aquasecurity-trivy

mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-11 03:03:29 +08:00

Author	SHA1	Message	Date
Matthieu MOREL	6562082e28	fix: unused-parameter rule from revive (#8794 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-04-30 09:17:24 +00:00
simar7	b58d42dc97	BREAKING(aws): Deprecate `trivy aws` as subcmd in favour of a plugin (#6819 )	2024-06-20 19:56:46 +00:00
Teppei Fukuda	30bcb95350	refactor: use version-specific URLs for documentation references (#6966 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 10:41:43 +00:00
Teppei Fukuda	983ac15f22	ci: add depguard (#6963 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-06-20 02:48:08 +00:00
Nikita Pivkin	ebb123f37f	chore: replace interface{} with any (#6751 )	2024-05-27 02:53:19 +00:00
Matthieu MOREL	48bdc6e734	ci(deps): fix gci and gofmt in ".*_test.go$" (#6721 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-22 02:55:16 +00:00
Matthieu MOREL	bbaf5952bc	ci(deps): enable `require-error` rule from `testifylint` linter (#6718 ) Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2024-05-20 07:12:43 +00:00
Teppei Fukuda	65b8a40d0d	chore(deps): bump golangci-lint to v1.58.2 (#6719 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-20 06:35:34 +00:00
Teppei Fukuda	6a72dd47ae	refactor: move artifact types under artifact package to avoid import cycles (#6652 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-09 16:18:37 +00:00
Katrin Leinweber	38e2fbf7f9	docs: link warning to both timeout config options (#6620 )	2024-05-06 08:26:37 +00:00
simar7	37da98df45	feat(misconf): Use updated terminology for misconfiguration checks (#6476 ) Signed-off-by: Simar <simar@linux.com>	2024-05-02 18:16:17 +00:00
Teppei Fukuda	f0961d54f6	feat: respect custom exit code from plugin (#6584 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-05-02 05:07:49 +00:00
Nikita Pivkin	12ec0dfe9e	feat(misconf): loading embedded checks as a fallback (#6502 )	2024-04-19 06:22:31 +00:00
Teppei Fukuda	94d6e8ced6	refactor: replace zap with slog (#6466 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>	2024-04-11 18:59:09 +00:00
Jeff Rescignano	f23ed77598	feat(misconf): Support private registries for misconf check bundle (#6327 )	2024-04-01 05:45:58 +00:00
Nikita Pivkin	09e37b7c67	feat(aws): apply filter options to result (#6367 )	2024-03-29 01:12:23 +00:00
Nikita Pivkin	87a9aa60d1	feat(aws): quiet flag support (#6331 )	2024-03-29 01:11:27 +00:00
simar7	14adbb4464	refactor(deps): Merge defsec into trivy (#6109 ) Signed-off-by: Simar <simar@linux.com>	2024-02-16 08:31:32 +00:00
Teppei Fukuda	3c1601b6cb	feat(vuln): show suppressed vulnerabilities in table (#6084 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>	2024-02-13 12:35:06 +00:00
Teppei Fukuda	da597c479c	refactor: propagate time through context values (#5858 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2024-01-03 09:43:45 +00:00
Teppei Fukuda	99c04c4383	feat(report): output plugin (#4863 ) Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-12-04 11:04:43 +00:00
Teppei Fukuda	ae4bcf6a06	fix(report): use time.Time for CreatedAt (#5598 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-11-16 05:42:30 +00:00
simar7	13362233c8	feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550 ) Signed-off-by: Simar <simar@linux.com>	2023-11-16 02:29:38 +00:00
Teppei Fukuda	950e431f0f	refactor: reintroduce output writer (#5564 ) Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-11-14 12:32:23 +00:00
simar7	e7f6a5c805	refactor(misconf): Update refactored dependencies (#5245 ) Signed-off-by: Simar <simar@linux.com>	2023-11-09 02:24:52 +00:00
