admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,899 Commits 28 Branches 179 Tags
51f5412ba7de6bdf160ffe8df803f602cb28a503
Commit Graph

3899 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
DmitriyLewen
51f5412ba7 test: migrate private test helpers to export_test.go convention (#10043) 2026-01-14 09:32:42 +00:00
dependabot[bot]
c3373b16c8 chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.6.2 (#10048) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-14 09:03:21 +00:00
DmitriyLewen
cdb28eeeb1 fix(secret): improve word boundary detection for Hugging Face tokens (#10046) 2026-01-14 07:32:29 +00:00
DmitriyLewen
3c0ab97e10 fix(go): use ldflags version for all pseudo-versions (#10037) 2026-01-13 10:45:18 +00:00
Nikita Pivkin
f0e23ead66 chore: switch to ID from AVDID in internal and user-facing fields (#9655) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2026-01-13 07:58:01 +00:00
Nikita Pivkin
6462dc8a58 refactor(misconf)!: use ID instead of AVDID for providers mapping (#9752) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2026-01-13 07:57:18 +00:00
Teppei Fukuda
4e06c3df5b fix: move enum into items for array-type fields in JSON Schema (#10039) 2026-01-13 07:50:07 +00:00
DmitriyLewen
c5b8fef197 docs: fix incorrect documentation URLs (#10038) 2026-01-13 06:31:59 +00:00
Teppei Fukuda
07ff7885df feat(sbom): exclude PEP 770 SBOMs in .dist-info/sboms/ (#10033) 2026-01-12 11:08:05 +00:00
Andre Oganesian
7f71b577a0 fix(docker): fix non-det scan results for images with embedded SBOM (#9866) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2026-01-12 10:10:07 +00:00
dependabot[bot]
60eb3f0a2f chore(deps): bump the github-actions group with 11 updates (#10001) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-05 11:02:40 +00:00
Christian Dupuis
08a3f92ab6 test: fix assertion after 2026 roll over (#10002) 2026-01-05 06:51:30 +00:00
amitbhardwaj
b46cde0ebe fix(vuln): skip vulns detection for CentOS Stream family without scan failure (#9964) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-29 07:27:06 +00:00
DmitriyLewen
11dd3fac38 fix(license): normalize licenses for PostAnalyzers (#9941) 2025-12-29 06:27:04 +00:00
DmitriyLewen
b64d5adc6b feat(nodejs): parse licenses from package-lock.json file (#9983) 2025-12-29 05:57:06 +00:00
Nikita Pivkin
43d4e5597b chore: update reference links to Go Wiki (#9987) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-26 09:35:37 +00:00
Teppei Fukuda
93915dc97a refactor: add xslices.Map and replace lo.Map usages (#9984) 2025-12-26 08:07:03 +00:00
Pierre Guilleminot
18acf4f71d fix(image): race condition in image artifact inspection (#9966) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-25 05:53:23 +00:00
Teppei Fukuda
4caf7312b6 feat(flag): add JSON Schema for trivy.yaml configuration file (#9971) 2025-12-23 09:05:17 +00:00
Teppei Fukuda
517365caa3 refactor(debian): use txtar format for test data (#9957) 2025-12-23 06:55:13 +00:00
DmitriyLewen
7a6594c745 chore(deps): bump golang.org/x/tools to v0.40.0 + gopls to v0.21.0 (#9973) 2025-12-22 12:20:10 +00:00
urimils
d3096e7617 feat(rootio): Update trivy db to support usage of Severity from root.io feed (#9930) 
Co-authored-by: urimils <urimils@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-22 11:45:49 +00:00
Teppei Fukuda
74819bf457 feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932) 2025-12-22 10:56:30 +00:00
DmitriyLewen
56f93a1bcf docs: add info that --file-pattern flag doesn't disable default behaviuor (#9961) 2025-12-22 08:55:26 +00:00
Ankit Pramanik
