1
0
forked from pool/trivy
Commit Graph

65 Commits

Author SHA256 Message Date
Dominique Leuenberger
4cbfab8f24 Accepting request 1065886 from Virtualization:containers
- Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
  * chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/request/show/1065886
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=44
2023-02-15 12:40:59 +00:00
d2c9e8e17e - Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
* chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=42
2023-02-15 08:41:42 +00:00
Dominique Leuenberger
dc4d8d93e4 Accepting request 1064170 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1064170
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=43
2023-02-10 13:35:48 +00:00
2ec944171e Accepting request 1064149 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.37.2

OBS-URL: https://build.opensuse.org/request/show/1064149
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=40
2023-02-10 08:08:46 +00:00
Dominique Leuenberger
9cc6d7280d Accepting request 1062489 from Virtualization:containers
- Update to version 0.37.1:
  * fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/request/show/1062489
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=42
2023-02-02 17:08:30 +00:00
d95d3d3fa3 - Update to version 0.37.1:
* fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=38
2023-02-01 16:22:25 +00:00
Dominique Leuenberger
12108ca998 Accepting request 1062442 from Virtualization:containers
- Update to version 0.37.0:
  * fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/request/show/1062442
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=41
2023-02-01 15:40:02 +00:00
672c04bdc6 - Update to version 0.37.0:
* fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=36
2023-02-01 12:11:50 +00:00
Dominique Leuenberger
e17d52e94b Accepting request 1056176 from Virtualization:containers
- Update to version 0.36.1:
  * fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/request/show/1056176
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=40
2023-01-05 14:01:38 +00:00
8feee24f2e - Update to version 0.36.1:
* fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=34
2023-01-05 12:15:28 +00:00
Dominique Leuenberger
dd42ed5832 Accepting request 1046089 from Virtualization:containers
- Update to version 0.36.0:
  * docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/request/show/1046089
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=39
2023-01-02 14:02:13 +00:00
4e05e2e98d - Update to version 0.36.0:
* docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 08:37:03 +00:00
Dominique Leuenberger
f211ec832b Accepting request 1038587 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1038587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=38
2022-11-28 10:07:24 +00:00
83b7bc68d6 Accepting request 1038580 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.35.0

OBS-URL: https://build.opensuse.org/request/show/1038580
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=30
2022-11-28 08:09:58 +00:00
Dominique Leuenberger
d33073e8fe Accepting request 1034128 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1034128
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=37
2022-11-07 12:51:58 +00:00
2f67d2596c Accepting request 1032484 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.34.0

OBS-URL: https://build.opensuse.org/request/show/1032484
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=28
2022-11-07 10:10:13 +00:00
Dominique Leuenberger
7e3a352f9b Accepting request 1031258 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1031258
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=36
2022-10-26 10:31:55 +00:00
1afcdaafd3 Accepting request 1031236 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.33.0

OBS-URL: https://build.opensuse.org/request/show/1031236
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=26
2022-10-26 06:33:34 +00:00
Richard Brown
4fdf8b2cf9 Accepting request 1006699 from Virtualization:containers
- Update to version 0.32.1:
  * fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
  * chore: expat lib and go binary deps vulns (#2940)
  * wasm: Removes accidentally exported memory (#2950)
  * fix(sbom): fix package name separation for gradle (#2906)
  * docs(readme.md): fix broken integrations link (#2931)
  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
  * fix(cli): split env values with ',' for slice flags (#2926)
  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
  * fix(flag): add file-patterns flag for config subcommand (#2925)
  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)

OBS-URL: https://build.opensuse.org/request/show/1006699
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=35
2022-09-29 16:13:00 +00:00
a79a01c42a - Update to version 0.32.1:
* fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
  * chore: expat lib and go binary deps vulns (#2940)
  * wasm: Removes accidentally exported memory (#2950)
  * fix(sbom): fix package name separation for gradle (#2906)
  * docs(readme.md): fix broken integrations link (#2931)
  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
  * fix(cli): split env values with ',' for slice flags (#2926)
  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
  * fix(flag): add file-patterns flag for config subcommand (#2925)
  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=24
2022-09-28 14:07:00 +00:00
Dominique Leuenberger
5b94be79db Accepting request 1004582 from Virtualization:containers
- Update to version 0.32.0:
  * docs: add Rekor SBOM attestation scanning (#2893)
  * chore: narrow the owner scope (#2894)
  * fix: remove a patch number from the recommendation link (#2891)
  * fix: enable parsing of UUID-only rekor entry ID (#2887)
  * docs(sbom): add SPDX scanning (#2885)
  * docs: restructure docs and add tutorials (#2883)
  * feat(sbom): scan sbom attestation in the rekor record (#2699)
  * feat(k8s): support outdated-api (#2877)
  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
  * fix(c): support revisions in Conan parser (#2878)
  * feat: dynamic links support for scan results (#2838)
  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
  * docs: update archlinux commands (#2876)
  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
  * feat(sbom): Add unmarshal for spdx (#2868)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
  * fix: revert asff arn and add documentation (#2852)
  * docs: batch-import-findings limit (#2851)
  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
  * feat(sbom): Add marshal for spdx (#2867)
  * build: checkout before setting up Go (#2873)
  * chore: bump Go to 1.19 (#2861)
  * docs: azure doc and trivy (#2869)
  * fix: Scan tarr'd dependencies (#2857)
  * chore(helm): helm test with ingress (#2630)
  * feat(report): add secrets to sarif format (#2820)
  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
  * refactor: add a new interface for initializing analyzers (#2835)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)

