github aquasecurity/trivy v0.29.2
on GitHub

latest releases: v0.55.2, v0.55.1, v0.55.0...
2 years ago

Changelog

  • 6b515bc chore: skip Visual Studio Code project folder (#2379)
  • 25416ae fix(helm): handle charts with templated names (#2374)
  • 85cca55 docs: redirect operator docs to trivy-operator repo (#2372)
  • b944ac6 Merge pull request #2356 from aquasecurity/liamg-merge-fanal-magic-attempt-2
  • 9809a07 fix(secret): use secret result when determining Failed status (#2370)
  • e9831ce try removing libdb-dev
  • 04c01f6 run integration tests in fanal
  • 86e19bb use same testing images in fanal
  • 484ddd8 feat(helm): add support for trivy dbRepository (#2345)
  • 9e7404e fix: Fix failing test due to deref lint issue
  • 85c6529 test: Fix broken test
  • 6c983cb fix: Fix makefile when no previous named ref is visible in a shallow clone
  • 1ac4fd8 chore: Fix linting issues in fanal
  • 094db23 refactor: Fix fanal import paths and remove dotfiles
  • b6f615b refactor: Merge fanal into Trivy
  • 6765c77 Merge pull request fanal#566 from chen-keinan/chore/bump-fanal-version
  • 644ada1 chore: bump defsec version v0.68.1
  • a9ddb39 fix(secrets): added allow rule for examples (fanal#565)
  • 8d13f3d feat: support rbac scanner and type (fanal#563)
  • c0ad4f7 chore(deps): updated go-dep-parser (fanal#556)
  • a6f4ab3 chore(deps): bump github.com/Azure/go-autorest/autorest/adal (fanal#543)
  • 8ae754a Add custom resources in fs scanning and add deregister analyzers (fanal#564)
  • decad9b Support get local image by containerd (fanal#348)
  • 9c53190 chore(deps): update defsec (fanal#558)
  • df66959 Bump go-rpmdb (fanal#553)
  • 74fcd3f feat(mariner): added support for CBL-Mariner Distroless v2.0 (fanal#552)
  • d523424 feat(npm): calculate indirect libraries (fanal#557)
  • 42267f9 refactor: remove unused field imageName from integration test (fanal#555)
  • 1343996 chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (fanal#544)
  • 8a877c5 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#545)
  • 59f1a04 chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (fanal#546)
  • d5a62c9 test: use images in GHCR for integration tests (fanal#554)
  • 96ce2db refactor: do not import defsec in types package (fanal#537)
  • 6c25b83 fix: support for helm chart *.tar.gz (fanal#551)
  • 43997f3 feat(types): add Ref to package (fanal#540)
  • 64c9124 chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (fanal#541)
  • 7baccf2 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.18.0 to 2.21.0 (fanal#547)
  • 7dd7e2b chore(deps): bump github.com/aws/aws-sdk-go from 1.44.5 to 1.44.25 (fanal#548)
  • f5e655e feat: adding helm support (fanal#534)
  • df47d1b refactor(deps): move dependencies to package (fanal#535)
  • ef8d773 fix(secrets): AsymmetricPrivateKeys use only base64 characters (fanal#539)
  • 24005c3 chore(deps): bump github.com/testcontainers/testcontainers-go from 0.12.0 to 0.13.0 (fanal#502)
  • 193680b chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.6.0 (fanal#517)
  • 22db37e fix(secrets): added leading slash for file paths extracted from image (fanal#525)
  • 894fa25 chore(deps): Update defsec to v0.58.2 (fixes false positives in ksv038) (fanal#533)
  • 94f999e perf(misconf): Update defsec to v0.58.1 to optimise result creation for very large files (fanal#532)
  • 7a84438 chore(deps): Update defsec to v0.58.0 (fanal#530)
  • 898aaaa Merge pull request fanal#529 from aquasecurity/owenr-remove-highlighting-from-results
  • c8682b5 fix: update defsec and fix tests accordingly
  • f776a91 chore(deps): update defsec
  • 267adde fix: remove Highlighted from json output
  • 9528501 chore(deps): Update defsec to v0.57.6 (fanal#528)
  • 0911eea chore(deps): Update defsec to v0.57.5 (remove commercial rego rules) (fanal#527)
  • cc5d76b chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#518)
