Update dependency aquasec/trivy to v0.29.2 (!52) · Merge requests · Iron Bank Containers / Opensource / aquasecurity / trivy

renovate requested to merge renovate/aquasec-trivy-0.x into development Jun 16, 2022

This MR contains the following updates:

Package	Type	Update	Change
aquasec/trivy	ironbank-docker	minor	`0.28.1` -> `0.29.2`
aquasec/trivy		minor	`0.28.1` -> `0.29.2`
aquasec/trivy	stage	minor	`0.28.1` -> `0.29.2`

Release Notes

aquasecurity/trivy

`v0.29.2`

Compare Source

Changelog

6b515bc chore: skip Visual Studio Code project folder (#2379)
25416ae fix(helm): handle charts with templated names (#2374)
85cca55 docs: redirect operator docs to trivy-operator repo (#2372)
b944ac6 Merge pull request #2356 from aquasecurity/liamg-merge-fanal-magic-attempt-2
9809a07 fix(secret): use secret result when determining Failed status (#2370)
e9831ce try removing libdb-dev
04c01f6 run integration tests in fanal
86e19bb use same testing images in fanal
484ddd8 feat(helm): add support for trivy dbRepository (#2345)
9e7404e fix: Fix failing test due to deref lint issue
85c6529 test: Fix broken test
6c983cb fix: Fix makefile when no previous named ref is visible in a shallow clone
1ac4fd8 chore: Fix linting issues in fanal
094db23 refactor: Fix fanal import paths and remove dotfiles
b6f615b refactor: Merge fanal into Trivy
6765c77 Merge pull request fanal#566 from chen-keinan/chore/bump-fanal-version
644ada1 chore: bump defsec version v0.68.1
a9ddb39 fix(secrets): added allow rule for examples (fanal#565)
8d13f3d feat: support rbac scanner and type (fanal#563)
c0ad4f7 chore(deps): updated go-dep-parser (fanal#556)
a6f4ab3 chore(deps): bump github.com/Azure/go-autorest/autorest/adal (fanal#543)
8ae754a Add custom resources in fs scanning and add deregister analyzers (fanal#564)
decad9b Support get local image by containerd (fanal#348)
9c53190 chore(deps): update defsec (fanal#558)
df66959 Bump go-rpmdb (fanal#553)
74fcd3f feat(mariner): added support for CBL-Mariner Distroless v2.0 (fanal#552)
d523424 feat(npm): calculate indirect libraries (fanal#557)
42267f9 refactor: remove unused field imageName from integration test (fanal#555)
1343996 chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (fanal#544)
8a877c5 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#545)
59f1a04 chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (fanal#546)
d5a62c9 test: use images in GHCR for integration tests (fanal#554)
96ce2db refactor: do not import defsec in types package (fanal#537)
6c25b83 fix: support for helm chart *.tar.gz (fanal#551)
43997f3 feat(types): add Ref to package (fanal#540)
64c9124 chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (fanal#541)
7baccf2 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.18.0 to 2.21.0 (fanal#547)
7dd7e2b chore(deps): bump github.com/aws/aws-sdk-go from 1.44.5 to 1.44.25 (fanal#548)
f5e655e feat: adding helm support (fanal#534)
df47d1b refactor(deps): move dependencies to package (fanal#535)
ef8d773 fix(secrets): AsymmetricPrivateKeys use only base64 characters (fanal#539)
24005c3 chore(deps): bump github.com/testcontainers/testcontainers-go from 0.12.0 to 0.13.0 (fanal#502)
193680b chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.6.0 (fanal#517)
22db37e fix(secrets): added leading slash for file paths extracted from image (fanal#525)
894fa25 chore(deps): Update defsec to v0.58.2 (fixes false positives in ksv038) (fanal#533)
94f999e perf(misconf): Update defsec to v0.58.1 to optimise result creation for very large files (fanal#532)
7a84438 chore(deps): Update defsec to v0.58.0 (fanal#530)
898aaaa Merge pull request fanal#529 from aquasecurity/owenr-remove-highlighting-from-results
c8682b5 fix: update defsec and fix tests accordingly
f776a91 chore(deps): update defsec
267adde fix: remove Highlighted from json output
9528501 chore(deps): Update defsec to v0.57.6 (fanal#528)
0911eea chore(deps): Update defsec to v0.57.5 (remove commercial rego rules) (fanal#527)
cc5d76b chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#518)
be3993b fix(secrets): skip aws secrets of greater length (fanal#514)
3487acc chore(deps): Update defsec to v0.57.3 for improved syntax highlighting (fanal#524)
