aquasecurity-trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00

Author	SHA1	Message	Date
Andre Oganesian	7f71b577a0	fix(docker): fix non-det scan results for images with embedded SBOM (#9866 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2026-01-12 10:10:07 +00:00
amitbhardwaj	6d562a3b48	feat(sbom): added support for CoreOS (#9448 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-09-22 06:46:45 +00:00
Daniel Wachter	c2dde33c3f	feat(minimos): Add support for MinimOS (#8792 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-05-29 11:21:22 +00:00
Ori	c7b8cc392e	feat(echo): Add Echo Support (#8833 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2025-05-29 10:33:29 +00:00
Ashwani Kumar Kamal	7ca656d54b	feat(nodejs): add a bun.lock analyzer (#8897 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2025-05-28 07:14:54 +00:00
David du Colombier	07ef63b483	feat: add Bottlerocket OS package analyzer (#8653 )	2025-05-23 07:50:59 +00:00
Teppei Fukuda	c80310d769	refactor: rename scanner to service (#8584 )	2025-03-23 23:47:03 +00:00
Matthieu MOREL	715575d731	chore: use require.ErrorContains when possible (#8291 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-01-27 06:47:29 +00:00
Nikita Pivkin	c4a4a5fa97	feat(python): add support for uv (#8080 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-12-19 05:59:30 +00:00
Rutam Prita Mishra	e872ec006c	fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-10-31 06:03:22 +00:00
Marcus Meissner	efdb68d3b9	feat(suse): added SUSE Linux Enterprise Micro support (#7294 ) Signed-off-by: Marcus Meissner <meissner@suse.de> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-09-29 18:23:34 +00:00
Nikita Pivkin	59c154144e	refactor: replace ftypes.Gradle with packageurl.TypeGradle (#7323 ) Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>	2024-08-09 06:13:30 +00:00
Tom Fay	5cbc452a09	feat(mariner): Add support for Azure Linux (#7186 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2024-07-22 06:58:53 +00:00
DmitriyLewen	edc556b85e	feat(php): add installed.json file support (#4865 )	2024-06-28 07:04:07 +00:00
Michael Stringer	f18d035ae1	feat(java): add support for sbt projects using sbt-dependency-lock (#6882 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-06-19 08:46:22 +00:00
DmitriyLewen	2d85a003b2	fix(purl): add missed os types (#6955 )	2024-06-19 07:06:31 +00:00
Matthieu MOREL	e86bacbd6d	ci(deps): fix gocritic in ".*_test.go$" (#6763 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-24 09:03:26 +00:00
Matthieu MOREL	bbaf5952bc	ci(deps): enable `require-error` rule from `testifylint` linter (#6718 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-20 07:12:43 +00:00
Octogonapus	fecafb1fc5	feat: Add Julia language analyzer support (#5635 )	2024-05-15 02:56:48 +00:00
DmitriyLewen	e3bef02018	feat: add support `environment.yaml` files (#6569 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2024-04-29 10:33:53 +00:00
DmitriyLewen	e32215c99d	feat(go): parse main module of go binary files (#6530 ) Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2024-04-22 11:58:44 +00:00
Teppei Fukuda	8fcef352b3	refactor(sbom): add intermediate representation for BOM (#6240 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-03-12 06:56:10 +00:00
chenk	cf0f0d00c2	feat(k8s): rancher rke2 version support (#5988 ) Signed-off-by: chenk <hen.keinan@gmail.com>	2024-02-22 04:35:47 +00:00
Teppei Fukuda	d0c81e23c4	feat(vex): add PURL matching for CSAF VEX (#5890 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-01-10 06:37:19 +00:00
Juan Ariza Toledano	1f0d6290c3	feat(vuln): include pkg identifier on detected vulnerabilities (#5439 ) Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-12-27 07:54:56 +00:00
DmitriyLewen	f25e2df1c0	refactor(purl): use `pub` from `package-url` (#5784 )	2023-12-13 12:07:31 +00:00
yuriShafet	16b757d180	feat: Packagesprops support (#5605 ) Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-11-28 01:23:47 +00:00
DmitriyLewen	772d1d08f8	fix(sbom): Use UUID as BomRef for packages with empty purl (#5448 )	2023-11-06 03:29:13 +00:00
Teppei Fukuda	cbbd1ce1f0	feat(k8s): add support for vulnerability detection (#5268 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Signed-off-by: chenk <hen.keinan@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: chenk <hen.keinan@gmail.com>	2023-10-14 12:32:55 +00:00
Teppei Fukuda	3be5e6b242	chore: enable go-critic (#5302 ) * chore: enable gocritic Signed-off-by: knqyf263 <knqyf263@gmail.com> * refactor: fix lint issues Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: return true for latest versions Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore(lint): enforce map and slice styles Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-10-02 08:33:21 +00:00