  • be3993b fix(secrets): skip aws secrets of greater length (fanal#514)
  • 3487acc chore(deps): Update defsec to v0.57.3 for improved syntax highlighting (fanal#524)
  • c8e07a4 chore(deps): Update defsec to v0.56.2 (fanal#523)
  • 4249a1c Pom modules (fanal#511)
  • 52934d2 feat: Add causal code to misconfig results (fanal#522)
  • 329f071 chore(deps): Update defsec for 'builtin' namespaced rego policies (fanal#521)
  • 154ccc6 chore(deps): Update defsec to v0.55.5 (adds freebsd support) (fanal#520)
  • 49cfa08 fix(handler): import go mod handler (fanal#519)
  • bcc0218 feat: add post handler (fanal#460)
  • 5feabc1 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.31 to 1.44.5 (fanal#512)
  • fa03e9e chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (fanal#506)
  • 6d8ae19 feat(lang): add parent dependencies (fanal#459)
  • d137df2 feat(analyzer): more general support for os-release (fanal#470)
  • d08f3df refactor(secret): allow list match with secret subgroups (fanal#510)
  • 346496f chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#509)
  • 2e87083 chore(deps): bump github.com/samber/lo from 1.15.0 to 1.19.0 (fanal#505)
  • 4066b57 chore(deps): bump actions/setup-go from 2 to 3 (fanal#499)
  • 1f5b262 feat(secret): add default secret severity (fanal#497)
  • eb0da23 chore(analyzer): added array of config file analyzers (fanal#498)
  • 4f9e46c chore(deps): update defsec for fix CVE-2022-27191 inside x/crypto (fanal#495)
  • 1a6d9cb feat(secret): truncate matched line if it is long (fanal#494)
  • acaa8dd fix(go.mod): fixed panic for gomod without version (fanal#492)
  • db6eb9a feat(secret): allow rubygems path (fanal#493)
  • 1d1f8f9 refactor(secret): split a file including built-in rules (fanal#491)
  • 04040b9 feat(secret): add enable-builtin-rules (fanal#488)
  • 142d67f feat(secret): more builtin aws rules (fanal#489)
  • 34de675 feat(redis): support TTL (fanal#480)
  • 4dd5732 feat(hook): skip system installed Go binaries (fanal#481)
  • 1e78804 fix(hook/gomod): check if gosum is nil (fanal#487)
  • ca57d31 fix(secret): take only config file name (fanal#486)
  • 03b16ea feat(secret): check if the config file exists (fanal#485)
  • bec2e29 feat(secret): ignore the secret config file (fanal#484)
  • b4ddc80 feat(image): disable secret scanning in base layers (fanal#483)
  • 2061873 fix(secret): end line number is the same as start line number (fanal#482)
  • 254a96e feat: add secret scanning (fanal#431)
  • dff5dce fix(analyzer): ignore permission errors (fanal#477)
  • c7e8d201 chore: disable benchmark (fanal#478)
  • 471e7cd Add Containerfile to requiredFiles (fanal#475)
  • 8cd9737 fix(deps): correct margin removal for empty lines inside defsec (fanal#471)
  • 67004a2 fix(python): fixed panic when scan .egg archive (fanal#446)
  • 528d07e feat(alpine): add parsing /etc/apk/repositories file to get OS version (fanal#462)
  • 065b301 feat(golang): add support for go.mod (fanal#465)
  • 0e28f7c Merge pull request fanal#463 from aquasecurity/liamg-fix-owens-demo
  • 910b8e6 fix: add filename to cf results
  • 5f69847 fix(pom): merge multiple pom imports in a good manner (fanal#457)
  • 3637c00 chore(deps): bump github.com/docker/docker (fanal#440)
  • 8bdd3fe chore(deps): bump github.com/urfave/cli/v2 from 2.3.0 to 2.4.0 (fanal#442)
  • 85351ad chore(deps): update BurntSushi/toml for fix runtime error (fanal#454)
  • fbf5020 fix(iac): Added missing metadata to resolve Terraform scanning errors (fanal#455)
  • 18fde60 feat(jar): allow setting Maven Central URL using environment variable (fanal#448)
  • c2f38ee chore(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.39.0 (fanal#434)
  • a545e3a chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#438)
  • c039177 refactor(golang): use debug/buildinfo (fanal#453)
  • 86e72c0 chore(ci): enable gofmt linter (fanal#452)
