Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: merge upstream v0.58.0 #7

Merged
merged 52 commits into from
Dec 11, 2024
Merged

chore: merge upstream v0.58.0 #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
bdfcc19
chore(k8s): enhance k8s scan log (#6997)
haojingcn Nov 11, 2024
19aea4b
fix(report): handle `[email protected]` schema for misconfigs in `sarif`…
DmitriyLewen Nov 14, 2024
c8add84
docs: add Headlamp to the Trivy Ecosystem page (#7916)
mgalesloot Nov 14, 2024
0d3d934
test: change branch in spdx schema link to check in integration tests…
DmitriyLewen Nov 18, 2024
94791f8
docs: combine trivy.dev into trivy docs (#7884)
itaysk Nov 18, 2024
a5f0ef5
docs: add note about temporary podman socket (#7921)
Ferenc- Nov 18, 2024
38775a5
fix(redhat): don't return error if `root/buildinfo/content_manifests/…
DmitriyLewen Nov 18, 2024
d982e6a
fix(debian): infinite loop (#7928)
knqyf263 Nov 18, 2024
40f6e35
chore(deps): bump the common group with 6 updates (#7904)
dependabot[bot] Nov 18, 2024
58fdab2
chore(deps): bump the aws group with 6 updates (#7902)
dependabot[bot] Nov 18, 2024
07915da
fix(alpine): add `UID` for removed packages (#7887)
DmitriyLewen Nov 18, 2024
5ba9a83
feat: Update registry fallbacks (#7679)
simar7 Nov 18, 2024
9169f6f
docs: fix mistakes/typos (#7942)
DmitriyLewen Nov 18, 2024
afd7216
docs: Fix broken links (#7900)
nick1989Gr Nov 18, 2024
132d9df
feat(secret): Add built-in secrets rules for Private Packagist (#7826)
nicwortel Nov 19, 2024
516e7cb
ci(helm): bump Trivy version to 0.57.1 for Trivy Helm Chart 0.9.0 (#7…
aqua-bot Nov 19, 2024
797b36f
fix(k8s): check all results for vulnerabilities (#7946)
afdesk Nov 20, 2024
6565bef
chore(deps): Bump up trivy-checks to v1.3.0 (#7959)
simar7 Nov 20, 2024
9988147
fix(misconf): Update trivy-checks default repo to `mirror.gcr.io` (#7…
simar7 Nov 20, 2024
b9b383e
feat(oracle): add `flavors` support (#7858)
DmitriyLewen Nov 20, 2024
9688370
chore(deps): bump the common group with 4 updates (#7949)
dependabot[bot] Nov 21, 2024
45d3b40
feat(suse): Align SUSE/OpenSUSE OS Identifiers (#7965)
josegomezr Nov 21, 2024
461a68a
fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Pa…
santhosh1729 Nov 21, 2024
de523ff
docs: add `overview` page for `others` (#7972)
DmitriyLewen Nov 21, 2024
e0f2054
feat: add cvss v4 score and vector in scan response (#7968)
gshanbhag525 Nov 21, 2024
bcdc0bb
feat(go): construct dependencies in the parser (#7973)
knqyf263 Nov 21, 2024
5448ba2
feat(go): construct dependencies of `go.mod` main module in the parse…
DmitriyLewen Nov 22, 2024
de3b7ea
fix(misconf): do not erase variable type for child modules (#7941)
nikpivkin Nov 22, 2024
32951f9
chore: downgrade the failed block expand message to debug (#7964)
nikpivkin Nov 23, 2024
53d12bc
chore(deps): update csaf module dependency from csaf-poc to gocsaf (#…
thiha-min-thant Nov 25, 2024
83cb3da
chore(deps): bump github.com/moby/buildkit from 0.17.0 to 0.17.2 in t…
dependabot[bot] Nov 25, 2024
9054303
chore(deps): bump the aws group across 1 directory with 7 updates (#7…
dependabot[bot] Nov 25, 2024
e9a899a
feat(misconf): log causes of HCL file parsing errors (#7634)
nikpivkin Nov 25, 2024
5a93a77
test: replace Go checks with Rego (#7867)
nikpivkin Nov 25, 2024
44c7fdd
refactor(k8s): add v prefix for Go packages (#7839)
afdesk Nov 25, 2024
fe3a897
fix(misconf): properly resolve local Terraform cache (#7983)
nikpivkin Nov 25, 2024
fbc42a0
fix(misconf): load full Terraform module (#7925)
nikpivkin Nov 25, 2024
4cfb2a9
fix(cli): Handle empty ignore files more gracefully (#7962)
simar7 Nov 26, 2024
aeeba70
fix(aws): change CPU and Memory type of ContainerDefinition to a stri…
simar7 Nov 26, 2024
7e2a8cb
docs: drop AWS account scanning (#7997)
knqyf263 Nov 26, 2024
ad0ff5d
docs: fix dead links (#7998)
knqyf263 Nov 26, 2024
f5bdc79
refactor: remove support for custom Terraform checks (#7901)
nikpivkin Nov 27, 2024
745be1a
docs: improve databases documentation (#7732)
itaysk Nov 27, 2024
c238c51
chore: remove Go checks (#7907)
nikpivkin Nov 27, 2024
0627992
refactor(sbom): simplify relationship generation (#7985)
knqyf263 Nov 28, 2024
d622ca2
feat: add `workspaceRelationship` (#7889)
DmitriyLewen Nov 29, 2024
eaf8d41
docs: add terminology page to explain Trivy concepts (#7996)
knqyf263 Nov 29, 2024
511b7d3
refactor(misconf): Remove unused options (#7896)
simar7 Nov 29, 2024
a16270c
chore(deps): Upgrade trivy-checks (#8018)
simar7 Nov 30, 2024
54130dc
fix(misconf): wrap AWS EnvVar to iac types (#7407)
nikpivkin Dec 2, 2024
cd01f23
release: v0.58.0 [main] (#7874)
aqua-bot Dec 3, 2024
58271bf
Merge tag 'v0.58.0' into ajk/chore/merge-upstream-0.58.0
ajkerrigan Dec 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/mkdocs-dev.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip setuptools wheel
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git@9.5.44-insiders-4.53.14
pip install -r docs/build/requirements.txt
env:
GH_TOKEN: ${{ secrets.MKDOCS_AQUA_BOT }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/mkdocs-latest.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip setuptools wheel
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git@9.5.44-insiders-4.53.14
pip install -r docs/build/requirements.txt
env:
GH_TOKEN: ${{ secrets.MKDOCS_AQUA_BOT }}
Expand Down
2 changes: 1 addition & 1 deletion .release-please-manifest.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{".":"0.57.0"}
{".":"0.58.0"}
37 changes: 37 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,42 @@
# Changelog

