v0.29.2

aquasecurity/trivy

版本发布时间: 2022-06-22 16:02:44

aquasecurity/trivy最新发布版本:v0.54.1(2024-08-01 00:45:52)

Changelog

6b515bc7 chore: skip Visual Studio Code project folder (#2379)
25416ae6 fix(helm): handle charts with templated names (#2374)
85cca559 docs: redirect operator docs to trivy-operator repo (#2372)
b944ac62 Merge pull request #2356 from aquasecurity/liamg-merge-fanal-magic-attempt-2
9809a07b fix(secret): use secret result when determining Failed status (#2370)
e9831cec try removing libdb-dev
04c01f62 run integration tests in fanal
86e19bb6 use same testing images in fanal
484ddd89 feat(helm): add support for trivy dbRepository (#2345)
9e7404e7 fix: Fix failing test due to deref lint issue
85c6529c test: Fix broken test
6c983cbf fix: Fix makefile when no previous named ref is visible in a shallow clone
1ac4fd8a chore: Fix linting issues in fanal
094db23a refactor: Fix fanal import paths and remove dotfiles
b6f615b5 refactor: Merge fanal into Trivy
6765c77c Merge pull request fanal#566 from chen-keinan/chore/bump-fanal-version
644ada12 chore: bump defsec version v0.68.1
a9ddb39d fix(secrets): added allow rule for examples (fanal#565)
8d13f3da feat: support rbac scanner and type (fanal#563)
c0ad4f70 chore(deps): updated go-dep-parser (fanal#556)
a6f4ab37 chore(deps): bump github.com/Azure/go-autorest/autorest/adal (fanal#543)
8ae754a7 Add custom resources in fs scanning and add deregister analyzers (fanal#564)
decad9b4 Support get local image by containerd (fanal#348)
9c531904 chore(deps): update defsec (fanal#558)
df669592 Bump go-rpmdb (fanal#553)
74fcd3f8 feat(mariner): added support for CBL-Mariner Distroless v2.0 (fanal#552)
d523424f feat(npm): calculate indirect libraries (fanal#557)
42267f94 refactor: remove unused field imageName from integration test (fanal#555)
1343996f chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (fanal#544)
8a877c5b chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#545)
59f1a04b chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (fanal#546)
d5a62c9a test: use images in GHCR for integration tests (fanal#554)
96ce2db9 refactor: do not import defsec in types package (fanal#537)
6c25b832 fix: support for helm chart *.tar.gz (fanal#551)
43997f33 feat(types): add Ref to package (fanal#540)
64c91249 chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (fanal#541)
7baccf20 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.18.0 to 2.21.0 (fanal#547)
7dd7e2ba chore(deps): bump github.com/aws/aws-sdk-go from 1.44.5 to 1.44.25 (fanal#548)
f5e655e2 feat: adding helm support (fanal#534)
df47d1be refactor(deps): move dependencies to package (fanal#535)
ef8d7735 fix(secrets): AsymmetricPrivateKeys use only base64 characters (fanal#539)
24005c3e chore(deps): bump github.com/testcontainers/testcontainers-go from 0.12.0 to 0.13.0 (fanal#502)
193680b1 chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.6.0 (fanal#517)
22db37e9 fix(secrets): added leading slash for file paths extracted from image (fanal#525)
894fa251 chore(deps): Update defsec to v0.58.2 (fixes false positives in ksv038) (fanal#533)
94f999ec perf(misconf): Update defsec to v0.58.1 to optimise result creation for very large files (fanal#532)
7a844389 chore(deps): Update defsec to v0.58.0 (fanal#530)
898aaaa1 Merge pull request fanal#529 from aquasecurity/owenr-remove-highlighting-from-results
c8682b55 fix: update defsec and fix tests accordingly
f776a91d chore(deps): update defsec
267adde7 fix: remove Highlighted from json output
95285015 chore(deps): Update defsec to v0.57.6 (fanal#528)
0911eea9 chore(deps): Update defsec to v0.57.5 (remove commercial rego rules) (fanal#527)
cc5d76b4 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#518)
