trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00

Author	SHA1	Message	Date
Matthieu MOREL	715575d731	chore: use require.ErrorContains when possible (#8291 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-01-27 06:47:29 +00:00
Chris Novakovic	f9a6a71927	chore(alpine): add EOL date for Alpine 3.21 (#8221 )	2025-01-09 05:02:15 +00:00
Nikita Pivkin	c4a4a5fa97	feat(python): add support for uv (#8080 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-19 05:59:30 +00:00
DmitriyLewen	4202c4ba0d	fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063 )	2024-12-10 07:22:30 +00:00
DmitriyLewen	90f1d8d78a	fix(oracle): add architectures support for advisories (#4809 )	2024-12-09 11:43:40 +00:00
santhosh1729	461a68afd6	fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871 )	2024-11-21 07:56:05 +00:00
Jose D. Gomez R.	45d3b40044	feat(suse): Align SUSE/OpenSUSE OS Identifiers (#7965 ) Signed-off-by: Jose D. Gomez R <jose.gomez@suse.com>	2024-11-21 06:19:53 +00:00
DmitriyLewen	b9b383eb27	feat(oracle): add `flavors` support (#7858 )	2024-11-20 10:25:30 +00:00
dean	ad3c09e006	feat: add end of life date for Ubuntu 24.10 (#7787 )	2024-10-25 06:02:00 +00:00
Marcus Meissner	efdb68d3b9	feat(suse): added SUSE Linux Enterprise Micro support (#7294 ) Signed-off-by: Marcus Meissner <meissner@suse.de> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-09-29 18:23:34 +00:00
s-reddy1498	dd0a64a1cf	fix(oracle): Update EOL date for Oracle 7 (#7480 )	2024-09-10 15:02:43 +00:00
Tom Fay	5cbc452a09	feat(mariner): Add support for Azure Linux (#7186 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-22 06:58:53 +00:00
Marcus Meissner	17b5dbfa12	feat: add openSUSE tumbleweed detection and scanning (#6965 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-09 04:25:39 +00:00
DmitriyLewen	edc556b85e	feat(php): add installed.json file support (#4865 )	2024-06-28 07:04:07 +00:00
Teppei Fukuda	e493fc931a	refactor: delete db mock (#6940 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 04:51:57 +00:00
Teppei Fukuda	983ac15f22	ci: add depguard (#6963 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 02:48:08 +00:00
Dirk Mueller	5ee4e9d30e	fix(suse): Add SLES 15.6 and Leap 15.6 (#6964 ) Signed-off-by: Dirk Müller <dirk@dmllr.de>	2024-06-19 10:09:25 +00:00
Michael Stringer	f18d035ae1	feat(java): add support for sbt projects using sbt-dependency-lock (#6882 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-06-19 08:46:22 +00:00
DmitriyLewen	e66dbb9357	chore(alpine): add eol date for Alpine 3.20 (#6800 )	2024-05-28 07:44:06 +00:00
Matthieu MOREL	48bdc6e734	ci(deps): fix gci and gofmt in ".*_test.go$" (#6721 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-22 02:55:16 +00:00
Matthieu MOREL	bbaf5952bc	ci(deps): enable `require-error` rule from `testifylint` linter (#6718 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-20 07:12:43 +00:00
Matthieu MOREL	9d26ae88d6	ci(deps): enable testifylint linter on .*_test.go$ (#6688 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-16 04:29:06 +00:00
Octogonapus	fecafb1fc5	feat: Add Julia language analyzer support (#5635 )	2024-05-15 02:56:48 +00:00
DmitriyLewen	4369a19af7	feat: add ubuntu 23.10 and 24.04 support (#6573 )	2024-05-02 06:40:11 +00:00
DmitriyLewen	e3bef02018	feat: add support `environment.yaml` files (#6569 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-04-29 10:33:53 +00:00
Teppei Fukuda	164b025413	fix(vuln): skip empty versions (#6542 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-04-24 06:03:12 +00:00
Teppei Fukuda	94d6e8ced6	refactor: replace zap with slog (#6466 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>	2024-04-11 18:59:09 +00:00
DmitriyLewen	fb8c516ded	fix(amazon): check only major version of AL to find advisories (#6295 )	2024-03-11 08:46:25 +00:00
Devin Trejo	260aa281f4	fix(alpine): Add EOL support for alpine 3.19. (#5938 ) Signed-off-by: Devin Trejo <dtrejo@palantir.com>	2024-01-16 07:59:08 +00:00
Teppei Fukuda	da597c479c	refactor: propagate time through context values (#5858 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-01-03 09:43:45 +00:00
Teppei Fukuda	1607eee77c	refactor: move PkgRef under PkgIdentifier (#5831 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-12-29 06:52:36 +00:00
Juan Ariza Toledano	1f0d6290c3	feat(vuln): include pkg identifier on detected vulnerabilities (#5439 ) Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-12-27 07:54:56 +00:00
Juan Ariza Toledano	abf227e06e	fix(bitnami): use a different comparer for detecting vulnerabilities (#5633 ) Signed-off-by: juan131 <jariza@vmware.com>	2023-12-17 10:27:19 +00:00
Andrea Scarpino	a54d1e95fd	feat(vuln): remove duplicates in Fixed Version (#5596 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-12-04 16:29:14 +00:00
