andrew_zah
/
trivy-action
mirror of https://github.com/aquasecurity/trivy-action
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
143 Commits
15 Branches
58 Tags
1.5 MiB
master
update-to-v0.45.0
update-trivy-v0.43.1
bump-trivy-3
bump-trivy
add-support-for-trivy-config
fix-golden-files
exit-code-test
update-tarball-docs
volume-mounts
update-readme
revert-45-fix_sarif_duplicate_rule_id
knqyf263-patch-1
artifact_types
sarif-support-2
0.0.1
0.0.10
0.0.11
0.0.12
0.0.13
0.0.14
0.0.15
0.0.16
0.0.17
0.0.18
0.0.19
0.0.2
0.0.20
0.0.21
0.0.22
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
0.0.8
0.0.9
0.1.0
0.10.0
0.11.0
0.11.1
0.11.2
0.12.0
0.13.0
0.13.1
0.14.0
0.15.0
0.16.0
0.16.1
0.17.0
0.18.0
0.19.0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.3.0
0.4.0
0.4.1
0.5.0
0.5.1
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.8.0
0.9.0
0.9.1
0.9.2
v0.0.10
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

143 Commits (master)
 

Author SHA1 Message Date
Nikita Pivkin 6f8c23760b
update tests (#334) 
* update tests

* rename trivy images

* rename workflow steps
 1 day ago
Simar 7088d18dcb Revert "fix: 🐛 allow trivy-config and other options to be used together (#338)" 
This reverts commit ee6a4f5af1.
 2 weeks ago
arairyus ee6a4f5af1
fix: 🐛 allow trivy-config and other options to be used together (#338) 2 weeks ago
Pedro Freitas b5f4977b78
Bump trivy version to v0.50.2 (#341) 
Co-authored-by: pdefreitas <5927433+pdefreitas@users.noreply.github.com>
 2 weeks ago
Lukas Gravley 207cd40078
Fix docker host bug (#329) 
* Update entrypoint.sh

should be a value not boolean

* Update action.yaml

add example

* Update README.md
 1 month ago
uridium 840deb4908
Browse scan reports without GitHub Advanced Security license (#328) 1 month ago
Calin Marina 0f287db5d3
feat(image): add `--docker-host` option for GH Action users (#267) 
* add option to update docker-host via cli parameter

* chore: update test results

---------

Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 1 month ago
uridium f72b7e8127
Make 'hide-progress' input working again (#323) 
* Make hide-progress input working again

* Unify 'hide-progress' default value
 1 month ago
simar7 d710430a67
bump trivy version to v0.50.1 (#324) 1 month ago
cococig 062f259268
fix: Refer to scan-ref when scan-type is "sbom" (#314) 3 months ago
Maxime Durand 1f6384b6ce
docs(report): improve documentation around `Using Trivy to generate SBOM` and sending it to Github (#307) 
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan

* formatting

* better name for job
 3 months ago
Kyle Davies 84384bd6e7
Upgraded Trivy from 0.48.1 to v0.49.0 (#304) 3 months ago
Simão Silva f3d98514b0
fix: Fix `skip-files` and `hide-progress` options not being applied when using Sarif report format (#297) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
 4 months ago
DmitriyLewen 0b9d17b6b5
docs: add configuration info for flags not supported by inputs (#296) 
* docs: add information about configuration flags not supported by inputs

* docs: add env and config file to Customizing
 4 months ago
Lucas Bickel d43c1f16c0
docs: fix typo in README.md (#293) 
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>
 4 months ago
Martin Kemp 5f1841df8d
Update Trivy to 0.48.1 (#291) 
* Update Trivy to 0.48.1

Signed-off-by: Martin Kemp <me@martinke.mp>

* update tests

---------

Signed-off-by: Martin Kemp <me@martinke.mp>
Co-authored-by: Simar <simar@linux.com>
 4 months ago
Ivan Santos 91713af97d
Update to trivy version 0.48.0 (#289) 
* Update to trivy version 0.48.0

 

---------

Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
 5 months ago
Kyle Davies 22d2755f77
feature(config): add terraform variable files (#285) 
* Action now takes an input for terraform variable filess

* added tf-vars

* updated README.md

* Updated yamlconfig test to latest version of trivy output for that container

* updated for correct cpu type

* test trivy version change to 0.45.0

* run scan with correct parameters

* Added test for terraform tfvars

* Updated output for other tests

* use test data as path and updated tf vars to be relative

* removed quiet
 5 months ago
Kyle Davies 2b6a709cf9
Add filesystem alias (#269) 6 months ago
Victor Sollerhed 47e481a388
Update to `trivy` version `0.47.0` in Dockerfile (#280) 
See:
- https://github.com/aquasecurity/trivy/releases/tag/v0.47.0
 6 months ago
Liam MacPherson 7b07fa7d6a
fix: set return code after each Trivy call (#247) 
This change moves the return code to outside the trivy call. This fixes
#228 as the return code was not being propagated.
 6 months ago
Witold Ślęczkowski f78e9ecf42
Update Dockerfile to 0.46.1 (#277) 
This update fixes https://github.com/aquasecurity/trivy/issues/5441
 6 months ago
Brandon Helms b77b85c025
Update Dockerfile to 0.46.0 (#274) 
* Update Dockerfile to 0.46.0