c8e07a4 chore(deps): Update defsec to v0.56.2 (fanal#523)
4249a1c Pom modules (fanal#511)
52934d2 feat: Add causal code to misconfig results (fanal#522)
329f071 chore(deps): Update defsec for 'builtin' namespaced rego policies (fanal#521)
154ccc6 chore(deps): Update defsec to v0.55.5 (adds freebsd support) (fanal#520)
49cfa08 fix(handler): import go mod handler (fanal#519)
bcc0218 feat: add post handler (fanal#460)
5feabc1 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.31 to 1.44.5 (fanal#512)
fa03e9e chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (fanal#506)
6d8ae19 feat(lang): add parent dependencies (fanal#459)
d137df2 feat(analyzer): more general support for os-release (fanal#470)
d08f3df refactor(secret): allow list match with secret subgroups (fanal#510)
346496f chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#509)
2e87083 chore(deps): bump github.com/samber/lo from 1.15.0 to 1.19.0 (fanal#505)
4066b57 chore(deps): bump actions/setup-go from 2 to 3 (fanal#499)
1f5b262 feat(secret): add default secret severity (fanal#497)
eb0da23 chore(analyzer): added array of config file analyzers (fanal#498)
4f9e46c chore(deps): update defsec for fix CVE-2022-27191 inside x/crypto (fanal#495)
1a6d9cb feat(secret): truncate matched line if it is long (fanal#494)
acaa8dd fix(go.mod): fixed panic for gomod without version (fanal#492)
db6eb9a feat(secret): allow rubygems path (fanal#493)
1d1f8f9 refactor(secret): split a file including built-in rules (fanal#491)
04040b9 feat(secret): add enable-builtin-rules (fanal#488)
142d67f feat(secret): more builtin aws rules (fanal#489)
34de675 feat(redis): support TTL (fanal#480)
4dd5732 feat(hook): skip system installed Go binaries (fanal#481)
1e78804 fix(hook/gomod): check if gosum is nil (fanal#487)
ca57d31 fix(secret): take only config file name (fanal#486)
03b16ea feat(secret): check if the config file exists (fanal#485)
bec2e29 feat(secret): ignore the secret config file (fanal#484)
b4ddc80 feat(image): disable secret scanning in base layers (fanal#483)
2061873 fix(secret): end line number is the same as start line number (fanal#482)
254a96e feat: add secret scanning (fanal#431)
dff5dce fix(analyzer): ignore permission errors (fanal#477)
c7e8d20 chore: disable benchmark (fanal#478)
471e7cd Add Containerfile to requiredFiles (fanal#475)
8cd9737 fix(deps): correct margin removal for empty lines inside defsec (fanal#471)
67004a2 fix(python): fixed panic when scan .egg archive (fanal#446)
528d07e feat(alpine): add parsing /etc/apk/repositories file to get OS version (fanal#462)
065b301 feat(golang): add support for go.mod (fanal#465)
0e28f7c Merge pull request fanal#463 from aquasecurity/liamg-fix-owens-demo
910b8e6 fix: add filename to cf results
5f69847 fix(pom): merge multiple pom imports in a good manner (fanal#457)
3637c00 chore(deps): bump github.com/docker/docker (fanal#440)
8bdd3fe chore(deps): bump github.com/urfave/cli/v2 from 2.3.0 to 2.4.0 (fanal#442)
85351ad chore(deps): update BurntSushi/toml for fix runtime error (fanal#454)
fbf5020 fix(iac): Added missing metadata to resolve Terraform scanning errors (fanal#455)
18fde60 feat(jar): allow setting Maven Central URL using environment variable (fanal#448)
c2f38ee chore(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.39.0 (fanal#434)
a545e3a chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#438)
c039177 refactor(golang): use debug/buildinfo (fanal#453)
86e72c0 chore(ci): enable gofmt linter (fanal#452)
177826a chore: bump up Go to 1.18 (fanal#449)
133c838 fix: Update defsec to v0.28.3 to fix panics (fanal#450)
da3d588 chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#441)
9766c47 chore(deps): bump actions/checkout from 2 to 3 (fanal#432)
db66572 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.31 (fanal#445)
c3e132a refactor(cache messages): changed messages about missing Image and Layers in cache (fanal#447)
b194140 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.4 to 8.11.5 (fanal#437)
d048791 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#409)
005fe25 Merge pull request fanal#429 from aquasecurity/owenr-fix-issue-no-filename
aac7cf5 fix: catch results where the filename is not specified
fe1f9c9 chore(deps): bump github.com/GoogleCloudPlatform/docker-credential-gcr (fanal#360)
