admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,899 Commits 28 Branches 179 Tags
51f5412ba7de6bdf160ffe8df803f602cb28a503
Commit Graph

1825 Commits

Author SHA1 Message Date
DmitriyLewen
51f5412ba7 test: migrate private test helpers to export_test.go convention (#10043) 2026-01-14 09:32:42 +00:00
DmitriyLewen
cdb28eeeb1 fix(secret): improve word boundary detection for Hugging Face tokens (#10046) 2026-01-14 07:32:29 +00:00
DmitriyLewen
3c0ab97e10 fix(go): use ldflags version for all pseudo-versions (#10037) 2026-01-13 10:45:18 +00:00
Nikita Pivkin
f0e23ead66 chore: switch to ID from AVDID in internal and user-facing fields (#9655) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2026-01-13 07:58:01 +00:00
Nikita Pivkin
6462dc8a58 refactor(misconf)!: use ID instead of AVDID for providers mapping (#9752) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2026-01-13 07:57:18 +00:00
Teppei Fukuda
07ff7885df feat(sbom): exclude PEP 770 SBOMs in .dist-info/sboms/ (#10033) 2026-01-12 11:08:05 +00:00
Andre Oganesian
7f71b577a0 fix(docker): fix non-det scan results for images with embedded SBOM (#9866) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2026-01-12 10:10:07 +00:00
Christian Dupuis
08a3f92ab6 test: fix assertion after 2026 roll over (#10002) 2026-01-05 06:51:30 +00:00
amitbhardwaj
b46cde0ebe fix(vuln): skip vulns detection for CentOS Stream family without scan failure (#9964) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-29 07:27:06 +00:00
DmitriyLewen
11dd3fac38 fix(license): normalize licenses for PostAnalyzers (#9941) 2025-12-29 06:27:04 +00:00
DmitriyLewen
b64d5adc6b feat(nodejs): parse licenses from package-lock.json file (#9983) 2025-12-29 05:57:06 +00:00
Teppei Fukuda
93915dc97a refactor: add xslices.Map and replace lo.Map usages (#9984) 2025-12-26 08:07:03 +00:00
Pierre Guilleminot
18acf4f71d fix(image): race condition in image artifact inspection (#9966) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-25 05:53:23 +00:00
Teppei Fukuda
4caf7312b6 feat(flag): add JSON Schema for trivy.yaml configuration file (#9971) 2025-12-23 09:05:17 +00:00
Teppei Fukuda
517365caa3 refactor(debian): use txtar format for test data (#9957) 2025-12-23 06:55:13 +00:00
urimils
d3096e7617 feat(rootio): Update trivy db to support usage of Severity from root.io feed (#9930) 
Co-authored-by: urimils <urimils@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-22 11:45:49 +00:00
Teppei Fukuda
74819bf457 feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932) 2025-12-22 10:56:30 +00:00
Ankit Pramanik
10a50a7429 perf(misconf): optimize string concatenation in azure scanner (#9969) 2025-12-22 05:37:36 +00:00
DmitriyLewen
f50b96a815 chore(alpine): add EOL date for alpine 3.23 (#9934) 2025-12-12 06:55:09 +00:00
Nikita Pivkin
d65b504cb2 feat(cloudformation): add support for Fn::ForEach (#9508) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-11 18:53:03 +00:00
Teppei Fukuda
effc1c0d4d feat(debian): detect third-party packages using maintainer list (#9917) 2025-12-11 05:18:31 +00:00
Nikita Pivkin
18ecf75176 fix(misconf): respect .yml files when Helm charts are detected (#9912) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-09 23:07:39 +00:00
Teppei Fukuda
56b59e8abb feat(php): add support for dev dependencies in Composer (#9910) 2025-12-09 12:40:05 +00:00
Matt Bauman
c2f82add3a feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-12-05 10:15:16 +00:00
Nikita Pivkin
9275e1532b feat(misconf): initial ansible scanning support (#9332) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2025-12-05 06:20:37 +00:00
