gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
473 Commits 29 Branches 177 Tags
32d3eba40b5e887f48f3499a7120d969f3e89deb
Commit Graph

473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Carol Valencia
89527796f6 fix(Readme) - Results using a template (#622) 
Co-authored-by: Carol Valencia <krol3@users.noreply.github.com>
 2020-09-02 12:40:05 +03:00
Chris Aumann
165d593fdb Improve Gitlab CI installation step in README (#621) 
This improves the installation step in `.gitlab-ci.yml`. 

- Removes unnecessary installation and use of `curl` (replaces it with `wget`)
- Removes storing the intermediate file by using a pipe to `tar`
 2020-09-02 12:39:05 +03:00
Teppei Fukuda
d8b09628f0 feat(rpc): add CWE-ID (#614) 2020-09-02 07:42:32 +03:00
Alexander Lauster
d35e8ec351 Add all templates to the docker image (#619) 
Before this change, only a subset of templates were included in the docker image.
Now all templates which are part of the git repo will be included when the docker image will be build, a future commit for every new template is not needed anymore
 2020-08-31 11:16:22 +03:00
Teppei Fukuda
f50b0ce8af feat(library): support a custom data source (#613) 
* chore(mod): update trivy-db

* refactor(detector/library): use programming language instead of package
manager

* feat(library): add general advisory

* test(utils): add a util function initializing DB

* test(advisory): add tests

* chore: use aquasecurity/bolt-fixtures

* refactor: add comments

* chore(mod): revert fanal version

* chore(mod): update trivy-db

* refactor: update the comment
v0.11.0 		2020-08-30 10:11:32 +03:00
Teppei Fukuda
ed8607b710 fix(alpine): use source package (#607) 
* chore(mod): update fanal

* fix(integration): support -update flag

* fix(alpine): use source package for vulnerability detection

* test(integration): update golden files

* chore(mod): update fanal
 2020-08-25 13:01:49 +03:00
Teppei Fukuda
ea28d3b6f3 test(vulnerability): fix usages of new trivy-db refactor changes (#611) 
* mod: Update trivy-db

Signed-off-by: Simarpreet Singh <simar@linux.com>

* vulnerability_test: Fix usages of new trivy-db refactor changes

Signed-off-by: Simarpreet Singh <simar@linux.com>

* chore(mod): update trivy-db

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-08-25 12:21:15 +03:00
Teppei Fukuda
827cea3245 refactor(bundler): remove unnecessary code (#610) 2020-08-24 13:22:11 +03:00
Simarpreet Singh
b2a0d83518 codecov: Move into root directory (#608) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-20 10:21:52 -07:00
rahul2393
85e0139f32 Fix: fullDescription field in SARIF output is not correctly escaped (#605) 
* Fixed sarif template fullDescription escape

* Added fix to other possible places

* Added test for escaping character
 2020-08-19 10:23:04 -07:00
Teppei Fukuda
80d5df0ceb chore(docs): add AWS Security Hub (#598) 
* chore(docs): add AWS Security Hub

* Update docs/integration/security-hub.md

Co-authored-by: Simarpreet Singh <simar@linux.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-08-19 13:19:24 +03:00
Teppei Fukuda
3a54e5b644 refactor(writer): define the constructor for TemplateWriter (#597) 2020-08-17 09:06:50 +03:00
Simarpreet Singh
acc6a9bd01 circleci: Allow coverage changes without a failure (#599) 
Ref: https://github.com/testground/testground/pull/430

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-13 10:13:49 +03:00
Teppei Fukuda
96af6dc499 feat: add --skip-directories option (#595) 
* feat: add --skip-directories option

* chore(README): update

* refactor: rename skip-directories to skip-dirs

* Update internal/app.go

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>

* refactor: add some context in the warning message

* chore(README): update

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-08-12 14:03:12 +03:00
rahul2393
675e1b4118 Added test and support of ASFF template (#594) 
* Added test and support of ASFF template

* Improve test coverage

* Fixed/Improved tests

* Removed extra space

* Added NVD score/vectors, Added logic to trim description due to file size restriction

* Included quotations around AccountID
 2020-08-12 13:25:58 +03:00
Carol Valencia
8ca484f538 fix: remove error using no options (#539) 
* fix: remove error using no options

* chore: return error in Init

* chore: return custom error ErrNoTarget

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/artifact/image.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* chore - remove error using no options

