Revisions of trivy
Dominique Leuenberger (dimstar_suse)
accepted
request 1062489
from
Dirk Mueller (dirkmueller)
(revision 42)
- Update to version 0.37.1: * fix(sbom): download the Java DB when generating SBOM (#3539) * fix: use cgo free sqlite driver (#3521) * ci: fix path to dist folder (#3527)
Dominique Leuenberger (dimstar_suse)
accepted
request 1062442
from
Dirk Mueller (dirkmueller)
(revision 41)
- Update to version 0.37.0: * fix(image): close layers (#3517) * refactor: db client changed (#3515) * feat(java): use trivy-java-db to get GAV (#3484) * docs: add note about the limitation in Rekor (#3494) * docs: aggregate targets (#3503) * deps: updates wazero to 1.0.0-pre.8 (#3510) * docs: add alma 9 and rocky 9 to supported os (#3513) * chore(deps): bump defsec to v0.82.9 (#3512) * chore: add missing target labels (#3504) * docs: add java vulnerability page (#3429) * feat(image): add support for Docker CIS Benchmark (#3496) * feat(image): secret scanning on container image config (#3495) * chore(deps): Upgrade defsec to v0.82.8 (#3488) * feat(image): scan misconfigurations in image config (#3437) * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489) * feat(k8s): add node info resource (#3482) * perf(secret): optimize secret scanning memory usage (#3453) * feat: support aliases in CLI flag, env and config (#3481) * fix(k8s): migrate rbac k8s (#3459) * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480) * refactor: rename security-checks to scanners (#3467) * chore: display the troubleshooting URL for the DB denial error (#3474) * docs: yaml tabs to spaces, auto create namespace (#3469) * docs: adding show-and-tell template to GH discussions (#3391) * fix: Fix a temporary file leak in case of error (#3465) * fix(test): sort cyclonedx components (#3468) * docs: fixing spelling mistakes (#3462) * ci: set paths triggering VM tests in PR (#3438) * docs: typo in --skip-files (#3454)
Dominique Leuenberger (dimstar_suse)
accepted
request 1056176
from
Dirk Mueller (dirkmueller)
(revision 40)
- Update to version 0.36.1: * fix(deps): fix errors on yarn.lock files that contain local file reference (#3384) * feat(flag): early fail when the format is invalid (#3370) * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366) * docs(aws): fix broken links (#3374) * chore(deps): bump actions/stale from 6 to 7 (#3360) * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359) * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974) * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358) * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173) * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357) * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367) * chore(go): updates wazero to v1.0.0-pre.7 (#3355) * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362) * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)
Dominique Leuenberger (dimstar_suse)
accepted
request 1046089
from
Dirk Mueller (dirkmueller)
(revision 39)
- Update to version 0.36.0: * docs: improve compliance docs (#3340) * feat(deps): add yarn lock dependency tree (#3348) * fix: compliance change id and title naming (#3349) * feat: add support for mix.lock files for elixir language (#3328) * feat: add k8s cis bench (#3315) * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322) * revert: cache merged layers (#3334) * feat(cyclonedx): add recommendation (#3336) * feat(ubuntu): added support ubuntu ESM versions (#1893) * fix: change logic to build relative paths for skip-dirs and skip-files (#3331) * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265) * feat: Adding support for Windows testing (#3037) * feat: add support for Alpine 3.17 (#3319) * docs: change PodFile.lock to Podfile.lock (#3318) * fix(sbom): support for the detection of old CycloneDX predicate type (#3316) * feat(secret): Use .trivyignore for filtering secret scanning result (#3312) * chore(go): remove experimental FS API usage in Wasm (#3299) * ci: add workflow to add issues to roadmap project (#3292) * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275) * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250) * feat(sbom): better support for third-party SBOMs (#3262) * docs: add information about languages with support for dependency locations (#3306) * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284) * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251) * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255) * docs: remove comparisons (#3289) * feat: add support for Wolfi Linux (#3215) * ci: add go.mod to canary workflow (#3288) * feat(python): skip dev dependencies (#3282)