9e3709f feat(cache): add DeleteBlobs to ArtifactCache (fanal#426)
ee54733 chore(deps): bump github.com/testcontainers/testcontainers-go from 0.11.1 to 0.12.0 (fanal#375)
e913433 fix(docker): getting an image by ID or a name with tag (fanal#425)
483697b feat(walker): export default skip variables (fanal#418)
dcadfa8 fix(filter-hook): systemfiles filter for custom resources (fanal#419)
bfd6eef Merge pull request fanal#421 from aquasecurity/owenr-defend-npe-issues
69be985 chore: update tfsec and defsec
4d625c2 feat(docker): add support for scanning docker image with ImageID (fanal#405)
7663c9f fix(hcl2json): fix panic in hcl2json (fanal#417)
c3279fd Merge pull request fanal#416 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
7443cba Merge branch 'main' into dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
49301cc Merge pull request fanal#415 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/defsec-0.14.0
6e222bd chore(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 (fanal#408)
8c522a7 chore(deps): bump github.com/aquasecurity/tfsec from 1.4.1 to 1.5.0
7fe75d5 chore(deps): bump github.com/aquasecurity/defsec from 0.12.1 to 0.14.0
0e84c4d fix(pom): keep an order of dependencies (fanal#413)
82d9d4b chore(deps): bump github.com/aws/aws-sdk-go from 1.42.51 to 1.43.8 (fanal#411)
525aadf fix(deps): correct handling a package name with a hyphen (fanal#407)
b72fa66 Merge pull request fanal#406 from aquasecurity/owenr-update-iac-scanning
f2e05d5 fix(hook): fix skip of language-specific files when scanning rootfs directory (fanal#380)
1e9376b chore: update the defsec and tfsec versions
0805e86 chore(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 (fanal#404)
f8eb21d chore(deps): bump github.com/alicebob/miniredis/v2 from 2.17.0 to 2.18.0 (fanal#383)
ed00632 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#389)
1277e21 chore(deps): bump github.com/Azure/go-autorest/autorest/azure/auth (fanal#386)
5c663d3 chore(deps): bump github.com/aws/aws-sdk-go from 1.42.30 to 1.42.51 (fanal#403)
411e5b8 chore(deps): bump github.com/open-policy-agent/opa from 0.36.1 to 0.37.2 (fanal#401)
3276885 chore(dependabot): set interval to monthly (fanal#399)
b9a7fd1 feat(rpm): detect RPM databases in SQLite3 format (fanal#381)
9825529 fix(applier): modify apply layer to merge custom resources as well (fanal#369)
4310d51 refactor: rename quiet with no progress (fanal#392)
c04a638 feat(mariner) add CBL-Mariner analyzer (fanal#387)
ffb5c85 feat(analyzer): support Red Hat build info (fanal#151)
533498f feat(token): add azure token auth (fanal#371)
2768c28 chore: bump Go to 1.17 (fanal#379)
4e8832d chore(deps): bump github.com/open-policy-agent/opa from 0.36.0 to 0.36.1 (fanal#378)
4b61097 chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (fanal#376)
c6daf1a chore(deps): bump go.uber.org/zap from 1.19.1 to 1.20.0 (fanal#358)
d2a4db8 feat(java): add support PAR files (fanal#373)
abf0055 chore(deps): bump github.com/docker/docker (fanal#363)
9806fa6 chore(deps): update hcl2json dependency (fanal#368)
c4fdc40 fix(rpm): do not ignore installed files via third-party rpm (fanal#367)
1bb7e48 Allow to scan a single file (fanal#356)
d081855 chore(deps): bump github.com/open-policy-agent/opa from 0.34.0 to 0.36.0 (fanal#362)
ab0cb4f chore(deps): bump github.com/alicebob/miniredis/v2 from 2.16.0 to 2.17.0 (fanal#361)
49a72f2 feat: added insecure tls skip to scan repo (fanal#352)
0c8521a chore(deps): bump github.com/aws/aws-sdk-go from 1.42.0 to 1.42.30 (fanal#365)
89fa4a2 feat(analyzer): introduce analyzer group (fanal#340)
0d2edbf fix: crash of handling compressed layers (fanal#354)
996961a fix(java/pom): ignore unsupported requirements (fanal#351)
e9251fe feat(jar): mark JAR as individual packages (fanal#350)
965400a feat(java): support offline mode (fanal#349)
310dd3f fix(analyzer): improve performance (fanal#314)
91d4d9e feat(java): support pom.xml (fanal#346)
88094b1 chore(deps): bump github.com/moby/buildkit from 0.8.1 to 0.9.3 (fanal#347)
c287239 feat(jar): add file path (fanal#345)
0a17306 Also detect RPM databases in NDB format (fanal#341)
c506f43 chore(deps): Update tfsec version (fanal#339)
