admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,884 Commits 28 Branches 179 Tags
43d4e5597b8ea044f230ea05a5be954b669c8dad
Commit Graph

3884 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikita Pivkin
43d4e5597b chore: update reference links to Go Wiki (#9987) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-26 09:35:37 +00:00
Teppei Fukuda
93915dc97a refactor: add xslices.Map and replace lo.Map usages (#9984) 2025-12-26 08:07:03 +00:00
Pierre Guilleminot
18acf4f71d fix(image): race condition in image artifact inspection (#9966) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-25 05:53:23 +00:00
Teppei Fukuda
4caf7312b6 feat(flag): add JSON Schema for trivy.yaml configuration file (#9971) 2025-12-23 09:05:17 +00:00
Teppei Fukuda
517365caa3 refactor(debian): use txtar format for test data (#9957) 2025-12-23 06:55:13 +00:00
DmitriyLewen
7a6594c745 chore(deps): bump golang.org/x/tools to v0.40.0 + gopls to v0.21.0 (#9973) 2025-12-22 12:20:10 +00:00
urimils
d3096e7617 feat(rootio): Update trivy db to support usage of Severity from root.io feed (#9930) 
Co-authored-by: urimils <urimils@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-22 11:45:49 +00:00
Teppei Fukuda
74819bf457 feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932) 2025-12-22 10:56:30 +00:00
DmitriyLewen
56f93a1bcf docs: add info that --file-pattern flag doesn't disable default behaviuor (#9961) 2025-12-22 08:55:26 +00:00
Ankit Pramanik
10a50a7429 perf(misconf): optimize string concatenation in azure scanner (#9969) 2025-12-22 05:37:36 +00:00
Owen Rumney
75c4dc0f45 chore: add client option to install script (#9962) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-12-19 09:49:08 +00:00
Aqua Security automated builds
87772521b6 ci(helm): bump Trivy version to 0.68.2 for Trivy Helm Chart 0.20.1 (#9956) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-12-17 07:13:29 +00:00
dependabot[bot]
5eda0a4e85 chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (#9952) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-17 06:07:48 +00:00
Igor Adulyan
718ec29ec6 docs: update binary signature verification for sigstore bundles (#9929) 2025-12-12 06:56:26 +00:00
DmitriyLewen
d528250a1d chore(deps): bump alpine from 3.22.1 to 3.23.0 (#9935) 2025-12-12 06:55:39 +00:00
DmitriyLewen
f50b96a815 chore(alpine): add EOL date for alpine 3.23 (#9934) 2025-12-12 06:55:09 +00:00
Nikita Pivkin
d65b504cb2 feat(cloudformation): add support for Fn::ForEach (#9508) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-11 18:53:03 +00:00
DmitriyLewen
1a901e5c75 ci: enable check-latest for setup-go (#9931) 2025-12-11 08:17:40 +00:00
Teppei Fukuda
effc1c0d4d feat(debian): detect third-party packages using maintainer list (#9917) 2025-12-11 05:18:31 +00:00
DmitriyLewen
335cc993fa fix(vex): add CVE-2025-66564 as not_affected into Trivy VEX file (#9924) 2025-12-10 12:16:31 +00:00
Kélian Saint-Bonnet
879e4fca12 feat(helm): add sslCertDir parameter (#9697) 2025-12-09 23:15:31 +00:00
Nikita Pivkin
18ecf75176 fix(misconf): respect .yml files when Helm charts are detected (#9912) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-09 23:07:39 +00:00
Teppei Fukuda
56b59e8abb feat(php): add support for dev dependencies in Composer (#9910) 2025-12-09 12:40:05 +00:00
dependabot[bot]
f58826fb2a chore(deps): bump the common group across 1 directory with 9 updates (#9903) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 05:35:08 +00:00
dependabot[bot]
39273f34cc chore(deps): bump github.com/docker/cli from 29.0.3+incompatible to 29.1.1+incompatible in the docker group (#9859) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-12-08 10:25:32 +00:00
Thomas Hille
9db123ccf8 fix: remove trailing tab in statefulset template (#9889) 2025-12-08 06:17:59 +00:00
Matt Bauman
c2f82add3a feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-05 10:15:16 +00:00
Nikita Pivkin
9275e1532b feat(misconf): initial ansible scanning support (#9332) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2025-12-05 06:20:37 +00:00
yagreut
48dfedeb1e feat(misconf): Update Azure Database schema (#9811) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-05 05:28:25 +00:00
Aqua Security automated builds
75171128a4 ci(helm): bump Trivy version to 0.68.1 for Trivy Helm Chart 0.20.0 (#9869) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-12-04 01:06:08 +00:00
Owen Rumney
32f3df11a2 chore: update the install script (#9874) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2025-12-03 17:12:33 +00:00
Aqua Security automated builds
96290ae3fb release: v0.68.1 [main] (#9867) v0.68.1 2025-12-03 08:50:26 +00:00
DmitriyLewen
c7accc85c6 fix: update cosing settings for GoReleaser after bumping cosing to v3 (#9863) 2025-12-03 08:22:41 +00:00
dependabot[bot]
b5032789f9 chore(deps): bump the testcontainers group with 2 updates (#9506) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-03 07:16:52 +00:00
Aqua Security automated builds
e0fa76d732 release: v0.68.0 [main] (#9549) v0.68.0 2025-12-02 06:48:31 +00:00
fischaz
e74e2b1b0a feat(aws): Add support for dualstack ECR endpoints (#9862) 2025-12-02 06:17:16 +00:00
DmitriyLewen
c274f5b986 fix(vex): use a separate visited set for each DFS path (#9760) 2025-12-01 08:02:39 +00:00
Owen Rumney
15a5465ad3 docs: catch some missed docs -> guide (#9850) 2025-11-27 10:57:12 +00:00
Nikita Pivkin
51de2bd136 refactor(misconf): parse azure_policy_enabled to addonprofile.azurepolicy.enabled (#9851) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-27 04:25:09 +00:00
Owen Rumney
96e7083337 chore(cli): Remove Trivy Cloud (#9847) 2025-11-26 09:14:41 +00:00
Nikita Pivkin
7aca80151c fix(misconf): ensure value used as ignore marker is non-null and known (#9835) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-26 06:28:38 +00:00
Nikita Pivkin
7b2b4d4b45 fix(misconf): map healthcheck start period flag to --start-period instead of --startPeriod (#9837) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-26 05:38:14 +00:00
dependabot[bot]
f5bbb0b91a chore(deps): bump the docker group with 3 updates (#9776) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-25 08:05:28 +00:00
dependabot[bot]
e13d970a19 chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#9827) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-25 08:01:10 +00:00
dependabot[bot]
8967622a86 chore(deps): bump the common group across 1 directory with 20 updates (#9840) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-11-25 07:08:16 +00:00
Thomas Grininger
e1f3f28ae4 feat(image): add Sigstore bundle SBOM support (#9516) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-11-25 06:10:06 +00:00
dependabot[bot]
8876b46162 chore(deps): bump the aws group with 7 updates (#9691) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-25 06:04:39 +00:00
afdesk
5f9b695170 test(k8s): update k8s integrtion test (#9725) 2025-11-24 16:39:22 +00:00
dependabot[bot]
3169ebf018 chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 (#9764) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-21 17:20:00 +00:00
Teppei Fukuda
d8eaaeb611 feat(sbom): add support for SPDX attestations (#9829) 2025-11-21 08:44:54 +00:00