gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,729 Commits 29 Branches 177 Tags
eba48afd583391cef346e45a176aa5a6d77b704f
Commit Graph

3729 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teppei Fukuda
eba48afd58 feat: add documentation URL for database lock errors (#9531) 2025-09-26 08:25:44 +00:00
tom1299
92ebc7e4d7 fix(db): Dowload database when missing but metadata still exists (#9393) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-26 07:35:03 +00:00
Nikita Pivkin
42b3bf37bb feat(cloudformation): support default values and list results in Fn::FindInMap (#9515) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-25 09:24:16 +00:00
Nikita Pivkin
8e40d27a43 fix(misconf): unmark cty values before access (#9495) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-24 20:21:07 +00:00
Teppei Fukuda
7b663d86ca feat(cli): change --list-all-pkgs default to true (#9510) 2025-09-24 10:06:39 +00:00
DmitriyLewen
404abb3d91 fix(nodejs): parse workspaces as objects for package-lock.json files (#9518) 2025-09-24 08:04:23 +00:00
Nikita Pivkin
352855ef64 refactor(fs): use underlyingPath to determine virtual files more reliably (#9302) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-23 14:36:35 +00:00
Teppei Fukuda
d57b1606c9 refactor: remove google/wire dependency and implement manual DI (#9509) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-09-23 13:02:11 +00:00
dependabot[bot]
331cf5d4a4 chore(deps): bump the aws group with 6 updates (#9481) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-23 12:47:01 +00:00
dependabot[bot]
366910bc58 chore(deps): bump the common group across 1 directory with 24 updates (#9507) 
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-23 05:15:47 +00:00
Nikita Pivkin
267a9700fa fix(misconf): wrap legacy ENV values in quotes to preserve spaces (#9497) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-09-22 11:58:47 +00:00
DmitriyLewen
842ebdcb4a docs: move info about detection priority into coverage section (#9469) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-22 11:48:39 +00:00
amitbhardwaj
6d562a3b48 feat(sbom): added support for CoreOS (#9448) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-22 06:46:45 +00:00
Nikita Pivkin
c9388069a4 fix(misconf): strip build metadata suffixes from image history (#9498) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-22 06:46:14 +00:00
Teppei Fukuda
aff03ebab2 feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (#9439) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-20 14:26:53 +00:00
matt-andersen
8b2575bd27 docs: Fix typo in terraform docs (#9492) 2025-09-18 10:59:36 +00:00
Chanho Lee
cb25a07450 feat(redhat): add os-release detection for RHEL-based images (#9458) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-15 10:59:48 +00:00
Teppei Fukuda
8dce58c684 ci(deps): add 3-day cooldown period for Dependabot updates (#9475) 2025-09-15 09:06:44 +00:00
Teppei Fukuda
788f6faffb refactor: migrate from go-json-experiment to encoding/json/v2 (#9422) 
Co-authored-by: knqyf263 <knqyf263@users.noreply.github.com>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-15 08:46:44 +00:00
DmitriyLewen
1ff9ac7948 fix(vuln): compare nuget package names in lower case (#9456) 2025-09-15 07:21:06 +00:00
Owen Rumney
78a70e2cfd chore: Update release flow to include chocolatey (#9460) 2025-09-09 18:11:14 +00:00
Itay Shakury
ea0ff34d38 docs: document eol supportability (#9434) 2025-09-09 17:21:25 +00:00
DmitriyLewen
4a2be6b48c docs(report): add nuanses about secret/license scanner in summary table (#9442) 2025-09-08 08:56:47 +00:00
Teppei Fukuda
4359fe06a0 ci: use environment variables in GitHub Actions for improved security (#9433) 2025-09-05 07:24:31 +00:00
jdesouza
2185c7816a chore: bump Go to 1.24.7 (#9435) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-04 18:04:43 +00:00
amitbhardwaj
4517e8c0ef fix(nodejs): use snapshot string as Package.ID for pnpm packages (#9330) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-09-04 04:52:26 +00:00
Aqua Security automated builds
a70d8e70a8 ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (#9425) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-09-02 18:13:15 +00:00
Aqua Security automated builds
7bcb181268 release: v0.66.0 [main] (#9289) v0.66.0 2025-09-02 16:42:22 +00:00
dependabot[bot]
21258954d2 chore(deps): bump the aws group with 7 updates (#9419) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 07:47:44 +00:00
Nikita Pivkin
29e9ff7e14 refactor(secret): clarify secret scanner messages (#9409) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-09-02 06:03:07 +00:00
DmitriyLewen
46ab76a5af fix(cyclonedx): handle multiple license types (#9378) 2025-09-01 12:10:14 +00:00
DmitriyLewen
1ac9b1f07c fix(repo): sanitize git repo URL before inserting into report metadata (#9391) 2025-09-01 11:09:02 +00:00
Teppei Fukuda
6fa3849c10 test: add HTTP basic authentication to git test server (#9407) 2025-09-01 09:42:41 +00:00
Ivo Šmíd
aa7cf4387c fix(sbom): add support for file component type of CycloneDX (#9372) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-09-01 08:33:46 +00:00
Nikita Pivkin
81d94253c8 fix(misconf): ensure module source is known (#9404) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-30 00:53:23 +00:00
Teppei Fukuda
1d646d6231 ci: migrate GitHub Actions from version tags to SHA pinning (#9405) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-08-29 12:16:27 +00:00
MaineK00n
ce22f54a39 fix: create temp file under composite fs dir (#9387) 2025-08-29 11:02:46 +00:00
dependabot[bot]
db19b34583 chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#9403) 
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-08-29 07:15:43 +00:00
Nikita Pivkin
d1de58a7dc refactor: switch to stable azcontainerregistry SDK package (#9319) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-28 07:26:08 +00:00
dependabot[bot]
102cbeecec chore(deps): bump the common group with 7 updates (#9382) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-28 06:28:46 +00:00
Nikita Pivkin
7278718b3f refactor(misconf): migrate from custom Azure JSON parser (#9222) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-08-27 22:44:02 +00:00
DmitriyLewen
4f2a44ea45 fix(repo): preserve RepoMetadata on FS cache hit (#9389) 2025-08-27 11:08:22 +00:00
cui
9594d63f2b refactor(misconf): use atomic.Int32 (#9385) 2025-08-27 07:18:27 +00:00
dependabot[bot]
8abde2c59a chore(deps): bump the aws group with 6 updates (#9383) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 04:36:09 +00:00
Shadab Ansari
2bbad03f16 docs: Fix broken link to "Built-in Checks" (#9375) 2025-08-26 00:43:12 +00:00
DmitriyLewen
5f067ac15e fix(plugin): don't remove plugins when updating index.yaml file (#9358) 2025-08-25 00:19:27 +00:00
Pueringni3
6e99dd304c fix: persistent flag option typo (#9374) 2025-08-24 23:43:16 +00:00
dependabot[bot]
d1adbe3579 chore(deps): bump the common group across 1 directory with 26 updates (#9347) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-24 23:24:41 +00:00
Manveer Singh
84fbf8674d fix(image): use standardized HTTP client for ECR authentication (#9322) 2025-08-22 05:56:21 +00:00
DmitriyLewen
04abb7871d refactor: export systemFileFiltering Post Handler (#9359) 2025-08-22 04:28:07 +00:00