yuriShafet	16b757d180	feat: Packagesprops support (#5605 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-11-28 01:23:47 +00:00
Sylvain Baubeau	7299867c21	chore: remove unused logger attribute in amazon detector (#5476 )	2023-11-02 04:14:54 +00:00
Teppei Fukuda	cbbd1ce1f0	feat(k8s): add support for vulnerability detection (#5268 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Signed-off-by: chenk <hen.keinan@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: chenk <hen.keinan@gmail.com>	2023-10-14 12:32:55 +00:00
Teppei Fukuda	3be5e6b242	chore: enable go-critic (#5302 ) * chore: enable gocritic Signed-off-by: knqyf263 <knqyf263@gmail.com> * refactor: fix lint issues Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: return true for latest versions Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore(lint): enforce map and slice styles Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-10-02 08:33:21 +00:00
Teppei Fukuda	44656f2853	refactor: use defined types (#5225 ) * refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-09-22 10:44:39 +00:00
Juan Ariza Toledano	7acc5e8312	feat(docker): add support for scanning Bitnami components (#5062 ) * feat(bitnami): add support for scanning Bitnami components Signed-off-by: juan131 <jariza@vmware.com> * chore(deps): bump packageurl-go TypeBitnami is not included in v0.1.1 * feat(spdx): handle orphan packages * fix: update Elastic SPDX Signed-off-by: juan131 <jariza@vmware.com> * Update pkg/fanal/analyzer/sbom/sbom.go Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> * fix: remove useless else Signed-off-by: juan131 <jariza@vmware.com> * call AnalysisResult.Sort() Signed-off-by: knqyf263 <knqyf263@gmail.com> * delete app packages Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: set the component path to packages Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add a comment about continue Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump trivy-db Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add Bitnami Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2023-08-31 20:18:05 +00:00
DmitriyLewen	9c211d005d	feat(swift): add vulns for cocoapods (#5037 ) * add vulns for cocoapods, fix purl * update docs * remove go-dep-parser replace * update purl and test * bump github.com/DmitriyLewen/trivy-db * remove replace for trivy-db * remove added sbom tests * add test for Package() func * add wrong epoch test * refactor docs * add comment to join the module and submodule in purl * docs: add an example --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-08-29 12:46:49 +00:00
DmitriyLewen	ef70d20766	feat: add Package.resolved swift files support (#4932 ) * add Package.resolved files analyzer * add Swift detector and integration test * refactor after go-dep-parser changes * bump go-dep-parser * remove replaces * use filePath for Required func * add ID field	2023-08-23 11:23:50 +00:00
Teppei Fukuda	232ba823e1	feat(vuln): support vulnerability status (#4867 ) * feat: support vulnerability status * feat: show status in table * don't add `fixed` status in debian/redhat * update test golden files * add Status in rpc * update docs * update ignore-status example * add ignore-status in integration test * docs: add the explanation for statuses --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-07-26 11:55:03 +00:00
DmitriyLewen	a9badeaba8	fix(rocky): add architectures support for advisories (#4691 ) * add multi-arch support for rocky linux advisories * feat: comply with the new signagure * bump trivy-db * fix tests * chore(deps): remove fork replace --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-07-03 08:48:57 +00:00
Dirk Mueller	798fdbc013	fix(suse): Add openSUSE Leap 15.5 eol date as well (#4744 ) Taken directly from https://en.opensuse.org/Lifetime	2023-07-02 11:22:26 +00:00
Teppei Fukuda	34a89293d5	fix: update Amazon Linux 1 EOL (#4761 )	2023-07-02 11:00:20 +00:00
DmitriyLewen	1777878e83	fix: skip scanning the gpg-pubkey package (#4720 )	2023-06-28 07:06:08 +00:00
Dirk Mueller	337c0b70d5	add SUSE Linux Enterprise Server 15 SP5 and update SP4 eol date (#4690 ) all dates are taken from https://www.suse.com/lifecycle#suse-linux-enterprise-server-15	2023-06-22 07:34:59 +00:00
Chris Novakovic	d7637adc6b	fix(debian): update EOL for Debian 12 (#4647 ) * fix(debian): update EOL for Debian 12 Debian 12 was released on 2023-06-10 and will be supported for five years - see https://www.debian.org/News/2023/20230610. * Update docs	2023-06-16 04:18:55 +00:00
Nikita Pivkin	c20d466044	fix(purl): skip unsupported library type (#4577 )	2023-06-08 08:45:32 +03:00

1 2 3 4

173 Commits