trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00

Author	SHA1	Message	Date
Aqua Security automated builds	412c690924	fix(misconf): do not log scanners when misconfig scanning is disabled [backport: release/v0.59] (#8349 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>	2025-02-04 11:27:18 +00:00
Aqua Security automated builds	1741fddbe0	fix(python): add `poetry` v2 support [backport: release/v0.59] (#8335 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>	2025-02-03 09:04:49 +00:00
Aqua Security automated builds	3fd8e2785b	fix(sbom): preserve OS packages from multiple SBOMs [backport: release/v0.59] (#8333 ) Co-authored-by: Teppei Fukuda <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-02-03 05:55:46 +00:00
Nikita Pivkin	73bd20d619	feat(image): return error early if total size of layers exceeds limit (#8294 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2025-01-30 08:01:16 +00:00
Steven Masley	87f3751172	chore(terraform): add accessors to underlying raw hcl values (#8306 )	2025-01-30 06:53:07 +00:00
Nikita Pivkin	2e8e38a8c0	fix: improve conversion of image config to Dockerfile (#8308 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-29 11:35:30 +00:00
Nikita Pivkin	0a3887ca03	fix(misconf): handle heredocs in dockerfile instructions (#8284 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-29 01:18:15 +00:00
DmitriyLewen	846498dd23	fix: de-duplicate same `dpkg` packages with different filePaths from different layers (#8298 )	2025-01-28 07:03:33 +00:00
Matthieu MOREL	60491f8a7e	chore: enable int-conversion from perfsprint (#8194 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-01-27 20:38:55 +00:00
Teppei Fukuda	b5062f3ae2	feat(fs): use git commit hash as cache key for clean repositories (#8278 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2025-01-27 08:53:49 +00:00
DmitriyLewen	aec8885bc7	fix(spdx): use the `hasExtractedLicensingInfos` field for licenses that are not listed in the SPDX (#8077 )	2025-01-27 07:28:59 +00:00
Matthieu MOREL	715575d731	chore: use require.ErrorContains when possible (#8291 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-01-27 06:47:29 +00:00
Nikita Pivkin	509e03030c	feat(image): prevent scanning oversized container images (#8178 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2025-01-27 06:38:52 +00:00
DmitriyLewen	cc66d6d00f	chore(deps): use aqua forks for `github.com/liamg/jfather` and `github.com/liamg/iamgo` (#8289 )	2025-01-24 09:07:45 +00:00
Teppei Fukuda	eafd810d7c	fix(fs): fix cache key generation to use UUID (#8275 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2025-01-23 07:34:20 +00:00
Nikita Pivkin	f12054e669	fix(misconf): correctly handle all YAML tags in K8S templates (#8259 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-23 04:20:02 +00:00
DmitriyLewen	4316bcbc5b	feat: add support for registry mirrors (#8244 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2025-01-22 07:46:02 +00:00
Teppei Fukuda	2d30dd7241	refactor(license): improve license expression normalization (#8257 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-01-21 07:26:24 +00:00
Nikita Pivkin	c00232720a	feat(misconf): support for ignoring by inline comments for Dockerfile (#8115 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-20 18:31:41 +00:00
Nikita Pivkin	6d84e0cc0d	feat: add a examples field to check metadata (#8068 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-17 00:01:35 +00:00
DmitriyLewen	ae283985c9	fix(suse): SUSE - update OSType constants and references for compatility (#8236 ) Co-authored-by: thatipelli santhosh <santhosh.thatipelli@aquasec.com>	2025-01-13 12:13:12 +00:00
Nikita Pivkin	243e5a3af9	refactor: use trivy-checks/pkg/specs package (#8226 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-11 03:44:00 +00:00
Nikita Pivkin	23dc3a6753	fix(misconf): allow null values only for tf variables (#8112 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-10 01:52:51 +00:00