## [0.58.0](https://github.com/aquasecurity/trivy/compare/v0.57.0...v0.58.0) (2024-12-02)


### Features

* add `workspaceRelationship` ([#7889](https://github.com/aquasecurity/trivy/issues/7889)) ([d622ca2](https://github.com/aquasecurity/trivy/commit/d622ca2b1fe40a0eb588478ba9e15d3bd8471a78))
* add cvss v4 score and vector in scan response ([#7968](https://github.com/aquasecurity/trivy/issues/7968)) ([e0f2054](https://github.com/aquasecurity/trivy/commit/e0f2054f9d12dce87e8a0226350f6317f7167195))
* **go:** construct dependencies in the parser ([#7973](https://github.com/aquasecurity/trivy/issues/7973)) ([bcdc0bb](https://github.com/aquasecurity/trivy/commit/bcdc0bbf1f63777ff79d3ecadb8d4f916f376b7d))
* **go:** construct dependencies of `go.mod` main module in the parser ([#7977](https://github.com/aquasecurity/trivy/issues/7977)) ([5448ba2](https://github.com/aquasecurity/trivy/commit/5448ba2a5c1ee36cbcf74ee1c2e83409092c5715))
* **k8s:** add default commands for unknown platform ([#7863](https://github.com/aquasecurity/trivy/issues/7863)) ([b1c7f55](https://github.com/aquasecurity/trivy/commit/b1c7f5516fc39c6cbb76cbeae5c8677ccc9ce5dd))
* **misconf:** log causes of HCL file parsing errors ([#7634](https://github.com/aquasecurity/trivy/issues/7634)) ([e9a899a](https://github.com/aquasecurity/trivy/commit/e9a899a3cfe41a622202808a0241b7f40b54d338))
* **oracle:** add `flavors` support ([#7858](https://github.com/aquasecurity/trivy/issues/7858)) ([b9b383e](https://github.com/aquasecurity/trivy/commit/b9b383eb2714e88357af75900c856db2900b83ec))
* **secret:** Add built-in secrets rules for Private Packagist ([#7826](https://github.com/aquasecurity/trivy/issues/7826)) ([132d9df](https://github.com/aquasecurity/trivy/commit/132d9dfa19a8835c94f332c6939ab7f64641ee5f))
* **suse:** Align SUSE/OpenSUSE OS Identifiers ([#7965](https://github.com/aquasecurity/trivy/issues/7965)) ([45d3b40](https://github.com/aquasecurity/trivy/commit/45d3b40044202dec91384847ce2b50a7271f5977))
* Update registry fallbacks ([#7679](https://github.com/aquasecurity/trivy/issues/7679)) ([5ba9a83](https://github.com/aquasecurity/trivy/commit/5ba9a83a447c4f9e577ae6235c315df71f50b452))