OBS-URL: https://build.opensuse.org/request/show/1004582
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=34
2022-09-19 14:03:24 +00:00
c7371b4a31 - Update to version 0.32.0:
* docs: add Rekor SBOM attestation scanning (#2893)
  * chore: narrow the owner scope (#2894)
  * fix: remove a patch number from the recommendation link (#2891)
  * fix: enable parsing of UUID-only rekor entry ID (#2887)
  * docs(sbom): add SPDX scanning (#2885)
  * docs: restructure docs and add tutorials (#2883)
  * feat(sbom): scan sbom attestation in the rekor record (#2699)
  * feat(k8s): support outdated-api (#2877)
  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
  * fix(c): support revisions in Conan parser (#2878)
  * feat: dynamic links support for scan results (#2838)
  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
  * docs: update archlinux commands (#2876)
  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
  * feat(sbom): Add unmarshal for spdx (#2868)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
  * fix: revert asff arn and add documentation (#2852)
  * docs: batch-import-findings limit (#2851)
  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
  * feat(sbom): Add marshal for spdx (#2867)
  * build: checkout before setting up Go (#2873)
  * chore: bump Go to 1.19 (#2861)
  * docs: azure doc and trivy (#2869)
  * fix: Scan tarr'd dependencies (#2857)
  * chore(helm): helm test with ingress (#2630)
  * feat(report): add secrets to sarif format (#2820)
  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
  * refactor: add a new interface for initializing analyzers (#2835)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=22
2022-09-19 07:30:12 +00:00
Dominique Leuenberger
1f66325805 Accepting request 1001263 from Virtualization:containers
- Update to version 0.31.3:
  * fix: handle empty OS family (#2768)
  * fix: fix k8s summary report (#2777)
  * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767)
  * chore: bump trivy-kubernetes (#2770)
  * fix(secret): Consider secrets in rpc calls (#2753)
  * fix(java): check depManagement from upper pom's (#2747)
  * fix(php): skip `composer.lock` inside `vendor` folder (#2718)
  * fix: fix k8s rbac filter (#2765)
  * feat(misconf): skipping misconfigurations by AVD ID (#2743)
  * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741)
  * docs: add MacPorts install instructions (#2727)
  * docs: typo (#2730)

OBS-URL: https://build.opensuse.org/request/show/1001263
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=33
2022-09-05 19:22:17 +00:00
aede81fb2f - Update to version 0.31.3:
* fix: handle empty OS family (#2768)
  * fix: fix k8s summary report (#2777)
  * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767)
  * chore: bump trivy-kubernetes (#2770)
  * fix(secret): Consider secrets in rpc calls (#2753)
  * fix(java): check depManagement from upper pom's (#2747)
  * fix(php): skip `composer.lock` inside `vendor` folder (#2718)
  * fix: fix k8s rbac filter (#2765)
  * feat(misconf): skipping misconfigurations by AVD ID (#2743)
  * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741)
  * docs: add MacPorts install instructions (#2727)
  * docs: typo (#2730)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=20
2022-09-05 12:17:06 +00:00
Richard Brown
e79e15f419 Accepting request 997437 from Virtualization:containers
- Update to version 0.31.2:
  * fix: Correctly handle recoverable AWS scanning errors (#2726)
  * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721)

- Update to version 0.31.1:
  * fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)