be3993b6 fix(secrets): skip aws secrets of greater length (fanal#514)
3487accd chore(deps): Update defsec to v0.57.3 for improved syntax highlighting (fanal#524)
c8e07a4b chore(deps): Update defsec to v0.56.2 (fanal#523)
4249a1ca Pom modules (fanal#511)
52934d23 feat: Add causal code to misconfig results (fanal#522)
329f071b chore(deps): Update defsec for 'builtin' namespaced rego policies (fanal#521)
154ccc6e chore(deps): Update defsec to v0.55.5 (adds freebsd support) (fanal#520)
49cfa08d fix(handler): import go mod handler (fanal#519)
bcc02182 feat: add post handler (fanal#460)
5feabc10 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.31 to 1.44.5 (fanal#512)
fa03e9e9 chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (fanal#506)
6d8ae195 feat(lang): add parent dependencies (fanal#459)
d137df24 feat(analyzer): more general support for os-release (fanal#470)
d08f3dfd refactor(secret): allow list match with secret subgroups (fanal#510)
346496f9 chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#509)
2e870836 chore(deps): bump github.com/samber/lo from 1.15.0 to 1.19.0 (fanal#505)
4066b57a chore(deps): bump actions/setup-go from 2 to 3 (fanal#499)
1f5b2625 feat(secret): add default secret severity (fanal#497)
eb0da23d chore(analyzer): added array of config file analyzers (fanal#498)
4f9e46c8 chore(deps): update defsec for fix CVE-2022-27191 inside x/crypto (fanal#495)
1a6d9cb1 feat(secret): truncate matched line if it is long (fanal#494)
acaa8dd0 fix(go.mod): fixed panic for gomod without version (fanal#492)
db6eb9a1 feat(secret): allow rubygems path (fanal#493)
1d1f8f91 refactor(secret): split a file including built-in rules (fanal#491)
04040b95 feat(secret): add enable-builtin-rules (fanal#488)
142d67f2 feat(secret): more builtin aws rules (fanal#489)
34de675d feat(redis): support TTL (fanal#480)
4dd57321 feat(hook): skip system installed Go binaries (fanal#481)
1e788040 fix(hook/gomod): check if gosum is nil (fanal#487)
ca57d318 fix(secret): take only config file name (fanal#486)
03b16ea0 feat(secret): check if the config file exists (fanal#485)
bec2e29c feat(secret): ignore the secret config file (fanal#484)
b4ddc80c feat(image): disable secret scanning in base layers (fanal#483)
2061873f fix(secret): end line number is the same as start line number (fanal#482)
254a96e1 feat: add secret scanning (fanal#431)
dff5dcea fix(analyzer): ignore permission errors (fanal#477)
c7e8d201 chore: disable benchmark (fanal#478)
471e7cd5 Add Containerfile to requiredFiles (fanal#475)
8cd97373 fix(deps): correct margin removal for empty lines inside defsec (fanal#471)
67004a2b fix(python): fixed panic when scan .egg archive (fanal#446)
528d07ef feat(alpine): add parsing /etc/apk/repositories file to get OS version (fanal#462)
065b3014 feat(golang): add support for go.mod (fanal#465)
0e28f7cc Merge pull request fanal#463 from aquasecurity/liamg-fix-owens-demo
910b8e60 fix: add filename to cf results
5f698476 fix(pom): merge multiple pom imports in a good manner (fanal#457)
3637c00b chore(deps): bump github.com/docker/docker (fanal#440)
8bdd3feb chore(deps): bump github.com/urfave/cli/v2 from 2.3.0 to 2.4.0 (fanal#442)
85351adf chore(deps): update BurntSushi/toml for fix runtime error (fanal#454)
fbf50203 fix(iac): Added missing metadata to resolve Terraform scanning errors (fanal#455)
18fde603 feat(jar): allow setting Maven Central URL using environment variable (fanal#448)
c2f38ee3 chore(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.39.0 (fanal#434)
a545e3af chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#438)
c0391779 refactor(golang): use debug/buildinfo (fanal#453)