DmitriyLewen	faf8d49c49	refactor(purl): use TypeApk from purl (#5232 ) * use TypeApk from purl * refactor: some tweaks Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-09-26 08:55:23 +00:00
Teppei Fukuda	44656f2853	refactor: use defined types (#5225 ) * refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-09-22 10:44:39 +00:00
Javier Freire Riobó	37af529947	fix(purl): skip local Go packages (#5190 ) * fix(purl): trim a final slash * fix(purl): skip local Go packages * fix(purl): a few improvements	2023-09-20 14:19:21 +00:00
Paternity Leave	daae88287b	fix(purl): handle rust types (#5186 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-09-15 20:58:10 +00:00
Juan Ariza Toledano	7acc5e8312	feat(docker): add support for scanning Bitnami components (#5062 ) * feat(bitnami): add support for scanning Bitnami components Signed-off-by: juan131 <jariza@vmware.com> * chore(deps): bump packageurl-go TypeBitnami is not included in v0.1.1 * feat(spdx): handle orphan packages * fix: update Elastic SPDX Signed-off-by: juan131 <jariza@vmware.com> * Update pkg/fanal/analyzer/sbom/sbom.go Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> * fix: remove useless else Signed-off-by: juan131 <jariza@vmware.com> * call AnalysisResult.Sort() Signed-off-by: knqyf263 <knqyf263@gmail.com> * delete app packages Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: set the component path to packages Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add a comment about continue Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump trivy-db Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add Bitnami Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2023-08-31 20:18:05 +00:00
DmitriyLewen	9c211d005d	feat(swift): add vulns for cocoapods (#5037 ) * add vulns for cocoapods, fix purl * update docs * remove go-dep-parser replace * update purl and test * bump github.com/DmitriyLewen/trivy-db * remove replace for trivy-db * remove added sbom tests * add test for Package() func * add wrong epoch test * refactor docs * add comment to join the module and submodule in purl * docs: add an example --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-08-29 12:46:49 +00:00
Teppei Fukuda	a4e981b4ec	docs: add coverage (#4954 ) * docs: add coverage * add more pages * add dart, dotnet, elixir languages. * add C, ruby, cocoapods. Update links * rename headers for dart and elixir * docs: add Google Distroless and Photon OS * docs: add IaC * docs: put vulnerability into a single page * fixed broken links * docs: add coverage overview * update some links * add note about arch for Rocky linux * docs: fix typo * fix typo * docs: add footnotes * docs: add a link to coverage in the license section * docs: add a conversion table * docs: get aligned --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-08-17 08:00:34 +00:00
Teppei Fukuda	9ef01133c8	feat: add SBOM analyzer (#4210 ) Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-06-02 09:34:07 +03:00
DmitriyLewen	1ee05189f0	refactor(purl): use epoch in qualifier (#3913 )	2023-03-28 13:26:56 +03:00
Matthieu Maitre	b88bccae6e	feat(python): Include Conda packages in SBOMs (#3379 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-01-10 16:11:17 +02:00
DmitriyLewen	fbd8a13d54	feat: add support pubspec.lock files for dart (#3344 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-01-10 13:34:53 +02:00
DmitriyLewen	eaa5bcf7d2	feat: add support for mix.lock files for elixir language (#3328 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-12-29 15:18:51 +02:00
Masahiro331	bbccb4484a	feat(sbom): better support for third-party SBOMs (#3262 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-12-15 16:20:21 +02:00
DmitriyLewen	aea298b3dc	feat: add support for swift cocoapods lock files (#2956 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-12-11 19:15:10 +02:00
Teppei Fukuda	c67fe17b4e	fix(sbom): use proper constants (#3286 )	2022-12-11 15:56:48 +02:00
DmitriyLewen	be78da6c40	fix(sbom): use nuget purl type for dotnet-core (#2990 ) * use nuget prefix for dotnet-core * refactor	2022-10-11 12:23:43 +03:00
DmitriyLewen	6ea9a61cf3	fix(sbom): fix package name separation for gradle (#2906 )	2022-09-28 11:11:23 +03:00
Tom Fay	517d2e0109	feat(rust): Add support for cargo-auditable (#2675 )	2022-08-10 13:43:23 +03:00
Masahiro331	5b821d3b13	feat(sbom): add cyclonedx sbom scan (#2203 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-07-03 20:03:21 +03:00
mycodeself	c36a373def	feat(nodejs): add pnpm support (#2414 ) Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-06-29 13:31:04 +03:00

1 2

54 Commits