Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(deps): Merge pkg/specs from trivy-policies into trivy #6021

Closed
wants to merge 13 commits into from
Closed

refactor(deps): Merge pkg/specs from trivy-policies into trivy #6021

wants to merge 13 commits into from

Conversation

simar7
Copy link
Member

@simar7 simar7 commented Jan 31, 2024

Description

Merge pkg/specs from trivy-policies into trivy and remove trivy's dependence on trivy-policies.

This PR is stacked onto #6005

Related issues

Stacked PRs

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@simar7 simar7 requested a review from nikpivkin January 31, 2024 04:24
@simar7 simar7 self-assigned this Jan 31, 2024
@simar7 simar7 requested a review from chen-keinan January 31, 2024 04:25
nikpivkin
nikpivkin reviewed Jan 31, 2024
View reviewed changes
go.mod Outdated
@@ -41,7 +41,7 @@ require (
github.com/cheggaaa/pb/v3 v3.1.4
github.com/containerd/containerd v1.7.11
github.com/csaf-poc/csaf_distribution/v3 v3.0.0
github.com/docker/docker v24.0.7+incompatible
github.com/docker/docker v25.0.0+incompatible
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a need to upgrade the docker version? oras.land/oras-go is not compatible with this version.

Base automatically changed from merge-trivy-iac-3 to main February 12, 2024 11:20
@simar7
Copy link
Member Author

simar7 commented Feb 22, 2024

After some further researching I don't think merging this in is a good idea at the moment. We will not eliminate the dependence of trivy on trivy-policies (which was one of the goals with this PR) and compliance specs to me feel a better fit to remain with the checks.

If things change in the future, we can reevaluate this decision.

@simar7 simar7 closed this Feb 22, 2024
@simar7 simar7 deleted the merge-specs-into-trivy branch February 22, 2024 02:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikpivkin nikpivkin nikpivkin left review comments

@chen-keinan chen-keinan Awaiting requested review from chen-keinan

@knqyf263 knqyf263 Awaiting requested review from knqyf263 knqyf263 will be requested when the pull request is marked ready for review knqyf263 is a code owner

@DmitriyLewen DmitriyLewen Awaiting requested review from DmitriyLewen DmitriyLewen will be requested when the pull request is marked ready for review DmitriyLewen is a code owner

Assignees

@simar7 simar7

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

refactor(misconf): Merging trivy-iac into Trivy
2 participants
@simar7 @nikpivkin