86e72c0a chore(ci): enable gofmt linter (fanal#452)
177826a4 chore: bump up Go to 1.18 (fanal#449)
133c8389 fix: Update defsec to v0.28.3 to fix panics (fanal#450)
da3d5882 chore(deps): bump github.com/Azure/go-autorest/autorest (fanal#441)
9766c470 chore(deps): bump actions/checkout from 2 to 3 (fanal#432)
db665721 chore(deps): bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.31 (fanal#445)
c3e132ad refactor(cache messages): changed messages about missing Image and Layers in cache (fanal#447)
b194140c chore(deps): bump github.com/go-redis/redis/v8 from 8.11.4 to 8.11.5 (fanal#437)
d0487913 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#409)
005fe25c Merge pull request fanal#429 from aquasecurity/owenr-fix-issue-no-filename
aac7cf57 fix: catch results where the filename is not specified
fe1f9c91 chore(deps): bump github.com/GoogleCloudPlatform/docker-credential-gcr (fanal#360)
9e3709fb feat(cache): add DeleteBlobs to ArtifactCache (fanal#426)
ee54733e chore(deps): bump github.com/testcontainers/testcontainers-go from 0.11.1 to 0.12.0 (fanal#375)
e9134339 fix(docker): getting an image by ID or a name with tag (fanal#425)
483697b4 feat(walker): export default skip variables (fanal#418)
dcadfa88 fix(filter-hook): systemfiles filter for custom resources (fanal#419)
bfd6eef9 Merge pull request fanal#421 from aquasecurity/owenr-defend-npe-issues
69be9851 chore: update tfsec and defsec
4d625c21 feat(docker): add support for scanning docker image with ImageID (fanal#405)
7663c9f9 fix(hcl2json): fix panic in hcl2json (fanal#417)
c3279fd9 Merge pull request fanal#416 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
7443cba9 Merge branch 'main' into dependabot/go_modules/github.com/aquasecurity/tfsec-1.5.0
49301ccf Merge pull request fanal#415 from aquasecurity/dependabot/go_modules/github.com/aquasecurity/defsec-0.14.0
6e222bd8 chore(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 (fanal#408)
8c522a76 chore(deps): bump github.com/aquasecurity/tfsec from 1.4.1 to 1.5.0
7fe75d50 chore(deps): bump github.com/aquasecurity/defsec from 0.12.1 to 0.14.0
0e84c4dc fix(pom): keep an order of dependencies (fanal#413)
82d9d4b7 chore(deps): bump github.com/aws/aws-sdk-go from 1.42.51 to 1.43.8 (fanal#411)
525aadf1 fix(deps): correct handling a package name with a hyphen (fanal#407)
b72fa66c Merge pull request fanal#406 from aquasecurity/owenr-update-iac-scanning
f2e05d55 fix(hook): fix skip of language-specific files when scanning rootfs directory (fanal#380)
1e9376be chore: update the defsec and tfsec versions
0805e866 chore(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 (fanal#404)
f8eb21d6 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.17.0 to 2.18.0 (fanal#383)
ed006327 chore(deps): bump github.com/Azure/azure-sdk-for-go (fanal#389)
1277e211 chore(deps): bump github.com/Azure/go-autorest/autorest/azure/auth (fanal#386)
5c663d38 chore(deps): bump github.com/aws/aws-sdk-go from 1.42.30 to 1.42.51 (fanal#403)
411e5b8c chore(deps): bump github.com/open-policy-agent/opa from 0.36.1 to 0.37.2 (fanal#401)
32768850 chore(dependabot): set interval to monthly (fanal#399)
b9a7fd15 feat(rpm): detect RPM databases in SQLite3 format (fanal#381)
98255296 fix(applier): modify apply layer to merge custom resources as well (fanal#369)
4310d51b refactor: rename quiet with no progress (fanal#392)
c04a638d feat(mariner) add CBL-Mariner analyzer (fanal#387)
ffb5c852 feat(analyzer): support Red Hat build info (fanal#151)
533498f4 feat(token): add azure token auth (fanal#371)
2768c280 chore: bump Go to 1.17 (fanal#379)
4e8832de chore(deps): bump github.com/open-policy-agent/opa from 0.36.0 to 0.36.1 (fanal#378)
4b610974 chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (fanal#376)
