gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,339 Commits 29 Branches 177 Tags
9aabfd2a91e7278384bce7ccc6841a1d2851feb0
Commit Graph

3339 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
DmitriyLewen
735335f08f fix(sbom): attach nested packages to Application (#8144) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-12-24 07:28:35 +00:00
DmitriyLewen
9fd5cc5c00 docs(vex): use debian minor version in examples (#8166) 2024-12-24 06:41:30 +00:00
Teppei Fukuda
b5859d3fb5 refactor: add generic Set implementation (#8149) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-12-24 04:47:21 +00:00
dependabot[bot]
e6d0ba5cc9 chore(deps): bump the aws group across 1 directory with 6 updates (#8163) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-23 16:44:06 +00:00
Nikita Pivkin
a034d26443 fix(python): skip dev group's deps for poetry (#8106) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-23 06:20:15 +00:00
DmitriyLewen
7558df7c22 fix(sbom): use root package for unknown dependencies (if exists) (#8104) 2024-12-23 06:14:57 +00:00
DmitriyLewen
30c7cb1371 chore(deps): bump golang.org/x/net from v0.32.0 to v0.33.0 (#8140) 2024-12-20 06:44:54 +00:00
Teppei Fukuda
95f7a564e5 chore(vex): suppress CVE-2024-45338 (#8137) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-12-20 06:44:12 +00:00
Nikita Pivkin
c4a4a5fa97 feat(python): add support for uv (#8080) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-19 05:59:30 +00:00
dependabot[bot]
49f354085f chore(deps): bump the docker group across 1 directory with 3 updates (#8127) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-18 17:42:15 +00:00
dependabot[bot]
dcf28a1001 chore(deps): bump the common group across 1 directory with 14 updates (#8126) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-18 12:26:41 +00:00
Nikita Pivkin
e79e73d636 chore: bump go to 1.23.4 (#8123) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-18 09:49:47 +00:00
Nikita Pivkin
17827db6a9 test: set dummy value for NUGET_PACKAGES (#8107) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-16 13:00:10 +00:00
DmitriyLewen
f0b3a99bf2 chore(deps): bump github.com/CycloneDX/cyclonedx-go from v0.9.1 to v0.9.2 (#8105) 2024-12-16 11:09:33 +00:00
dependabot[bot]
e7507f0d34 chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#8103) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-16 11:08:02 +00:00
Itay Shakury
2200f3846d fix: wasm module test (#8099) 2024-12-16 10:58:38 +00:00
jdesouza
d7ac286085 fix: CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088) 2024-12-16 05:58:04 +00:00
Teppei Fukuda
328db73838 chore(vex): suppress CVE-2024-45337 (#8101) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-12-16 04:59:20 +00:00
DmitriyLewen
f5e429179d fix(license): always trim leading and trailing spaces for licenses (#8095) 2024-12-13 08:00:01 +00:00
Fabrizio Sestito
f9fceb58bf fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635) 
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-12-11 16:39:06 +00:00
DmitriyLewen
4202c4ba0d fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063) 2024-12-10 07:22:30 +00:00
Matthieu MOREL
156a2aa4c4 fix: enable err-error and errorf rules from perfsprint linter (#7859) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2024-12-10 07:03:43 +00:00
dependabot[bot]
e8b31bf003 chore(deps): bump the aws group across 1 directory with 6 updates (#8074) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-09 12:33:57 +00:00
Pierre Guilleminot
9bd6ed73e5 perf: avoid heap allocation in applier findPackage (#7883) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-12-09 12:28:09 +00:00
Sarthak Kumar Shailendra
2c41ac83a9 fix: Updated twitter icon (#7772) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-12-09 12:23:44 +00:00
afdesk
11dbf54884 docs(k8s): add a note about multi-container pods (#7815) 2024-12-09 12:12:47 +00:00
Teppei Fukuda
da17dc7278 feat: add --distro flag to manually specify OS distribution for vulnerability scanning (#8070) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-12-09 11:46:49 +00:00
DmitriyLewen
90f1d8d78a fix(oracle): add architectures support for advisories (#4809) 2024-12-09 11:43:40 +00:00
DmitriyLewen
51f2123c5c fix: handle BLOW_UNKNOWN error to download DBs (#8060) 2024-12-06 07:33:58 +00:00
Nikita Pivkin
ffe24e18dc feat(misconf): generate placeholders for random provider resources (#8051) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-06 02:06:26 +00:00
DmitriyLewen
fd07074e80 fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052) 2024-12-05 11:36:04 +00:00
DmitriyLewen
5e68bdc9d0 fix(flag): skip hidden flags for --generate-default-config command (#8046) 2024-12-05 11:22:50 +00:00
DmitriyLewen
9d9f80d979 fix(java): correctly overwrite version from depManagement if dependency uses project.* props (#8050) 2024-12-05 07:57:31 +00:00
Teppei Fukuda
73899610e8 feat(nodejs): respect peer dependencies for dependency tree (#7989) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-12-05 07:57:12 +00:00
Aqua Security automated builds
1feb81cfff ci(helm): bump Trivy version to 0.58.0 for Trivy Helm Chart 0.10.0 (#8038) 
Co-authored-by: GitHub Actions <actions@github.com>
 2024-12-05 05:08:21 +00:00
Teppei Fukuda
21b68e1818 fix: respect GITHUB_TOKEN to download artifacts from GHCR (#7580) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-12-04 08:02:26 +00:00
dependabot[bot]
71391a5850 chore(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 in the docker group (#8029) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-04 06:23:55 +00:00
Nikita Pivkin
07b2d7fbd7 fix(misconf): use log instead of fmt for logging (#8033) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-04 04:00:27 +00:00
Itay Shakury
775f954c3d docs: add commercial content (#8030) 2024-12-03 20:24:56 +00:00
Aqua Security automated builds
cd01f23031 release: v0.58.0 [main] (#7874) v0.58.0 2024-12-03 19:05:56 +00:00
Nikita Pivkin
54130dcc1d fix(misconf): wrap AWS EnvVar to iac types (#7407) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-12-02 23:25:42 +00:00
simar7
a16270c3cc chore(deps): Upgrade trivy-checks (#8018) 2024-11-30 06:42:09 +00:00
simar7
511b7d3b50 refactor(misconf): Remove unused options (#7896) 
Signed-off-by: Simar <simar@linux.com>
 2024-11-29 08:59:58 +00:00
Teppei Fukuda
eaf8d412e9 docs: add terminology page to explain Trivy concepts (#7996) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2024-11-29 08:15:24 +00:00
DmitriyLewen
d622ca2b1f feat: add workspaceRelationship (#7889) 2024-11-29 04:49:41 +00:00
Teppei Fukuda
06279924ca refactor(sbom): simplify relationship generation (#7985) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-11-28 10:51:04 +00:00
Nikita Pivkin
c238c515b8 chore: remove Go checks (#7907) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2024-11-27 18:57:09 +00:00
Itay Shakury
745be1aca6 docs: improve databases documentation (#7732) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: wkoot <3715211+wkoot@users.noreply.github.com>
 2024-11-27 17:37:17 +00:00
Nikita Pivkin
f5bdc790ee refactor: remove support for custom Terraform checks (#7901) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2024-11-27 02:14:09 +00:00
Teppei Fukuda
ad0ff5daca docs: fix dead links (#7998) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-11-26 19:19:54 +00:00