Fix libraly cache directotry (#129 )

Suppress log output when --quiet flag is on (#125 )
* Add --no-progress flag * Disable log output when --quiet flag is enabled
2025-12-21 23:00:42 -08:00 · 2019-08-22 21:47:39 -10:00 · 2019-08-21 17:19:14 -10:00 · 2019-08-21 16:26:04 -10:00 · 2019-08-19 12:33:27 +01:00 · 2019-08-19 12:29:56 +01:00
14 changed files with 95 additions and 24 deletions
--- a/README.md
+++ b/README.md
@@ -1,5 +1,9 @@
+**This repository was transferred from knqyf263/trivy to aquasecurity/trivy.**  
+**If you have previously installed Trivy, please check the [Migration](#Migration) section in case you have any scripts or package managers that need to be updated. We apologise for any inconvenience.**
+
 <img src="imgs/logo.png" width="300">

+
 [![GitHub release](https://img.shields.io/github/release/aquasecurity/trivy.svg)](https://github.com/aquasecurity/trivy/releases/latest)
 [![CircleCI](https://circleci.com/gh/aquasecurity/trivy.svg?style=svg)](https://circleci.com/gh/aquasecurity/trivy)
 [![Go Report Card](https://goreportcard.com/badge/github.com/aquasecurity/trivy)](https://goreportcard.com/report/github.com/aquasecurity/trivy)
@@ -21,7 +25,7 @@ A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
  - [RHEL/CentOS](#rhelcentos)
  - [Debian/Ubuntu](#debianubuntu)
  - [Arch Linux](#arch-linux)
-  - [Mac OS X / Homebrew](#mac-os-x--homebrew)
+  - [Mac OS X / Homebrew](#homebrew)
  - [Binary (Including Windows)](#binary-including-windows)
  - [From source](#from-source)
 - [Quick Start](#quick-start)
@@ -52,6 +56,7 @@ A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
  - [vs Clair](#vs-clair)
  - [vs Anchore Engine](#vs-anchore-engine)
  - [vs Quay, Docker Hub, GCR](#vs-quay-docker-hub-gcr)
+- [Migration](#migration)
 - [Q&A](#qa)
  - [Homebrew](#homebrew)
  - [Others](#others)
@@ -139,9 +144,9 @@ or
 yay -Sy trivy-bin
 ```

-## Mac OS X / Homebrew
+## Homebrew

-You can use homebrew on Mac OS.
+You can use homebrew on macOS.

 ```
 $ brew install aquasecurity/trivy/trivy
@@ -206,20 +211,20 @@ Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 0, CRITICAL: 0)
 Replace [YOUR_CACHE_DIR] with the cache directory on your machine.

 ```
-$ docker run --rm -v [YOUR_CACHE_DIR]:/root/.cache/ aquasecurity/trivy [YOUR_IMAGE_NAME]
+$ docker run --rm -v [YOUR_CACHE_DIR]:/root/.cache/ aquasec/trivy [YOUR_IMAGE_NAME]
 ```

 Example for macOS:

 ```
-$ docker run --rm -v $HOME/Library/Caches:/root/.cache/ aquasecurity/trivy python:3.4-alpine
+$ docker run --rm -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy python:3.4-alpine
 ```

 If you would like to scan the image on your host machine, you need to mount `docker.sock`.

 ```
 $ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-    -v $HOME/Library/Caches:/root/.cache/ aquasecurity/trivy python:3.4-alpine
+    -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy python:3.4-alpine
 ```

 Please re-pull latest `aquasecurity/trivy` if an error occured.
@@ -1320,6 +1325,55 @@ As `Quay` seems to use `Clair` internally, it has the same accuracy than `Clair`

 `Trivy` can be used regardless of the registry. In addition, it is easy to be integrated with CI/CD services.

+# Migration
+
+On 19 August 2019, Trivy's repositories moved from `knqyf263/trivy` to `aquasecurity/trivy`. If you previously installed Trivy you should update any scripts or package manager records as described in this section. 
+
+## Overview
+If you have a script that installs Trivy (for example into your CI pipelines) you should update it to obtain it from the new location by replacing knqyf263/trivy with aquasecurity/trivy.
+
+For example:
+```bash
+# Before
+$ wget https://github.com/knqyf263/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz
+
+# After
+$ wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz
+```
+
+## CentOS/RedHat
+Use https://aquasecurity.github.io instead of https://knqyf263.github.io.
+
+```bash
+$ yum remove trivy
+$ sed -i s/knqyf263/aquasecurity/g /etc/yum.repos.d/trivy.repo
+$ yum update
+$ yum install trivy
+```
+
+## Debian/Ubuntu
+Use https://aquasecurity.github.io instead of https://knqyf263.github.io.
+
+```bash
+$ apt-get remove --purge trivy
+$ sed -i s/knqyf263/aquasecurity/g /etc/apt/sources.list.d/trivy.list
+$ apt-get update
+$ apt-get install trivy
+```
+
+## Homebrew
+Tap aquasecurity/trivy
+
+```bash
+$ brew uninstall --force trivy
+$ brew untap knqyf263/trivy
+$ brew install aquasecurity/trivy
+```
+
+## Binary (Including Windows)
+No need to fix.
+
+
 # Q&A