  • 177826a chore: bump up Go to 1.18 (fanal#449)
  • 133c838 fix: Update defsec to v0.28.3 to fix panics (fanal#450)
  • da3d588 chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#441)
  • 9766c47 chore(deps): bump actions/checkout from 2 to 3 (fanal#432)
  • db66572 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.31 (fanal#445)
  • c3e132a refactor(cache messages): changed messages about missing Image and Layers in cache (fanal#447)
  • b194140 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.4 to 8.11.5 (fanal#437)
  • d048791 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#409)
  • 005fe25 Merge pull request fanal#429 from aquasecurity/owenr-fix-issue-no-filename
  • aac7cf5 fix: catch results where the filename is not specified
  • fe1f9c9 chore(deps): bump github.com/GoogleCloudPlatform/docker-credential-gcr (fanal#360)
  • 9e3709f feat(cache): add DeleteBlobs to ArtifactCache (fanal#426)
  • ee54733 chore(deps): bump github.com/testcontainers/testcontainers-go from 0.11.1 to 0.12.0 (fanal#375)
  • e913433 fix(docker): getting an image by ID or a name with tag (fanal#425)
  • 483697b feat(walker): export default skip variables (fanal#418)
  • dcadfa8 fix(filter-hook): systemfiles filter for custom resources (fanal#419)
  • bfd6eef Merge pull request fanal#421 from aquasecurity/owenr-defend-npe-issues
  • 69be985 chore: update tfsec and defsec
  • 4d625c2 feat(docker): add support for scanning docker image with ImageID (fanal#405)
  • 7663c9f fix(hcl2json): fix panic in hcl2json (fanal#417)
  • c3279fd Merge pull request fanal#416 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
  • 7443cba Merge branch 'main' into dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
  • 49301cc Merge pull request fanal#415 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/defsec-0.14.0
  • 6e222bd chore(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 (fanal#408)
  • 8c522a7 chore(deps): bump github.com/aquasecurity/tfsec from 1.4.1 to 1.5.0
  • 7fe75d5 chore(deps): bump github.com/aquasecurity/defsec from 0.12.1 to 0.14.0
  • 0e84c4d fix(pom): keep an order of dependencies (fanal#413)
  • 82d9d4b chore(deps): bump github.com/aws/aws-sdk-go from 1.42.51 to 1.43.8 (fanal#411)
  • 525aadf fix(deps): correct handling a package name with a hyphen (fanal#407)
  • b72fa66 Merge pull request fanal#406 from aquasecurity/owenr-update-iac-scanning
  • f2e05d5 fix(hook): fix skip of language-specific files when scanning rootfs directory (fanal#380)
  • 1e9376b chore: update the defsec and tfsec versions
  • 0805e86 chore(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 (fanal#404)
  • f8eb21d chore(deps): bump github.com/alicebob/miniredis/v2 from 2.17.0 to 2.18.0 (fanal#383)
  • ed00632 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#389)
  • 1277e21 chore(deps): bump github.com/Azure/go-autorest/autorest/azure/auth (fanal#386)
  • 5c663d3 chore(deps): bump github.com/aws/aws-sdk-go from 1.42.30 to 1.42.51 (fanal#403)
  • 411e5b8 chore(deps): bump github.com/open-policy-agent/opa from 0.36.1 to 0.37.2 (fanal#401)
  • 3276885 chore(dependabot): set interval to monthly (fanal#399)
  • b9a7fd1 feat(rpm): detect RPM databases in SQLite3 format (fanal#381)
  • 9825529 fix(applier): modify apply layer to merge custom resources as well (fanal#369)
  • 4310d51 refactor: rename quiet with no progress (fanal#392)
  • c04a638 feat(mariner) add CBL-Mariner analyzer (fanal#387)
  • ffb5c85 feat(analyzer): support Red Hat build info (fanal#151)
  • 533498f feat(token): add azure token auth (fanal#371)
  • 2768c28 chore: bump Go to 1.17 (fanal#379)
  • 4e8832d chore(deps): bump github.com/open-policy-agent/opa from 0.36.0 to 0.36.1 (fanal#378)
  • 4b61097 chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (fanal#376)
