pepelyaevip/trivy-db
Archived
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity
274 Commits 1 Branch 0 Tags
Commit Graph

274 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fl0pp5
6d77ab7839 migrate to ALT workflow
Some checks failed
Trivy DB / Build DB (push) Failing after 1s
Details
2024-05-28 16:02:25 +03:00
fl0pp5
336f6ffaab feat: add ALT Linux support 
Co-Authored-By: stefan <stefan_paksa@icloud.com>
 2024-04-01 17:17:37 +03:00
DmitriyLewen
5bfbd975e5
fix(ghsa): add support of last_known_affected_version_range field (#392) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2024-04-01 17:08:58 +04:00
Stefan Mayr
0ccb5f01aa
Add upcoming Ubuntu 24.04 (#394) 2024-03-27 09:48:20 +04:00
dependabot[bot]
db9bf07792
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#385) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 17:34:34 +04:00
dependabot[bot]
b6e51f7e0c
chore(deps): bump go.etcd.io/bbolt from 1.3.8 to 1.3.9 (#387) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 17:22:05 +04:00
dependabot[bot]
40c36842e4
chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#386) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 14:31:09 +04:00
dependabot[bot]
26b6c7f6c1
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#388) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 14:30:15 +04:00
Mike Poindexter
88dc6466aa
Fix issue 380 (#381) 2024-02-20 11:00:59 +04:00
dependabot[bot]
4db4d53727
chore(deps): bump actions/setup-go from 4 to 5 (#378) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 16:06:49 +04:00
DmitriyLewen
fbb2fe1225
ci: use maximize-build-space (#384) 
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2024-02-15 15:42:32 +04:00
dependabot[bot]
9275a8f0ad
chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0 (#377) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-01 18:26:13 +04:00
DmitriyLewen
51be8d9236
refactor(nvd): migrate to API 2.0 (#374) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-12-18 23:30:30 +04:00
DmitriyLewen
c8b1552fd5
fix(amazon): compare severity in lower case (#376) 2023-12-12 14:47:29 +02:00
dependabot[bot]
c212f374b5
chore(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 (#373) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 14:30:57 +04:00
Moniseeta
81d747dba6
fix rocky: multi-arch support broke backward compatibility (#370) 
Co-authored-by: moniseeta roy gosthipaty <moniseeta.gosthipaty@aquasec.com>
 2023-11-06 14:31:31 +09:00
dependabot[bot]
9b6052fcee
chore(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 (#368) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-02 09:39:34 +09:00
DmitriyLewen
1dda1330e7
chore: exclude Maven for GLAD (#366) 2023-10-31 09:26:14 +09:00
Paulin Todev
3770774790
feat(ubuntu): support Ubuntu 23.10 (#365) 2023-10-20 13:32:06 +09:00
chenk
4fc651f7ac
feat: add k8s vulns (#332) 
Signed-off-by: chenk <hen.keinan@gmail.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-10-05 17:12:11 +03:00
dependabot[bot]
0155e8b2d9
chore(deps): bump go.uber.org/zap from 1.25.0 to 1.26.0 (#360) 2023-10-01 19:25:46 +03:00
dependabot[bot]
d8c0f190f0
chore(deps): bump golang.org/x/text from 0.12.0 to 0.13.0 (#359) 2023-10-01 19:24:49 +03:00
dependabot[bot]
11b040bad7
chore(deps): bump docker/login-action from 2 to 3 (#361) 2023-10-01 19:19:47 +03:00
dependabot[bot]
588c8030d1
chore(deps): bump actions/checkout from 3 to 4 (#362) 2023-10-01 19:19:13 +03:00
Teppei Fukuda
b7e0a5886d
refactor: use types.Ecosystem in bucket.Name() (#358) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2023-09-27 11:22:24 +03:00
DmitriyLewen
2a8ff07d48
chore: remove yamllint (#357) 2023-09-25 22:00:54 +03:00
DmitriyLewen
2e93bc3997
chore: enable more linters (#356) 2023-09-21 14:56:30 +03:00
DmitriyLewen
1f5efebf11
fix(ghsa): return Rust advisories (#355) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-09-21 10:32:52 +03:00
Juan Ariza Toledano
d5388c99ca
fix: OSV affected versions parsing (#352) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-09-20 15:14:33 +03:00
dependabot[bot]
a70e1619ce
chore(deps): bump go.uber.org/zap from 1.24.0 to 1.25.0 (#351) 2023-09-07 23:15:40 +03:00
dependabot[bot]
71293ebe1f
chore(deps): bump golang.org/x/text from 0.11.0 to 0.12.0 (#350) 2023-09-07 23:14:37 +03:00
dependabot[bot]
0bfcbcedc6
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#349) 2023-09-05 10:22:31 +03:00
Teppei Fukuda
f732860d49
fix(osv): skip empty CVSS vectors (#348) 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2023-08-31 20:03:47 +03:00
Juan Ariza Toledano
1022743042
feat(bitnami): add support for Bitnami vulnerability database (#336) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-08-31 18:59:39 +03:00
DmitriyLewen
6121d35293
fix(ci): download tar.gz archive for CocoaPods Specs (#347) 2023-08-29 13:07:25 +03:00
DmitriyLewen
28352d518d
fix(ci): move CocoaPods Specs load into db-fetch-langs command (#346) 2023-08-29 12:30:17 +03:00
DmitriyLewen
f554b934c7
build(nvd): use vuln-list-nvd (#335) 2023-08-29 11:52:05 +03:00
DmitriyLewen
2c9c4da5a3
feat(swift): add Cocoapods advisories (#344) 2023-08-28 13:51:48 +03:00
Teppei Fukuda
bcd98c4fdb
feat: use the GHSA repository (#345) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-08-28 11:17:45 +03:00
DmitriyLewen
315928e846
feat(ghsa): add swift support (#339) 2023-08-23 11:45:07 +03:00
Nikita Pivkin
15ce04b652
feat(osv): support last_affected field (#338) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-08-17 11:53:55 +03:00
Teppei Fukuda
88b9998a94
Revert "chore: fall back into vuln-list-reserve (#334)" (#342) 2023-08-14 17:25:43 +03:00
dependabot[bot]
2e1de4a35a
chore(deps): bump golang.org/x/text from 0.10.0 to 0.11.0 (#337) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-02 14:36:14 +03:00
Teppei Fukuda
167ba4f2fa
feat: add vulnerability status (#328) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-07-26 14:21:57 +03:00
Teppei Fukuda
05620b00f6
chore: fall back into vuln-list-reserve (#334) 2023-07-25 11:25:28 +03:00
dependabot[bot]
bc8f5bf9bf
chore(deps): bump golang.org/x/vuln from 0.0.0-20211221130724-9d39a965865f to 0.2.0 (#326) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2023-07-20 14:03:26 +03:00
DmitriyLewen
69e55d6cfc
chore: remove go-vulndb security advisories (#330) 2023-07-19 09:56:09 +03:00
DmitriyLewen
dc52e83376
fix(rocky): fix filename for test file (#329) 2023-07-03 11:21:16 +03:00
DmitriyLewen
9f4852ac5a
fix(rocky): add multi-arch support (#321) 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2023-07-03 10:42:26 +03:00
dependabot[bot]
ec4b17daca
chore(deps): bump golang.org/x/text from 0.9.0 to 0.10.0 (#325) 2023-07-02 10:10:44 +03:00