c6daf1a8 chore(deps): bump go.uber.org/zap from 1.19.1 to 1.20.0 (fanal#358)
d2a4db88 feat(java): add support PAR files (fanal#373)
abf00556 chore(deps): bump github.com/docker/docker (fanal#363)
9806fa6f chore(deps): update hcl2json dependency (fanal#368)
c4fdc40f fix(rpm): do not ignore installed files via third-party rpm (fanal#367)
1bb7e489 Allow to scan a single file (fanal#356)
d0818558 chore(deps): bump github.com/open-policy-agent/opa from 0.34.0 to 0.36.0 (fanal#362)
ab0cb4f7 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.16.0 to 2.17.0 (fanal#361)
49a72f21 feat: added insecure tls skip to scan repo (fanal#352)
0c8521a8 chore(deps): bump github.com/aws/aws-sdk-go from 1.42.0 to 1.42.30 (fanal#365)
89fa4a27 feat(analyzer): introduce analyzer group (fanal#340)
0d2edbfa fix: crash of handling compressed layers (fanal#354)
996961a3 fix(java/pom): ignore unsupported requirements (fanal#351)
e9251fe0 feat(jar): mark JAR as individual packages (fanal#350)
965400a4 feat(java): support offline mode (fanal#349)
310dd3f5 fix(analyzer): improve performance (fanal#314)
91d4d9e3 feat(java): support pom.xml (fanal#346)
88094b11 chore(deps): bump github.com/moby/buildkit from 0.8.1 to 0.9.3 (fanal#347)
c2872392 feat(jar): add file path (fanal#345)
0a173066 Also detect RPM databases in NDB format (fanal#341)
c506f436 chore(deps): Update tfsec version (fanal#339)
7e09a9f8 fix: fixed skipFiles/skipDirs flags for relative path (fanal#342)
f7333079 chore: removed old tfsec dependencies. (fanal#337)
bb5abd4c Merge pull request fanal#336 from aquasecurity/owenr-update-tfsec-and-cfsec
18d683af Update code scanning dependencies
6793d654 fix(hooks): exclude go from filtering (fanal#332)
776f0ec1 ci(lint) : setup golangci-lint-action (fanal#256)
0523fbc6 allow suppressing the git clone output by setting the quiet option (fanal#335)
95afbb1a feat(repo): add authentication to git HTTP operation (fanal#253)
7d550ea0 fix(applier): fixed layer applications update (fanal#333)
1ac6e8ae chore: update go-dep-parser dependency to fix pip parsing issue (fanal#330)
b640ef09 chore(dep): bump cfsec version from v0.0.11 to v0.0.12 (fanal#329)
a688cdf7 feature(iac): Add location and resource to Results (fanal#328)
0abfcf53 Merge pull request fanal#327 from aquasecurity/owenr-bump-cfsec-version
e0dfc37e fix the test for cfsec output
3f52e327 chore(deps): Bump cfsec version to get the resource
0dbcb834 chore(deps): bump github.com/docker/docker (fanal#315)
6ad9b255 chore(deps): bump github.com/aws/aws-sdk-go from 1.41.0 to 1.42.0 (fanal#325)
6726d125 Merge pull request fanal#321 from owenrumney/owenr-add-cfsec-support
41c0dbb7 Add Cloudformation analyzer
0d03242c add support for cfsec
8a6775ad fix(daemon): handle nil config (fanal#322)
2674ce89 chore(deps): bump github.com/aquasecurity/tfsec from 0.58.11 to 0.58.14 (fanal#307)
802cc6fb chore(deps): bump github.com/open-policy-agent/opa from 0.32.0 to 0.34.0 (fanal#319)
b0de7fc6 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.15.1 to 2.16.0 (fanal#316)
223b1fd1 fix(yarn): support quoted version
0ad38f33 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.49 to 1.41.0 (fanal#309)
894d6589 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.3 to 8.11.4 (fanal#308)
7c72035b feat(javascript) : Add JavaScript const to support custom javascript analyser (fanal#304)
1829e365 refactor: add ctx object to analyser (fanal#303)
d974076f refactor(types): merge LibraryInfo into Package (fanal#302)
5eb94f78 fix(artifact): remove default disabled analyzers (fanal#300)
173b3eb6 fix(config/yaml): support yaml files which incompatible with json spec (fanal#296)
c80126ab feat(daemon): add more config fields (fanal#299)