Teppei Fukuda	3be5e6b242	chore: enable go-critic (#5302 ) * chore: enable gocritic Signed-off-by: knqyf263 <knqyf263@gmail.com> * refactor: fix lint issues Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: return true for latest versions Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore(lint): enforce map and slice styles Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com>	2023-10-02 08:33:21 +00:00
Teppei Fukuda	44656f2853	refactor: use defined types (#5225 ) * refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-09-22 10:44:39 +00:00
Teppei Fukuda	9628b1cbf3	feat: add support for .trivyignore.yaml (#5070 ) * feat: add support for .trivyignore.yaml Signed-off-by: knqyf263 <knqyf263@gmail.com> * add test for trivyignore.yaml * Add doublestar support Signed-off-by: knqyf263 <knqyf263@gmail.com> * go mod tidy Signed-off-by: knqyf263 <knqyf263@gmail.com> * update docs * test: fix Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: load .trivyignore once Signed-off-by: knqyf263 <knqyf263@gmail.com> * feat: add a debug log Signed-off-by: knqyf263 <knqyf263@gmail.com> * docs: add a table for fields Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix: skip empty results Signed-off-by: knqyf263 <knqyf263@gmail.com> * revert the change Signed-off-by: knqyf263 <knqyf263@gmail.com> --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-08-31 11:53:37 +00:00
simar7	07f7e9853b	chore(deps): Update defsec to v0.92.0 (#5068 ) * chore(deps): Update defsec to v0.92.0 * update tests * update integration tests	2023-08-30 20:43:08 +00:00
Nikita Pivkin	e8cf281471	fix(aws): resolve endpoint if endpoint is passed (#4925 ) * fix(aws): resolve endpoint to get identity if endpoint is passed * resolve endpoint for ami and ebs * return an error if aws region is missing	2023-08-08 07:19:40 +00:00
Nikita Pivkin	39ccbf7b58	test(aws): move part of unit tests to integration (#4884 ) * test(aws): move part of unit tests to integration * fix typo * fix test --------- Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-08-02 15:48:52 +00:00
simar7	11618c9408	feat(misconf): Support custom URLs for policy bundle (#4834 ) * feat(misconf): Support custom URLs for policy bundle This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: https://github.com/aquasecurity/trivy/issues/4672 Signed-off-by: Simar <simar@linux.com> * update docs Signed-off-by: Simar <simar@linux.com> * rename flag to `--policy-bundle-repository` Signed-off-by: Simar <simar@linux.com> * fix field * rebase and update docs Signed-off-by: Simar <simar@linux.com> * set policyBundleRepo on client Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com>	2023-07-26 08:45:49 +00:00
Teppei Fukuda	20c2246a61	fix(report): close the file (#4842 ) * fix(report): close the file * refactor: add the format type * fix: return errors in version printing * fix: lint issues * fix: do not fail on bogus cache dir --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>	2023-07-23 13:37:18 +00:00
simar7	a7bd7bb65f	feat(misconf): Add support for independently enabling libraries (#4070 ) * feat(misconf): Add support for independently enabling libraries Implements: https://github.com/aquasecurity/trivy/issues/4181 Signed-off-by: Simar <simar@linux.com> * update tests Signed-off-by: Simar <simar@linux.com> * fix lint Signed-off-by: Simar <simar@linux.com> * fix tests Signed-off-by: Simar <simar@linux.com> * update defsec Signed-off-by: Simar <simar@linux.com> * fix test Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2023-07-23 09:44:59 +00:00