Nikita Pivkin	a0429f773b	feat(misconf): support for ignoring by inline comments for Helm (#8138 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-10 01:37:49 +00:00
DmitriyLewen	f352f6b663	fix(redhat): check `usr/share/buildinfo/` dir to detect content sets (#8222 )	2025-01-09 12:45:45 +00:00
Chris Novakovic	f9a6a71927	chore(alpine): add EOL date for Alpine 3.21 (#8221 )	2025-01-09 05:02:15 +00:00
Nikita Pivkin	bbc5a85444	fix(misconf): disable git terminal prompt on tf module load (#8026 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-03 18:51:40 +00:00
Nikita Pivkin	70f3faa4b5	chore: remove aws iam related scripts (#8179 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2025-01-02 21:56:35 +00:00
DmitriyLewen	4f111b9342	refactor(python): use once + debug for `License acquired from METADATA...` logs (#8175 )	2024-12-25 06:17:08 +00:00
Nikita Pivkin	03db7fc1ba	refactor: use slices package instead of custom function (#8172 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-25 05:28:37 +00:00
Nikita Pivkin	49c54b49c6	feat(python): add support for uv dev and optional dependencies (#8134 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-24 13:43:28 +00:00
Nikita Pivkin	774e04d19d	feat(python): add support for poetry dev dependencies (#8152 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-24 12:12:39 +00:00
DmitriyLewen	735335f08f	fix(sbom): attach nested packages to Application (#8144 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-12-24 07:28:35 +00:00
Teppei Fukuda	b5859d3fb5	refactor: add generic Set implementation (#8149 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-12-24 04:47:21 +00:00
Nikita Pivkin	a034d26443	fix(python): skip dev group's deps for poetry (#8106 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-23 06:20:15 +00:00
DmitriyLewen	7558df7c22	fix(sbom): use root package for `unknown` dependencies (if exists) (#8104 )	2024-12-23 06:14:57 +00:00
Nikita Pivkin	c4a4a5fa97	feat(python): add support for uv (#8080 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-19 05:59:30 +00:00
Itay Shakury	2200f3846d	fix: wasm module test (#8099 )	2024-12-16 10:58:38 +00:00
DmitriyLewen	f5e429179d	fix(license): always trim leading and trailing spaces for licenses (#8095 )	2024-12-13 08:00:01 +00:00
Fabrizio Sestito	f9fceb58bf	fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635 ) Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-12-11 16:39:06 +00:00
DmitriyLewen	4202c4ba0d	fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063 )	2024-12-10 07:22:30 +00:00
Matthieu MOREL	156a2aa4c4	fix: enable err-error and errorf rules from perfsprint linter (#7859 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-12-10 07:03:43 +00:00
Pierre Guilleminot	9bd6ed73e5	perf: avoid heap allocation in applier findPackage (#7883 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-12-09 12:28:09 +00:00
Teppei Fukuda	da17dc7278	feat: add `--distro` flag to manually specify OS distribution for vulnerability scanning (#8070 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-12-09 11:46:49 +00:00
DmitriyLewen	90f1d8d78a	fix(oracle): add architectures support for advisories (#4809 )	2024-12-09 11:43:40 +00:00
DmitriyLewen	51f2123c5c	fix: handle `BLOW_UNKNOWN` error to download DBs (#8060 )	2024-12-06 07:33:58 +00:00
Nikita Pivkin	ffe24e18dc	feat(misconf): generate placeholders for random provider resources (#8051 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-06 02:06:26 +00:00
DmitriyLewen	fd07074e80	fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052 )	2024-12-05 11:36:04 +00:00
DmitriyLewen	5e68bdc9d0	fix(flag): skip hidden flags for `--generate-default-config` command (#8046 )	2024-12-05 11:22:50 +00:00
DmitriyLewen	9d9f80d979	fix(java): correctly overwrite version from depManagement if dependency uses `project.*` props (#8050 )	2024-12-05 07:57:31 +00:00

1 2 3 4 5 ...

1448 Commits