OBS-URL: https://build.opensuse.org/request/show/997437
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=32
2022-08-17 16:16:48 +00:00
777f4f2773 - Update to version 0.31.2:
* fix: Correctly handle recoverable AWS scanning errors (#2726)
  * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=18
2022-08-16 19:37:39 +00:00
Dominique Leuenberger
03700ff45e Accepting request 997334 from Virtualization:containers
- Update to version 0.31.0:
  * fix(flag): add error when there are no supported security checks (#2713)
  * fix(vuln): continue scanning when no vuln found in the first application (#2712)
  * revert: add new classes for vulnerabilities (#2701)
  * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
  * fix(cli): secret scanning perf link fix (#2607)
  * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
  * feat: Add AWS Cloud scanning (#2493)
  * docs: specify the type when verifying an attestation (#2697)
  * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
  * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
  * feat(rust): Add support for cargo-auditable (#2675)
  * feat: Support passing value overrides for configuration checks (#2679)
  * feat(sbom): add support for scanning a sbom attestation (#2652)
  * chore(image): skip symlinks and hardlinks from tar scan (#2634)
  * fix(report): Update junit.tpl (#2677)
  * fix(cyclonedx): add nil check to metadata.component (#2673)
  * docs(secret): fix missing and broken links (#2674)
  * refactor(cyclonedx): implement json.Unmarshaler (#2662)
  * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
  * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
  * feat(kubernetes): add option to specify kubeconfig file path (#2576)
  * docs:  follow Debian's "instructions to connect to a third-party repository" (#2511)
  * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
  * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
  * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
  * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
  * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
  * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)

OBS-URL: https://build.opensuse.org/request/show/997334
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=31
2022-08-16 15:08:19 +00:00
481673a33f - Update to version 0.31.1:
* fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=16
2022-08-16 13:34:38 +00:00
c72c54c5e4 - Update to version 0.31.0:
* fix(flag): add error when there are no supported security checks (#2713)
  * fix(vuln): continue scanning when no vuln found in the first application (#2712)
  * revert: add new classes for vulnerabilities (#2701)
  * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
  * fix(cli): secret scanning perf link fix (#2607)
  * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
  * feat: Add AWS Cloud scanning (#2493)
  * docs: specify the type when verifying an attestation (#2697)
  * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
  * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
  * feat(rust): Add support for cargo-auditable (#2675)
  * feat: Support passing value overrides for configuration checks (#2679)
  * feat(sbom): add support for scanning a sbom attestation (#2652)
  * chore(image): skip symlinks and hardlinks from tar scan (#2634)
  * fix(report): Update junit.tpl (#2677)
  * fix(cyclonedx): add nil check to metadata.component (#2673)
  * docs(secret): fix missing and broken links (#2674)
  * refactor(cyclonedx): implement json.Unmarshaler (#2662)
  * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
  * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
  * feat(kubernetes): add option to specify kubeconfig file path (#2576)
  * docs:  follow Debian's "instructions to connect to a third-party repository" (#2511)
  * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
  * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
  * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
  * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
  * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
  * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=15
2022-08-16 12:09:06 +00:00
Richard Brown
3722eed277 Accepting request 991385 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/991385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=30
2022-07-28 18:58:33 +00:00
7a3aec4740 Accepting request 991366 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.4

OBS-URL: https://build.opensuse.org/request/show/991366
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=13
2022-07-27 13:15:36 +00:00
Richard Brown
5bf22dde6a Accepting request 990668 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/990668
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=29
2022-07-22 17:20:31 +00:00
2625ca5f8f Accepting request 990661 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.2

OBS-URL: https://build.opensuse.org/request/show/990661
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=11
2022-07-22 11:25:22 +00:00
12697e9c2a Accepting request 990399 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.1

OBS-URL: https://build.opensuse.org/request/show/990399
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=10
2022-07-21 09:48:49 +00:00
Richard Brown
9bf574a704 Accepting request 989979 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/989979
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=28
2022-07-19 15:19:27 +00:00
499dfbf363 Accepting request 989624 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.0

OBS-URL: https://build.opensuse.org/request/show/989624
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=8
2022-07-18 14:08:59 +00:00
Dominique Leuenberger
04c9c952ef Accepting request 987818 from Virtualization:containers
- Update to version 0.29.2:
  * chore: skip Visual Studio Code project folder (#2379)
  * fix(helm): handle charts with templated names (#2374)
  * docs: redirect operator docs to trivy-operator repo (#2372)
  * fix(secret): use secret result when determining Failed status (#2370)
  * try removing libdb-dev
  * run integration tests in fanal
  * use same testing images in fanal
  * feat(helm): add support for trivy dbRepository (#2345)
  * fix: Fix failing test due to deref lint issue
  * test: Fix broken test
  * fix: Fix makefile when no previous named ref is visible in a shallow clone
  * chore: Fix linting issues in fanal
  * refactor: Fix fanal import paths and remove dotfiles
  * chore: bump defsec version v0.68.1

