admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,646 Commits 28 Branches 179 Tags
9d0d7ad886b38cd681b53ca7440f5bf97e985bc0
Commit Graph

662 Commits

Author SHA1 Message Date
dependabot[bot]
9d0d7ad886 chore(deps): bump github.com/containerd/containerd from 1.7.12 to 1.7.13 (#6247) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 11:18:00 +00:00
dependabot[bot]
e8230e19d7 chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#6246) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 10:59:18 +00:00
simar7
939e34e37c chore(deps): Upgrade iac deps (#6255) 2024-03-04 09:30:55 +00:00
dependabot[bot]
069aae59ec chore(deps): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 (#6189) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-23 03:17:15 +00:00
chenk
cf0f0d00c2 feat(k8s): rancher rke2 version support (#5988) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-02-22 04:35:47 +00:00
Teppei Fukuda
74dc5b6804 chore(deps): merge go-dep-parser into Trivy (#6094) 
Signed-off-by: Arunprasad Rajkumar <arajkuma@redhat.com>
Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: Masahiro <mur4m4s4.331@gmail.com>
Co-authored-by: Tomoya Amachi <tomoya.amachi@gmail.com>
Co-authored-by: Masahiro <lomycisw@gmail.com>
Co-authored-by: Liz Rice <liz@lizrice.com>
Co-authored-by: Johannes <johannes@jitesoft.com>
Co-authored-by: aprp <doelaudi@gmail.com>
Co-authored-by: rahul2393 <rahulyadavsep92@gmail.com>
Co-authored-by: Arunprasad Rajkumar <ar.arunprasad@gmail.com>
Co-authored-by: Emrecan BATI <emrecanbati@gmail.com>
Co-authored-by: sherif84 <12298259+sherif84@users.noreply.github.com>
Co-authored-by: Sherif Fathalla <sfathall@akamai.com>
Co-authored-by: sherif <sherif.mailbox@gmail.com>
Co-authored-by: Sam Lane <samuel.lane@hotmail.com>
Co-authored-by: Ankush K <akhobragade@gmail.com>
Co-authored-by: Ankush K <akhobragade42@gmail.com>
Co-authored-by: Tauseef <tauseefmlk@gmail.com>
Co-authored-by: Daniel <danfaizer@gmail.com>
Co-authored-by: Matthieu MOREL <mmorel-35@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: afdesk <work@afdesk.com>
Co-authored-by: AndreyLevchenko <levchenko.andrey@gmail.com>
Co-authored-by: Kobus van Schoor <10784365+kobus-v-schoor@users.noreply.github.com>
Co-authored-by: Jan-Otto Kröpke <github@jkroepke.de>
Co-authored-by: jerbob92 <jerbob92@users.noreply.github.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: Shira Cohen <97398476+ShiraCohen33@users.noreply.github.com>
Co-authored-by: astevenson-microsoft <78623826+astevenson-microsoft@users.noreply.github.com>
Co-authored-by: Kyriakos Georgiou <kgeorgiou@users.noreply.github.com>
Co-authored-by: mycodeself <mycodeself@users.noreply.github.com>
Co-authored-by: DavidSalame <75929252+davidsalame1@users.noreply.github.com>
Co-authored-by: Tom Fay <tom@teamfay.co.uk>
Co-authored-by: Tom Fay <tomfay@microsoft.com>
Co-authored-by: François Poirotte <fpoirotte@users.noreply.github.com>
Co-authored-by: Guy Ben-Aharon <baguy3@gmail.com>
Co-authored-by: Catminusminus <37803616+Catminusminus@users.noreply.github.com>
Co-authored-by: Lior Vaisman Argon <97836016+VaismanLior@users.noreply.github.com>
Co-authored-by: Matthieu Maitre <mmaitre@microsoft.com>
Co-authored-by: Andrea Scarpino <andrea@scarpino.dev>
Co-authored-by: MorAlon1 <101275199+MorAlon1@users.noreply.github.com>
Co-authored-by: liorj-orca <96177663+liorj-orca@users.noreply.github.com>
Co-authored-by: Nikita Pivkin <100182843+nikpivkin@users.noreply.github.com>
Co-authored-by: guangwu <guoguangwu@magic-shield.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: yuriShafet <5830215+yuriShafet@users.noreply.github.com>
Co-authored-by: Octogonapus <firey45@gmail.com>
 2024-02-19 11:16:35 +00:00
simar7
14adbb4464 refactor(deps): Merge defsec into trivy (#6109) 
Signed-off-by: Simar <simar@linux.com>
 2024-02-16 08:31:32 +00:00
dependabot[bot]
efe0e0f8f3 chore(deps): bump helm.sh/helm/v3 from 3.14.0 to 3.14.1 (#6142) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 17:24:09 +00:00
simar7
7bd3b630bb refactor(deps): Merge trivy-iac into Trivy (#6005) 2024-02-12 11:01:27 +00:00
DmitriyLewen
535b5a96d9 feat(java): add dependency location support for gradle files (#6083) 2024-02-08 09:43:35 +00:00
dependabot[bot]
428420ee84 chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.11 to 1.15.15 (#6038) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 05:34:28 +00:00
dependabot[bot]
e2bd7f75d5 chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 (#6042) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-06 06:47:02 +00:00
dependabot[bot]
f95fbcb672 chore(deps): bump k8s.io/api from 0.29.0 to 0.29.1 (#6043) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-06 03:37:41 +00:00
dependabot[bot]
fc20dfdd80 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.0 to 1.48.1 (#6041) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-05 03:33:34 +00:00
dependabot[bot]
3bd80e7c28 chore(deps): bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 (#6039) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-05 03:33:05 +00:00
DmitriyLewen
2900a21176 fix: fix cursor usage in Redis Clear function (#6056) 2024-02-02 11:55:50 +00:00
dependabot[bot]
