gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,543 Commits 29 Branches 177 Tags
release/v0.63
Commit Graph

3543 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aqua Security automated builds
69093d2c23 release: v0.63.0 [main] (#8809) v0.63.0 2025-05-29 16:59:01 +00:00
Nikita Pivkin
7e9a54cd6b fix(misconf): use argument value in WithIncludeDeprecatedChecks (#8942) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-29 16:35:33 +00:00
simar7
78e3304bbe chore(deps): Bump trivy-checks (#8934) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-29 12:37:47 +00:00
DmitriyLewen
22f040f947 fix(julia): add Relationship field support (#8939) 2025-05-29 11:26:55 +00:00
Daniel Wachter
c2dde33c3f feat(minimos): Add support for MinimOS (#8792) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-29 11:21:22 +00:00
Teppei Fukuda
104bbc18ea feat(alpine): add maintainer field extraction for APK packages (#8930) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-05-29 10:47:33 +00:00
Ori
c7b8cc392e feat(echo): Add Echo Support (#8833) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-29 10:33:29 +00:00
Romain Geissler @ Amadeus
906b037cff fix(redhat): Also try to find buildinfo in root layer (layer 0) (#8924) 2025-05-29 09:55:33 +00:00
Teppei Fukuda
b15d9a60e6 fix(wolfi): support new APK database location (#8937) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-05-29 08:20:12 +00:00
afdesk
4f1ab23869 feat(k8s): get components from namespaced resources (#8918) 2025-05-29 03:50:21 +00:00
Nikita Pivkin
5bae2626e0 refactor(cloudformation): remove unused ScanFile method from Scanner (#8927) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-29 00:40:20 +00:00
Nikita Pivkin
4a7ebb70b4 refactor(terraform): remove result sorting from scanner (#8928) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-28 21:30:22 +00:00
simar7
3b2a3976ac feat(misconf): Add support for Minimum Trivy Version (#8880) 
Signed-off-by: Simar <simar@linux.com>
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-28 21:22:21 +00:00
Itay Shakury
1d420e669f docs: improve skipping files documentation (#8749) 2025-05-28 12:09:48 +00:00
Owen Rumney
5a0bf9ed31 feat(cli): Add available version checking (#8553) 
Signed-off-by: Owen Rumney <owen.rumney@aquasec.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
Co-authored-by: Itay <itay@itaysk.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2025-05-28 08:09:16 +00:00
Ashwani Kumar Kamal
7ca656d54b feat(nodejs): add a bun.lock analyzer (#8897) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-05-28 07:14:54 +00:00
Steven Masley
8939451174 feat: terraform parser option to set current working directory (#8909) 2025-05-27 18:05:51 +00:00
Peter Thomas
60fef1b615 perf(secret): only match secrets of meaningful length, allow example strings to not be matched (#8602) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-27 10:17:37 +00:00
Nikita Pivkin
aaecc29e90 feat(misconf): export raw Terraform data to Rego (#8741) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-27 04:34:17 +00:00
Nikita Pivkin
6c7cb7ad2d refactor(terraform): simplify AllReferences method signature in Attribute (#8906) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-24 00:09:04 +00:00
Teppei Fukuda
93e6680b1c fix: check post-analyzers for StaticPaths (#8904) 2025-05-23 08:42:32 +00:00
David du Colombier
07ef63b483 feat: add Bottlerocket OS package analyzer (#8653) 2025-05-23 07:50:59 +00:00
DmitriyLewen
ee522300b7 feat(license): improve work text licenses with custom classification (#8888) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2025-05-22 11:53:15 +00:00
dependabot[bot]
cae79d637d chore(deps): bump github.com/containerd/containerd/v2 from 2.1.0 to 2.1.1 (#8901) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-22 09:22:59 +00:00
dependabot[bot]
bcf246ca85 chore(deps): bump the common group across 1 directory with 9 updates (#8887) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-22 06:24:24 +00:00
Teppei Fukuda
0229eb70ab refactor(license): simplify compound license scanning (#8896) 2025-05-21 11:23:49 +00:00
Jonatan Lindström
39f9ed128b feat(license): Support compound licenses (licenses using SPDX operators) (#8816) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-05-21 08:33:52 +00:00
Nikita Pivkin
fe127715e5 fix(k8s): use in-memory cache backend during misconfig scanning (#8873) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-21 00:22:23 +00:00
Ashwani Kumar Kamal
1dcf81666f feat(nodejs): add bun.lock parser (#8851) 
Signed-off-by: Ashwani Kumar Kamal (sneaky-potato) <ashwanikamal.im421@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-20 14:00:47 +00:00
DmitriyLewen
c321fdfcdd feat(license): improve work with custom classification of licenses from config file (#8861) 2025-05-20 07:57:09 +00:00
DmitriyLewen
69a5fa18ca fix(cli): disable --skip-dir and --skip-files flags for sbom command (#8886) 2025-05-19 12:58:19 +00:00
Sandro
be8c7b796d fix: julia parser panicing (#8883) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-19 09:47:44 +00:00
DmitriyLewen
6aff7b0c4f refactor(db): change logic to detect wrong DB (#8864) 2025-05-19 05:01:50 +00:00
DmitriyLewen
35e88890c3 fix(cli): don't use allow values for --compliance flag (#8881) 2025-05-16 10:15:32 +00:00
simar7
239f65a45c docs(misconf): Reorganize misconfiguration scan pages (#8206) 2025-05-16 00:36:35 +00:00
DmitriyLewen
38f17c945e fix(server): add missed Relationship field for rpc (#8872) 2025-05-15 05:47:04 +00:00
Teppei Fukuda
0b0e4061ef feat: add JSONC support for comments and trailing commas (#8862) 2025-05-13 10:24:11 +00:00
DmitriyLewen
e97af9806a fix(vex): use lo.IsNil to check VEX from OCI artifact (#8858) 2025-05-13 06:40:15 +00:00
Teppei Fukuda
26437be083 feat(go): support license scanning in both GOPATH and vendor (#8843) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-05-12 09:24:10 +00:00
DmitriyLewen
9256804df8 fix(redhat): save contentSets for OS packages in fs/vm modes (#8820) 2025-05-12 06:26:14 +00:00
DmitriyLewen
6ebde88dbc fix: filter all files when processing files installed from package managers (#8842) 2025-05-08 04:50:57 +00:00
Nikita Pivkin
a516775da6 feat(misconf): add misconfiguration location to junit template (#8793) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-05-07 23:52:32 +00:00
DmitriyLewen
c9ba460a9b docs(vuln): remove OSV for Python from data sources (#8841) 2025-05-07 11:52:19 +00:00
Teppei Fukuda
2a21fd8cac chore: add an issue template for maintainers (#8838) 2025-05-07 07:10:31 +00:00
Matthieu MOREL
3b1426a676 chore: enable staticcheck (#8815) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-05-07 06:15:35 +00:00
Aqua Security automated builds
679153950c ci(helm): bump Trivy version to 0.62.1 for Trivy Helm Chart 0.14.1 (#8836) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-05-07 04:59:52 +00:00
oneum20
dd6a6e50a4 feat(license): scan vendor directory for license for go.mod files (#8689) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-06 13:13:49 +00:00
Ashwani Kumar Kamal
3bf4f44931 docs(java): Update info about dev deps in gradle lock (#8830) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-05-06 12:39:07 +00:00
dependabot[bot]
2ab8ae9291 chore(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 in the common group (#8822) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-05 16:19:03 +00:00
Ashwani Kumar Kamal
8995838e8d fix(java): exclude dev dependencies in gradle lockfile (#8803) 2025-05-05 14:00:15 +00:00