### Bug Fixes

* **alpine:** add `UID` for removed packages ([#7887](https://github.com/aquasecurity/trivy/issues/7887)) ([07915da](https://github.com/aquasecurity/trivy/commit/07915da4816d4d9ec8a6c5e4cba17be2a0f4ad65))
* **aws:** change CPU and Memory type of ContainerDefinition to a string ([#7995](https://github.com/aquasecurity/trivy/issues/7995)) ([aeeba70](https://github.com/aquasecurity/trivy/commit/aeeba70d15c11443d9fe7c26f90fc7d9dcc7f92c))
* **cli:** Handle empty ignore files more gracefully ([#7962](https://github.com/aquasecurity/trivy/issues/7962)) ([4cfb2a9](https://github.com/aquasecurity/trivy/commit/4cfb2a97b27923182ab45c178544542ec65981d4))
* **debian:** infinite loop ([#7928](https://github.com/aquasecurity/trivy/issues/7928)) ([d982e6a](https://github.com/aquasecurity/trivy/commit/d982e6ab89967629f71ec09100cdc61e30a27c63))
* **fs:** add missing defered Cleanup() call to post analyzer fs ([#7882](https://github.com/aquasecurity/trivy/issues/7882)) ([ab32297](https://github.com/aquasecurity/trivy/commit/ab32297e0a8220a427fa330025f8625281e02275))
* Improve version comparisons when build identifiers are present ([#7873](https://github.com/aquasecurity/trivy/issues/7873)) ([eda4d76](https://github.com/aquasecurity/trivy/commit/eda4d7660d8908705bc08a6edc55d8144d02806a))
* **k8s:** check all results for vulnerabilities ([#7946](https://github.com/aquasecurity/trivy/issues/7946)) ([797b36f](https://github.com/aquasecurity/trivy/commit/797b36fbad90b8e7f04e16e2cf08d6bdc0255ac7))
* **misconf:** do not erase variable type for child modules ([#7941](https://github.com/aquasecurity/trivy/issues/7941)) ([de3b7ea](https://github.com/aquasecurity/trivy/commit/de3b7ea24c282bce22ce9cacb49a43d8d90e2bde))
* **misconf:** handle null properties in CloudFormation templates ([#7813](https://github.com/aquasecurity/trivy/issues/7813)) ([99b2db3](https://github.com/aquasecurity/trivy/commit/99b2db3978562689cef956a71281abb84ff0ce47))
* **misconf:** load full Terraform module ([#7925](https://github.com/aquasecurity/trivy/issues/7925)) ([fbc42a0](https://github.com/aquasecurity/trivy/commit/fbc42a04ea24e2246f81491434a965846d55ed69))
* **misconf:** properly resolve local Terraform cache ([#7983](https://github.com/aquasecurity/trivy/issues/7983)) ([fe3a897](https://github.com/aquasecurity/trivy/commit/fe3a8971b6697d896c1ec30b5326a10c20349d14))
* **misconf:** Update trivy-checks default repo to `mirror.gcr.io` ([#7953](https://github.com/aquasecurity/trivy/issues/7953)) ([9988147](https://github.com/aquasecurity/trivy/commit/9988147b8b0e463464fe494122bfcc66ccdf04e0))
* **misconf:** wrap AWS EnvVar to iac types ([#7407](https://github.com/aquasecurity/trivy/issues/7407)) ([54130dc](https://github.com/aquasecurity/trivy/commit/54130dcc1d775506d34b83a558952176fc549914))
* **redhat:** don't return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files ([#7912](https://github.com/aquasecurity/trivy/issues/7912)) ([38775a5](https://github.com/aquasecurity/trivy/commit/38775a5ed985eefe2b410e72407c454cdad3d075))
* **report:** handle `[email protected]` schema for misconfigs in `sarif` report ([#7898](https://github.com/aquasecurity/trivy/issues/7898)) ([19aea4b](https://github.com/aquasecurity/trivy/commit/19aea4b01f3ce5a3cd05d5a1091da5b0b3ba4af6))
* **sbom:** Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details ([#7871](https://github.com/aquasecurity/trivy/issues/7871)) ([461a68a](https://github.com/aquasecurity/trivy/commit/461a68afd60b77dd67e91047b3b4d558fa5bd2ec))
* **terraform:** set null value as fallback for missing variables ([#7669](https://github.com/aquasecurity/trivy/issues/7669)) ([611558e](https://github.com/aquasecurity/trivy/commit/611558e4ce61818330118684274534f26b1fda99))

## [0.57.0](https://github.com/aquasecurity/trivy/compare/v0.56.0...v0.57.0) (2024-10-31)


Expand Down
1 change: 0 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ Targets (what Trivy can scan):
- Git Repository (remote)
- Virtual Machine Image
- Kubernetes
- AWS

Scanners (what Trivy can find there):

Expand Down
1 change: 1 addition & 0 deletions docs/assets/css/trivy_v1_homepage.min.css
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading