trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-13 00:00:19 -08:00

Author	SHA1	Message	Date
Nikita Pivkin	509e03030c	feat(image): prevent scanning oversized container images (#8178 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2025-01-27 06:38:52 +00:00
DmitriyLewen	cc66d6d00f	chore(deps): use aqua forks for `github.com/liamg/jfather` and `github.com/liamg/iamgo` (#8289 )	2025-01-24 09:07:45 +00:00
Teppei Fukuda	eafd810d7c	fix(fs): fix cache key generation to use UUID (#8275 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2025-01-23 07:34:20 +00:00
Nikita Pivkin	f12054e669	fix(misconf): correctly handle all YAML tags in K8S templates (#8259 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-23 04:20:02 +00:00
DmitriyLewen	4316bcbc5b	feat: add support for registry mirrors (#8244 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2025-01-22 07:46:02 +00:00
dependabot[bot]	2acd8e39c1	chore(deps): bump the common group across 1 directory with 29 updates (#8261 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-21 07:51:55 +00:00
Teppei Fukuda	2d30dd7241	refactor(license): improve license expression normalization (#8257 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-01-21 07:26:24 +00:00
Nikita Pivkin	c00232720a	feat(misconf): support for ignoring by inline comments for Dockerfile (#8115 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-20 18:31:41 +00:00
Nikita Pivkin	6d84e0cc0d	feat: add a examples field to check metadata (#8068 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-17 00:01:35 +00:00
dependabot[bot]	4f77e01b65	chore(deps): bump alpine from 3.20.0 to 3.21.0 in the docker group across 1 directory (#8196 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-16 10:17:38 +00:00
Teppei Fukuda	011012a8b4	ci: add workflow to restrict direct PRs to release branches (#8240 )	2025-01-14 09:58:41 +00:00
DmitriyLewen	ae283985c9	fix(suse): SUSE - update OSType constants and references for compatility (#8236 ) Co-authored-by: thatipelli santhosh <santhosh.thatipelli@aquasec.com>	2025-01-13 12:13:12 +00:00
DmitriyLewen	92697c7177	ci: fix path to main dir for canary builds (#8231 )	2025-01-13 06:59:52 +00:00
fabio	ca41a28641	chore(secret): add reported issues related to secrets in junit template (#8193 )	2025-01-13 06:13:58 +00:00
Nikita Pivkin	243e5a3af9	refactor: use trivy-checks/pkg/specs package (#8226 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-11 03:44:00 +00:00
Aqua Security automated builds	0aa2607cd8	ci(helm): bump Trivy version to 0.58.1 for Trivy Helm Chart 0.10.0 (#8170 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-01-10 11:27:46 +00:00
Nikita Pivkin	23dc3a6753	fix(misconf): allow null values only for tf variables (#8112 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-10 01:52:51 +00:00
Nikita Pivkin	a0429f773b	feat(misconf): support for ignoring by inline comments for Helm (#8138 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-10 01:37:49 +00:00
DmitriyLewen	f352f6b663	fix(redhat): check `usr/share/buildinfo/` dir to detect content sets (#8222 )	2025-01-09 12:45:45 +00:00
Chris Novakovic	f9a6a71927	chore(alpine): add EOL date for Alpine 3.21 (#8221 )	2025-01-09 05:02:15 +00:00
jdesouza	670fbf2d81	fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field (#8207 )	2025-01-08 06:27:07 +00:00
Nikita Pivkin	bbc5a85444	fix(misconf): disable git terminal prompt on tf module load (#8026 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-03 18:51:40 +00:00
Nikita Pivkin	70f3faa4b5	chore: remove aws iam related scripts (#8179 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-02 21:56:35 +00:00
amitbhardwaj	e8085bae3e	docs: Updated JSON schema version 2 in the trivy documentation (#8188 )	2024-12-28 17:28:42 +00:00
DmitriyLewen	4f111b9342	refactor(python): use once + debug for `License acquired from METADATA...` logs (#8175 )	2024-12-25 06:17:08 +00:00
Nikita Pivkin	03db7fc1ba	refactor: use slices package instead of custom function (#8172 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-25 05:28:37 +00:00
dependabot[bot]	eedefdddba	chore(deps): bump the common group with 6 updates (#8162 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-12-24 16:39:44 +00:00
Nikita Pivkin	49c54b49c6	feat(python): add support for uv dev and optional dependencies (#8134 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-24 13:43:28 +00:00
Nikita Pivkin	774e04d19d	feat(python): add support for poetry dev dependencies (#8152 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-24 12:12:39 +00:00
DmitriyLewen	735335f08f	fix(sbom): attach nested packages to Application (#8144 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-12-24 07:28:35 +00:00
DmitriyLewen	9fd5cc5c00	docs(vex): use debian minor version in examples (#8166 )	2024-12-24 06:41:30 +00:00
Teppei Fukuda	b5859d3fb5	refactor: add generic Set implementation (#8149 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-12-24 04:47:21 +00:00
dependabot[bot]	e6d0ba5cc9	chore(deps): bump the aws group across 1 directory with 6 updates (#8163 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-12-23 16:44:06 +00:00
Nikita Pivkin	a034d26443	fix(python): skip dev group's deps for poetry (#8106 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-23 06:20:15 +00:00
DmitriyLewen	7558df7c22	fix(sbom): use root package for `unknown` dependencies (if exists) (#8104 )	2024-12-23 06:14:57 +00:00
DmitriyLewen	30c7cb1371	chore(deps): bump `golang.org/x/net` from `v0.32.0` to `v0.33.0` (#8140 )	2024-12-20 06:44:54 +00:00
Teppei Fukuda	95f7a564e5	chore(vex): suppress CVE-2024-45338 (#8137 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-12-20 06:44:12 +00:00
Nikita Pivkin	c4a4a5fa97	feat(python): add support for uv (#8080 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-19 05:59:30 +00:00
dependabot[bot]	49f354085f	chore(deps): bump the docker group across 1 directory with 3 updates (#8127 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-12-18 17:42:15 +00:00
dependabot[bot]	dcf28a1001	chore(deps): bump the common group across 1 directory with 14 updates (#8126 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-12-18 12:26:41 +00:00
Nikita Pivkin	e79e73d636	chore: bump go to 1.23.4 (#8123 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-18 09:49:47 +00:00
Nikita Pivkin	17827db6a9	test: set dummy value for NUGET_PACKAGES (#8107 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-16 13:00:10 +00:00
DmitriyLewen	f0b3a99bf2	chore(deps): bump `github.com/CycloneDX/cyclonedx-go` from `v0.9.1` to `v0.9.2` (#8105 )	2024-12-16 11:09:33 +00:00
dependabot[bot]	e7507f0d34	chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#8103 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-12-16 11:08:02 +00:00
Itay Shakury	2200f3846d	fix: wasm module test (#8099 )	2024-12-16 10:58:38 +00:00
jdesouza	d7ac286085	fix: CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088 )	2024-12-16 05:58:04 +00:00
Teppei Fukuda	328db73838	chore(vex): suppress CVE-2024-45337 (#8101 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-12-16 04:59:20 +00:00
DmitriyLewen	f5e429179d	fix(license): always trim leading and trailing spaces for licenses (#8095 )	2024-12-13 08:00:01 +00:00
Fabrizio Sestito	f9fceb58bf	fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635 ) Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-12-11 16:39:06 +00:00
DmitriyLewen	4202c4ba0d	fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063 )	2024-12-10 07:22:30 +00:00

1 2 3 4 5 ...

3318 Commits