admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-07 17:23:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Deployed c4a4a5fa9 to dev with MkDocs 1.6.1 and mike 2.1.3

Browse Source
This commit is contained in:
knqyf263
2024-12-19 06:21:29 +00:00
parent d9096e9827
commit 0c80e6549d
11 changed files with 255 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
dev/docs/coverage/language/python/index.html
View File

@@ -3458,6 +3458,17 @@ You're not viewing the latest version of the documentation.
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#uv" class="md-nav__link">
<span class="md-ellipsis">
uv
</span>
</a>
</li>
</ul>
@@ -7852,6 +7863,17 @@ You're not viewing the latest version of the documentation.
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#uv" class="md-nav__link">
<span class="md-ellipsis">
uv
</span>
</a>
</li>
</ul>
@@ -7954,6 +7976,12 @@ The following scanners are supported for package managers.</p>
<td style="text-align: center;"></td>
<td style="text-align: center;">-</td>
</tr>
<tr>
<td>uv</td>
<td style="text-align: center;"></td>
<td style="text-align: center;"></td>
<td style="text-align: center;">-</td>
</tr>
</tbody>
</table>
<p>In addition, Trivy supports three formats of Python packages: <code>egg</code>, <code>wheel</code> and <code>conda</code>.
@@ -8029,6 +8057,15 @@ The following scanners are supported for Python packages.</p>
<td style="text-align: center;">-</td>
<td style="text-align: center;">Not needed</td>
</tr>
<tr>
<td>uv</td>
<td>uv.lock</td>
<td style="text-align: center;"></td>
<td style="text-align: center;">Exclude</td>
<td style="text-align: center;"></td>
<td style="text-align: center;">-</td>
<td style="text-align: center;">Not needed</td>
</tr>
</tbody>
</table>
<table>
@@ -8121,6 +8158,9 @@ Trivy could detect vulnerabilities on the development packages, which not affect
<p>Trivy uses <code>poetry.lock</code> to identify dependencies and find vulnerabilities.
To build the correct dependency graph, <code>pyproject.toml</code> also needs to be present next to <code>poetry.lock</code>.</p>
<p>License detection is not supported for <code>Poetry</code>.</p>
<h3 id="uv">uv<a class="headerlink" href="#uv" title="Permanent link">&para;</a></h3>
<p>Trivy uses <code>uv.lock</code> to identify dependencies and find vulnerabilities.</p>
<p>License detection is not supported for <code>uv</code>.</p>
<h2 id="packaging">Packaging<a class="headerlink" href="#packaging" title="Permanent link">&para;</a></h2>
<p>Trivy parses the manifest files of installed packages in container image scanning and so on.
See <a href="https://packaging.python.org/en/latest/discussions/package-formats/">here</a> for the detail.</p>