353 Commits

Author	SHA1	Message	Date
DmitriyLewen	5bc662be9a	fix(dotnet): don't include non-runtime libraries into report for *.deps.json files (#7039)	2024-07-22 03:44:44 +00:00
dependabot[bot]	e674c93470	chore(deps): bump the common group across 1 directory with 7 updates (#7125) ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-10 08:39:17 +00:00
dependabot[bot]	ab0fd0d2e7	chore(deps): bump the docker group with 2 updates (#7116) ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-09 06:10:37 +00:00
Marcus Meissner	17b5dbfa12	feat: add openSUSE tumbleweed detection and scanning (#6965) ... Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-09 04:25:39 +00:00
DmitriyLewen	a64993e83a	test: add missing advisory details for integration tests database (#7122)	2024-07-09 04:24:42 +00:00
Oscar Blanco	03ac93dc20	feat(nodejs): add license parser to pnpm analyser (#7036) ... Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-03 12:13:24 +00:00
Teppei Fukuda	fc6b3a760b	refactor: pass DB dir to trivy-db (#7057) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-07-02 04:32:46 +00:00
Teppei Fukuda	14d71ba63c	fix(sbom): use package UIDs for uniqueness (#7042) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-28 08:52:19 +00:00
DmitriyLewen	edc556b85e	feat(php): add installed.json file support (#4865)	2024-06-28 07:04:07 +00:00
chenk	8d618e48a2	feat(k8s)!: node-collector dynamic commands support (#6861) ... Signed-off-by: chenk <hen.keinan@gmail.com>	2024-06-26 07:04:50 +00:00
simar7	b58d42dc97	BREAKING(aws): Deprecate trivy aws as subcmd in favour of a plugin (#6819)	2024-06-20 19:56:46 +00:00
Teppei Fukuda	e493fc931a	refactor: delete db mock (#6940) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 04:51:57 +00:00
Charles Oxyer	f144e912d3	feat: Add local ImageID to SARIF metadata (#6522) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-06-19 10:30:55 +00:00
Michael Stringer	f18d035ae1	feat(java): add support for sbt projects using sbt-dependency-lock (#6882) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-06-19 08:46:22 +00:00
DmitriyLewen	2d85a003b2	fix(purl): add missed os types (#6955)	2024-06-19 07:06:31 +00:00
DmitriyLewen	baa1216895	test: bump docker API to 1.45 (#6914)	2024-06-13 07:34:39 +00:00
DmitriyLewen	09e50ce6a8	feat(sbom): migrate to CycloneDX v1.6 (#6903)	2024-06-11 07:41:07 +00:00
Teppei Fukuda	56dbe1f676	fix: include packages unless it is not needed (#6765) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-28 07:22:45 +00:00
Nikita Pivkin	ebb123f37f	chore: replace interface{} with any (#6751)	2024-05-27 02:53:19 +00:00
Teppei Fukuda	9515695d45	feat(vex): support non-root components for products in OpenVEX (#6728) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-05-21 10:00:51 +00:00
DmitriyLewen	2bc54ad275	feat(python): add line number support for requirement.txt files (#6729)	2024-05-20 16:55:36 +00:00
Matthieu MOREL	bbaf5952bc	ci(deps): enable require-error rule from testifylint linter (#6718) ... Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-20 07:12:43 +00:00
Octogonapus	fecafb1fc5	feat: Add Julia language analyzer support (#5635)	2024-05-15 02:56:48 +00:00
Teppei Fukuda	6a72dd47ae	refactor: move artifact types under artifact package to avoid import cycles (#6652) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-09 16:18:37 +00:00
Teppei Fukuda	3eecfc6b6e	refactor: unify Library and Package structs (#6633) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-05-07 12:25:52 +00:00
Teppei Fukuda	998f750432	feat: introduce package UIDs for improved vulnerability mapping (#6583) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-03 11:14:34 +00:00
simar7	37da98df45	feat(misconf): Use updated terminology for misconfiguration checks (#6476) ... Signed-off-by: Simar <simar@linux.com>	2024-05-02 18:16:17 +00:00
DmitriyLewen	e3bef02018	feat: add support environment.yaml files (#6569) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-04-29 10:33:53 +00:00
chenk	060d0bb641	BREAKING: support exclude kinds/namespaces and include kinds/namespaces (#6323) ... Signed-off-by: chenk <hen.keinan@gmail.com>	2024-04-27 14:30:17 +00:00
Teppei Fukuda	6343e4fc71	feat: add relationships (#6563) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-04-27 09:15:12 +00:00
Teppei Fukuda	d2d4022ef3	fix(sbom): change error to warning for multiple OSes (#6541) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-04-24 06:54:41 +00:00
DmitriyLewen	a2482c14e1	fix(server): add Locations for Packages in client/server mode (#6366)	2024-03-24 09:46:56 +00:00
Ivo Šmíd	eb3ceb323d	feat(sbom): Support license detection for SBOM scan (#6072) ... Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-03-18 09:34:26 +00:00
Teppei Fukuda	ab74caa87f	refactor(sbom): use intermediate representation for SPDX (#6310) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-03-18 08:52:11 +00:00
Teppei Fukuda	8fcef352b3	refactor(sbom): add intermediate representation for BOM (#6240) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-03-12 06:56:10 +00:00
Nikita Pivkin	9361cdb7e2	feat(terraform): Terraform Plan snapshot scanning support (#6176) ... Co-authored-by: Simar <simar@linux.com> Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>	2024-03-04 22:37:31 +00:00
DmitriyLewen	c1d26ec334	test(k8s): use test-db for k8s integration tests (#6222)	2024-02-28 16:17:59 +00:00
simar7	14adbb4464	refactor(deps): Merge defsec into trivy (#6109) ... Signed-off-by: Simar <simar@linux.com>	2024-02-16 08:31:32 +00:00
DmitriyLewen	535b5a96d9	feat(java): add dependency location support for gradle files (#6083)	2024-02-08 09:43:35 +00:00
DmitriyLewen	27d35baa4a	test: fix flaky TestDockerEngine (#6054)	2024-02-02 08:48:51 +00:00
Teppei Fukuda	59e54334d1	fix(cli): inconsistent behavior across CLI flags, environment variables, and config files (#5843) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-02-01 03:25:30 +00:00
DmitriyLewen	70dd572ef7	fix(report): use AWS_REGION env for secrets in asff template (#6011)	2024-01-26 08:19:27 +00:00
DmitriyLewen	fb36c4ed09	refactor(sbom): use new metadata.tools struct for CycloneDX (#5981) ... Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-01-23 13:59:48 +00:00
simar7	189a46a01c	chore(deps): Update misconfig deps (#5956)	2024-01-23 06:44:10 +00:00
DmitriyLewen	c75143f5e8	fix(sbom): use group field for pom.xml and nodejs files for CycloneDX reports (#5922)	2024-01-15 06:57:46 +00:00
Teppei Fukuda	d0c81e23c4	feat(vex): add PURL matching for CSAF VEX (#5890) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-01-10 06:37:19 +00:00
DmitriyLewen	56c4e248aa	revert(report): don't escape new line characters for sarif format (#5897)	2024-01-09 11:50:35 +00:00
Teppei Fukuda	da597c479c	refactor: propagate time through context values (#5858) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-01-03 09:43:45 +00:00
Teppei Fukuda	1607eee77c	refactor: move PkgRef under PkgIdentifier (#5831) ... Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-12-29 06:52:36 +00:00
DmitriyLewen	b3d516eafe	fix(cyclonedx): fix unmarshal for licenses (#5828)	2023-12-29 05:28:13 +00:00