Nikita Pivkin
6f8c23760b
update tests ( #334 )
...
* update tests
* rename trivy images
* rename workflow steps
1 day ago
Simar
7088d18dcb
Revert "fix: 🐛 allow trivy-config and other options to be used together ( #338 )"
...
This reverts commit ee6a4f5af1
.
2 weeks ago
arairyus
ee6a4f5af1
fix: 🐛 allow trivy-config and other options to be used together ( #338 )
2 weeks ago
Pedro Freitas
b5f4977b78
Bump trivy version to v0.50.2 ( #341 )
...
Co-authored-by: pdefreitas <5927433+pdefreitas@users.noreply.github.com>
2 weeks ago
Lukas Gravley
207cd40078
Fix docker host bug ( #329 )
...
* Update entrypoint.sh
should be a value not boolean
* Update action.yaml
add example
* Update README.md
1 month ago
uridium
840deb4908
Browse scan reports without GitHub Advanced Security license ( #328 )
1 month ago
Calin Marina
0f287db5d3
feat(image): add `--docker-host` option for GH Action users ( #267 )
...
* add option to update docker-host via cli parameter
* chore: update test results
---------
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
1 month ago
uridium
f72b7e8127
Make 'hide-progress' input working again ( #323 )
...
* Make hide-progress input working again
* Unify 'hide-progress' default value
1 month ago
simar7
d710430a67
bump trivy version to v0.50.1 ( #324 )
1 month ago
cococig
062f259268
fix: Refer to scan-ref when scan-type is "sbom" ( #314 )
3 months ago
Maxime Durand
1f6384b6ce
docs(report): improve documentation around `Using Trivy to generate SBOM` and sending it to Github ( #307 )
...
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan
* formatting
* better name for job
3 months ago
Kyle Davies
84384bd6e7
Upgraded Trivy from 0.48.1 to v0.49.0 ( #304 )
3 months ago
Simão Silva
f3d98514b0
fix: Fix `skip-files` and `hide-progress` options not being applied when using Sarif report format ( #297 )
...
* Update entrypoint.sh
* Update entrypoint.sh
* Update entrypoint.sh
4 months ago
DmitriyLewen
0b9d17b6b5
docs: add configuration info for flags not supported by inputs ( #296 )
...
* docs: add information about configuration flags not supported by inputs
* docs: add env and config file to Customizing
4 months ago
Lucas Bickel
d43c1f16c0
docs: fix typo in README.md ( #293 )
...
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>
4 months ago
Martin Kemp
5f1841df8d
Update Trivy to 0.48.1 ( #291 )
...
* Update Trivy to 0.48.1
Signed-off-by: Martin Kemp <me@martinke.mp>
* update tests
---------
Signed-off-by: Martin Kemp <me@martinke.mp>
Co-authored-by: Simar <simar@linux.com>
4 months ago
Ivan Santos
91713af97d
Update to trivy version 0.48.0 ( #289 )
...
* Update to trivy version 0.48.0
---------
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
5 months ago
Kyle Davies
22d2755f77
feature(config): add terraform variable files ( #285 )
...
* Action now takes an input for terraform variable filess
* added tf-vars
* updated README.md
* Updated yamlconfig test to latest version of trivy output for that container
* updated for correct cpu type
* test trivy version change to 0.45.0
* run scan with correct parameters
* Added test for terraform tfvars
* Updated output for other tests
* use test data as path and updated tf vars to be relative
* removed quiet
5 months ago
Kyle Davies
2b6a709cf9
Add filesystem alias ( #269 )
6 months ago
Victor Sollerhed
47e481a388
Update to `trivy` version `0.47.0` in Dockerfile ( #280 )
...
See:
- https://github.com/aquasecurity/trivy/releases/tag/v0.47.0
6 months ago
Liam MacPherson
7b07fa7d6a
fix: set return code after each Trivy call ( #247 )
...
This change moves the return code to outside the trivy call. This fixes
#228 as the return code was not being propagated.
6 months ago
Witold Ślęczkowski
f78e9ecf42
Update Dockerfile to 0.46.1 ( #277 )
...
This update fixes https://github.com/aquasecurity/trivy/issues/5441
6 months ago
Brandon Helms
b77b85c025
Update Dockerfile to 0.46.0 ( #274 )
...
* Update Dockerfile to 0.46.0
This will address bugs before 0.46.0
* updating tests
7 months ago
Pavel Kutáč
69cbbc0cbb
fix: mark image-ref attribute optional ( #261 )
8 months ago
simar7
fbd16365eb
feat(trivy): Bump to v0.45.0 ( #256 )
8 months ago
Anais Urlichs
559eb1224e
Merge pull request #234 from jdsmithit/patch-1
...
