gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,339 Commits 29 Branches 177 Tags
9aabfd2a91e7278384bce7ccc6841a1d2851feb0
Commit Graph

72 Commits

Author SHA1 Message Date
Teppei Fukuda
b5062f3ae2 feat(fs): use git commit hash as cache key for clean repositories (#8278) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-01-27 08:53:49 +00:00
Nikita Pivkin
5a93a7736b test: replace Go checks with Rego (#7867) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-11-25 22:04:53 +00:00
Teppei Fukuda
bcfc37bb16 test: define constants for test images (#7739) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2024-10-16 23:41:59 +00:00
Nikita Pivkin
3562529ddf feat: support multiple DB repositories for vulnerability and Java DB (#7605) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-10-01 13:16:06 +00:00
Teppei Fukuda
d4edeb5d62 test: use loaded image names (#7617) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-10-01 04:27:02 +00:00
Teppei Fukuda
9d1be410c4 refactor: fix auth error handling (#7615) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-09-30 11:22:59 +00:00
Teppei Fukuda
88ba46047c feat(vex): VEX Repository support (#7206) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2024-07-25 12:18:37 +00:00
Teppei Fukuda
db68d106ce chore: bump golangci-lint from v1.58 to v1.59 (#7077) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-07-02 09:36:54 +00:00
Teppei Fukuda
fc6b3a760b refactor: pass DB dir to trivy-db (#7057) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-07-02 04:32:46 +00:00
Teppei Fukuda
e493fc931a refactor: delete db mock (#6940) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-06-20 04:51:57 +00:00
Teppei Fukuda
b7b8cdc9e9 test: replace embedded Git repository with dynamically created repository (#6824) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-06-03 07:34:28 +00:00
Nikita Pivkin
ebb123f37f chore: replace interface{} with any (#6751) 2024-05-27 02:53:19 +00:00
Teppei Fukuda
65b8a40d0d chore(deps): bump golangci-lint to v1.58.2 (#6719) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-05-20 06:35:34 +00:00
Nikita Pivkin
9361cdb7e2 feat(terraform): Terraform Plan snapshot scanning support (#6176) 
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2024-03-04 22:37:31 +00:00
simar7
14adbb4464 refactor(deps): Merge defsec into trivy (#6109) 
Signed-off-by: Simar <simar@linux.com>
 2024-02-16 08:31:32 +00:00
simar7
7bd3b630bb refactor(deps): Merge trivy-iac into Trivy (#6005) 2024-02-12 11:01:27 +00:00
Masahiro331
4d9b444499 fix(vm): update ext4-filesystem parser for parse multi block extents (#4616) 
* chore(deps): update ext4-filesystem parser for parse multi block extents

* test(vm): update integration-vm test fixtures

* test(vm): add gzip decompresser for sparse file

* test(vm): add mage command update golden file for vm integration test

* chore(magefile): [WIP] change test repository

* Revert "chore(magefile): [WIP] change test repository"

This reverts commit c015c8892f.

* fix(test): update fixtures and golden file

* fix(test): revert fixVersion and PkgID
 2023-06-18 16:41:55 +00:00
Teppei Fukuda
bd0c60364a perf(misconf): replace with post-analyzers (#4090) 
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
 2023-04-23 19:22:46 +03:00
Masahiro331
22d92e4ad6 feat: add virtual machine scan command (#2910) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-11-27 11:45:00 +02:00
Teppei Fukuda
c26a3e481f refactor(internal): export internal packages (#887) 
* refactor: export internal packages

* refactor(server): define Server

* refactor: fix lint issues

* test(integration): fix imports
 2021-03-14 17:04:01 +02:00
Teppei Fukuda
8b3b5d0290 feat: support plugins (#878) 
* fix(log): set the default logger

* feat: support plugins

* feat(plugin): add run command

* feat(plugin): add uninstall command

* test(plugin): add tests

* chore(ci): pin go version

* chore(ci): disable G204

* refactor: fix lint issues

* feat(plugin): skip downloading installed plugins

* feat: add TRIVY_RUN_AS_PLUGIN

* support Ubuntu 20.10 (#876)

* docs(README): update ubuntu versions (#877)

* add MkDocs implementation (#870)

* mkdocs: add top level nav

* mkdocs: add installation nav

* mkdocs: add quick-start nav

* mkdocs: add examples nav

* mkdocs: add CI nav

* mkdocs: add vuln-detection nav

* mkdocs: add comparison nav

* mkdocs: add usage nav

* mkdocs: add migration nav

* mkdocs: add FAQ nav

* mkdocs: add mkdocs.yml

* mkdocs: add github workflow

* docs: update documents

* fix links

* chore(ci): use ORG_GITHUB_TOKEN

* chore(mkdocs): use mike

* chore(ci): support dev

* chore(ci): documentation test

Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs: add plugins

* chore: remove stale workflow

* refactor: fix lint issues

Co-authored-by: Huang Huang <mozillazg101@gmail.com>
Co-authored-by: aprp <doelaudi@gmail.com>
 2021-03-10 21:44:08 +02:00
Teppei Fukuda
fcb9a93d05 fix: allow the latest tag (#864) 
* fix: allow the latest tag

