gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,338 Commits 29 Branches 177 Tags
412c690924d4414ef6d8a5f37b293969bc245d32
Commit Graph

3338 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aqua Security automated builds
412c690924 fix(misconf): do not log scanners when misconfig scanning is disabled [backport: release/v0.59] (#8349) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-02-04 11:27:18 +00:00
Aqua Security automated builds
98f9ba295a chore(deps): bump Go to v1.23.5 [backport: release/v0.59] (#8343) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-02-04 06:52:15 +00:00
Aqua Security automated builds
1741fddbe0 fix(python): add poetry v2 support [backport: release/v0.59] (#8335) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-02-03 09:04:49 +00:00
Aqua Security automated builds
3fd8e2785b fix(sbom): preserve OS packages from multiple SBOMs [backport: release/v0.59] (#8333) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-02-03 05:55:46 +00:00
Aqua Security automated builds
a58d6854dc release: v0.59.0 [main] (#8041) v0.59.0 2025-01-30 08:28:04 +00:00
Nikita Pivkin
73bd20d619 feat(image): return error early if total size of layers exceeds limit (#8294) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-01-30 08:01:16 +00:00
simar7
0031a38eb7 chore(deps): Bump trivy-checks (#8310) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-30 07:25:43 +00:00
Steven Masley
87f3751172 chore(terraform): add accessors to underlying raw hcl values (#8306) 2025-01-30 06:53:07 +00:00
Nikita Pivkin
2e8e38a8c0 fix: improve conversion of image config to Dockerfile (#8308) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-29 11:35:30 +00:00
Nikita Pivkin
f258fd5a2a docs: replace short codes with Unicode emojis (#8296) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-29 11:13:03 +00:00
afdesk
db9e57a34e feat(k8s): improve artifact selections for specific namespaces (#8248) 
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2025-01-29 08:11:19 +00:00
Teppei Fukuda
da7bba970b chore: update code owners (#8303) 2025-01-29 02:55:09 +00:00
Nikita Pivkin
0a3887ca03 fix(misconf): handle heredocs in dockerfile instructions (#8284) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-29 01:18:15 +00:00
DmitriyLewen
846498dd23 fix: de-duplicate same dpkg packages with different filePaths from different layers (#8298) 2025-01-28 07:03:33 +00:00
dependabot[bot]
d749b621c8 chore(deps): bump the aws group with 7 updates (#8299) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-28 06:29:24 +00:00
dependabot[bot]
13fe2ee1c1 chore(deps): bump the common group with 12 updates (#8301) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-28 06:28:49 +00:00
Matthieu MOREL
60491f8a7e chore: enable int-conversion from perfsprint (#8194) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-01-27 20:38:55 +00:00
Teppei Fukuda
b5062f3ae2 feat(fs): use git commit hash as cache key for clean repositories (#8278) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-01-27 08:53:49 +00:00
DmitriyLewen
aec8885bc7 fix(spdx): use the hasExtractedLicensingInfos field for licenses that are not listed in the SPDX (#8077) 2025-01-27 07:28:59 +00:00
Matthieu MOREL
715575d731 chore: use require.ErrorContains when possible (#8291) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-01-27 06:47:29 +00:00
Nikita Pivkin
509e03030c feat(image): prevent scanning oversized container images (#8178) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-01-27 06:38:52 +00:00
DmitriyLewen
cc66d6d00f chore(deps): use aqua forks for github.com/liamg/jfather and github.com/liamg/iamgo (#8289) 2025-01-24 09:07:45 +00:00
Teppei Fukuda
eafd810d7c fix(fs): fix cache key generation to use UUID (#8275) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-01-23 07:34:20 +00:00
Nikita Pivkin
f12054e669 fix(misconf): correctly handle all YAML tags in K8S templates (#8259) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-23 04:20:02 +00:00
DmitriyLewen
4316bcbc5b feat: add support for registry mirrors (#8244) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2025-01-22 07:46:02 +00:00
dependabot[bot]
2acd8e39c1 chore(deps): bump the common group across 1 directory with 29 updates (#8261) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-21 07:51:55 +00:00
Teppei Fukuda
2d30dd7241 refactor(license): improve license expression normalization (#8257) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-01-21 07:26:24 +00:00
Nikita Pivkin
c00232720a feat(misconf): support for ignoring by inline comments for Dockerfile (#8115) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-20 18:31:41 +00:00
Nikita Pivkin
6d84e0cc0d feat: add a examples field to check metadata (#8068) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-17 00:01:35 +00:00
dependabot[bot]
4f77e01b65 chore(deps): bump alpine from 3.20.0 to 3.21.0 in the docker group across 1 directory (#8196) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-16 10:17:38 +00:00
Teppei Fukuda
011012a8b4 ci: add workflow to restrict direct PRs to release branches (#8240) 2025-01-14 09:58:41 +00:00
DmitriyLewen
ae283985c9 fix(suse): SUSE - update OSType constants and references for compatility (#8236) 
Co-authored-by: thatipelli santhosh <santhosh.thatipelli@aquasec.com>
 2025-01-13 12:13:12 +00:00
DmitriyLewen
92697c7177 ci: fix path to main dir for canary builds (#8231) 2025-01-13 06:59:52 +00:00
fabio
ca41a28641 chore(secret): add reported issues related to secrets in junit template (#8193) 2025-01-13 06:13:58 +00:00
Nikita Pivkin
243e5a3af9 refactor: use trivy-checks/pkg/specs package (#8226) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-11 03:44:00 +00:00
Aqua Security automated builds
0aa2607cd8 ci(helm): bump Trivy version to 0.58.1 for Trivy Helm Chart 0.10.0 (#8170) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-01-10 11:27:46 +00:00
Nikita Pivkin
23dc3a6753 fix(misconf): allow null values only for tf variables (#8112) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-10 01:52:51 +00:00
Nikita Pivkin
a0429f773b feat(misconf): support for ignoring by inline comments for Helm (#8138) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-10 01:37:49 +00:00
DmitriyLewen
f352f6b663 fix(redhat): check usr/share/buildinfo/ dir to detect content sets (#8222) 2025-01-09 12:45:45 +00:00
Chris Novakovic
f9a6a71927 chore(alpine): add EOL date for Alpine 3.21 (#8221) 2025-01-09 05:02:15 +00:00
jdesouza
670fbf2d81 fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field (#8207) 2025-01-08 06:27:07 +00:00
Nikita Pivkin
bbc5a85444 fix(misconf): disable git terminal prompt on tf module load (#8026) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-03 18:51:40 +00:00
Nikita Pivkin
70f3faa4b5 chore: remove aws iam related scripts (#8179) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-01-02 21:56:35 +00:00
amitbhardwaj
e8085bae3e docs: Updated JSON schema version 2 in the trivy documentation (#8188) 2024-12-28 17:28:42 +00:00
DmitriyLewen
4f111b9342 refactor(python): use once + debug for License acquired from METADATA... logs (#8175) 2024-12-25 06:17:08 +00:00
Nikita Pivkin
03db7fc1ba refactor: use slices package instead of custom function (#8172) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-25 05:28:37 +00:00
dependabot[bot]
eedefdddba chore(deps): bump the common group with 6 updates (#8162) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-24 16:39:44 +00:00
Nikita Pivkin
49c54b49c6 feat(python): add support for uv dev and optional dependencies (#8134) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-24 13:43:28 +00:00
Nikita Pivkin
774e04d19d feat(python): add support for poetry dev dependencies (#8152) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-24 12:12:39 +00:00
DmitriyLewen
735335f08f fix(sbom): attach nested packages to Application (#8144) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-12-24 07:28:35 +00:00