gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 07:40:48 -08:00
Code Issues Packages Projects Releases Wiki Activity
2,568 Commits 29 Branches 177 Tags
bb6caea5cbe83dfdf1812814730dc65aa08ea785
Commit Graph

637 Commits

Author SHA1 Message Date
simar7
189a46a01c chore(deps): Update misconfig deps (#5956) 2024-01-23 06:44:10 +00:00
chenk
2212d14432 fix: handle non-parsable images names (#5965) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-19 08:27:35 +00:00
Nikita Pivkin
ffe2ca7cb5 chore(deps): bump go-ebs-file (#5934) 2024-01-15 10:32:24 +00:00
chenk
a3fac90b47 fix: ignore no init containers (#5939) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-15 06:14:57 +00:00
dependabot[bot]
c8c55fe21e chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.90 to 1.15.11 (#5885) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Simar <simar@linux.com>
 2024-01-11 07:30:40 +00:00
DmitriyLewen
7895657c89 fix(java): don't remove excluded deps from upper pom's (#5838) 2024-01-10 09:39:52 +00:00
DmitriyLewen
37e7e3eabf fix(java): check if a version exists when determining GAV by file name for jar files (#5630) 2024-01-10 07:22:50 +00:00
dependabot[bot]
a626cdf334 chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 17:33:06 +00:00
yusuke-koyoshi
0ebb6c4682 fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888) 2024-01-08 06:06:37 +00:00
Juan Ariza Toledano
c47ed0d816 feat(vex): Add support for CSAF format (#5535) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-06 10:48:39 +00:00
dependabot[bot]
2cdd65dd64 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.26.2 to 1.26.7 (#5880) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 19:38:44 +00:00
dependabot[bot]
c72dfbfbb0 chore(deps): bump github.com/open-policy-agent/opa from 0.58.0 to 0.60.0 (#5853) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 12:31:33 +00:00
dependabot[bot]
682210ac64 chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.28.0 (#5854) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 19:10:54 +00:00
dependabot[bot]
fa2e88360b chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 (#5852) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 09:29:08 +00:00
dependabot[bot]
013df4c6b8 chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#5850) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 05:12:39 +00:00
dependabot[bot]
b1489f3485 chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#5856) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:53:52 +00:00
dependabot[bot]
7f2e4223ff chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:43:57 +00:00
dependabot[bot]
c17b6603db chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-29 05:26:15 +00:00
Nikita Pivkin
4cdff0e573 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from v1.116.0 to v1.134.0 (#5822) 2023-12-26 12:09:43 +00:00
dependabot[bot]
be969d4136 chore(deps): bump github.com/containerd/containerd from 1.7.7 to 1.7.11 (#5809) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-25 06:13:16 +00:00
dependabot[bot]
81748f5ad0 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#5805) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 07:59:21 +00:00
Nikita Pivkin
ba825b2ae1 chore(deps): bump trivy-iac to v0.7.1 (#5797) 2023-12-18 12:31:07 +00:00
Juan Ariza Toledano
abf227e06e fix(bitnami): use a different comparer for detecting vulnerabilities (#5633) 
Signed-off-by: juan131 <jariza@vmware.com>
 2023-12-17 10:27:19 +00:00
dependabot[bot]
6080e245ce chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.25.11 (#5717) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 09:38:17 +00:00
dependabot[bot]
e27ec3261e chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.21.0 to 1.24.1 (#5701) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 08:52:06 +00:00
Teppei Fukuda
99c04c4383 feat(report): output plugin (#4863) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-12-04 11:04:43 +00:00
dependabot[bot]
49e83a6ad2 chore(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 (#5704) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 10:36:06 +00:00
dependabot[bot]
af32cb310a chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.10.1 (#5699) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 10:32:05 +00:00
chenk
256957523a feat: Add flag to configure node-collector image ref (#5710) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2023-12-04 10:25:12 +00:00
dependabot[bot]
c0610097a6 chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.1 to 1.9.0 (#5702) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 09:46:51 +00:00
dependabot[bot]
aedbd85d6e chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.31.0 (#5698) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 03:38:34 +00:00
dependabot[bot]
e018b9c423 chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 (#5706) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 03:37:58 +00:00
Teppei Fukuda
075d8f6286 chore: bump Go to 1.21 (#5662) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2023-11-28 04:01:54 +00:00
simar7
372efc9ec7 chore(deps): Bump up trivy misconf deps (#5656) 2023-11-28 00:47:23 +00:00
DmitriyLewen
ad977a4256 fix(nodejs): support protocols for dependency section in yarn.lock files (#5612) 2023-11-22 01:44:45 +00:00
chenk
d9d7f3f190 chore: bump node-collector v0.0.9 (#5591) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2023-11-16 00:48:56 +00:00
simar7
e3c28f8ee3 feat(misconf): Add support for --cf-params for CFT (#5507) 
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2023-11-15 07:04:22 +00:00
dependabot[bot]
2310f0dd69 chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#5543) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-14 07:50:00 +00:00
DmitriyLewen
cb241a8007 fix(sbom): add FilesAnalyzed and PackageVerificationCode fields for SPDX (#5533) 2023-11-09 09:25:27 +00:00
simar7
e7f6a5c805 refactor(misconf): Update refactored dependencies (#5245) 
Signed-off-by: Simar <simar@linux.com>
 2023-11-09 02:24:52 +00:00
chenk
91fc8dac92 fix: trivy k8s parse ecr image with arn (#5537) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2023-11-09 01:05:45 +00:00
dependabot[bot]
fdb3a15b2d chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.23.2 to 1.25.0 (#5506) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-03 23:58:20 +00:00
dependabot[bot]
d0d956fdc1 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.2.2 to 2.3.0 (#5493) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-11-03 01:38:04 +00:00
dependabot[bot]
474167c47e chore(deps): bump github.com/testcontainers/testcontainers-go/modules/localstack from 0.21.0 to 0.26.0 (#5475) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-11-03 01:36:27 +00:00
dependabot[bot]
b0141cfbaa chore(deps): bump github.com/package-url/packageurl-go from 0.1.2-0.20230812223828-f8bb31c1f10b to 0.1.2 (#5491) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-02 01:52:57 +00:00
dependabot[bot]
6e5927266c chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.17.18 to 1.21.0 (#5497) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-02 01:09:25 +00:00
chenk
f3de7bc3be feat: scan vulns on k8s core component apps (#5418) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2023-11-01 09:31:48 +00:00
DmitriyLewen
e2fb3dd58f fix(java): fix infinite loop when relativePath field points to pom.xml being scanned (#5470) 2023-10-31 01:47:58 +00:00
dependabot[bot]
3e833be7d8 chore(deps): bump github.com/docker/docker from 24.0.5+incompatible to 24.0.7+incompatible (#5472) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 01:46:24 +00:00
dependabot[bot]
57fa701a87 chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.57.1 (#5447) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-26 00:42:55 +00:00