 ## Homebrew
@@ -1406,4 +1460,4 @@ AGPLv3

 # Author

-Teppei Fukuda (aquasecurity)
+Teppei Fukuda (knqyf263)
--- a/cmd/trivy/main.go
+++ b/cmd/trivy/main.go
@@ -85,6 +85,10 @@ OPTIONS:
 		},
 		cli.BoolFlag{
 			Name:  "quiet, q",
+			Usage: "suppress progress bar and log output",
+		},
+		cli.BoolFlag{
+			Name:  "no-progress",
 			Usage: "suppress progress bar",
 		},
 		cli.BoolFlag{
--- a/pkg/log/logger.go
+++ b/pkg/log/logger.go
@@ -1,6 +1,8 @@
 package log

 import (
+	"os"
+
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 	"golang.org/x/xerrors"
@@ -11,9 +13,9 @@ var (
 	debugOption bool
 )

-func InitLogger(debug bool) (err error) {
+func InitLogger(debug, disable bool) (err error) {
 	debugOption = debug
-	Logger, err = newLogger(debug)
+	Logger, err = newLogger(debug, disable)
 	if err != nil {
 		return xerrors.Errorf("error in new logger: %w", err)
 	}
@@ -21,7 +23,7 @@ func InitLogger(debug bool) (err error) {

 }

-func newLogger(debug bool) (*zap.SugaredLogger, error) {
+func newLogger(debug, disable bool) (*zap.SugaredLogger, error) {
 	level := zap.NewAtomicLevel()
 	if debug {
 		level.SetLevel(zapcore.DebugLevel)
@@ -50,6 +52,10 @@ func newLogger(debug bool) (*zap.SugaredLogger, error) {
 		OutputPaths:      []string{"stdout"},
 		ErrorOutputPaths: []string{"stderr"},
 	}
+	if disable {
+		myConfig.OutputPaths = []string{os.DevNull}
+		myConfig.ErrorOutputPaths = []string{os.DevNull}
+	}
 	logger, err := myConfig.Build()
 	if err != nil {
 		return nil, xerrors.Errorf("failed to build zap config: %w", err)
--- a/pkg/run.go
+++ b/pkg/run.go
@@ -5,7 +5,6 @@ import (
 	"os"
 	"strings"

-	"github.com/genuinetools/reg/registry"
 	"github.com/aquasecurity/fanal/cache"
 	"github.com/aquasecurity/trivy/pkg/db"
 	"github.com/aquasecurity/trivy/pkg/log"
@@ -15,6 +14,7 @@ import (
 	"github.com/aquasecurity/trivy/pkg/utils"
 	"github.com/aquasecurity/trivy/pkg/vulnsrc"
 	"github.com/aquasecurity/trivy/pkg/vulnsrc/vulnerability"
+	"github.com/genuinetools/reg/registry"
 	"github.com/urfave/cli"
 	"golang.org/x/xerrors"
 )
@@ -22,9 +22,11 @@ import (
 func Run(c *cli.Context) (err error) {
 	cliVersion := c.App.Version

-	utils.Quiet = c.Bool("quiet")
+	if c.Bool("quiet") || c.Bool("no-progress") {
+		utils.Quiet = true
+	}
 	debug := c.Bool("debug")
-	if err = log.InitLogger(debug); err != nil {
+	if err = log.InitLogger(debug, c.Bool("quiet")); err != nil {
 		l.Fatal(err)
 	}

--- a/pkg/scanner/library/bundler/advisory.go
+++ b/pkg/scanner/library/bundler/advisory.go
@@ -23,7 +23,7 @@ const (
 )

 var (
-	repoPath = filepath.Join(utils.CacheDir(), "ruby-advisory-db")
+	repoPath string
 )

 type AdvisoryDB map[string][]Advisory
@@ -49,6 +49,7 @@ type Related struct {
 }

 func (s *Scanner) UpdateDB() (err error) {
+	repoPath = filepath.Join(utils.CacheDir(), "ruby-advisory-db")
 	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
 		return xerrors.Errorf("error in %s security DB update: %w", s.Type(), err)
 	}
--- a/pkg/scanner/library/cargo/advisory.go
+++ b/pkg/scanner/library/cargo/advisory.go
@@ -23,7 +23,7 @@ const (
 )

 var (
-	repoPath = filepath.Join(utils.CacheDir(), "rust-advisory-db")
+	repoPath string
 )

 type AdvisoryDB map[string][]Lockfile
@@ -45,6 +45,7 @@ type Advisory struct {
 }

 func (s *Scanner) UpdateDB() (err error) {
+	repoPath = filepath.Join(utils.CacheDir(), "rust-advisory-db")
 	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
 		return xerrors.Errorf("error in %s security DB update: %w", s.Type(), err)
 	}
--- a/pkg/scanner/library/composer/advisory.go
+++ b/pkg/scanner/library/composer/advisory.go
@@ -6,8 +6,8 @@ import (
 	"path/filepath"
 	"strings"