  • c6daf1a chore(deps): bump go.uber.org/zap from 1.19.1 to 1.20.0 (fanal#358)
  • d2a4db8 feat(java): add support PAR files (fanal#373)
  • abf0055 chore(deps): bump github.com/docker/docker (fanal#363)
  • 9806fa6 chore(deps): update hcl2json dependency (fanal#368)
  • c4fdc40 fix(rpm): do not ignore installed files via third-party rpm (fanal#367)
  • 1bb7e48 Allow to scan a single file (fanal#356)
  • d081855 chore(deps): bump github.com/open-policy-agent/opa from 0.34.0 to 0.36.0 (fanal#362)
  • ab0cb4f chore(deps): bump github.com/alicebob/miniredis/v2 from 2.16.0 to 2.17.0 (fanal#361)
  • 49a72f2 feat: added insecure tls skip to scan repo (fanal#352)
  • 0c8521a chore(deps): bump github.com/aws/aws-sdk-go from 1.42.0 to 1.42.30 (fanal#365)
  • 89fa4a2 feat(analyzer): introduce analyzer group (fanal#340)
  • 0d2edbf fix: crash of handling compressed layers (fanal#354)
  • 996961a fix(java/pom): ignore unsupported requirements (fanal#351)
  • e9251fe feat(jar): mark JAR as individual packages (fanal#350)
  • 965400a feat(java): support offline mode (fanal#349)
  • 310dd3f fix(analyzer): improve performance (fanal#314)
  • 91d4d9e feat(java): support pom.xml (fanal#346)
  • 88094b1 chore(deps): bump github.com/moby/buildkit from 0.8.1 to 0.9.3 (fanal#347)
  • c287239 feat(jar): add file path (fanal#345)
  • 0a17306 Also detect RPM databases in NDB format (fanal#341)
  • c506f43 chore(deps): Update tfsec version (fanal#339)
  • 7e09a9f fix: fixed skipFiles/skipDirs flags for relative path (fanal#342)
  • f733307 chore: removed old tfsec dependencies. (fanal#337)
  • bb5abd4 Merge pull request fanal#336 from aquasecurity/owenr-update-tfsec-and-cfsec
  • 18d683a Update code scanning dependencies
  • 6793d65 fix(hooks): exclude go from filtering (fanal#332)
  • 776f0ec ci(lint) : setup golangci-lint-action (fanal#256)
  • 0523fbc allow suppressing the git clone output by setting the quiet option (fanal#335)
  • 95afbb1 feat(repo): add authentication to git HTTP operation (fanal#253)
  • 7d550ea fix(applier): fixed layer applications update (fanal#333)
  • 1ac6e8a chore: update go-dep-parser dependency to fix pip parsing issue (fanal#330)
  • b640ef0 chore(dep): bump cfsec version from v0.0.11 to v0.0.12 (fanal#329)
  • a688cdf feature(iac): Add location and resource to Results (fanal#328)
  • 0abfcf5 Merge pull request fanal#327 from aquasecurity/owenr-bump-cfsec-version
  • e0dfc37 fix the test for cfsec output
  • 3f52e32 chore(deps): Bump cfsec version to get the resource
  • 0dbcb83 chore(deps): bump github.com/docker/docker (fanal#315)
  • 6ad9b25 chore(deps): bump github.com/aws/aws-sdk-go from 1.41.0 to 1.42.0 (fanal#325)
  • 6726d12 Merge pull request fanal#321 from owenrumney/owenr-add-cfsec-support
  • 41c0dbb Add Cloudformation analyzer
  • 0d03242 add support for cfsec
  • 8a6775a fix(daemon): handle nil config (fanal#322)
  • 2674ce8 chore(deps): bump github.com/aquasecurity/tfsec from 0.58.11 to 0.58.14 (fanal#307)
  • 802cc6f chore(deps): bump github.com/open-policy-agent/opa from 0.32.0 to 0.34.0 (fanal#319)
  • b0de7fc chore(deps): bump github.com/alicebob/miniredis/v2 from 2.15.1 to 2.16.0 (fanal#316)
  • 223b1fd fix(yarn): support quoted version
  • 0ad38f3 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.49 to 1.41.0 (fanal#309)
  • 894d658 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.3 to 8.11.4 (fanal#308)
  • 7c72035 feat(javascript) : Add JavaScript const to support custom javascript analyser (fanal#304)
  • 1829e36 refactor: add ctx object to analyser (fanal#303)
  • d974076 refactor(types): merge LibraryInfo into Package (fanal#302)
  • 5eb94f7 fix(artifact): remove default disabled analyzers (fanal#300)
  • 173b3eb fix(config/yaml): support yaml files which incompatible with json spec (fanal#296)
  • c80126a feat(daemon): add more config fields (fanal#299)