7e09a9f fix: fixed skipFiles/skipDirs flags for relative path (fanal#342)
f733307 chore: removed old tfsec dependencies. (fanal#337)
bb5abd4 Merge pull request fanal#336 from aquasecurity/owenr-update-tfsec-and-cfsec
18d683a Update code scanning dependencies
6793d65 fix(hooks): exclude go from filtering (fanal#332)
776f0ec ci(lint) : setup golangci-lint-action (fanal#256)
0523fbc allow suppressing the git clone output by setting the quiet option (fanal#335)
95afbb1 feat(repo): add authentication to git HTTP operation (fanal#253)
7d550ea fix(applier): fixed layer applications update (fanal#333)
1ac6e8a chore: update go-dep-parser dependency to fix pip parsing issue (fanal#330)
b640ef0 chore(dep): bump cfsec version from v0.0.11 to v0.0.12 (fanal#329)
a688cdf feature(iac): Add location and resource to Results (fanal#328)
0abfcf5 Merge pull request fanal#327 from aquasecurity/owenr-bump-cfsec-version
e0dfc37 fix the test for cfsec output
3f52e32 chore(deps): Bump cfsec version to get the resource
0dbcb83 chore(deps): bump github.com/docker/docker (fanal#315)
6ad9b25 chore(deps): bump github.com/aws/aws-sdk-go from 1.41.0 to 1.42.0 (fanal#325)
6726d12 Merge pull request fanal#321 from owenrumney/owenr-add-cfsec-support
41c0dbb Add Cloudformation analyzer
0d03242 add support for cfsec
8a6775a fix(daemon): handle nil config (fanal#322)
2674ce8 chore(deps): bump github.com/aquasecurity/tfsec from 0.58.11 to 0.58.14 (fanal#307)
802cc6f chore(deps): bump github.com/open-policy-agent/opa from 0.32.0 to 0.34.0 (fanal#319)
b0de7fc chore(deps): bump github.com/alicebob/miniredis/v2 from 2.15.1 to 2.16.0 (fanal#316)
223b1fd fix(yarn): support quoted version
0ad38f3 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.49 to 1.41.0 (fanal#309)
894d658 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.3 to 8.11.4 (fanal#308)
7c72035 feat(javascript) : Add JavaScript const to support custom javascript analyser (fanal#304)
1829e36 refactor: add ctx object to analyser (fanal#303)
d974076 refactor(types): merge LibraryInfo into Package (fanal#302)
5eb94f7 fix(artifact): remove default disabled analyzers (fanal#300)
173b3eb fix(config/yaml): support yaml files which incompatible with json spec (fanal#296)
c80126a feat(daemon): add more config fields (fanal#299)
7e9fd67 feat(applier/docker) aggregate jar result (fanal#298)
b76899c fix(rpm): don't panic when parse source rpm name failed (fanal#297)
a2b995a feat: skip files and dirs (fanal#284)
12463ce fix(oci): handling of complex image indexes (fanal#262)
9b78112 chore(deps): bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (fanal#289)
ad721cf Chore(dep): update the tfsec version (fanal#291)
96f7cc7 fix(go-binary): skip large files (fanal#294)
843813c feat(analyzer): add group consts (fanal#293)
9446030 chore(deps): bump golang.org/x/mod from 0.5.0 to 0.5.1 (fanal#290)
f7329d0 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.45 to 1.40.49 (fanal#287)
b04be68 fix(configfile-metadata): Enriched configfile metadata with OS value (fanal#286)
791cf73 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.37 to 1.40.45 (fanal#283)
92d1b61 fix(go/binary): ignore unrecognized exe error (fanal#282)
7f5b5a6 chore(deps): bump go.uber.org/zap from 1.19.0 to 1.19.1 (fanal#272)
dd49885 fix(go/binary): check file mode (fanal#281)
eec42da feat(analyzer): support AlmaLinux and Rocky Linux (fanal#193)
074587e fix(image): disable node.js analyzers depending on mode (fanal#279)
9a4e3b1 fix(applier): aggregate packages after merging layers (fanal#277)
f76c806 fix(filter): handle the leading slash (fanal#276)
f21e591 fix(image): do not use pointer for metadata (fanal#273)
1dce67f feat(image): add image metadata (fanal#227)
8020b0f fix(ruby): add file path (fanal#269)
fa57fce fix(filter): hardcode system files in Distroless (fanal#268)
08e9240 feat(python): support egg zip (fanal#267)
41c3837 feat(python): support egg format (fanal#266)
34c3c46 feat(dpkg): analyze installed files (fanal#265)
bb20d89 feat(apk): analyze installed files (fanal#264)
62ccd79 feat(hook): add system file filter (fanal#263)
1c877da feat(image): revert size (fanal#261)
ff9631b chore(deps): bump github.com/open-policy-agent/opa from 0.31.0 to 0.32.0 (fanal#260)
