gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 07:40:48 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,871 Commits 29 Branches 177 Tags
main
Commit Graph

3871 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
331cf5d4a4 chore(deps): bump the aws group with 6 updates (#9481) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-23 12:47:01 +00:00
dependabot[bot]
366910bc58 chore(deps): bump the common group across 1 directory with 24 updates (#9507) 
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-23 05:15:47 +00:00
Nikita Pivkin
267a9700fa fix(misconf): wrap legacy ENV values in quotes to preserve spaces (#9497) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-09-22 11:58:47 +00:00
DmitriyLewen
842ebdcb4a docs: move info about detection priority into coverage section (#9469) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-22 11:48:39 +00:00
amitbhardwaj
6d562a3b48 feat(sbom): added support for CoreOS (#9448) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-22 06:46:45 +00:00
Nikita Pivkin
c9388069a4 fix(misconf): strip build metadata suffixes from image history (#9498) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-22 06:46:14 +00:00
Teppei Fukuda
aff03ebab2 feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (#9439) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-20 14:26:53 +00:00
matt-andersen
8b2575bd27 docs: Fix typo in terraform docs (#9492) 2025-09-18 10:59:36 +00:00
Chanho Lee
cb25a07450 feat(redhat): add os-release detection for RHEL-based images (#9458) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-15 10:59:48 +00:00
Teppei Fukuda
8dce58c684 ci(deps): add 3-day cooldown period for Dependabot updates (#9475) 2025-09-15 09:06:44 +00:00
Teppei Fukuda
788f6faffb refactor: migrate from go-json-experiment to encoding/json/v2 (#9422) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-15 08:46:44 +00:00
DmitriyLewen
1ff9ac7948 fix(vuln): compare nuget package names in lower case (#9456) 2025-09-15 07:21:06 +00:00
Owen Rumney
78a70e2cfd chore: Update release flow to include chocolatey (#9460) 2025-09-09 18:11:14 +00:00
Itay Shakury
ea0ff34d38 docs: document eol supportability (#9434) 2025-09-09 17:21:25 +00:00
DmitriyLewen
4a2be6b48c docs(report): add nuanses about secret/license scanner in summary table (#9442) 2025-09-08 08:56:47 +00:00
Teppei Fukuda
4359fe06a0 ci: use environment variables in GitHub Actions for improved security (#9433) 2025-09-05 07:24:31 +00:00
jdesouza
2185c7816a chore: bump Go to 1.24.7 (#9435) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-04 18:04:43 +00:00
amitbhardwaj
4517e8c0ef fix(nodejs): use snapshot string as Package.ID for pnpm packages (#9330) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-04 04:52:26 +00:00
Aqua Security automated builds
a70d8e70a8 ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (#9425) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-09-02 18:13:15 +00:00
Aqua Security automated builds
7bcb181268 release: v0.66.0 [main] (#9289) v0.66.0 2025-09-02 16:42:22 +00:00
dependabot[bot]
21258954d2 chore(deps): bump the aws group with 7 updates (#9419) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 07:47:44 +00:00
Nikita Pivkin
29e9ff7e14 refactor(secret): clarify secret scanner messages (#9409) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-02 06:03:07 +00:00
DmitriyLewen
46ab76a5af fix(cyclonedx): handle multiple license types (#9378) 2025-09-01 12:10:14 +00:00
DmitriyLewen
1ac9b1f07c fix(repo): sanitize git repo URL before inserting into report metadata (#9391) 2025-09-01 11:09:02 +00:00
Teppei Fukuda
6fa3849c10 test: add HTTP basic authentication to git test server (#9407) 2025-09-01 09:42:41 +00:00
Ivo Šmíd
aa7cf4387c fix(sbom): add support for file component type of CycloneDX (#9372) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-01 08:33:46 +00:00
Nikita Pivkin
81d94253c8 fix(misconf): ensure module source is known (#9404) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-30 00:53:23 +00:00
Teppei Fukuda
1d646d6231 ci: migrate GitHub Actions from version tags to SHA pinning (#9405) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-08-29 12:16:27 +00:00
MaineK00n
ce22f54a39 fix: create temp file under composite fs dir (#9387) 2025-08-29 11:02:46 +00:00
dependabot[bot]
db19b34583 chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#9403) 
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-08-29 07:15:43 +00:00
Nikita Pivkin
d1de58a7dc refactor: switch to stable azcontainerregistry SDK package (#9319) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-28 07:26:08 +00:00
dependabot[bot]
102cbeecec chore(deps): bump the common group with 7 updates (#9382) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-28 06:28:46 +00:00
Nikita Pivkin
7278718b3f refactor(misconf): migrate from custom Azure JSON parser (#9222) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-27 22:44:02 +00:00
DmitriyLewen
4f2a44ea45 fix(repo): preserve RepoMetadata on FS cache hit (#9389) 2025-08-27 11:08:22 +00:00
cui
9594d63f2b refactor(misconf): use atomic.Int32 (#9385) 2025-08-27 07:18:27 +00:00
dependabot[bot]
8abde2c59a chore(deps): bump the aws group with 6 updates (#9383) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 04:36:09 +00:00
Shadab Ansari
2bbad03f16 docs: Fix broken link to "Built-in Checks" (#9375) 2025-08-26 00:43:12 +00:00
DmitriyLewen
5f067ac15e fix(plugin): don't remove plugins when updating index.yaml file (#9358) 2025-08-25 00:19:27 +00:00
Pueringni3
6e99dd304c fix: persistent flag option typo (#9374) 2025-08-24 23:43:16 +00:00
dependabot[bot]
d1adbe3579 chore(deps): bump the common group across 1 directory with 26 updates (#9347) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-24 23:24:41 +00:00
Manveer Singh
84fbf8674d fix(image): use standardized HTTP client for ECR authentication (#9322) 2025-08-22 05:56:21 +00:00
DmitriyLewen
04abb7871d refactor: export systemFileFiltering Post Handler (#9359) 2025-08-22 04:28:07 +00:00
Tomas Fernandez
e2d30feb5e docs: update links to Semaphore pages (#9352) 2025-08-20 13:32:16 +00:00
Semen
03d039f17d fix(conda): memory leak by adding closure method for package.json file (#9349) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-08-20 06:21:56 +00:00
Teppei Fukuda
235c24e71a feat: add timeout handling for cache database operations (#9307) 2025-08-18 08:01:27 +00:00
Nikita Pivkin
04ad0c4fc2 fix(misconf): use correct field log_bucket instead of target_bucket in gcp bucket (#9296) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-15 05:25:59 +00:00
Nikita Pivkin
d3cd101266 fix(misconf): ensure ignore rules respect subdirectory chart paths (#9324) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-09 10:15:42 +00:00
Rene Leonhardt
ea6663abff chore(deps): bump alpine from 3.21.4 to 3.22.1 (#9301) 2025-08-07 15:31:33 +00:00
Nikita Pivkin
298a9941f0 feat(terraform): use .terraform cache for remote modules in plan scanning (#9277) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-06 04:21:08 +00:00
tanhuaan
c9cb3d16ff chore: fix some function names in comment (#9314) 
Signed-off-by: tanhuaan <tanhuaan@outlook.com>
 2025-08-05 13:04:30 +00:00