* docs: update README
 2021-02-25 16:23:11 +02:00
Teppei Fukuda
425eaf8a2a feat: disable analyzers (#846) 
* feat: pass disabled analyzers

* refactor(run): split into functions

* feat(run): pass disabled analyzers

* chore(mod): update fanal

* chore(mod): update fanal

* refactor
 2021-02-24 11:02:24 +02:00
Teppei Fukuda
c9f22f4e55 feat(java): support jar/war/ear (#837) 
* refactor(server): remove Detect endpoint

* refactor(library): do not use interface

* refactor: add dbtest package

* test: add bolt fixtures

* feat: support jar scanning

* refactor: rename node to npm

* refactor: fix lint issues

* test(maven): remove some tests

* chore(mod): update fanal

* docs: update README

* chore(mod): update trivy-db

* fix(library/drive): add ecosystem

* fix: do not display 0 vulnerabilities

* refactor(table): split method

* Update README.md (#838)

* fix(app): increase the default value of timeout (#842)

* feat(maven): use go-mvn-version

* test(maven): update tests

* fix(scan): skip files and dirs before vulnerability detection

* fix: display log messages only once per type

* docs(README): add file suffixes

* chore(mod): update go-mvn-version

* feat(log): set go-dep-parser logger

* chore(mod): update fanal

* docs: update README

* docs(README): add java source

* test(maven): fix invalid case
 2021-02-14 18:19:42 +02:00
Teppei Fukuda
3047c524d9 fix(app): increase the default value of timeout (#842) 2021-02-14 08:15:53 +02:00
Christian Zunker
1f17e71dce Parse redis backend url (#804) 
As suggested by the go-redis client, parse the url to get the config.
This will fix problems, when the url contains a username and/or password.

Fixes #798

Signed-off-by: Christian Zunker <christian.zunker@codecentric.cloud>
 2021-01-21 09:08:53 +02:00
Robert Jacob
e2c483f856 Remove global flags from filesystem command (#772) 
* Remove global flags from subcommands

If the global flags are added to the subcommand as well as being used
globally, their value will be overwritten when the arguments for the
subcommand are parsed. This leads to the value passed to the flag at the
global position being lost.

* Update readme
 2021-01-05 12:49:39 +02:00
Christian Zunker
8de09ddf37 Fix formatting of log message (#785) 
Signed-off-by: Christian Zunker <christian.zunker@codecentric.cloud>
 2020-12-25 16:26:23 +02:00
Teppei Fukuda
7b86f81e29 feat(cache): support Redis (#770) 
* feat(config): add --cache-backend

* feat(operation): embed cache.Cache into operation.Cache

* feat(cache): support redis://

* test(integration): add redis test

* chore(README): add --cache-backend

* chore(mod): update

* chore: add disclaimer
 2020-12-21 08:26:19 +02:00
Huang Huang
ca6f196001 Skip downloading DB if a remote DB is not updated (#717) 
* Skip downloading DB if a remote DB is not updated

* Apply suggestions from code review

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* update github.com/aquasecurity/trivy-db version

* fix lint

* Use UTC datetime

* display DownloadedAt info in debug log

* refactor(db): merge isLatestDB into isNewDB

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-10-26 09:07:30 +02:00
rahul2393
793a1aa3c8 Add linter check support (#679) 
* add linter supports

* add only minor version

* use latest version

* Fix println with format issue

* Fix test

* Fix tests

* For slice with unknown length, preallocating the array

* fix code-coverage

* Removed linter rules

* Reverting linter fixes, adding TODO for later

* Ignore linter error for import

* Remove another err var.

* Ignore shadow error

* Fixes

* Fix issue

* Add back goimports local-prefixes

* Update local prefixes

* Removed extra spaces and merge the imports

* more refactoring

* Update photon.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-10-20 15:20:04 +03:00
Teppei Fukuda
188e108d7c fix(cli): show help for subcommands (#629) 2020-09-21 14:03:25 +03:00
Huang Huang
7d7842f2f3 Add --skip-update option to fs and repo subcommand (#641) 2020-09-18 14:49:47 -07:00
Masahiro331
095b5ce97c fix(cli): show help when no argument is passed (#628) 
* Fix subcommands help

* refactor: call ShowAppHelpAndExit

* refactor: remove an unused error

* test: remove exit cases

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-09-08 17:32:20 +03:00
Teppei Fukuda
5e308da81a feat(cli): add --skip-files option (#624) 
* feat(cli): add --skip-files

* test(integration): add --skip-files and --skip-dirs

* chore(docs): update README

* chore(docs): correct a grammar mistake
 2020-09-08 15:04:56 +03:00
Teppei Fukuda
96af6dc499 feat: add --skip-directories option (#595) 
* feat: add --skip-directories option