Dominique Leuenberger (dimstar_suse)
accepted
request 1038587
from
Dirk Mueller (dirkmueller)
(revision 38)
Dominique Leuenberger (dimstar_suse)
accepted
request 1034128
from
Dirk Mueller (dirkmueller)
(revision 37)
Dominique Leuenberger (dimstar_suse)
accepted
request 1031258
from
Dirk Mueller (dirkmueller)
(revision 36)
Richard Brown (RBrownFactory)
accepted
request 1006699
from
Dirk Mueller (dirkmueller)
(revision 35)
- Update to version 0.32.1: * fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943) * chore: expat lib and go binary deps vulns (#2940) * wasm: Removes accidentally exported memory (#2950) * fix(sbom): fix package name separation for gradle (#2906) * docs(readme.md): fix broken integrations link (#2931) * fix(image): handle images with single layer in rescan mergedLayers cache (#2927) * fix(cli): split env values with ',' for slice flags (#2926) * fix(cli): config/helm: also take into account files with `.yml` (#2928) * fix(flag): add file-patterns flag for config subcommand (#2925) * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)
Dominique Leuenberger (dimstar_suse)
accepted
request 1004582
from
Dirk Mueller (dirkmueller)
(revision 34)
- Update to version 0.32.0: * docs: add Rekor SBOM attestation scanning (#2893) * chore: narrow the owner scope (#2894) * fix: remove a patch number from the recommendation link (#2891) * fix: enable parsing of UUID-only rekor entry ID (#2887) * docs(sbom): add SPDX scanning (#2885) * docs: restructure docs and add tutorials (#2883) * feat(sbom): scan sbom attestation in the rekor record (#2699) * feat(k8s): support outdated-api (#2877) * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815) * fix(c): support revisions in Conan parser (#2878) * feat: dynamic links support for scan results (#2838) * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818) * docs: update archlinux commands (#2876) * feat(secret): add line from dockerfile where secret was added to secret result (#2780) * feat(sbom): Add unmarshal for spdx (#2868) * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827) * fix: revert asff arn and add documentation (#2852) * docs: batch-import-findings limit (#2851) * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872) * feat(sbom): Add marshal for spdx (#2867) * build: checkout before setting up Go (#2873) * chore: bump Go to 1.19 (#2861) * docs: azure doc and trivy (#2869) * fix: Scan tarr'd dependencies (#2857) * chore(helm): helm test with ingress (#2630) * feat(report): add secrets to sarif format (#2820) * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807) * refactor: add a new interface for initializing analyzers (#2835) * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)
Dominique Leuenberger (dimstar_suse)
accepted
request 1001263
from
Dirk Mueller (dirkmueller)
(revision 33)
- Update to version 0.31.3: * fix: handle empty OS family (#2768) * fix: fix k8s summary report (#2777) * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767) * chore: bump trivy-kubernetes (#2770) * fix(secret): Consider secrets in rpc calls (#2753) * fix(java): check depManagement from upper pom's (#2747) * fix(php): skip `composer.lock` inside `vendor` folder (#2718) * fix: fix k8s rbac filter (#2765) * feat(misconf): skipping misconfigurations by AVD ID (#2743) * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741) * docs: add MacPorts install instructions (#2727) * docs: typo (#2730)
Richard Brown (RBrownFactory)
accepted
request 997437
from
Dirk Mueller (dirkmueller)
(revision 32)
- Update to version 0.31.2: * fix: Correctly handle recoverable AWS scanning errors (#2726) * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721) - Update to version 0.31.1: * fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)
Dominique Leuenberger (dimstar_suse)
accepted
request 997334
from
Dirk Mueller (dirkmueller)
(revision 31)