Update README.md to change the example to the new default brach name …
9 months ago
Nikita Pivkin
e602665a11
ci: add workflow to bump trivy ( #245 )
...
* ci: add workflow to bump trivy
* update trivy version in tests
* dispatch event workflow_dispatch
* use ORG_REPO_TOKEN secret
10 months ago
simar7
3dd517d8c9
chore(deps): Update trivy to v0.43.1 ( #243 )
...
* chore(deps): Update trivy to v0.43.1
* fix tests
Signed-off-by: Simar <simar@linux.com>
---------
Signed-off-by: Simar <simar@linux.com>
10 months ago
Simar
41f05d9ecf
Revert "Include args when using trivy config file ( #231 )"
...
Fixes: https://github.com/aquasecurity/trivy-action/issues/238
This reverts commit 82ec0dd604
.
11 months ago
Daniel Chabr
0cd397afbf
bump trivy to v0.42.1 ( #240 )
...
* bump trivy to v0.42.1
* revert formatting
11 months ago
Roger Coll
b43daad0c3
feat: add exit-code parameter to sarif format ( #213 )
11 months ago
abriko
dedfa59531
Enhance GitHub Dependency Snapshot upload ( #233 )
11 months ago
Daniel Chabr
f96f79aa22
bump trivy to v0.42.0 ( #237 )
...
* chore(deps): update trivy to v0.42.0
* revert formatting
* revert formatting again
* update sarif version in tests
11 months ago
Herman Wika Horn
82ec0dd604
Include args when using trivy config file ( #231 )
...
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided
Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
11 months ago
John Smith
463f27e2d8
Update README.md to change the example to the new default brach name main from master.
...
Update README.md to change the example to the new default branch name "main" from "master".
I hope this will make the action slightly easier to work with for newer members of the community.
1 year ago
Bruce Bujon
e5f43133f6
chore: Update Trivy to 0.40.0 ( #223 )
...
* chore: Update trivy to 0.39.0
* chore: Update trivy to 0.40.0
1 year ago
Guilherme Marz Vazzolla
1a09192c0e
docs: improve SBOM documentation ( #208 )
...
* fix: dependency graph name ocurrences
* feat: improve readability and add useful links
* feat: improve readability and instructions
Improves readability and adds missing information about github_token, another authentication method.
* feat: add github_token instructions
* feat: add github_token to inputs table
* feat: add "what is an SBOM" link
* fix: GitHub dependency graph name ocurrence
* feat: improve SBOM input description
* fix: remove "on pull request" trigger
Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
* fix: outdated input name
---------
Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
1 year ago
Viktor Sadovnikov
1f0aa582c8
Rename security-checks to scanners ( #211 )
...
* Renaming securityChecks to runners
* Renaming securityChecks to runners
* Renaming securityChecks to runners
* Correcting README
1 year ago
DmitriyLewen
43849adf01
bump trivy to v0.38.1 ( #215 )
1 year ago
Falk Puschner
8bd2f9fbda
⬆️ bump trivy action ( #203 )
1 year ago
simar7
cff3e9a7f6
feat(trivy): Bump Trivy to v0.37.1 ( #199 )
...
Signed-off-by: Simar <simar@linux.com>
1 year ago
Michael Cantú
ab15891596
Update README.md ( #186 )
...
Fix typo
1 year ago
Omar Silva
cacfd7a243
docs: add trivy-config to table ( #195 )
1 year ago
AndreyLevchenko
1e0bef4613
fix(sarif): Add option to limit severities for sarif (aquasecurity#192) ( #198 )
1 year ago
Aibek
9ab158e859
Add 0.34.0 release ( #177 )
...
* bump to ghcr.io/aquasecurity/trivy:0.33.0
* fix tests
* bump to 0.34.0
2 years ago
Lior Vaisman Argon
e55de85bee
Add npm to action Dockerfile ( #176 )
2 years ago
chejn
d63413b0a4
Fix github dependency submission API call ( #162 )
...
* Update entrypoint.sh
* Update entrypoint.sh
* Update entrypoint.sh
2 years ago
simar7
1db49f5326
feat(trivy): Bump Trivy to v0.31.0 ( #165 )
...
Fixes: https://github.com/aquasecurity/trivy-action/issues/164
Signed-off-by: Simar <simar@linux.com>
Signed-off-by: Simar <simar@linux.com>
2 years ago
Engin Diri
12814ff8bc
docs: correct format and add output on config scan with sarif ( #159 )
2 years ago
simar7
cb606dfdb0
fix(sarif): Add timeout and security-checks for sarif ( #156 )
2 years ago