gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 07:40:48 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,871 Commits 29 Branches 177 Tags
main
Commit Graph

3871 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teppei Fukuda
84a7d9a5d6 feat: add ArtifactID field to uniquely identify scan targets (#9663) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-15 07:04:41 +00:00
DmitriyLewen
804ea4aa57 fix(nodejs): use the default ID format to match licenses in pnpm packages. (#9661) 2025-10-14 11:16:01 +00:00
DmitriyLewen
35db88c81c feat(sbom): use SPDX license IDs list to validate SPDX IDs (#9569) 2025-10-14 06:58:55 +00:00
DmitriyLewen
b885d3a369 fix: use context for analyzers (#9538) 2025-10-14 05:13:48 +00:00
dependabot[bot]
84518dbb7f chore(deps): bump the docker group with 3 updates (#9545) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-14 05:12:43 +00:00
dependabot[bot]
fd92773ed8 chore(deps): bump the aws group with 6 updates (#9547) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-14 05:11:40 +00:00
Aqua Security automated builds
ce8d47e927 ci(helm): bump Trivy version to 0.67.2 for Trivy Helm Chart 0.19.1 (#9641) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-10-13 13:00:38 +00:00
afdesk
4e1e6fca3a test(helm): bump up Yamale dependency for Helm chart-testing-action (#9653) 2025-10-13 12:20:38 +00:00
Raghu
e18b038ee2 fix: Trim the end-of-range suffix (#9618) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-10-13 06:15:37 +00:00
afdesk
492797b1c7 test(k8s): use a specific bundle for k8s misconfig scan (#9633) 2025-10-10 10:49:25 +00:00
DmitriyLewen
6e53686526 fix: Use fetch-level: 1 to check out trivy-repo in the release workflow (#9636) 2025-10-10 10:27:12 +00:00
Owen Rumney
2f695b9bd4 refactor: move the aws config (#9617) 2025-10-09 08:10:32 +00:00
DmitriyLewen
09162e52ec fix(license): don't normalize unlicensed licenses into unlicense (#9611) 2025-10-09 07:51:59 +00:00
Ori
66479f050d fix: using SrcVersion instead of Version for echo detector (#9552) 2025-10-09 07:12:43 +00:00
Teppei Fukuda
cff91acdef feat(fs): change artifact type to repository when git info is detected (#9613) 2025-10-08 14:08:53 +00:00
DmitriyLewen
6def66e002 fix: add buildInfo for BlobInfo in rpc package (#9608) 2025-10-08 09:47:12 +00:00
DmitriyLewen
7422cc7168 fix(vex): don't use reused BOM (#9604) 2025-10-08 09:45:43 +00:00
Teppei Fukuda
b9e3e0b5f9 ci: use pull_request_target for apidiff workflow to support fork PRs (#9605) 2025-10-07 12:38:49 +00:00
Teppei Fukuda
aeeb2a1f84 fix: restore compatibility for google.protobuf.Value (#9559) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-07 12:19:15 +00:00
Teppei Fukuda
d7aa84f015 ci: add API diff workflow (#9600) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-10-07 09:51:29 +00:00
Mikel Olasagasti Uranga
05375d17f7 chore(deps): update to module-compatible docker-credential-gcr/v2 (#9591) 
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
 2025-10-07 06:53:27 +00:00
Nikita Pivkin
36712514ce docs: improve documentation for scanning raw IaC configurations (#9571) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-07 04:52:26 +00:00
Nikita Pivkin
c638fc646c feat: allow ignoring findings by type in Rego (#9578) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-06 18:17:23 +00:00
Nikita Pivkin
4bef183489 docs: bump pygments from 2.18.0 to 2.19.2 (#9596) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-06 18:15:49 +00:00
Nikita Pivkin
19615a8462 refactor(misconf): add ID to scan.Rule (#9573) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-10-06 08:33:06 +00:00
DmitriyLewen
e286c5e207 fix(java): update order for resolving package fields from multiple demManagement (#9575) 2025-10-06 07:46:19 +00:00
dependabot[bot]
3962ea461a chore(deps): bump the github-actions group across 1 directory with 9 updates (#9563) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 05:44:45 +00:00
dependabot[bot]
36ab331c7f chore(deps): bump the common group across 1 directory with 7 updates (#9590) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 04:57:00 +00:00
Mikel Olasagasti Uranga
9058d51cb9 chore(deps): Switch to go-viper/mapstructure (#9579) 
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
 2025-10-06 03:25:21 +00:00
Owen Rumney
719ea29d31 chore: add context to the cache interface (#9565) 2025-10-03 09:37:05 +00:00
Aqua Security automated builds
3dd0ebbb56 ci(helm): bump Trivy version to 0.67.0 for Trivy Helm Chart 0.19.0 (#9554) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-09-30 13:41:16 +00:00
Teppei Fukuda
f0fd432a7a fix: validate backport branch name (#9548) 2025-09-30 07:26:35 +00:00
Aqua Security automated builds
adeb362424 release: v0.67.0 [main] (#9432) v0.67.0 2025-09-30 07:19:04 +00:00
DmitriyLewen
78f0d4ae03 fix(vex): don't suppress vulns for packages with infinity loop (#9465) 2025-09-30 06:41:10 +00:00
DmitriyLewen
fa6f1bfecf fix(aws): use BuildableClient insead of xhttp.Client (#9436) 2025-09-30 05:54:12 +00:00
Nikita Pivkin
e7c16a756c refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (#9282) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-30 03:33:52 +00:00
Nikita Pivkin
c446a5c1c7 docs: clarify inline ignore limitations for resource-less checks (#9537) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-30 01:56:24 +00:00
afdesk
c0c7a6bf1b fix(k8s): disable parallel traversal with fs cache for k8s images (#9534) 2025-09-30 01:44:51 +00:00
Nikita Pivkin
bfd2f6ba69 fix(misconf): handle tofu files in module detection (#9486) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-29 14:41:59 +00:00
DmitriyLewen
e4af279b29 feat(seal): add seal support (#9370) 2025-09-29 08:44:40 +00:00
Nikita Pivkin
e149094f9b docs: fix modules path and update code example (#9539) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-26 15:13:33 +00:00
Teppei Fukuda
a4cbd6a138 fix: close file descriptors and pipes on error paths (#9536) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
 2025-09-26 12:31:59 +00:00
Teppei Fukuda
eba48afd58 feat: add documentation URL for database lock errors (#9531) 2025-09-26 08:25:44 +00:00
tom1299
92ebc7e4d7 fix(db): Dowload database when missing but metadata still exists (#9393) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-26 07:35:03 +00:00
Nikita Pivkin
42b3bf37bb feat(cloudformation): support default values and list results in Fn::FindInMap (#9515) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-25 09:24:16 +00:00
Nikita Pivkin
8e40d27a43 fix(misconf): unmark cty values before access (#9495) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-24 20:21:07 +00:00
Teppei Fukuda
7b663d86ca feat(cli): change --list-all-pkgs default to true (#9510) 2025-09-24 10:06:39 +00:00
DmitriyLewen
404abb3d91 fix(nodejs): parse workspaces as objects for package-lock.json files (#9518) 2025-09-24 08:04:23 +00:00
Nikita Pivkin
352855ef64 refactor(fs): use underlyingPath to determine virtual files more reliably (#9302) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-23 14:36:35 +00:00
Teppei Fukuda
d57b1606c9 refactor: remove google/wire dependency and implement manual DI (#9509) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-09-23 13:02:11 +00:00