* fix(config): typo

* test(config): change the log level

* test(config): revert removed tests

Co-authored-by: Carol <krol3@users.noreply.github.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-08-09 10:39:27 +03:00
Sebastian Gumprich
9a25f4fbe4 Fix comparison table to use words instead of symbols (#587) 
fixes #301
v0.10.2 		2020-08-05 10:38:45 +03:00
Simarpreet Singh
467ec46cd3 sarif: Remove extra periods from short descriptions (#590) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-04 22:28:11 -07:00
rahul2393
52feff2213 Added template fucntion to escape string before output (#583) 
* Added template fucntion to escape string before output

* Fixed tests
 2020-07-31 10:12:49 -07:00
rahul2393
add65f2f0c Revert Dockerfile changes (#581) v0.10.1 2020-07-30 22:04:31 +03:00
rahul2393
20f2bae49b Fix non-root directory permission denied error (#578) 
* Fix non-root directory permission denied error

* Updated Readme

* Fixed Readme

* Updated readme to use latest tag for QA error

* updated Dockerfile

* Moved error to others section
v0.10.0 		2020-07-30 12:57:44 +03:00
Simarpreet Singh
8eb9df8447 .circleci: Add code coverage (#572) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-29 15:09:27 -07:00
rahul2393
88aaffa957 Added support of list-all-packages (#574) 
* Added support of list-all-packages

* updated Readme

* Added library packages and fixed import name

* updated env var name

* Sorting packages in scan
 2020-07-29 22:11:38 +03:00
Moch. Lutfi
469c0b41df fix: only show severity total from filter flags (#559) 
* Add filter table output by severity flags

* Simplify filter output

* Fix unit test

* add filter unique severities

* remove wrong comment

* Remove utils and update logic

* chore(mod): tidy

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-07-29 10:54:51 +03:00
Teppei Fukuda
4a34f72f22 Update README.md (#575) 2020-07-29 10:31:49 +03:00
Simarpreet Singh
4d721e1410 SARIF: Tweak format for GitHub UI (#571) 
* sarif: Tweak format for GitHub UI

Signed-off-by: Simarpreet Singh <simar@linux.com>

* sarif: Make sarif easier to use with a default template

This will help us use Trivy in places like GitHub Actions where
we cannot specify a template as input.

$ trivy image --format=sarif alpine:3.10.1

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Revert "sarif: Make sarif easier to use with a default template"

This reverts commit 5b5d1c8f7d.

* .dockerignore: Add un-needed large directories

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Dockerfile: Add sarif template.

This will let users run and save the output through the docker image

Example:
```
docker run --rm -it -v $(pwd):/tmp aquasec/trivy:latest image -f template --template "@contrib/sarif.tpl" --output="/tmp/sarif.test" alpine:3.10.2
```

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-28 11:22:03 -07:00
rahul2393
9c91da8a2b Add non root user (#570) 2020-07-28 12:37:43 +03:00
Simarpreet Singh
5b9d942313 rpc: Add CVSS information to client/server (#564) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-26 15:06:25 +03:00
rahul2393
d6b37cb87e Fix --timeout flag (#569) 
* Wrapped scan call inside context timeout

* timeout has default value
 2020-07-22 21:33:30 +03:00
Teppei Fukuda
9c6f077818 feat(report): support OPA to filter vulnerabilities (#562) 
* feat(cli): add --filter option

* feat(opa): support OPA

* test(opa): add a test case with OPA

* test: update a mock

* chore(mod): update dependencies

* chore(filter): add example Rego files

* chore(README): update

* chore(rego): apply opa fmt

* refactor: replace filter with policy

* chore(policy): update rego files

* fix(vulnerability): evaluate each vulnerability

* chore(README): update

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* chore(README): update a TOC link

* fix: replace allow with ignore

* chore(README): update

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2020-07-22 21:10:44 +03:00
rahul2393
0b5d936dbe Fixed case when pre-release is in suffix (#565) 
* Fixed case when pre-release is in suffix

* moved regex to global scope

* removed not needed code

* Update error to debug

* skip constraint when empty
 2020-07-22 08:57:19 +03:00
rahul2393
6eebed33b2 improve ruby comparison version check. (#552) 
* Implemented ruby comparison version check.