  • 7e9fd67 feat(applier/docker) aggregate jar result (fanal#298)
  • b76899c fix(rpm): don't panic when parse source rpm name failed (fanal#297)
  • a2b995a feat: skip files and dirs (fanal#284)
  • 12463ce fix(oci): handling of complex image indexes (fanal#262)
  • 9b78112 chore(deps): bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (fanal#289)
  • ad721cf Chore(dep): update the tfsec version (fanal#291)
  • 96f7cc7 fix(go-binary): skip large files (fanal#294)
  • 843813c feat(analyzer): add group consts (fanal#293)
  • 9446030 chore(deps): bump golang.org/x/mod from 0.5.0 to 0.5.1 (fanal#290)
  • f7329d0 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.45 to 1.40.49 (fanal#287)
  • b04be68 fix(configfile-metadata): Enriched configfile metadata with OS value (fanal#286)
  • 791cf73 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.37 to 1.40.45 (fanal#283)
  • 92d1b61 fix(go/binary): ignore unrecognized exe error (fanal#282)
  • 7f5b5a6 chore(deps): bump go.uber.org/zap from 1.19.0 to 1.19.1 (fanal#272)
  • dd49885 fix(go/binary): check file mode (fanal#281)
  • eec42da feat(analyzer): support AlmaLinux and Rocky Linux (fanal#193)
  • 074587e fix(image): disable node.js analyzers depending on mode (fanal#279)
  • 9a4e3b1 fix(applier): aggregate packages after merging layers (fanal#277)
  • f76c806 fix(filter): handle the leading slash (fanal#276)
  • f21e591 fix(image): do not use pointer for metadata (fanal#273)
  • 1dce67f feat(image): add image metadata (fanal#227)
  • 8020b0f fix(ruby): add file path (fanal#269)
  • fa57fce fix(filter): hardcode system files in Distroless (fanal#268)
  • 08e9240 feat(python): support egg zip (fanal#267)
  • 41c3837 feat(python): support egg format (fanal#266)
  • 34c3c46 feat(dpkg): analyze installed files (fanal#265)
  • bb20d89 feat(apk): analyze installed files (fanal#264)
  • 62ccd79 feat(hook): add system file filter (fanal#263)
  • 1c877da feat(image): revert size (fanal#261)
  • ff9631b chore(deps): bump github.com/open-policy-agent/opa from 0.31.0 to 0.32.0 (fanal#260)
  • 255bbe1 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.27 to 1.40.37 (fanal#258)
  • 6c11c0c feat(node): add package.json analyzer (fanal#225)
  • 1ac15af feat(ruby): added new gemspec analyzer (fanal#226)
  • 473fe3a feat: add hooks (fanal#254)
  • b01a7b7 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.22 to 1.40.27 (fanal#255)
  • beaf893 feat(python): add egg and wheel analyzer (fanal#223)
  • 57eafb5 chore(deps): bump golang.org/x/mod from 0.4.2 to 0.5.0 (fanal#252)
  • 6434945 chore(deps): bump go.uber.org/zap from 1.17.0 to 1.19.0 (fanal#244)
  • fd1fbf9 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.14.1 to 2.15.1 (fanal#246)
  • 1352f0e chore(deps): bump github.com/BurntSushi/toml from 0.3.1 to 0.4.1 (fanal#245)
  • 9a5940c chore(dependabot): change interval to weekly (fanal#251)
  • 493a383 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.20 to 1.40.22 (fanal#250)
  • 9763688 chore(deps): bump github.com/google/go-containerregistry from 0.1.2 to 0.6.0 (fanal#237)
  • d4855d2 refactor: move lang-specific analzyers to lang dirs (fanal#249)
  • 6208311 chore(deps): bump github.com/docker/docker (fanal#240)
  • 02c4a51 chore(deps): bump github.com/go-redis/redis/v8 from 8.4.0 to 8.11.3 (fanal#238)
  • fbce290 chore(deps): bump github.com/aws/aws-sdk-go from 1.37.0 to 1.40.20 (fanal#239)
  • ba0aeed chore(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 (fanal#241)
  • 3ec380e chore(deps): bump github.com/open-policy-agent/opa from 0.25.2 to 0.31.0 (fanal#234)
  • 0058baf chore(deps): bump github.com/sosedoff/gitkit from 0.2.0 to 0.3.0 (fanal#235)
  • 940367c chore(deps): bump actions/setup-go from 1 to 2.1.3 (fanal#231)
  • 78845b4 chore(deps): bump actions/checkout from 1 to 2 (fanal#232)
  • d55c687 chore(ci) : Setup dependabot and fix security issues (fanal#228)