7e9fd671 feat(applier/docker) aggregate jar result (fanal#298)
b76899c3 fix(rpm): don't panic when parse source rpm name failed (fanal#297)
a2b995a6 feat: skip files and dirs (fanal#284)
12463ce1 fix(oci): handling of complex image indexes (fanal#262)
9b781128 chore(deps): bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (fanal#289)
ad721cf1 Chore(dep): update the tfsec version (fanal#291)
96f7cc77 fix(go-binary): skip large files (fanal#294)
843813c0 feat(analyzer): add group consts (fanal#293)
94460305 chore(deps): bump golang.org/x/mod from 0.5.0 to 0.5.1 (fanal#290)
f7329d0d chore(deps): bump github.com/aws/aws-sdk-go from 1.40.45 to 1.40.49 (fanal#287)
b04be683 fix(configfile-metadata): Enriched configfile metadata with OS value (fanal#286)
791cf73b chore(deps): bump github.com/aws/aws-sdk-go from 1.40.37 to 1.40.45 (fanal#283)
92d1b61b fix(go/binary): ignore unrecognized exe error (fanal#282)
7f5b5a6a chore(deps): bump go.uber.org/zap from 1.19.0 to 1.19.1 (fanal#272)
dd49885a fix(go/binary): check file mode (fanal#281)
eec42da1 feat(analyzer): support AlmaLinux and Rocky Linux (fanal#193)
074587e2 fix(image): disable node.js analyzers depending on mode (fanal#279)
9a4e3b1f fix(applier): aggregate packages after merging layers (fanal#277)
f76c8066 fix(filter): handle the leading slash (fanal#276)
f21e5919 fix(image): do not use pointer for metadata (fanal#273)
1dce67f4 feat(image): add image metadata (fanal#227)
8020b0fc fix(ruby): add file path (fanal#269)
fa57fce6 fix(filter): hardcode system files in Distroless (fanal#268)
08e9240e feat(python): support egg zip (fanal#267)
41c38375 feat(python): support egg format (fanal#266)
34c3c460 feat(dpkg): analyze installed files (fanal#265)
bb20d894 feat(apk): analyze installed files (fanal#264)
62ccd794 feat(hook): add system file filter (fanal#263)
1c877da6 feat(image): revert size (fanal#261)
ff9631b9 chore(deps): bump github.com/open-policy-agent/opa from 0.31.0 to 0.32.0 (fanal#260)
255bbe14 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.27 to 1.40.37 (fanal#258)
6c11c0c5 feat(node): add package.json analyzer (fanal#225)
1ac15af6 feat(ruby): added new gemspec analyzer (fanal#226)
473fe3a4 feat: add hooks (fanal#254)
b01a7b72 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.22 to 1.40.27 (fanal#255)
beaf8935 feat(python): add egg and wheel analyzer (fanal#223)
57eafb55 chore(deps): bump golang.org/x/mod from 0.4.2 to 0.5.0 (fanal#252)
6434945e chore(deps): bump go.uber.org/zap from 1.17.0 to 1.19.0 (fanal#244)
fd1fbf9c chore(deps): bump github.com/alicebob/miniredis/v2 from 2.14.1 to 2.15.1 (fanal#246)
1352f0e9 chore(deps): bump github.com/BurntSushi/toml from 0.3.1 to 0.4.1 (fanal#245)
9a5940ce chore(dependabot): change interval to weekly (fanal#251)
493a3834 chore(deps): bump github.com/aws/aws-sdk-go from 1.40.20 to 1.40.22 (fanal#250)
9763688e chore(deps): bump github.com/google/go-containerregistry from 0.1.2 to 0.6.0 (fanal#237)
d4855d20 refactor: move lang-specific analzyers to lang dirs (fanal#249)
62083114 chore(deps): bump github.com/docker/docker (fanal#240)
02c4a514 chore(deps): bump github.com/go-redis/redis/v8 from 8.4.0 to 8.11.3 (fanal#238)
fbce2901 chore(deps): bump github.com/aws/aws-sdk-go from 1.37.0 to 1.40.20 (fanal#239)
ba0aeedf chore(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 (fanal#241)
3ec380e5 chore(deps): bump github.com/open-policy-agent/opa from 0.25.2 to 0.31.0 (fanal#234)
0058bafd chore(deps): bump github.com/sosedoff/gitkit from 0.2.0 to 0.3.0 (fanal#235)
940367cf chore(deps): bump actions/setup-go from 1 to 2.1.3 (fanal#231)
78845b47 chore(deps): bump actions/checkout from 1 to 2 (fanal#232)