-	"github.com/etcd-io/bbolt"
 	"github.com/aquasecurity/trivy/pkg/db"
+	"github.com/etcd-io/bbolt"
 	"golang.org/x/xerrors"

 	"github.com/aquasecurity/trivy/pkg/utils"
@@ -22,7 +22,7 @@ const (
 )

 var (
-	repoPath = filepath.Join(utils.CacheDir(), "php-security-advisories")
+	repoPath string
 )

 type AdvisoryDB map[string][]Advisory
@@ -40,6 +40,7 @@ type Branch struct {
 }

 func (s *Scanner) UpdateDB() (err error) {
+	repoPath = filepath.Join(utils.CacheDir(), "php-security-advisories")
 	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
 		return err
 	}
--- a/pkg/scanner/library/node/advisory.go
+++ b/pkg/scanner/library/node/advisory.go
@@ -24,7 +24,7 @@ const (
 )

 var (
-	repoPath = filepath.Join(utils.CacheDir(), "nodejs-security-wg")
+	repoPath string
 )

 type AdvisoryDB map[string][]Advisory
@@ -44,6 +44,7 @@ type Advisory struct {
 }

 func (s *Scanner) UpdateDB() (err error) {
+	repoPath = filepath.Join(utils.CacheDir(), "nodejs-security-wg")
 	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
 		return err
 	}
--- a/pkg/scanner/library/python/advisory.go
+++ b/pkg/scanner/library/python/advisory.go
@@ -22,7 +22,7 @@ const (
 )

 var (
-	repoPath = filepath.Join(utils.CacheDir(), "python-safety-db")
+	repoPath string
 )

 type AdvisoryDB map[string][]Advisory
@@ -36,6 +36,7 @@ type Advisory struct {
 }

 func (s *Scanner) UpdateDB() (err error) {
+	repoPath = filepath.Join(utils.CacheDir(), "python-safety-db")
 	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
 		return err
 	}
--- a/pkg/scanner/ospkg/alpine/alpine_test.go
+++ b/pkg/scanner/ospkg/alpine/alpine_test.go
@@ -9,7 +9,7 @@ import (
 )

 func TestMain(m *testing.M) {
-	log.InitLogger(false)
+	log.InitLogger(false, false)
 	os.Exit(m.Run())
 }

--- a/pkg/scanner/ospkg/debian/debian_test.go
+++ b/pkg/scanner/ospkg/debian/debian_test.go
@@ -9,7 +9,7 @@ import (
 )

 func TestMain(m *testing.M) {
-	log.InitLogger(false)
+	log.InitLogger(false, false)
 	os.Exit(m.Run())
 }

--- a/pkg/scanner/ospkg/redhat/redhat_test.go
+++ b/pkg/scanner/ospkg/redhat/redhat_test.go
@@ -9,7 +9,7 @@ import (
 )

 func TestMain(m *testing.M) {
-	log.InitLogger(false)
+	log.InitLogger(false, false)
 	os.Exit(m.Run())
 }

--- a/pkg/scanner/ospkg/ubuntu/ubnutu_test.go
+++ b/pkg/scanner/ospkg/ubuntu/ubnutu_test.go
@@ -9,7 +9,7 @@ import (
 )

 func TestMain(m *testing.M) {
-	log.InitLogger(false)
+	log.InitLogger(false, false)
 	os.Exit(m.Run())
 }

--- a/pkg/utils/utils_test.go
+++ b/pkg/utils/utils_test.go
@@ -31,7 +31,7 @@ func write(t *testing.T, name string, content string) {
 }

 func TestFileWalk(t *testing.T) {
-	if err := log.InitLogger(false); err != nil {
+	if err := log.InitLogger(false, false); err != nil {
 		t.Fatal(err)
 	}
 	td, err := ioutil.TempDir("", "walktest")
Author	SHA1	Message	Date
Masahiro Fujimura	ab8b73e8f8	Fix libraly cache directotry (#129 )	2019-08-22 21:47:39 -10:00
Masato Yamazaki	a77984a381	Suppress log output when --quiet flag is on (#125 ) * Add --no-progress flag * Disable log output when --quiet flag is enabled	2019-08-21 17:19:14 -10:00
skanehira	31a1f5968b	Fix cannot found docker image (#123 )	2019-08-21 16:26:04 -10:00
Liz Rice	4ca73f0406	Merge pull request #120 from aquasecurity/readme_migration Add the migration section on README	2019-08-19 12:33:27 +01:00
Liz Rice	0909f94c20	Clarify migration instructions	2019-08-19 12:29:56 +01:00
Liz Rice	d1c01c1ecc	Small wording change	2019-08-19 12:12:52 +01:00
Liz Rice	f8cdd608e2	Slight wording change	2019-08-19 12:12:13 +01:00
knqyf263	2e4b83b710	Add migration section on README	2019-08-19 00:04:47 -10:00