* Added semver package to validate and check version

* Added more tests

* Replaced go-version with semver

* Removing go-version from dependency

* Added check for ruby gem version format

* Updated semver model and patch rewrite process

* Refactoring
 2020-07-19 18:03:56 +03:00
rahul2393
43085a80bc Added sarif template (#558) 
* Added sarif template

* Updated readme

* fixed tests

* Added integration tests and fixed all sarif validations issues

* Added tests for endWithPeriod

* Fixed tests, and added sarif golden file

* removed optional newline sequence
 2020-07-17 11:08:50 -07:00
Teppei Fukuda
4f90b114ea feat(vulnerability): add CWE-ID (#561) 
* chore(mod): update dependency

* test(vulnerability): add CweIDs
 2020-07-16 11:07:27 +03:00
Michal Slusarczyk
d9fa353a06 Fixing Error retrieving template from path when --format is not template but template is provided (#556) v0.9.2 2020-07-13 14:01:08 +03:00
Michal Slusarczyk
9a1d7460f6 Adding contrib/junit.tpl to docker image (#554) 2020-07-09 09:23:31 +03:00
Simarpreet Singh
d18d17b861 db: Update trivy-db to include CVSS score info (#530) 
* mod: Update trivy-db to include CVSS score info

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update go.mod

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update trivy-db to latest

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-07-07 08:16:42 -07:00
Liz Rice
4b57c0d4e6 docs: fix markdown (#553) 
Correct markdown for MicroScanner link
 2020-07-07 16:27:51 +03:00
rahul2393
ccd9b2d2c5 Added function to escape string in failure message title and descriptions (#551) 
* Added function to escape string in failure message title and descriptions

* updated template to use xml.EscapeText

* Renamed template function
 2020-07-06 12:43:11 +03:00
rahul2393
ec770cd819 Added JUNIT support (#541) 
* added template for junit

* updated readme and junit format

* Added severity in testcase name instead of separate failure block
 2020-06-25 17:23:04 +03:00
Teppei Fukuda
b7ec633fb2 chore(docs): mention air-gapped environment (#544) 
* chore(docs): mention air-gapped environment

* Update docs/air-gap.md

Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-06-24 17:15:17 +03:00
Teppei Fukuda
7aabff1236 chore(README): add programming languages (#543) 2020-06-23 20:52:43 +03:00
Teppei Fukuda
9dc1bdffb1 fix(log): write error messages to stderr (#538) 2020-06-23 15:06:42 +03:00
Simarpreet Singh
2ac672a663 Use StoreMetadata from trivy-db (#509) 
* db_test: Remove cruft

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Add StoreMetadata from trivy-db.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update trivy-db dependency

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Bump trivy-db version

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Eliminate metadata.Store

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Add a TODO to move things into trivy-db repo

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-06-22 14:29:38 -07:00
Liz Rice
11ae6b29d5 docs: add more CI options to README (#535) 
Add GitHub Actions and AWS CodePipeline to CI section of Readme
Correct a broken link to "Data sources"
 2020-06-21 11:26:22 +03:00
Teppei Fukuda
f201f59e27 chore(Dockerfile): bump up alpine to 3.12 (#528) 2020-06-15 11:29:38 +03:00
Teppei Fukuda
25d45e1ac5 fix(alpine): replace go-deb-version with go-apk-version (#520) 
* fix(alpine): add a failing test with go-deb-version

* fix(alpine): replace go-deb-version with go-apk-version

* chore(mod): update dependencies

* chore(mod): update go-apk-version
 2020-06-11 12:55:34 +03:00
Oran Moshai
298ba99b8f fix: MissingBlobs is implemented different in FS and S3 the method log… (#522) 
* fix: MissingBlobs is implemented diffrent in FS and S3 the method logic moved to cache.MissingBlobs

* fix(unittest): implement MockArtifactCache instead MockLocalArtifactCache

* fix(gofmt)

* fix naming convention

Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
 2020-06-10 10:38:37 +03:00
Teppei Fukuda
65cbe3cac3 fix(alpine): support 3.12 (#517) v0.9.1 2020-06-08 17:17:38 +03:00
Teppei Fukuda
f94e8dcf04 chore(README): prepare for v0.9.0 (#507) 
* chore(README): prepare for v0.9.0

* chore(README): replace 'artifacts' with 'containers and other artifacts'

* chore: more detail for filesystem scan

Co-authored-by: Liz Rice <liz@lizrice.com>

* chore: more detail for embedding Trivy in the Dockerfile

Co-authored-by: Liz Rice <liz@lizrice.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

* Update README.md

Co-authored-by: Liz Rice <liz@lizrice.com>

* chore(README): add a new line

* chore(README): revert TOC and add blog links

* chore(README): add Microscanner link

Co-authored-by: Liz Rice <liz@lizrice.com>
 2020-06-08 16:20:44 +03:00