d55c687c chore(ci) : Setup dependabot and fix security issues (fanal#228)
e749817e test(nuget): sort libraries for consistency (fanal#230)
8eb30c2f Added a nuget config parser for packages.config (fanal#204)
0f8ac99d feat(python): add support for requirements.txt (fanal#219)
380c05ba feat(apk): capture license information (fanal#217)
4ca24d9a feat(rpm): capture license (fanal#218)
e73d250a Layer size (fanal#210)
adc7ecc1 feat(data) add eosl flag to OS (fanal#213)
81e4ab54 Update tfsec to v0.46.0 (fanal#208)
13823326 fix: disabled scanning of config files within containers (fanal#211)
c8cfd72c feat(policy): add query and traces (fanal#207)
0e8ab4f8 feat(config): add external scanner (fanal#206)
c0e4e47a refactor(config): define hcl2 parser (fanal#205)
9bad4c6c refactor(config): replace parsers (fanal#202)
8e8274ec feat(terraform): support additional metadata (fanal#201)
797fd088 feat(config): add additional fields to metadata (fanal#200)
5d54332b fix(policy): support empty string from exception rule (fanal#199)
a922042d fix(policy/engine): upper severity (fanal#197)
c3d58323 test(config): add sort test (fanal#196)
959c0768 fix(config/json): skip lock files (fanal#195)
8172518a fix(terraform): support severity of passed checks (fanal#194)
07a11744 fix(analyzer): unique analyzers (fanal#192)
3120d6c3 fix(policy/engine): uniq rule names (fanal#191)
67b72576 feat(config): support Terraform (fanal#190)
cb66108f fix(config): change selector type (fanal#189)
ac56d1c2 feat(artifact): add artifact type (fanal#185)
867eee84 fix(dockerfile): rename command to stages (fanal#188)
1ab6552f test(dockerfile): add multi-stage build (fanal#187)
60c5a04a feat: Support Google artifact registry (fanal#181)
2bb882fd feat(image): add uncompressed layer size (fanal#182)
a0f5bdc8 fix(image): disable go.sum scanning (fanal#179)
4a2b1c09 fix(gomod): fix a panic (fanal#178)
6fd4c895 feat: support config (fanal#166)
b2dd367f feat(go): added support of go.sum (fanal#175)
7141f20e Skipping directory is file is symlink (fanal#176)
f6a678c6 fix(fs): skip dir (fanal#173)
3cf1f4c9 feat(golang): support binary (fanal#165)
27187933 feat(analyzer): limit the number of parallelism (fanal#172)
493a70b4 feat(config): support HCL files (fanal#158)
b64a5262 feat(cache): introduce versioned keys (fanal#160)
1a53cbe3 feat(config): support Dockerfiles (fanal#161)
34f865d6 feat(config): support JSON files (fanal#159)
30fc5b97 feat(config): support TOML files (fanal#157)
059deda6 feat(cache): add analyzer versions (fanal#156)
c813a60b feat(config): support YAML files (fanal#155)
907e6be7 feat(analyzer): disable analyzers (fanal#153)
4f9e5189 feat(library): support jar/war/ear (fanal#152)
4a10108d feat(image): support Podman (fanal#149)
3f358815 refactor(analyzer): pass file paths to analyzers (fanal#150)
bac65cb7 feat(image): support RepoTags and RepoDigests (fanal#148)
a20d4811 add support modularitylabel for rpm (fanal#147)
7da3f7e5 chore: migrate Travis CI to GitHub Actions (fanal#146)
42520f3e chore: migrate from master to main (fanal#145)
b75c6c41 feat(cache): support Redis (fanal#143)
da40228e fix(rpm): fill source package information (fanal#142)
91dc9541 feat: remove CGO (fanal#141)
e17931c2 fix(main): import nuget (fanal#140)
8006d76f Feat: Created analyzer for NuGet lockfiles. (fanal#139)
fde24872 Close open connections and files (fanal#135)
b62ebec0 Fix: Support local cache of APK index (fanal#133)
66b9842a refactor(image): minor changes (fanal#134)
fa1f1277 Support for scanning of an OCI image given a tag. (fanal#130)
3f64bd6b fix(alpine): add origin package as source package (fanal#131)
c875ba59 Revert "Added skip_dir in image artifacts scan (fanal#128)" (fanal#129)