255bbe1 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.27 to 1.40.37 (fanal#258)
6c11c0c feat(node): add package.json analyzer (fanal#225)
1ac15af feat(ruby): added new gemspec analyzer (fanal#226)
473fe3a feat: add hooks (fanal#254)
b01a7b7 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.22 to 1.40.27 (fanal#255)
beaf893 feat(python): add egg and wheel analyzer (fanal#223)
57eafb5 chore(deps): bump golang.org/x/mod from 0.4.2 to 0.5.0 (fanal#252)
6434945 chore(deps): bump go.uber.org/zap from 1.17.0 to 1.19.0 (fanal#244)
fd1fbf9 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.14.1 to 2.15.1 (fanal#246)
1352f0e chore(deps): bump github.com/BurntSushi/toml from 0.3.1 to 0.4.1 (fanal#245)
9a5940c chore(dependabot): change interval to weekly (fanal#251)
493a383 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.20 to 1.40.22 (fanal#250)
9763688 chore(deps): bump github.com/google/go-containerregistry from 0.1.2 to 0.6.0 (fanal#237)
d4855d2 refactor: move lang-specific analzyers to lang dirs (fanal#249)
6208311 chore(deps): bump github.com/docker/docker (fanal#240)
02c4a51 chore(deps): bump github.com/go-redis/redis/v8 from 8.4.0 to 8.11.3 (fanal#238)
fbce290 chore(deps): bump github.com/aws/aws-sdk-go from 1.37.0 to 1.40.20 (fanal#239)
ba0aeed chore(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 (fanal#241)
3ec380e chore(deps): bump github.com/open-policy-agent/opa from 0.25.2 to 0.31.0 (fanal#234)
0058baf chore(deps): bump github.com/sosedoff/gitkit from 0.2.0 to 0.3.0 (fanal#235)
940367c chore(deps): bump actions/setup-go from 1 to 2.1.3 (fanal#231)
78845b4 chore(deps): bump actions/checkout from 1 to 2 (fanal#232)
d55c687 chore(ci) : Setup dependabot and fix security issues (fanal#228)
e749817 test(nuget): sort libraries for consistency (fanal#230)
8eb30c2 Added a nuget config parser for packages.config (fanal#204)
0f8ac99 feat(python): add support for requirements.txt (fanal#219)
380c05b feat(apk): capture license information (fanal#217)
4ca24d9 feat(rpm): capture license (fanal#218)
e73d250 Layer size (fanal#210)
adc7ecc feat(data) add eosl flag to OS (fanal#213)
81e4ab5 Update tfsec to v0.46.0 (fanal#208)
1382332 fix: disabled scanning of config files within containers (fanal#211)
c8cfd72 feat(policy): add query and traces (fanal#207)
0e8ab4f feat(config): add external scanner (fanal#206)
c0e4e47 refactor(config): define hcl2 parser (fanal#205)
9bad4c6 refactor(config): replace parsers (fanal#202)
8e8274e feat(terraform): support additional metadata (fanal#201)
797fd08 feat(config): add additional fields to metadata (fanal#200)
5d54332 fix(policy): support empty string from exception rule (fanal#199)
a922042 fix(policy/engine): upper severity (fanal#197)
c3d5832 test(config): add sort test (fanal#196)
959c076 fix(config/json): skip lock files (fanal#195)
8172518 fix(terraform): support severity of passed checks (fanal#194)
07a1174 fix(analyzer): unique analyzers (fanal#192)
3120d6c fix(policy/engine): uniq rule names (fanal#191)
67b7257 feat(config): support Terraform (fanal#190)
cb66108 fix(config): change selector type (fanal#189)
ac56d1c feat(artifact): add artifact type (fanal#185)
867eee8 fix(dockerfile): rename command to stages (fanal#188)
1ab6552 test(dockerfile): add multi-stage build (fanal#187)
60c5a04 feat: Support Google artifact registry (fanal#181)
2bb882f feat(image): add uncompressed layer size (fanal#182)
a0f5bdc fix(image): disable go.sum scanning (fanal#179)
4a2b1c0 fix(gomod): fix a panic (fanal#178)
6fd4c89 feat: support config (fanal#166)
b2dd367 feat(go): added support of go.sum (fanal#175)
7141f20 Skipping directory is file is symlink (fanal#176)
f6a678c fix(fs): skip dir (fanal#173)
3cf1f4c feat(golang): support binary (fanal#165)
2718793 feat(analyzer): limit the number of parallelism (fanal#172)
493a70b feat(config): support HCL files (fanal#158)
b64a526 feat(cache): introduce versioned keys (fanal#160)
1a53cbe feat(config): support Dockerfiles (fanal#161)
34f865d feat(config): support JSON files (fanal#159)
30fc5b9 feat(config): support TOML files (fanal#157)
059deda feat(cache): add analyzer versions (fanal#156)
c813a60 feat(config): support YAML files (fanal#155)
907e6be feat(analyzer): disable analyzers (fanal#153)