10a50a7429 perf(misconf): optimize string concatenation in azure scanner (#9969) 2025-12-22 05:37:36 +00:00
Owen Rumney
75c4dc0f45 chore: add client option to install script (#9962) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-12-19 09:49:08 +00:00
Aqua Security automated builds
87772521b6 ci(helm): bump Trivy version to 0.68.2 for Trivy Helm Chart 0.20.1 (#9956) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-12-17 07:13:29 +00:00
dependabot[bot]
5eda0a4e85 chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (#9952) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-17 06:07:48 +00:00
Igor Adulyan
718ec29ec6 docs: update binary signature verification for sigstore bundles (#9929) 2025-12-12 06:56:26 +00:00
DmitriyLewen
d528250a1d chore(deps): bump alpine from 3.22.1 to 3.23.0 (#9935) 2025-12-12 06:55:39 +00:00
DmitriyLewen
f50b96a815 chore(alpine): add EOL date for alpine 3.23 (#9934) 2025-12-12 06:55:09 +00:00
Nikita Pivkin
d65b504cb2 feat(cloudformation): add support for Fn::ForEach (#9508) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-11 18:53:03 +00:00
DmitriyLewen
1a901e5c75 ci: enable check-latest for setup-go (#9931) 2025-12-11 08:17:40 +00:00
Teppei Fukuda
effc1c0d4d feat(debian): detect third-party packages using maintainer list (#9917) 2025-12-11 05:18:31 +00:00
DmitriyLewen
335cc993fa fix(vex): add CVE-2025-66564 as not_affected into Trivy VEX file (#9924) 2025-12-10 12:16:31 +00:00
Kélian Saint-Bonnet
879e4fca12 feat(helm): add sslCertDir parameter (#9697) 2025-12-09 23:15:31 +00:00
Nikita Pivkin
18ecf75176 fix(misconf): respect .yml files when Helm charts are detected (#9912) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-09 23:07:39 +00:00
Teppei Fukuda
56b59e8abb feat(php): add support for dev dependencies in Composer (#9910) 2025-12-09 12:40:05 +00:00
dependabot[bot]
f58826fb2a chore(deps): bump the common group across 1 directory with 9 updates (#9903) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 05:35:08 +00:00
dependabot[bot]
39273f34cc chore(deps): bump github.com/docker/cli from 29.0.3+incompatible to 29.1.1+incompatible in the docker group (#9859) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-12-08 10:25:32 +00:00
Thomas Hille
9db123ccf8 fix: remove trailing tab in statefulset template (#9889) 2025-12-08 06:17:59 +00:00
Matt Bauman
c2f82add3a feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-05 10:15:16 +00:00
Nikita Pivkin
9275e1532b feat(misconf): initial ansible scanning support (#9332) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2025-12-05 06:20:37 +00:00
yagreut
48dfedeb1e feat(misconf): Update Azure Database schema (#9811) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-05 05:28:25 +00:00
Aqua Security automated builds
75171128a4 ci(helm): bump Trivy version to 0.68.1 for Trivy Helm Chart 0.20.0 (#9869) 
Co-authored-by: GitHub Actions <actions@github.com>
 2025-12-04 01:06:08 +00:00
Owen Rumney
32f3df11a2 chore: update the install script (#9874) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2025-12-03 17:12:33 +00:00
Aqua Security automated builds
96290ae3fb release: v0.68.1 [main] (#9867) v0.68.1 2025-12-03 08:50:26 +00:00
DmitriyLewen
c7accc85c6 fix: update cosing settings for GoReleaser after bumping cosing to v3 (#9863) 2025-12-03 08:22:41 +00:00
dependabot[bot]
b5032789f9 chore(deps): bump the testcontainers group with 2 updates (#9506) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-03 07:16:52 +00:00
Aqua Security automated builds
e0fa76d732 release: v0.68.0 [main] (#9549) v0.68.0 2025-12-02 06:48:31 +00:00