OBS-URL: https://build.opensuse.org/request/show/987818
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=27
2022-07-08 12:03:11 +00:00
0391b2d8e4 - Update to version 0.29.2:
* chore: skip Visual Studio Code project folder (#2379)
  * fix(helm): handle charts with templated names (#2374)
  * docs: redirect operator docs to trivy-operator repo (#2372)
  * fix(secret): use secret result when determining Failed status (#2370)
  * try removing libdb-dev
  * run integration tests in fanal
  * use same testing images in fanal
  * feat(helm): add support for trivy dbRepository (#2345)
  * fix: Fix failing test due to deref lint issue
  * test: Fix broken test
  * fix: Fix makefile when no previous named ref is visible in a shallow clone
  * chore: Fix linting issues in fanal
  * refactor: Fix fanal import paths and remove dotfiles
  * chore: bump defsec version v0.68.1

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=6
2022-07-08 07:39:10 +00:00
Dominique Leuenberger
54d02abf40 Accepting request 984654 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/984654
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=26
2022-06-23 08:25:11 +00:00
a0ae104f70 Accepting request 984475 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.29.1

OBS-URL: https://build.opensuse.org/request/show/984475
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=4
2022-06-23 06:02:26 +00:00
Dominique Leuenberger
7d9d718b33 Accepting request 978633 from Virtualization:containers
- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946):
  * fix: remove Highlighted from json output (#2131)
  * fix: remove trivy-kubernetes replace (#2132)
  * docs: Add Operator docs under Kubernetes section (#2111)
  * fix(k8s): security-checks panic (#2127)
  * ci: added k8s scope (#2130)
  * docs: Update misconfig output in examples (#2128)
  * fix(misconf): Fix coloured output in Goland terminal (#2126)
  * docs(secret): Fix default value of --security-checks in docs (#2107)
  * refactor(report): move colorize function from trivy-db (#2122)
  * feat: k8s resource scanning (#2118)
  * chore: add CODEOWNERS (#2121)
  * feat(image): add `--server` option for remote scans (#1871)
  * refactor: k8s (#2116)
  * refactor: export useful APIs (#2108)
  * docs: fix k8s doc (#2114)
  * feat(kubernetes): Add report flag for summary (#2112)
  * fix: Remove problematic advanced rego policies (#2113)
  * feat(misconf): Add special output format for misconfigurations (#2100)
  * feat:  add k8s subcommand (#2065)
  * chore: fix make lint version (#2102)
  * fix(java): handle relative pom modules (#2101)
  * fix(misconf): Add missing links for non-rego misconfig results (#2094)
  * feat(misconf): Added fs.FS based scanning via latest defsec (#2084)
  * chore(deps): bump trivy-issue-action to v0.0.4 (#2091)
  * chore(deps): bump github.com/twitchtv/twirp (#2077)
  * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074)
  * chore(os): updated fanal version and alpine distroless test (#2086)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075)
  * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)

OBS-URL: https://build.opensuse.org/request/show/978633
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=25
2022-05-23 13:51:56 +00:00
Dominique Leuenberger
538b73ffc5 Accepting request 973909 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/973909
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=24
2022-04-29 22:46:07 +00:00
Dominique Leuenberger
7ebb134dc1 Accepting request 972935 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/972935
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=23
2022-04-26 18:16:18 +00:00
Dominique Leuenberger
3d611306a8 Accepting request 970622 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/970622
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=22
2022-04-19 07:58:28 +00:00
Dominique Leuenberger
12c2451802 Accepting request 967695 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/967695
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=21
2022-04-08 20:45:39 +00:00
Dominique Leuenberger
05f6bff4d4 Accepting request 966387 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/966387
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=20
2022-04-01 19:36:12 +00:00
Dominique Leuenberger
7bd1ab24ef Accepting request 963901 from devel:kubic
- tie to go.17 as 1.18 became available

OBS-URL: https://build.opensuse.org/request/show/963901
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=19
2022-03-22 18:40:18 +00:00
Dominique Leuenberger
5743b6ba0b Accepting request 963467 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/963467
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=18
2022-03-21 19:11:35 +00:00
Dominique Leuenberger
f6ba84dfa9 Accepting request 962469 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/962469
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=17
2022-03-17 16:01:51 +00:00
Dominique Leuenberger
d13d78fbdd Accepting request 959290 from devel:kubic
OBS-URL: https://build.opensuse.org/request/show/959290
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=16
2022-03-03 23:19:34 +00:00