This will address bugs before 0.46.0

* updating tests
 7 months ago
Pavel Kutáč 69cbbc0cbb
fix: mark image-ref attribute optional (#261) 8 months ago
simar7 fbd16365eb
feat(trivy): Bump to v0.45.0 (#256) 8 months ago
Anais Urlichs 559eb1224e
Merge pull request #234 from jdsmithit/patch-1 
Update README.md to change the example to the new default brach name …
 9 months ago
Nikita Pivkin e602665a11
ci: add workflow to bump trivy (#245) 
* ci: add workflow to bump trivy

* update trivy version in tests

* dispatch event workflow_dispatch

* use ORG_REPO_TOKEN secret
 10 months ago
simar7 3dd517d8c9
chore(deps): Update trivy to v0.43.1 (#243) 
* chore(deps): Update trivy to v0.43.1

* fix tests

Signed-off-by: Simar <simar@linux.com>

---------

Signed-off-by: Simar <simar@linux.com>
 10 months ago
Simar 41f05d9ecf Revert "Include args when using trivy config file (#231)" 
Fixes: https://github.com/aquasecurity/trivy-action/issues/238

This reverts commit 82ec0dd604.
 11 months ago
Daniel Chabr 0cd397afbf
bump trivy to v0.42.1 (#240) 
* bump trivy to v0.42.1

* revert formatting
 11 months ago
Roger Coll b43daad0c3
feat: add exit-code parameter to sarif format (#213) 11 months ago
abriko dedfa59531
Enhance GitHub Dependency Snapshot upload (#233) 11 months ago
Daniel Chabr f96f79aa22
bump trivy to v0.42.0 (#237) 
* chore(deps): update trivy to v0.42.0

* revert formatting

* revert formatting again

* update sarif version in tests
 11 months ago
Herman Wika Horn 82ec0dd604
Include args when using trivy config file (#231) 
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided

Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
 11 months ago
John Smith 463f27e2d8
Update README.md to change the example to the new default brach name main from master. 
Update README.md to change the example to the new default branch name "main" from "master".

I hope this will make the action slightly easier to work with for newer members of the community.
 1 year ago
Bruce Bujon e5f43133f6
chore: Update Trivy to 0.40.0 (#223) 
* chore: Update trivy to 0.39.0

* chore: Update trivy to 0.40.0
 1 year ago
Guilherme Marz Vazzolla 1a09192c0e
docs: improve SBOM documentation (#208) 
* fix: dependency graph name ocurrences

* feat: improve readability and add useful links

* feat: improve readability and instructions 

Improves readability and adds missing information about github_token, another authentication method.

* feat: add github_token instructions

* feat: add github_token to inputs table

* feat: add "what is an SBOM" link

* fix: GitHub dependency graph name ocurrence

* feat: improve SBOM input description

* fix: remove "on pull request" trigger

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>

* fix: outdated input name

---------

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
 1 year ago
Viktor Sadovnikov 1f0aa582c8
Rename security-checks to scanners (#211) 
* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Correcting README
 1 year ago
DmitriyLewen 43849adf01
bump trivy to v0.38.1 (#215) 1 year ago
Falk Puschner 8bd2f9fbda
⬆️ bump trivy action (#203) 1 year ago
simar7 cff3e9a7f6
feat(trivy): Bump Trivy to v0.37.1 (#199) 
Signed-off-by: Simar <simar@linux.com>
 1 year ago
Michael Cantú ab15891596
Update README.md (#186) 
Fix typo
 1 year ago
Omar Silva cacfd7a243
docs: add trivy-config to table (#195) 1 year ago
AndreyLevchenko 1e0bef4613
fix(sarif): Add option to limit severities for sarif (aquasecurity#192) (#198) 1 year ago
Aibek 9ab158e859
Add 0.34.0 release (#177) 
* bump to ghcr.io/aquasecurity/trivy:0.33.0

* fix tests

* bump to 0.34.0
 2 years ago
Lior Vaisman Argon e55de85bee
Add npm to action Dockerfile (#176) 2 years ago
chejn d63413b0a4
Fix github dependency submission API call (#162) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
 2 years ago
simar7 1db49f5326
feat(trivy): Bump Trivy to v0.31.0 (#165) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/164

Signed-off-by: Simar <simar@linux.com>

Signed-off-by: Simar <simar@linux.com>
 2 years ago
Engin Diri 12814ff8bc
docs: correct format and add output on config scan with sarif (#159) 2 years ago
simar7 cb606dfdb0
fix(sarif): Add timeout and security-checks for sarif (#156) 2 years ago