00:00
Teppei Fukuda	44656f2853	refactor: use defined types (#5225 ) * refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-09-22 10:44:39 +00:00
Teppei Fukuda	232ba823e1	feat(vuln): support vulnerability status (#4867 ) * feat: support vulnerability status * feat: show status in table * don't add `fixed` status in debian/redhat * update test golden files * add Status in rpc * update docs * update ignore-status example * add ignore-status in integration test * docs: add the explanation for statuses --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-07-26 11:55:03 +00:00
Teppei Fukuda	20c2246a61	fix(report): close the file (#4842 ) * fix(report): close the file * refactor: add the format type * fix: return errors in version printing * fix: lint issues * fix: do not fail on bogus cache dir --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-07-23 13:37:18 +00:00
DmitriyLewen	22463ababd	feat(cli): add include-dev-deps flag (#4700 ) * add Dev field for Package * fix integration test * update docs * feat(cli): add include-dev flag * bump go-dep-parser * update docs * add integration test * refactor * refactor * fix integration test * refactor: rename flag to include-dev-deps * update docs * update docs * filter dev deps when scanning packages * add flag support for server mode * refactor: remove comment that might confuse * refactor: move --include-dev-deps to the scanner flag group * refactor: not return apps * docs: update --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-06-29 13:15:52 +00:00
Teppei Fukuda	55fb723a6e	feat(image): enforce image platform (#4083 )	2023-05-08 21:04:22 +03:00
Teppei Fukuda	11a5b91a1a	feat(sbom): add VEX support (#4053 )	2023-04-27 10:21:06 +03:00
Idan Frimark	48e021ea6b	feat(spdx): add support for SPDX 2.3 (#4058 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-04-23 23:36:04 +03:00
Teppei Fukuda	ca0d972cdb	feat(image): add registry options (#3906 )	2023-03-28 07:00:04 +03:00
Teppei Fukuda	63ef760c69	feat(image): discover SBOM in OCI referrers (#3768 ) Co-authored-by: saso <sasoakira6114@gmail.com>	2023-03-26 08:27:10 +03:00

1 2 3

124 Commits