  • e749817 test(nuget): sort libraries for consistency (fanal#230)
  • 8eb30c2 Added a nuget config parser for packages.config (fanal#204)
  • 0f8ac99 feat(python): add support for requirements.txt (fanal#219)
  • 380c05b feat(apk): capture license information (fanal#217)
  • 4ca24d9 feat(rpm): capture license (fanal#218)
  • e73d250 Layer size (fanal#210)
  • adc7ecc feat(data) add eosl flag to OS (fanal#213)
  • 81e4ab5 Update tfsec to v0.46.0 (fanal#208)
  • 1382332 fix: disabled scanning of config files within containers (fanal#211)
  • c8cfd72 feat(policy): add query and traces (fanal#207)
  • 0e8ab4f feat(config): add external scanner (fanal#206)
  • c0e4e47 refactor(config): define hcl2 parser (fanal#205)
  • 9bad4c6 refactor(config): replace parsers (fanal#202)
  • 8e8274e feat(terraform): support additional metadata (fanal#201)
  • 797fd08 feat(config): add additional fields to metadata (fanal#200)
  • 5d54332 fix(policy): support empty string from exception rule (fanal#199)
  • a922042 fix(policy/engine): upper severity (fanal#197)
  • c3d5832 test(config): add sort test (fanal#196)
  • 959c076 fix(config/json): skip lock files (fanal#195)
  • 8172518 fix(terraform): support severity of passed checks (fanal#194)
  • 07a1174 fix(analyzer): unique analyzers (fanal#192)
  • 3120d6c fix(policy/engine): uniq rule names (fanal#191)
  • 67b7257 feat(config): support Terraform (fanal#190)
  • cb66108 fix(config): change selector type (fanal#189)
  • ac56d1c feat(artifact): add artifact type (fanal#185)
  • 867eee8 fix(dockerfile): rename command to stages (fanal#188)
  • 1ab6552 test(dockerfile): add multi-stage build (fanal#187)
  • 60c5a04 feat: Support Google artifact registry (fanal#181)
  • 2bb882f feat(image): add uncompressed layer size (fanal#182)
  • a0f5bdc fix(image): disable go.sum scanning (fanal#179)
  • 4a2b1c0 fix(gomod): fix a panic (fanal#178)
  • 6fd4c89 feat: support config (fanal#166)
  • b2dd367 feat(go): added support of go.sum (fanal#175)
  • 7141f20 Skipping directory is file is symlink (fanal#176)
  • f6a678c fix(fs): skip dir (fanal#173)
  • 3cf1f4c feat(golang): support binary (fanal#165)
  • 2718793 feat(analyzer): limit the number of parallelism (fanal#172)
  • 493a70b feat(config): support HCL files (fanal#158)
  • b64a526 feat(cache): introduce versioned keys (fanal#160)
  • 1a53cbe feat(config): support Dockerfiles (fanal#161)
  • 34f865d feat(config): support JSON files (fanal#159)
  • 30fc5b9 feat(config): support TOML files (fanal#157)
  • 059deda feat(cache): add analyzer versions (fanal#156)
  • c813a60 feat(config): support YAML files (fanal#155)
  • 907e6be feat(analyzer): disable analyzers (fanal#153)
  • 4f9e518 feat(library): support jar/war/ear (fanal#152)
  • 4a10108 feat(image): support Podman (fanal#149)
  • 3f35881 refactor(analyzer): pass file paths to analyzers (fanal#150)
  • bac65cb feat(image): support RepoTags and RepoDigests (fanal#148)
  • a20d481 add support modularitylabel for rpm (fanal#147)
  • 7da3f7e chore: migrate Travis CI to GitHub Actions (fanal#146)
  • 42520f3 chore: migrate from master to main (fanal#145)
  • b75c6c4 feat(cache): support Redis (fanal#143)
  • da40228 fix(rpm): fill source package information (fanal#142)
  • 91dc954 feat: remove CGO (fanal#141)
  • e17931c fix(main): import nuget (fanal#140)
  • 8006d76 Feat: Created analyzer for NuGet lockfiles. (fanal#139)
  • fde2487 Close open connections and files (fanal#135)
  • b62ebec Fix: Support local cache of APK index (fanal#133)
  • 66b9842 refactor(image): minor changes (fanal#134)
  • fa1f127 Support for scanning of an OCI image given a tag. (fanal#130)
  • 3f64bd6 fix(alpine): add origin package as source package (fanal#131)
  • c875ba5 Revert "Added skip_dir in image artifacts scan (fanal#128)" (fanal#129)