0bd41753 Added skip_dir in image artifacts scan (fanal#128)
80595dc4 Check status for dpkg package (fanal#127)
ceb4e47e fix(apk): replace go-deb-version with go-apk-version (fanal#118)
4025117c Merge pull request fanal#122 from oranmoshai/fix/s3-head
d56c477e fix(s3/cache): HeadObject bucketName was missing. Add unit testing
717f36c8 Fix/s3 cache (fanal#121)
e8d06ba3 fix(cache/s3): take s3 client and prefix as args (fanal#116)
81390970 feat(cache): support options to pass S3 prefix (fanal#115)
4c77b764 feat: support local filesystem and remote git repository (fanal#107)
a1e818ac refactor(cache): replace image and layer with artifact and blob (fanal#108)
81526ed0 Add S3 support for layer caching this will allow to save image result… (fanal#106)
83ff3fda feat(cache): add close function (fanal#104)
aa4339ca analyzer: Send back package and apps info for unknown OS if found. (fanal#103)
b22aebf8 feat(image): support registry token (fanal#102)
364cc862 feat(image): support OCI Image Format (fanal#101)
05ea7f42 fix: replace containers/image with google/go-containerregistry (fanal#96)
8b3289c8 Support settings apkIndexArchiveURL via env FANAL_APK_INDEX_ARCHIVE_URL (fanal#94)
fc2f5ddb test(integration): add tests with TLS registry (fanal#99)
21e1ebf9 fix(bench): measure initializing structs (fanal#98)
bf63cc7f feat: split ID into Digest and DiffID (fanal#97)
5d7149d6 feat(extractor): switch to layer ID of origin layer (fanal#93)
c63e3aa5 integration: Add dockerless mode tests (fanal#81)
3ac50428 Change license to Apache 2.0 (fanal#92)
016f45e8 fix: Move check for rpm command to the parsePkgInfo method (fanal#90)
45ada28e fix(token): use the credential from enviroment variable (fanal#89)
b0937b62 Add layer id info (merge to master) (fanal#88)
bfa6e761 feat(cache): based on JSON (fanal#84)
f0dc9fa7 Change library parse error log (fanal#85)
412209b0 test(bench): exclude master branch in GitHub Actions (fanal#82)
3d55fc5e test(integration/bench): wait for an image load and remove images after tests (fanal#86)
495332cc refactor: replace genuinetools/reg with containers/image (fanal#70)
285e1f1b integration: Fix filenames to not include the : char (fanal#79)
d3979a0d Perf testing (fanal#72)
c87f30c2 integration: Fanal as a library for tar mode (fanal#76)
d3288159 integration: Add a test to use fanal as a library in Docker mode (fanal#66)
ca5843ce Fix circular dependency for alpine apk index. (fanal#68)
1d57f7be Revert PR fanal#51 entirely (fanal#67)
68eb4c6c Revert part of fanal#51 (fanal#64)
eaf9fa5e feat(cache): wrap kv cache (fanal#62)
60a75658 add aws session token (fanal#61)
78df35b5 Add photon support (fanal#59)
162fb42d Merge pull request fanal#57 from aquasecurity/switch-to-raw-encoding
7d0165c7 cache: Switch to Raw encoding.
7ef1e5f9 Cache: Save only required files (fanal#51)
94f9cf49 Add suse linux enterprise server support (fanal#55)
bed0a0eb Add openSUSE Tumbleweed support
0c254184 Fix comment
306c551f Add suse
9c6b9a69 analyzer: Add tests for AnalyzeFile
2cb920d5 Using bufio reader for Stdin, otherwise the first 3 bytes are consumed and file gets "corrupted" (stdin is not seekable?)
9bf16ae1 Revert "change mod genuinetools/reg to vanilla (fanal#50)" (fanal#53)
3867fc71 cmd: Rebase on master and add SkipPing=true
3348a066 analyzer_test: Remove un-needed assertions
030687c9 analyzer: Rename struct
a2736492 docker_test: Fix import order
e6a79f7b docker: Accept interfaces, return structs
2c08d9d3 cmd: Fix import lines
673fc374 analyzer_test: Reduce cruft.
511e061c docker_test: Add a sample testdir.tar.gz
55e97e97 docker: Fix signature for downloadConfigFile()
aac55275 docker: Fix getValidManifest() signature
9aea551d analyzer: Remove cruft.