simar7	4bc8d29c15	feat(misconf): Support custom data for rego policies for cloud (#4745 ) * feat(misconf): Support custom data for cloud policies Signed-off-by: Simar <simar@linux.com> * use policyfs Signed-off-by: Simar <simar@linux.com> * refactor to reduce cyclomatic complexity Signed-off-by: Simar <simar@linux.com> * bump defsec * update docs Signed-off-by: Simar <simar@linux.com> * update test assertion Signed-off-by: Simar <simar@linux.com> * update test Need this as OPA is currently broken on Windows https://github.com/open-policy-agent/opa/issues/4521 Signed-off-by: Simar <simar@linux.com> * fix data path * fix(mapfs): convert volume names into dirs * revert creating temp dirs --------- Signed-off-by: Simar <simar@linux.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>	2023-07-17 12:34:20 +00:00
simar7	5d73b47dbc	feat(misconf): Support skipping services (#4686 ) * feat(misconf): Add support for `--skip-service` flag. Fixes: https://github.com/aquasecurity/trivy/issues/4619 Signed-off-by: Simar <simar@linux.com> * update docs Signed-off-by: Simar <simar@linux.com> * update go mod * refactor processOptions to reduce cyclo complexity Signed-off-by: Simar <simar@linux.com> * fix a bug with multiple skip services Signed-off-by: Simar <simar@linux.com> * refactor tests Signed-off-by: Simar <simar@linux.com> * use x/slice and x/xerrors Signed-off-by: Simar <simar@linux.com> * go mod tidy * lint --------- Signed-off-by: Simar <simar@linux.com>	2023-06-26 11:11:59 +00:00
simar7	aecd2f0bf0	feat(aws): Add support to see successes in results (#4427 ) Fixes: https://github.com/aquasecurity/trivy/discussions/4417 Signed-off-by: Simar <simar@linux.com>	2023-06-13 17:36:05 +00:00
Teppei Fukuda	50fe43f14c	feat(cli): convert JSON reports into a different format (#4452 ) Co-authored-by: Aurelien LAJOIE <aurelien.lajoie@kili-technology.com>	2023-05-24 11:45:26 +03:00
guangwu	56a01ec6f7	refactor: code-optimization (#4214 )	2023-05-15 14:48:09 +03:00
DmitriyLewen	27fb1bfdee	test(misconf): skip downloading of policies for tests #4126	2023-04-27 14:25:31 +03:00
Teppei Fukuda	11a5b91a1a	feat(sbom): add VEX support (#4053 )	2023-04-27 10:21:06 +03:00
simar7	33074cfab3	chore(deps): Move compliance types to defsec (#3842 ) Signed-off-by: Simar <simar@linux.com>	2023-03-19 15:46:06 +02:00
Gio Rodriguez	f251dfc5ce	fix(aws): Adding a fix for update-cache flag that is not applied on AWS scans. (#3619 ) * adding a fix for update-cache that was not applied on AWS scans. * removing unneeded code --------- Co-authored-by: Gio Rodriguez <giovanni.rodriguez@aquasec.com>	2023-02-16 22:49:20 +02:00
Teppei Fukuda	cb5af0b33b	feat(image): add support for Docker CIS Benchmark (#3496 ) Co-authored-by: chenk <hen.keinan@gmail.com>	2023-01-31 07:31:59 +02:00
simar7	a1d4427c8b	feat(misconf): Fetch policies from OCI registry (#3015 ) Signed-off-by: Simar <simar@linux.com>	2023-01-15 13:37:04 +02:00
Owen Rumney	5190f9566b	feat: Adding support for Windows testing (#3037 ) Signed-off-by: Owen Rumney <owen.rumney@aquasec.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-12-22 22:54:18 +02:00
simar7	a3eece4fef	feat(misconf): Add compliance check support (#3130 ) Signed-off-by: Simar <simar@linux.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2022-12-07 22:42:59 +02:00
Liam Galvin	b22e37e0c6	chore: Switch github.com/liamg dependencies to github.com/aquasecurity (#3069 )	2022-10-25 11:17:47 +03:00
Liam Galvin	babd7e7526	feat(aws): Custom rego policies for AWS scanning (#2994 )	2022-10-06 12:51:45 +03:00
chavacava	ce4ba7c99c	fix(aws): Less function for slice sorting always returns false #2967 Signed-off-by: Salvador Cavadini <salvadorcavadini+github@gmail.com>	2022-10-02 09:28:27 +03:00

1 2

52 Commits