4f9e518 feat(library): support jar/war/ear (fanal#152)
4a10108 feat(image): support Podman (fanal#149)
3f35881 refactor(analyzer): pass file paths to analyzers (fanal#150)
bac65cb feat(image): support RepoTags and RepoDigests (fanal#148)
a20d481 add support modularitylabel for rpm (fanal#147)
7da3f7e chore: migrate Travis CI to GitHub Actions (fanal#146)
42520f3 chore: migrate from master to main (fanal#145)
b75c6c4 feat(cache): support Redis (fanal#143)
da40228 fix(rpm): fill source package information (fanal#142)
91dc954 feat: remove CGO (fanal#141)
e17931c fix(main): import nuget (fanal#140)
8006d76 Feat: Created analyzer for NuGet lockfiles. (fanal#139)
fde2487 Close open connections and files (fanal#135)
b62ebec Fix: Support local cache of APK index (fanal#133)
66b9842 refactor(image): minor changes (fanal#134)
fa1f127 Support for scanning of an OCI image given a tag. (fanal#130)
3f64bd6 fix(alpine): add origin package as source package (fanal#131)
c875ba5 Revert "Added skip_dir in image artifacts scan (fanal#128)" (fanal#129)
0bd4175 Added skip_dir in image artifacts scan (fanal#128)
80595dc Check status for dpkg package (fanal#127)
ceb4e47 fix(apk): replace go-deb-version with go-apk-version (fanal#118)
4025117 Merge pull request fanal#122 from oranmoshai/fix/s3-head
d56c477 fix(s3/cache): HeadObject bucketName was missing. Add unit testing
717f36c Fix/s3 cache (fanal#121)
e8d06ba fix(cache/s3): take s3 client and prefix as args (fanal#116)
8139097 feat(cache): support options to pass S3 prefix (fanal#115)
4c77b76 feat: support local filesystem and remote git repository (fanal#107)
a1e818a refactor(cache): replace image and layer with artifact and blob (fanal#108)
81526ed Add S3 support for layer caching this will allow to save image result… (fanal#106)
83ff3fd feat(cache): add close function (fanal#104)
aa4339c analyzer: Send back package and apps info for unknown OS if found. (fanal#103)
b22aebf feat(image): support registry token (fanal#102)
364cc86 feat(image): support OCI Image Format (fanal#101)
05ea7f4 fix: replace containers/image with google/go-containerregistry (fanal#96)
8b3289c Support settings apkIndexArchiveURL via env FANAL_APK_INDEX_ARCHIVE_URL (fanal#94)
fc2f5dd test(integration): add tests with TLS registry (fanal#99)
21e1ebf fix(bench): measure initializing structs (fanal#98)
bf63cc7 feat: split ID into Digest and DiffID (fanal#97)
5d7149d feat(extractor): switch to layer ID of origin layer (fanal#93)
c63e3aa integration: Add dockerless mode tests (fanal#81)
3ac5042 Change license to Apache 2.0 (fanal#92)
016f45e fix: Move check for rpm command to the parsePkgInfo method (fanal#90)
45ada28 fix(token): use the credential from enviroment variable (fanal#89)
b0937b6 Add layer id info (merge to master) (fanal#88)
bfa6e76 feat(cache): based on JSON (fanal#84)
f0dc9fa Change library parse error log (fanal#85)
412209b test(bench): exclude master branch in GitHub Actions (fanal#82)
3d55fc5 test(integration/bench): wait for an image load and remove images after tests (fanal#86)
495332c refactor: replace genuinetools/reg with containers/image (fanal#70)
285e1f1 integration: Fix filenames to not include the : char (fanal#79)
d3979a0 Perf testing (fanal#72)
c87f30c integration: Fanal as a library for tar mode (fanal#76)
d328815 integration: Add a test to use fanal as a library in Docker mode (fanal#66)
ca5843c Fix circular dependency for alpine apk index. (fanal#68)
1d57f7b Revert MR fanal#51 entirely (fanal#67)
68eb4c6 Revert part of fanal#51 (fanal#64)
eaf9fa5 feat(cache): wrap kv cache (fanal#62)
60a7565 add aws session token (fanal#61)
78df35b Add photon support (fanal#59)
162fb42 Merge pull request fanal#57 from aquasecurity/switch-to-raw-encoding
7d0165c cache: Switch to Raw encoding.
7ef1e5f Cache: Save only required files (fanal#51)
94f9cf4 Add suse linux enterprise server support (fanal#55)
bed0a0e Add openSUSE Tumbleweed support
0c25418 Fix comment
306c551 Add suse
9c6b9a6 analyzer: Add tests for AnalyzeFile
2cb920d Using bufio reader for Stdin, otherwise the first 3 bytes are consumed and file gets "corrupted" (stdin is not seekable?)
9bf16ae Revert "change mod genuinetools/reg to vanilla (fanal#50)" (fanal#53)
3867fc7 cmd: Rebase on master and add SkipPing=true