72334df0 docker: extract downloadConfigFile
72e5ec70 docker: Extract extractLayerFiles
971269ba docker: Extract extractLayerWorker()
98341f1e docker_test: refactor getValidManifest
1e66346f docker_test: Add sad paths for Extract()
e41cf574 docker_test: Add a happy path for Extract()
3813f904 gitignore: update gitignore
24c612e1 cache: Define an interface for cache, remove global state
d993110d analyzer_test: Fix tests by fighting with global state
e4b1b647 docker: Inject docker client
a1ea9aee main: Update example of how to use fanal
3aca6b2d analyzer: Add another happy path with no docker and/or image
a183360e analyzer_test: switch to table driven
7eb94404 analzyer_test: Add stronger assertions for extractFromFile
985442dc analyzer_test: Adding seams for testability
95e89a42 change mod genuinetools/reg to vanilla (fanal#50)
728ba00b fix docker reg with option SkipPing (fanal#48)
177a2b0a Add cache tests (fanal#46)
f9907823 Update LICENSE (fanal#45)
cf9d00df feat(library): ignore files under vendor dir (fanal#44)
9e8f0bb4 feat(image): support tar.gz image (fanal#40)
83f0e2b0 added markup and reference for code snippet in README (fanal#41)
b318dec1 extractor/docker/docker.go: add parsing for tar.gz layers (fanal#26)
3841cf6d Check whether rpm is installed (fanal#39)
cdeb41a5 Fix wrong break (fanal#38)
4a9f3d9a Bug fix: wrap nil err (fanal#37)
d5d27292 Add error wrap (fanal#35)
a5ed21ec Update Go to 1.13 (fanal#36)
afcb7097 extract all files in target require filedirs (fanal#29)
c9f8a854 Change error log (fanal#32)
f9a8f804 skip scan composer.lock in vendor dir (fanal#34)
a8380ab5 Transfer repositoriy (fanal#27)
430740f5 change reg version (fanal#25)
cef12efc Improves package analysis errors usability (fanal#24)
3a38594c to be able add required files (fanal#22)
6c02a382 add Arch for amazon linux scan (fanal#21)
4e0c7fc2 Add poetry parser (fanal#19)
dd938fd6 update go-dep-parser for yarn bugfix (fanal#18)
e41f1802 Use go-deb-version for version validation (fanal#17)
b7debf7f add yarn.lock parser (fanal#16)
ce1f557c Include source package in the package struct (fanal#15)
9fa86c55 Replace slash with underscore (fanal#14)
89f6348b Analyze origin (fanal#13)
faed25bf Analyze command (fanal#12)
856dd3a4 Add cargo analyzer (fanal#11)
cb5b791d GetToken only run extractor/docker (fanal#10)
1211b105 add ecr test
e9e2777c add gcr test
123ee182 fix reviewed point
224069af refact import cycle in docker package
5e96fa6a create types package
d773f56a change var name : GCRCredPath -> GcpCredPath
48a3ac53 fix typo
1d2fe13f delete dockerhub register analyzer
c8127c45 GetToken only run extractor/docker
2c3bf38c Cache the saved image (fanal#9)
1778abe4 Clear cache (fanal#8)
c0563f81 Use local images when docker daemon exists (fanal#7)
028073bd merge ubuntu analyzer into debianbase analyzer (fanal#6)
8394568a Merge pull request fanal#5 from knqyf263/initial
1b5c3365 Revert "Initial commit (fanal#1)" (fanal#4)
808a6459 Initial commit (fanal#1)
05821edb Add rpm analyzer without rpm command
e55ec73a Support library
fefe8796 Merge pull request fanal#2 from knqyf263/add_analyzer
bd57e642 update comment
66aac5d6 Add rpm
f071cecd add soft link file path
6a2ca8f7 check OS
5529c839 ignore vendor
022b9485 continue package if no files found
f9970158 update alpine os analyzer
76333a38 use no auth docker token
ed8de8b1 fetch gcr container from credential
e72e8693 Merge remote-tracking branch 'origin/initial' into add_analyzer
f06501ea fix tmp : fix gcr bug on reg package
e996e011 Add test
f6fe06fd add tmp gcr
984ce9bd add rpm analyzer
c7cf493e fix for merge
9916efbf Merge branch 'initial' into add_analyzer
0954e0f4 fix test
c7208b3e Support private registry and use cache
262fee41 Pull image
9f32fd05 Update README
8065c4bf Analyze docker image
64d449ee add dpkg analyzer
68cb8ceb add apk analyzer
ec2b20dc update
552c4de1 Initial commit
7b3bf986 Initial commit