gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,170 Commits 29 Branches 177 Tags
c0d79fa09e645f3a3dbff878e393b8631fb17b64
Commit Graph

10 Commits

Author SHA1 Message Date
Aaron Goldenthal
c0d79fa09e feat(report): update gitlab template to populate operating_system value (#7735) 2024-10-24 07:24:02 +00:00
DmitriyLewen
1870f28461 fix(report): don't include empty strings in .vulnerabilities[].identifiers[].url when gitlab.tpl is used (#6348) 2024-03-24 09:44:40 +00:00
Dirk Klimpel
eb9741954c fix(report): update Gitlab template (#5721) 2023-12-07 11:13:43 +00:00
Alex Samorukov
2580ea1583 Fix url validaton failures (#2783) 
While analyzing failure of the report schema validation i found URL looks like that: `https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)`. This causing gitlab to mark report as invalid. Patch provided just using first word of the url word.
 2022-08-30 15:57:40 +03:00
thiago-gitlab
5a65548662 fix(vuln): GitLab report template (#2578) 
* fix(vuln): GitLab report template

- Upgrade to schema 14.0.6 (https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/v14.0.6/dist/container-scanning-report-format.json).
- Drop unsupported `confidence` property. Currently optional and will be removed by GitLab in schema 15-0-0.

* docs(vuln): remove note about broken GitLab integration
 2022-07-26 15:51:20 +03:00
Teppei Fukuda
4d1894327e feat(vulnerability): add primary URLs (#752) 
* refactor(vulnerability): rename a method

* feat(vulnerability): add primary url

* fix(templates): add primary links

* feat(writer): add url

* refactor(convert): remove an unnecessary function

* feat(rpc): add primary_url

* test(integration): update golden files
 2020-11-26 06:06:26 +02:00
Manuel Rüger
34a95c1556 contrib/gitlab.tpl: Add new id field (#468) 
* contrib/gitlab.tpl: Add new id field

https://docs.gitlab.com/ee/user/application_security/container_scanning/#reports-json-format

vulnerabilities[].id	Unique identifier of the vulnerability.
vulnerabilities[].cve	(DEPRECATED - use vulnerabilities[].id instead) A fingerprint string value that represents a concrete occurrence of the vulnerability. It’s used to determine whether two vulnerability occurrences are same or different. May not be 100% accurate. This is NOT a CVE.

Signed-off-by: Manuel Rüger <manuel@rueg.eu>

* Update integration test for Gitlab

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-04-30 20:22:14 +03:00
Takuya N
80bbe47774 fix(gitlab): fix json generation on loop (#409) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-02-18 14:32:56 +02:00
Takuya N
f7db00c1eb Modify template for GitLab Container Scanning (#387) 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
 2020-01-26 10:04:27 +02:00
Manuel Rüger
63a8c6d26b Integrate with Gitlab Container Scanning (#367) 
This PR integrates trivy with Gitlab Container Scanning and provides a
similar report. It adds the required template to the release tarball for easy
consumption.

https://docs.gitlab.com/ee/user/application_security/container_scanning/
https://gitlab.com/gitlab-org/gitlab/issues/11947
 2020-01-14 11:46:14 +02:00