85cb9a7639 chore(deps): bump github.com/go-openapi/runtime from 0.26.0 to 0.27.1 (#6037) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-02 11:52:05 +00:00
DmitriyLewen
4e962c02aa fix(nodejs): add local packages support for pnpm-lock.yaml files (#6034) 2024-02-02 11:19:54 +00:00
dependabot[bot]
8aabbea2d3 chore(deps): bump github.com/go-openapi/strfmt from 0.21.7 to 0.22.0 (#6044) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-02 10:56:39 +00:00
dependabot[bot]
c3a66da9c3 chore(deps): bump github.com/google/go-containerregistry from 0.17.0 to 0.19.0 (#6040) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-01 17:11:52 +00:00
dependabot[bot]
41c0ef642e chore(deps): bump github.com/moby/buildkit from 0.11.6 to 0.12.5 (#6028) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2024-02-01 12:13:26 +00:00
DmitriyLewen
729a0512ab fix(java): recursive check all nested depManagements with import scope for pom.xml files (#5982) 2024-02-01 06:19:17 +00:00
dependabot[bot]
884745b5e5 chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 (#6029) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-01 04:00:55 +00:00
DmitriyLewen
b4b90cfe20 feat(java): add support for line numbers for pom.xml files (#5991) 2024-01-25 07:25:38 +00:00
DmitriyLewen
fb36c4ed09 refactor(sbom): use new metadata.tools struct for CycloneDX (#5981) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-23 13:59:48 +00:00
simar7
189a46a01c chore(deps): Update misconfig deps (#5956) 2024-01-23 06:44:10 +00:00
chenk
2212d14432 fix: handle non-parsable images names (#5965) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-19 08:27:35 +00:00
Nikita Pivkin
ffe2ca7cb5 chore(deps): bump go-ebs-file (#5934) 2024-01-15 10:32:24 +00:00
chenk
a3fac90b47 fix: ignore no init containers (#5939) 
Signed-off-by: chenk <hen.keinan@gmail.com>
 2024-01-15 06:14:57 +00:00
dependabot[bot]
c8c55fe21e chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.90 to 1.15.11 (#5885) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Simar <simar@linux.com>
 2024-01-11 07:30:40 +00:00
DmitriyLewen
7895657c89 fix(java): don't remove excluded deps from upper pom's (#5838) 2024-01-10 09:39:52 +00:00
DmitriyLewen
37e7e3eabf fix(java): check if a version exists when determining GAV by file name for jar files (#5630) 2024-01-10 07:22:50 +00:00
dependabot[bot]
a626cdf334 chore(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#5892) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 17:33:06 +00:00
yusuke-koyoshi
0ebb6c4682 fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888) 2024-01-08 06:06:37 +00:00
Juan Ariza Toledano
c47ed0d816 feat(vex): Add support for CSAF format (#5535) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-01-06 10:48:39 +00:00
dependabot[bot]
2cdd65dd64 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts from 1.26.2 to 1.26.7 (#5880) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 19:38:44 +00:00
dependabot[bot]
c72dfbfbb0 chore(deps): bump github.com/open-policy-agent/opa from 0.58.0 to 0.60.0 (#5853) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 12:31:33 +00:00
dependabot[bot]
682210ac64 chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.28.0 (#5854) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 19:10:54 +00:00
dependabot[bot]
fa2e88360b chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 (#5852) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 09:29:08 +00:00
dependabot[bot]
013df4c6b8 chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#5850) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-04 05:12:39 +00:00
dependabot[bot]
b1489f3485 chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#5856) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:53:52 +00:00
dependabot[bot]
7f2e4223ff chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#5855) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 11:43:57 +00:00
dependabot[bot]
c17b6603db chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#5830) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-29 05:26:15 +00:00
Nikita Pivkin
4cdff0e573 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from v1.116.0 to v1.134.0 (#5822) 2023-12-26 12:09:43 +00:00
dependabot[bot]
be969d4136 chore(deps): bump github.com/containerd/containerd from 1.7.7 to 1.7.11 (#5809) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-25 06:13:16 +00:00
dependabot[bot]
81748f5ad0 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#5805) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 07:59:21 +00:00
Nikita Pivkin
ba825b2ae1 chore(deps): bump trivy-iac to v0.7.1 (#5797) 2023-12-18 12:31:07 +00:00
Juan Ariza Toledano
abf227e06e fix(bitnami): use a different comparer for detecting vulnerabilities (#5633) 
Signed-off-by: juan131 <jariza@vmware.com>
 2023-12-17 10:27:19 +00:00
dependabot[bot]
6080e245ce chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.25.11 (#5717) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 09:38:17 +00:00
dependabot[bot]
e27ec3261e chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.21.0 to 1.24.1 (#5701) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 08:52:06 +00:00