  • 0bd4175 Added skip_dir in image artifacts scan (fanal#128)
  • 80595dc Check status for dpkg package (fanal#127)
  • ceb4e47 fix(apk): replace go-deb-version with go-apk-version (fanal#118)
  • 4025117 Merge pull request fanal#122 from oranmoshai/fix/s3-head
  • d56c477 fix(s3/cache): HeadObject bucketName was missing. Add unit testing
  • 717f36c Fix/s3 cache (fanal#121)
  • e8d06ba fix(cache/s3): take s3 client and prefix as args (fanal#116)
  • 8139097 feat(cache): support options to pass S3 prefix (fanal#115)
  • 4c77b76 feat: support local filesystem and remote git repository (fanal#107)
  • a1e818a refactor(cache): replace image and layer with artifact and blob (fanal#108)
  • 81526ed Add S3 support for layer caching this will allow to save image result… (fanal#106)
  • 83ff3fd feat(cache): add close function (fanal#104)
  • aa4339c analyzer: Send back package and apps info for unknown OS if found. (fanal#103)
  • b22aebf feat(image): support registry token (fanal#102)
  • 364cc86 feat(image): support OCI Image Format (fanal#101)
  • 05ea7f4 fix: replace containers/image with google/go-containerregistry (fanal#96)
  • 8b3289c Support settings apkIndexArchiveURL via env FANAL_APK_INDEX_ARCHIVE_URL (fanal#94)
  • fc2f5dd test(integration): add tests with TLS registry (fanal#99)
  • 21e1ebf fix(bench): measure initializing structs (fanal#98)
  • bf63cc7 feat: split ID into Digest and DiffID (fanal#97)
  • 5d7149d feat(extractor): switch to layer ID of origin layer (fanal#93)
  • c63e3aa integration: Add dockerless mode tests (fanal#81)
  • 3ac5042 Change license to Apache 2.0 (fanal#92)
  • 016f45e fix: Move check for rpm command to the parsePkgInfo method (fanal#90)
  • 45ada28 fix(token): use the credential from enviroment variable (fanal#89)
  • b0937b6 Add layer id info (merge to master) (fanal#88)
  • bfa6e76 feat(cache): based on JSON (fanal#84)
  • f0dc9fa Change library parse error log (fanal#85)
  • 412209b test(bench): exclude master branch in GitHub Actions (fanal#82)
  • 3d55fc5 test(integration/bench): wait for an image load and remove images after tests (fanal#86)
  • 495332c refactor: replace genuinetools/reg with containers/image (fanal#70)
  • 285e1f1 integration: Fix filenames to not include the : char (fanal#79)
  • d3979a0 Perf testing (fanal#72)
  • c87f30c integration: Fanal as a library for tar mode (fanal#76)
  • d328815 integration: Add a test to use fanal as a library in Docker mode (fanal#66)
  • ca5843c Fix circular dependency for alpine apk index. (fanal#68)
  • 1d57f7b Revert PR fanal#51 entirely (fanal#67)
  • 68eb4c6 Revert part of fanal#51 (fanal#64)
  • eaf9fa5 feat(cache): wrap kv cache (fanal#62)
  • 60a7565 add aws session token (fanal#61)
  • 78df35b Add photon support (fanal#59)
  • 162fb42 Merge pull request fanal#57 from aquasecurity/switch-to-raw-encoding
  • 7d0165c cache: Switch to Raw encoding.
  • 7ef1e5f Cache: Save only required files (fanal#51)
  • 94f9cf4 Add suse linux enterprise server support (fanal#55)
  • bed0a0e Add openSUSE Tumbleweed support
  • 0c25418 Fix comment
  • 306c551 Add suse
  • 9c6b9a6 analyzer: Add tests for AnalyzeFile
  • 2cb920d Using bufio reader for Stdin, otherwise the first 3 bytes are consumed and file gets "corrupted" (stdin is not seekable?)
  • 9bf16ae Revert "change mod genuinetools/reg to vanilla (fanal#50)" (fanal#53)
  • 3867fc7 cmd: Rebase on master and add SkipPing=true
  • 3348a06 analyzer_test: Remove un-needed assertions
  • 030687c analyzer: Rename struct
  • a273649 docker_test: Fix import order
  • e6a79f7 docker: Accept interfaces, return structs
  • 2c08d9d cmd: Fix import lines
  • 673fc37 analyzer_test: Reduce cruft.
  • 511e061 docker_test: Add a sample testdir.tar.gz
  • 55e97e9 docker: Fix signature for downloadConfigFile()
  • aac5527 docker: Fix getValidManifest() signature
  • 9aea551 analyzer: Remove cruft.