yagreut
48dfedeb1e feat(misconf): Update Azure Database schema (#9811) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-12-05 05:28:25 +00:00
fischaz
e74e2b1b0a feat(aws): Add support for dualstack ECR endpoints (#9862) 2025-12-02 06:17:16 +00:00
DmitriyLewen
c274f5b986 fix(vex): use a separate visited set for each DFS path (#9760) 2025-12-01 08:02:39 +00:00
Owen Rumney
15a5465ad3 docs: catch some missed docs -> guide (#9850) 2025-11-27 10:57:12 +00:00
Nikita Pivkin
51de2bd136 refactor(misconf): parse azure_policy_enabled to addonprofile.azurepolicy.enabled (#9851) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-27 04:25:09 +00:00
Owen Rumney
96e7083337 chore(cli): Remove Trivy Cloud (#9847) 2025-11-26 09:14:41 +00:00
Nikita Pivkin
7aca80151c fix(misconf): ensure value used as ignore marker is non-null and known (#9835) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-26 06:28:38 +00:00
Nikita Pivkin
7b2b4d4b45 fix(misconf): map healthcheck start period flag to --start-period instead of --startPeriod (#9837) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-26 05:38:14 +00:00
Thomas Grininger
e1f3f28ae4 feat(image): add Sigstore bundle SBOM support (#9516) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2025-11-25 06:10:06 +00:00
Teppei Fukuda
d8eaaeb611 feat(sbom): add support for SPDX attestations (#9829) 2025-11-21 08:44:54 +00:00
yagreut
ea2dc586b8 feat(misconf): Update Azure network schema for new checks (#9791) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-11-19 18:57:51 +00:00
yagreut
c6d95d7cd2 feat(misconf): Update AppService schema (#9792) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-11-19 07:21:09 +00:00
Nikita Pivkin
a6ceff7e83 fix(misconf): ensure boolean metadata values are correctly interpreted (#9770) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-19 06:56:10 +00:00
Nikita Pivkin
c8d5ab7690 feat(misconf): support https_traffic_only_enabled in Az storage account (#9784) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-19 02:03:10 +00:00
DmitriyLewen
f64e0daf25 docs(server): fix info about scanning licenses on the client side. (#9805) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2025-11-18 09:50:53 +00:00
Teppei Fukuda
cbad9ca3a8 feat(report): add fingerprint generation for vulnerabilities (#9794) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2025-11-17 07:23:43 +00:00
thekovic
738b2b474a fix: update all documentation links (#9777) 2025-11-13 05:43:20 +00:00
Dirk Mueller
019af7fefd feat(suse): Add new openSUSE, Micro and SLES releases end of life dates (#9788) 2025-11-12 08:36:29 +00:00
DmitriyLewen
3a2a31d45a test(go): set GOPATH for tests (#9785) 2025-11-12 07:44:41 +00:00
DmitriyLewen
6048173266 feat(flag): add --cacert flag (#9781) 2025-11-12 07:03:44 +00:00
Nikita Pivkin
08d51a8e08 fix(misconf): handle unsupported experimental flags in Dockerfile (#9769) 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
 2025-11-11 13:22:34 +00:00
Teppei Fukuda
09ea608a3b test(go): refactor mod_test.go to use txtar format (#9775) 2025-11-11 09:36:47 +00:00
Sebastien Dionne
2c3aca5195 docs: Fix typos and linguistic errors in documentation / hacktoberfest (#9586) 2025-11-11 05:39:44 +00:00
DmitriyLewen
d87d9b97d1 fix(java): use true as default value for Repository Release|Snapshot Enabled in pom.xml and settings.xml files (#9751) 2025-11-10 13:51:56 +00:00
Teppei Fukuda
d70d994d88 feat(db): enable concurrent access to vulnerability database (#9750) 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
 2025-11-06 13:32:06 +00:00