- Update to version 0.31.0: * fix(flag): add error when there are no supported security checks (#2713) * fix(vuln): continue scanning when no vuln found in the first application (#2712) * revert: add new classes for vulnerabilities (#2701) * feat(secret): detect secrets removed or overwritten in upper layer (#2611) * fix(cli): secret scanning perf link fix (#2607) * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650) * feat: Add AWS Cloud scanning (#2493) * docs: specify the type when verifying an attestation (#2697) * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690) * fix(rpc): scanResponse rpc conversion for custom resources (#2692) * feat(rust): Add support for cargo-auditable (#2675) * feat: Support passing value overrides for configuration checks (#2679) * feat(sbom): add support for scanning a sbom attestation (#2652) * chore(image): skip symlinks and hardlinks from tar scan (#2634) * fix(report): Update junit.tpl (#2677) * fix(cyclonedx): add nil check to metadata.component (#2673) * docs(secret): fix missing and broken links (#2674) * refactor(cyclonedx): implement json.Unmarshaler (#2662) * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643) * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642) * feat(kubernetes): add option to specify kubeconfig file path (#2576) * docs: follow Debian's "instructions to connect to a third-party repository" (#2511) * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644) * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645) * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647) * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646) * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641) * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640) * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)
Dominique Leuenberger (dimstar_suse)
accepted
request 987818
from
Dirk Mueller (dirkmueller)
(revision 27)
- Update to version 0.29.2: * chore: skip Visual Studio Code project folder (#2379) * fix(helm): handle charts with templated names (#2374) * docs: redirect operator docs to trivy-operator repo (#2372) * fix(secret): use secret result when determining Failed status (#2370) * try removing libdb-dev * run integration tests in fanal * use same testing images in fanal * feat(helm): add support for trivy dbRepository (#2345) * fix: Fix failing test due to deref lint issue * test: Fix broken test * fix: Fix makefile when no previous named ref is visible in a shallow clone * chore: Fix linting issues in fanal * refactor: Fix fanal import paths and remove dotfiles * chore: bump defsec version v0.68.1
Dominique Leuenberger (dimstar_suse)
accepted
request 984654
from
Dirk Mueller (dirkmueller)
(revision 26)
Dominique Leuenberger (dimstar_suse)
accepted
request 978633
from
Dirk Mueller (dirkmueller)
(revision 25)
- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946): * fix: remove Highlighted from json output (#2131) * fix: remove trivy-kubernetes replace (#2132) * docs: Add Operator docs under Kubernetes section (#2111) * fix(k8s): security-checks panic (#2127) * ci: added k8s scope (#2130) * docs: Update misconfig output in examples (#2128) * fix(misconf): Fix coloured output in Goland terminal (#2126) * docs(secret): Fix default value of --security-checks in docs (#2107) * refactor(report): move colorize function from trivy-db (#2122) * feat: k8s resource scanning (#2118) * chore: add CODEOWNERS (#2121) * feat(image): add `--server` option for remote scans (#1871) * refactor: k8s (#2116) * refactor: export useful APIs (#2108) * docs: fix k8s doc (#2114) * feat(kubernetes): Add report flag for summary (#2112) * fix: Remove problematic advanced rego policies (#2113) * feat(misconf): Add special output format for misconfigurations (#2100) * feat: add k8s subcommand (#2065) * chore: fix make lint version (#2102) * fix(java): handle relative pom modules (#2101) * fix(misconf): Add missing links for non-rego misconfig results (#2094) * feat(misconf): Added fs.FS based scanning via latest defsec (#2084) * chore(deps): bump trivy-issue-action to v0.0.4 (#2091) * chore(deps): bump github.com/twitchtv/twirp (#2077) * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074) * chore(os): updated fanal version and alpine distroless test (#2086) * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075) * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)
Dominique Leuenberger (dimstar_suse)
accepted
request 973909
from
Richard Brown (RBrownSUSE)
(revision 24)
Dominique Leuenberger (dimstar_suse)
accepted
request 972935
from
Dirk Mueller (dirkmueller)
(revision 23)
Displaying revisions 21 - 40 of 62