  • 72334df docker: extract downloadConfigFile
  • 72e5ec7 docker: Extract extractLayerFiles
  • 971269b docker: Extract extractLayerWorker()
  • 98341f1 docker_test: refactor getValidManifest
  • 1e66346 docker_test: Add sad paths for Extract()
  • e41cf57 docker_test: Add a happy path for Extract()
  • 3813f90 gitignore: update gitignore
  • 24c612e cache: Define an interface for cache, remove global state
  • d993110 analyzer_test: Fix tests by fighting with global state
  • e4b1b64 docker: Inject docker client
  • a1ea9ae main: Update example of how to use fanal
  • 3aca6b2 analyzer: Add another happy path with no docker and/or image
  • a183360 analyzer_test: switch to table driven
  • 7eb9440 analzyer_test: Add stronger assertions for extractFromFile
  • 985442d analyzer_test: Adding seams for testability
  • 95e89a4 change mod genuinetools/reg to vanilla (fanal#50)
  • 728ba00 fix docker reg with option SkipPing (fanal#48)
  • 177a2b0 Add cache tests (fanal#46)
  • f990782 Update LICENSE (fanal#45)
  • cf9d00d feat(library): ignore files under vendor dir (fanal#44)
  • 9e8f0bb feat(image): support tar.gz image (fanal#40)
  • 83f0e2b added markup and reference for code snippet in README (fanal#41)
  • b318dec extractor/docker/docker.go: add parsing for tar.gz layers (fanal#26)
  • 3841cf6 Check whether rpm is installed (fanal#39)
  • cdeb41a Fix wrong break (fanal#38)
  • 4a9f3d9 Bug fix: wrap nil err (fanal#37)
  • d5d2729 Add error wrap (fanal#35)
  • a5ed21e Update Go to 1.13 (fanal#36)
  • afcb709 extract all files in target require filedirs (fanal#29)
  • c9f8a85 Change error log (fanal#32)
  • f9a8f80 skip scan composer.lock in vendor dir (fanal#34)
  • a8380ab Transfer repositoriy (fanal#27)
  • 430740f change reg version (fanal#25)
  • cef12ef Improves package analysis errors usability (fanal#24)
  • 3a38594 to be able add required files (fanal#22)
  • 6c02a38 add Arch for amazon linux scan (fanal#21)
  • 4e0c7fc Add poetry parser (fanal#19)
  • dd938fd update go-dep-parser for yarn bugfix (fanal#18)
  • e41f180 Use go-deb-version for version validation (fanal#17)
  • b7debf7 add yarn.lock parser (fanal#16)
  • ce1f557 Include source package in the package struct (fanal#15)
  • 9fa86c5 Replace slash with underscore (fanal#14)
  • 89f6348 Analyze origin (fanal#13)
  • faed25b Analyze command (fanal#12)
  • 856dd3a Add cargo analyzer (fanal#11)
  • cb5b791 GetToken only run extractor/docker (fanal#10)
  • 1211b10 add ecr test
  • e9e2777 add gcr test
  • 123ee18 fix reviewed point
  • 224069a refact import cycle in docker package
  • 5e96fa6 create types package
  • d773f56 change var name : GCRCredPath -> GcpCredPath
  • 48a3ac5 fix typo
  • 1d2fe13 delete dockerhub register analyzer
  • c8127c4 GetToken only run extractor/docker
  • 2c3bf38 Cache the saved image (fanal#9)
  • 1778abe Clear cache (fanal#8)
  • c0563f8 Use local images when docker daemon exists (fanal#7)
  • 028073b merge ubuntu analyzer into debianbase analyzer (fanal#6)
  • 8394568 Merge pull request fanal#5 from knqyf263/initial
  • 1b5c336 Revert "Initial commit (fanal#1)" (fanal#4)
  • 808a645 Initial commit (fanal#1)
  • 05821ed Add rpm analyzer without rpm command
  • e55ec73 Support library
  • fefe879 Merge pull request fanal#2 from knqyf263/add_analyzer
  • bd57e64 update comment
  • 66aac5d Add rpm
  • f071cec add soft link file path
  • 6a2ca8f check OS
  • 5529c83 ignore vendor
  • 022b948 continue package if no files found
  • f997015 update alpine os analyzer
  • 76333a3 use no auth docker token
  • ed8de8b fetch gcr container from credential
  • e72e869 Merge remote-tracking branch 'origin/initial' into add_analyzer
  • f06501e fix tmp : fix gcr bug on reg package
  • e996e01 Add test
  • f6fe06f add tmp gcr
  • 984ce9b add rpm analyzer
  • c7cf493 fix for merge
  • 9916efb Merge branch 'initial' into add_analyzer
  • 0954e0f fix test
  • c7208b3 Support private registry and use cache
  • 262fee4 Pull image
  • 9f32fd0 Update README
  • 8065c4b Analyze docker image
  • 64d449e add dpkg analyzer
  • 68cb8ce add apk analyzer
  • ec2b20d update
  • 552c4de Initial commit
  • 7b3bf98 Initial commit
Check out latest releases or
releases around aquasecurity/trivy v0.29.2

Don't miss a new trivy release

NewReleases is sending notifications on new releases.

Get notifications