Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump github.com/aquasecurity/trivy from 0.20.0 to 0.22.0 #1350

Merged
merged 10 commits into from
Jan 17, 2022
Merged

chore(deps): bump github.com/aquasecurity/trivy from 0.20.0 to 0.22.0 #1350

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
ed85bac
chore(deps): bump github.com/aquasecurity/trivy from 0.20.0 to 0.22.0
dependabot[bot] Jan 11, 2022
b9a5e4f
fix(library): trivy scan
MaineK00n Jan 11, 2022
e125173
chore(integration): add lockfiles
MaineK00n Jan 12, 2022
2934cb6
fix(library): support gobinary scan via trivy
MaineK00n Jan 12, 2022
3f63bbe
chore: add pom in IsTrivySupportedLib
MaineK00n Jan 12, 2022
644da79
chore: fix LIBS
MaineK00n Jan 13, 2022
a644a94
fix(library): support trivy offline scan
MaineK00n Jan 17, 2022
0bd2e8f
chore(integration): move vulsio/integration repository
MaineK00n Jan 17, 2022
4ceec0b
chore(integration): add integration as git submodule
MaineK00n Jan 17, 2022
7905763
chore: update .gitignore
MaineK00n Jan 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ issues/
vendor/
log/
results
!integration/data/results
config.toml
!setup/docker/*
.DS_Store
Expand Down
3 changes: 3 additions & 0 deletions .gitmodules
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[submodule "integration"]
path = integration
url = https://github.com/vulsio/integration
5 changes: 4 additions & 1 deletion GNUmakefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ NOW=$(shell date --iso-8601=seconds)
NOW_JSON_DIR := '${BASE_DIR}/$(NOW)'
ONE_SEC_AFTER=$(shell date -d '+1 second' --iso-8601=seconds)
ONE_SEC_AFTER_JSON_DIR := '${BASE_DIR}/$(ONE_SEC_AFTER)'
LIBS := 'gemfile' 'pipfile' 'poetry' 'composer' 'packagelock' 'yarn' 'cargo' 'gomod' 'nvd_exact' 'nvd_rough' 'nvd_vendor_product' 'nvd_match_no_jvn' 'jvn_vendor_product' 'jvn_vendor_product_nover'
LIBS := 'bundler' 'pip' 'pipenv' 'poetry' 'composer' 'npm' 'yarn' 'cargo' 'gomod' 'gobinary' 'jar' 'pom' 'nuget-lock' 'nuget-config' 'nvd_exact' 'nvd_rough' 'nvd_vendor_product' 'nvd_match_no_jvn' 'jvn_vendor_product' 'jvn_vendor_product_nover'

diff:
# git clone git@github.com:vulsio/vulsctl.git
Expand Down Expand Up @@ -208,6 +208,9 @@ build-integration:
git stash apply stash@\{0\}
make build

# update integration data
git submodule update --remote

# for integration testing, vuls.new and vuls.old needed.
# ex)
# $ ln -s ./vuls ./vuls.new
Expand Down
1 change: 1 addition & 0 deletions contrib/trivy/pkg/converter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,7 @@ func IsTrivySupportedLib(typestr string) bool {
ftypes.NodePkg: struct{}{},
ftypes.Yarn: struct{}{},
ftypes.Jar: struct{}{},
ftypes.Pom: struct{}{},
ftypes.GoBinary: struct{}{},
ftypes.GoMod: struct{}{},
}
Expand Down
10 changes: 5 additions & 5 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@ require (
github.com/BurntSushi/toml v0.4.1
github.com/Ullaakut/nmap/v2 v2.1.2-0.20210406060955-59a52fe80a4f
github.com/VividCortex/ewma v1.2.0 // indirect
github.com/aquasecurity/fanal v0.0.0-20211005172059-69527b46560c
github.com/aquasecurity/trivy v0.20.0
github.com/aquasecurity/fanal v0.0.0-20211224205755-c94f68b6d71a
github.com/aquasecurity/go-dep-parser v0.0.0-20220110153540-4a30ebc4b509
github.com/aquasecurity/trivy v0.22.0
github.com/aquasecurity/trivy-db v0.0.0-20210916043317-726b7b72a47b
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
github.com/aws/aws-sdk-go v1.40.49
github.com/aws/aws-sdk-go v1.42.0
github.com/boltdb/bolt v1.3.1
github.com/briandowns/spinner v1.16.0 // indirect
github.com/cenkalti/backoff v2.2.1+incompatible
Expand Down Expand Up @@ -84,7 +85,6 @@ require (
github.com/Masterminds/sprig v2.22.0+incompatible // indirect
github.com/PuerkitoBio/goquery v1.7.1 // indirect
github.com/andybalholm/cascadia v1.3.1 // indirect
github.com/aquasecurity/go-dep-parser v0.0.0-20210919151457-76db061b9305 // indirect
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce // indirect
github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 // indirect
github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect
Expand Down Expand Up @@ -154,7 +154,7 @@ require (
go.opencensus.io v0.23.0 // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.19.1 // indirect
go.uber.org/zap v1.20.0 // indirect
golang.org/x/sys v0.0.0-20211210111614-af8b64212486 // indirect
golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf // indirect
google.golang.org/api v0.63.0 // indirect
Expand Down
111 changes: 80 additions & 31 deletions go.sum
View file
Open in desktop

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions integration
Open in desktop
Submodule integration added at 3d0567
Loading