3348a06 analyzer_test: Remove un-needed assertions
030687c analyzer: Rename struct
a273649 docker_test: Fix import order
e6a79f7 docker: Accept interfaces, return structs
2c08d9d cmd: Fix import lines
673fc37 analyzer_test: Reduce cruft.
511e061 docker_test: Add a sample testdir.tar.gz
55e97e9 docker: Fix signature for downloadConfigFile()
aac5527 docker: Fix getValidManifest() signature
9aea551 analyzer: Remove cruft.
72334df docker: extract downloadConfigFile
72e5ec7 docker: Extract extractLayerFiles
971269b docker: Extract extractLayerWorker()
98341f1 docker_test: refactor getValidManifest
1e66346 docker_test: Add sad paths for Extract()
e41cf57 docker_test: Add a happy path for Extract()
3813f90 gitignore: update gitignore
24c612e cache: Define an interface for cache, remove global state
d993110 analyzer_test: Fix tests by fighting with global state
e4b1b64 docker: Inject docker client
a1ea9ae main: Update example of how to use fanal
3aca6b2 analyzer: Add another happy path with no docker and/or image
a183360 analyzer_test: switch to table driven
7eb9440 analzyer_test: Add stronger assertions for extractFromFile
985442d analyzer_test: Adding seams for testability
95e89a4 change mod genuinetools/reg to vanilla (fanal#50)
728ba00 fix docker reg with option SkipPing (fanal#48)
177a2b0 Add cache tests (fanal#46)
f990782 Update LICENSE (fanal#45)
cf9d00d feat(library): ignore files under vendor dir (fanal#44)
9e8f0bb feat(image): support tar.gz image (fanal#40)
83f0e2b added markup and reference for code snippet in README (fanal#41)
b318dec extractor/docker/docker.go: add parsing for tar.gz layers (fanal#26)
3841cf6 Check whether rpm is installed (fanal#39)
cdeb41a Fix wrong break (fanal#38)
4a9f3d9 Bug fix: wrap nil err (fanal#37)
d5d2729 Add error wrap (fanal#35)
a5ed21e Update Go to 1.13 (fanal#36)
afcb709 extract all files in target require filedirs (fanal#29)
c9f8a85 Change error log (fanal#32)
f9a8f80 skip scan composer.lock in vendor dir (fanal#34)
a8380ab Transfer repositoriy (fanal#27)
430740f change reg version (fanal#25)
cef12ef Improves package analysis errors usability (fanal#24)
3a38594 to be able add required files (fanal#22)
6c02a38 add Arch for amazon linux scan (fanal#21)
4e0c7fc Add poetry parser (fanal#19)
dd938fd update go-dep-parser for yarn bugfix (fanal#18)
e41f180 Use go-deb-version for version validation (fanal#17)
b7debf7 add yarn.lock parser (fanal#16)
ce1f557 Include source package in the package struct (fanal#15)
9fa86c5 Replace slash with underscore (fanal#14)
89f6348 Analyze origin (fanal#13)
faed25b Analyze command (fanal#12)
856dd3a Add cargo analyzer (fanal#11)
cb5b791 GetToken only run extractor/docker (fanal#10)
1211b10 add ecr test
e9e2777 add gcr test
123ee18 fix reviewed point
224069a refact import cycle in docker package
5e96fa6 create types package
d773f56 change var name : GCRCredPath -> GcpCredPath
48a3ac5 fix typo
1d2fe13 delete dockerhub register analyzer
c8127c4 GetToken only run extractor/docker
2c3bf38 Cache the saved image (fanal#9)
1778abe Clear cache (fanal#8)
c0563f8 Use local images when docker daemon exists (fanal#7)
028073b merge ubuntu analyzer into debianbase analyzer (fanal#6)
8394568 Merge pull request fanal#5 from knqyf263/initial
1b5c336 Revert "Initial commit (fanal#1)" (fanal#4)
808a645 Initial commit (fanal#1)
05821ed Add rpm analyzer without rpm command
e55ec73 Support library
fefe879 Merge pull request fanal#2 from knqyf263/add_analyzer
bd57e64 update comment
66aac5d Add rpm
f071cec add soft link file path
6a2ca8f check OS
5529c83 ignore vendor
022b948 continue package if no files found
f997015 update alpine os analyzer
76333a3 use no auth docker token
ed8de8b fetch gcr container from credential
e72e869 Merge remote-tracking branch 'origin/initial' into add_analyzer
f06501e fix tmp : fix gcr bug on reg package
e996e01 Add test
f6fe06f add tmp gcr
984ce9b add rpm analyzer
c7cf493 fix for merge
9916efb Merge branch 'initial' into add_analyzer
0954e0f fix test
c7208b3 Support private registry and use cache
262fee4 Pull image
9f32fd0 Update README
8065c4b Analyze docker image
64d449e add dpkg analyzer
68cb8ce add apk analyzer
ec2b20d update
552c4de Initial commit
7b3bf98 Initial commit

`v0.29.1`

Compare Source

Changelog

6ce9404 fix(report): add required fields to the SARIF template (#2341)
d6d0a60 chore: fix spelling errors (#2352)
6f10352 Omit Remediation if PrimaryURL is empty (#2006)
396e404 docs(repo): Link to installation documentation in readme shows 404 (#2348)
79e941d feat(alma): support for scanning of modular packages for AlmaLinux (#2347)

`v0.29.0`

Compare Source

Changelog

cb76acb fix(lang): fix dependency graph in client server mode (#2336)
3d2fc78 feat: allow expiration date for .trivyignore entries (#2332)
3e3c119 feat(lang): add dependency origin graph (#1970)
685a92e docs: update nix installation info (#2331)
1e0b03d feat: add rbac scanning support (#2328)
c9f9a9c refactor: move WordPress module to another repository (#2329)
bcc231d ci: add support for ppc64le (#2281)
7cecade feat: add support for WASM modules (#2195)
a02c06b feat(secret): show recommendation for slow scanning (#2051)
e858812 fix(flag): remove --clear-cache flag client mode (#2301)
276daae fix(java): added check for looping for variable evaluation in pom file (#2322)
546e7bd BREAKING(k8s): change CLI API (#2186)
b69c4de feat(alpine): add Alpine Linux 3.16 (#2319)
33b8521 docs: bump trivy-operator to v0.0.7 (#2320)
313ade3 ci: add go mod tidy check (#2314)
b331e77 chore: run go mod tidy (#2313)
bfe5c6f fix: do not exit if one resource is not found (#2311)
363a3e4 feat(cli): use stderr for all log messages (resolve #381) (#2289)
b213956 test: replace deprecated subcommand client in integration tests (#2308)
efbc968 feat: add support for containerd (#2305)
9a601d4 fix(kubernetes): Support floats in manifest yaml (#2297)
a589353 docs(kubernetes): dead links (#2307)
f38f8d6 chore: add license label (#2304)
2b1de93 feat(mariner): added support for CBL-Mariner Distroless v2.0 (#2293)
5423196 feat(helm): add pod annotations (#2272)
6fb4770 refactor: do not import defsec in fanal types package (#2292)
4d382a0 feat(report): Add misconfiguration support to ASFF report template (#2285)
f1c6af3 test: use images in GHCR (#2275)
0977dfc feat(helm): support pod annotations (#2265)
6b2cd7e feat(misconf): Helm chart scanning (#2269)
3912768 docs: Update custom rego policy docs to reflect latest defsec/fanal changes (#2267)
a17c3ee fix: mask redis credentials when logging (#2264)
d8b59ef refactor: extract commands Runner interface (#2147)
60a81fc chore(deps): bump alpine from 3.15.4 to 3.16.0 (#2234)
c73650d chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.2 to 0.6.0 (#2245)
6cfdffd docs: update operator release (#2263)
510ce1a chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (#2243)
92c0452 feat(redhat): added architecture check (#2172)
1eb73f3 docs: updating links in the docs to work again (#2256)
270dc73 docs: fix readme (#2251)
a6ff0d1 fix: fixed incorrect CycloneDX output format (#2255)
67d9477 chore(deps): bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.3 (#2241)
3e6dc37 chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (#2242)
2dc5c91 chore(deps): bump goreleaser/goreleaser-action from 2 to 3 (#2240)
6daf62e chore(deps): bump docker/setup-buildx-action from 1 to 2 (#2238)
f9ee494 chore(deps): bump docker/setup-qemu-action from 1 to 2 (#2236)
c3e227b chore(deps): bump golang from 1.18.1 to 1.18.2 (#2235)
ca39041 chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#2237)
c676361 chore(deps): bump docker/login-action from 1 to 2 (#2239)
126fe0a chore(deps): bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.1 (#2246)
f7d0253 refactor(deps): move dependencies to package (#2189)
f982167 fix(report): change github format version to required (#2229)
d3a73e4 docs: update readme (#2110)
5d5b93e docs: added information about choosing advisory database (#2212)
3649850 chore: update trivy-kubernetes (#2224)
3c0e354 docs: clarifying parts of the k8s docs and updating links (#2222)
af5882b fix(k8s): timeout error logging (#2179)
3d29213 chore(deps): updated fanal after fix AsymmetricPrivateKeys (#2214)
e18f38a feat(k8s): add --context flag (#2171)
0e937b5 fix(k8s): properly instantiate TableWriter (#2175)
911c5e9 test: fixed integration tests after updating testcontainers to v0.13.0 (#2208)
6fd1887 chore: update labels (#2197)
4059e94 fix(report): fixed panic if all misconf reports were removed in filter (#2188)
84af32a feat(k8s): scan secrets (#2178)
4ab696e feat(report): GitHub Dependency Snapshots support (#1522)
b7ec642 feat(db): added insecure skip tls verify to download trivy db (#2140)
1e1ccbe fix(redhat): always use vulns with fixed version if there is one (#2165)
4ceae2a chore(redhat): Add support for Red Hat UBI 9. (#2183)
4e7e842 fix(k8s): update trivy-kubernetes (#2163)
089d34e fix misconfig start line for code quality tpl (#2181)
bfb0f2a fix: update docker/distribution from 2.8.0 to 2.8.1 (#2176)

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Edited Jun 22, 2022 by renovate

Update dependency aquasec/trivy to v0.29.2

Release Notes

v0.29.2

Changelog

v0.29.1

Changelog

v0.29.0

Changelog

Configuration

Merge request reports

`v0.29.2`

`v0.29.1`

`v0.29.0`