gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
2,567 Commits 29 Branches 177 Tags
189a46a01cdaee41dcf901be94805186ef9c64a3
Commit Graph

2567 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
simar7
189a46a01c chore(deps): Update misconfig deps (#5956) 2024-01-23 06:44:10 +00:00
Anais Urlichs
91a2547d15 docs: update cosign tutorial and commands, update kyverno policy (#5929) 
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Co-authored-by: saso <sasoakira6114@gmail.com>
 2024-01-22 07:44:16 +00:00
Anais Urlichs
a96f66f176 docs: update command to scan go binary (#5969) 
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
 2024-01-19 08:28:46 +00:00
chenk
2212d14432 fix: handle non-parsable images names (#5965) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-19 08:27:35 +00:00
dependabot[bot]
7cad04bdf1 chore(deps): bump aquaproj/aqua-installer from 2.1.2 to 2.2.0 (#5693) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-17 09:00:37 +00:00
DmitriyLewen
fbc1a83f32 fix(amazon): save system files for pkgs containing amzn in src (#5951) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-17 06:57:41 +00:00
Devin Trejo
260aa281f4 fix(alpine): Add EOL support for alpine 3.19. (#5938) 
Signed-off-by: Devin Trejo <dtrejo@palantir.com>
 2024-01-16 07:59:08 +00:00
Bishwa Thapa
2c9d7c6b50 feat: allow end-users to adjust K8S client QPS and burst (#5910) 2024-01-15 19:08:52 +00:00
Nikita Pivkin
ffe2ca7cb5 chore(deps): bump go-ebs-file (#5934) 2024-01-15 10:32:24 +00:00
DmitriyLewen
f90d4ee436 fix(nodejs): find licenses for packages with slash (#5836) 2024-01-15 07:11:12 +00:00
DmitriyLewen
c75143f5e8 fix(sbom): use group field for pom.xml and nodejs files for CycloneDX reports (#5922) 2024-01-15 06:57:46 +00:00
chenk
a3fac90b47 fix: ignore no init containers (#5939) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-15 06:14:57 +00:00
Fatih Tokus
b1b4734f55 docs: Fix documentation of ecosystem (#5940) 2024-01-15 06:13:27 +00:00
Laurent Commarieu
a2b654945a docs(misconf): multiple ignores in comment (#5926) 2024-01-12 04:36:55 +00:00
DmitriyLewen
ae134a9b38 fix(secret): find aws secrets ending with a comma or dot (#5921) 2024-01-11 08:00:33 +00:00
dependabot[bot]
c8c55fe21e chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.90 to 1.15.11 (#5885) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Simar <simar@linux.com>
 2024-01-11 07:30:40 +00:00
mfreeman451
4d2e785ff2 docs: Updated ecosystem docs with reference to new community app (#5918) 2024-01-11 07:25:44 +00:00
DmitriyLewen
7895657c89 fix(java): don't remove excluded deps from upper pom's (#5838) 2024-01-10 09:39:52 +00:00
DmitriyLewen
37e7e3eabf fix(java): check if a version exists when determining GAV by file name for jar files (#5630) 2024-01-10 07:22:50 +00:00
Teppei Fukuda
d0c81e23c4 feat(vex): add PURL matching for CSAF VEX (#5890) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-01-10 06:37:19 +00:00
DmitriyLewen
958e1f11f7 fix(secret): AWS Secret Access Key must include only secrets with aws text. (#5901) 2024-01-09 11:51:30 +00:00
DmitriyLewen
56c4e248aa revert(report): don't escape new line characters for sarif format (#5897) 2024-01-09 11:50:35 +00:00
Itay Shakury
92d9b3dbba docs: improve filter by rego (#5402) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-09 05:52:03 +00:00
dependabot[bot]
a626cdf334 chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 17:33:06 +00:00
Fatih Tokus
47b6c2817a docs: add_scan2html_to_trivy_ecosystem (#5875) 2024-01-08 10:33:20 +00:00
yusuke-koyoshi
0ebb6c4682 fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888) 2024-01-08 06:06:37 +00:00
Juan Ariza Toledano
c47ed0d816 feat(vex): Add support for CSAF format (#5535) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-06 10:48:39 +00:00
dependabot[bot]
2cdd65dd64 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.26.2 to 1.26.7 (#5880) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 19:38:44 +00:00
dependabot[bot]
cba67d1f06 chore(deps): bump actions/setup-go from 4 to 5 (#5845) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 16:31:44 +00:00
dependabot[bot]
d990e702a2 chore(deps): bump actions/stale from 8 to 9 (#5846) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 12:35:25 +00:00
dependabot[bot]
c72dfbfbb0 chore(deps): bump github.com/open-policy-agent/opa from 0.58.0 to 0.60.0 (#5853) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 12:31:33 +00:00
dependabot[bot]
121898423b chore(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#5847) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 12:31:32 +00:00
dependabot[bot]
682210ac64 chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.28.0 (#5854) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 19:10:54 +00:00
dependabot[bot]
e1a60cc88c chore(deps): bump alpine from 3.18.5 to 3.19.0 (#5849) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 19:03:00 +00:00
dependabot[bot]
b508414ca2 chore(deps): bump actions/setup-python from 4 to 5 (#5848) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 19:01:57 +00:00
Nikita Pivkin
df3e90af8f feat(python): parse licenses from dist-info folder (#4724) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-04 18:20:55 +00:00
dependabot[bot]
fa2e88360b chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 (#5852) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 09:29:08 +00:00
DmitriyLewen
30eff9c83e feat(nodejs): add yarn alias support (#5818) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-04 05:16:35 +00:00
dependabot[bot]
013df4c6b8 chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#5850) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 05:12:39 +00:00
dependabot[bot]
b1489f3485 chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#5856) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:53:52 +00:00
dependabot[bot]
7f2e4223ff chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:43:57 +00:00
Teppei Fukuda
da597c479c refactor: propagate time through context values (#5858) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-01-03 09:43:45 +00:00
Teppei Fukuda
1607eee77c refactor: move PkgRef under PkgIdentifier (#5831) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2023-12-29 06:52:36 +00:00
DmitriyLewen
b3d516eafe fix(cyclonedx): fix unmarshal for licenses (#5828) 2023-12-29 05:28:13 +00:00
dependabot[bot]
c17b6603db chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-29 05:26:15 +00:00
Juan Ariza Toledano
1f0d6290c3 feat(vuln): include pkg identifier on detected vulnerabilities (#5439) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-12-27 07:54:56 +00:00
Nikita Pivkin
4cdff0e573 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from v1.116.0 to v1.134.0 (#5822) v0.48.2 2023-12-26 12:09:43 +00:00
dependabot[bot]
be969d4136 chore(deps): bump github.com/containerd/containerd from 1.7.7 to 1.7.11 (#5809) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-25 06:13:16 +00:00
dependabot[bot]
81748f5ad0 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#5805) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 07:59:21 +00:00
Nikita Pivkin
ba825b2ae1 chore(deps): bump trivy-iac to v0.7.1 (#5797) v0.48.1 2023-12-18 12:31:07 +00:00