* chore(README): update

* refactor: rename skip-directories to skip-dirs

* Update internal/app.go

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>

* refactor: add some context in the warning message

* chore(README): update

Co-authored-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-08-12 14:03:12 +03:00
Carol Valencia
8ca484f538 fix: remove error using no options (#539) 
* fix: remove error using no options

* chore: return error in Init

* chore: return custom error ErrNoTarget

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/config/artifact.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* Update internal/artifact/image.go

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* chore - remove error using no options

* fix(config): typo

* test(config): change the log level

* test(config): revert removed tests

Co-authored-by: Carol <krol3@users.noreply.github.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-08-09 10:39:27 +03:00
rahul2393
88aaffa957 Added support of list-all-packages (#574) 
* Added support of list-all-packages

* updated Readme

* Added library packages and fixed import name

* updated env var name

* Sorting packages in scan
 2020-07-29 22:11:38 +03:00
Moch. Lutfi
469c0b41df fix: only show severity total from filter flags (#559) 
* Add filter table output by severity flags

* Simplify filter output

* Fix unit test

* add filter unique severities

* remove wrong comment

* Remove utils and update logic

* chore(mod): tidy

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-07-29 10:54:51 +03:00
rahul2393
d6b37cb87e Fix --timeout flag (#569) 
* Wrapped scan call inside context timeout

* timeout has default value
 2020-07-22 21:33:30 +03:00
Teppei Fukuda
9c6f077818 feat(report): support OPA to filter vulnerabilities (#562) 
* feat(cli): add --filter option

* feat(opa): support OPA

* test(opa): add a test case with OPA

* test: update a mock

* chore(mod): update dependencies

* chore(filter): add example Rego files

* chore(README): update

* chore(rego): apply opa fmt

* refactor: replace filter with policy

* chore(policy): update rego files

* fix(vulnerability): evaluate each vulnerability

* chore(README): update

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* chore(README): update a TOC link

* fix: replace allow with ignore

* chore(README): update

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2020-07-22 21:10:44 +03:00
Simarpreet Singh
2ac672a663 Use StoreMetadata from trivy-db (#509) 
* db_test: Remove cruft

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Add StoreMetadata from trivy-db.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update trivy-db dependency

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Bump trivy-db version

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Eliminate metadata.Store

Signed-off-by: Simarpreet Singh <simar@linux.com>

* db: Add a TODO to move things into trivy-db repo

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-06-22 14:29:38 -07:00
Teppei Fukuda
9629303a0f fix(config): transpose arguments (#516) 2020-06-08 15:47:20 +03:00
Teppei Fukuda
020c4a3b14 fix(app): add ArgsUsage (#508) 2020-06-02 21:28:14 +03:00
Teppei Fukuda
2f2d1a908b feat: support repository and filesystem scan (#503) 
* refactor: embed config

* refactor: replace image and layer with artifact and blob

* feat(config): add ArtifactConfig

* fix(scanner): use Artifact

* test(scanner): update mocks

* feat: add repo and fs subcommands

* chore(mod): update

* refactor: fix warn message

* feat(cli): add --no-progress to repo and fs

* mod: Update fanal dependency

Signed-off-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-05-30 19:46:12 +03:00
Teppei Fukuda
1218e111ef refactor: define common options and embed them into the option for subcommand (#502) 
* refactor: embed config

* config_test: Add some missing cases for custom headers

Signed-off-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-05-29 22:09:30 +03:00
Simarpreet Singh
78b7529172 Add image subcommand (#493) 
* config_test: Add missing assertions for TestNew

Signed-off-by: Simarpreet Singh <simar@linux.com>

* integration: Add integration tests for image subcommand.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* refactor: bump up urfave/cli to v2.0

* refactor: apply DIY to image flags

* refactor: reorder sub commands

* feat: set hidden to global image options

* test(integration): insert --cache-dir before sub command

* README: update readme to reflect new usage

Signed-off-by: Simarpreet Singh <simar@linux.com>

* chore(README): add image subcommand

* fix(flags): define aliases according to urfave/cli v2.0 style

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-05-25 12:06:15 +03:00
Teppei Fukuda
e2bcb44687 fix: remove help template (#500) 2020-05-25 11:28:29 +03:00
Teppei Fukuda
aa20adb22b chore: bump up urfave/cli to v2 (#499) 2020-05-18 14:43:06 +03:00
Teppei Fukuda
09442d65f2 chore(ci): move integration tests to GitHub Actions (#485) 
* fix(standalone): add defer to close databases

* test(client/server): launch a server only once

* test(docker_engine): remove the duplicated case

* test(docker_engine): copy a database only once

* test(standalone): copy a database only once

* test(server): fix tests according to updated mock

* chore(mod): update

* chore(ci): add integration tests to GitHub Actions

* chore(ci): bump up Go to 1.14

* chore(ci): remove integration tests from CircleCI

* chore(ci): add name

* chore(ci): add new lines
 2020-05-05 11:14:28 +03:00