aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
202 Commits 7 Branches 75 Tags
6476b939eabc74a8cbd2f6dceb44968c3187134c
Commit Graph

202 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikita Pivkin 97646fedde chore: use checks bundle snapshot from trivy-action (#388) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2024-09-19 08:58:52 -06:00
chris d9cd5b1c23 fix(Makefile): recursive option typo (#371) 2024-07-09 10:07:51 -06:00
Vinayak S 6e7b7d1fd3 Upgrade trivy to v0.53.0 (#369) 
* Upgrade trivy to v0.53.0

* update tests

---------

Co-authored-by: Simar <simar@linux.com>
v0.24.0 		2024-07-09 00:19:25 -06:00
Vinayak S 7c2007bcb5 Upgrade trivy to v0.52.2 (#367) 
* Upgrade trivy to v0.52.2

* Upgrade trivy to v0.52.2
v0.23.0 		2024-06-17 16:53:33 -06:00
Francisco Javier Barón 595be6a0f6 Upgrade trivy to v0.52.0 (#364) v0.22.0 2024-06-06 17:41:36 -06:00
simar7 841fb371db chore(docs): Reference the use of a pinned version (#356) 2024-05-22 18:59:56 -06:00
Vinayak S fd25fed697 bump trivy version to v0.51.2 (#360) 
* bump trivy version to v0.51.2

* bump trivy version to v0.51.2
v0.21.0 		2024-05-21 16:33:02 -06:00
simar7 b2933f565d bump trivy version to v0.51.1 (#353) 
* bump trivy version to v0.51.1

* update tests
v0.20.0 		2024-05-07 21:42:16 -06:00
simar7 b2cd5ff52c Update bump-trivy.yaml 2024-05-07 18:03:36 -06:00
Nikita Pivkin 6f8c23760b update tests (#334) 
* update tests

* rename trivy images

* rename workflow steps
 2024-05-06 23:18:53 -06:00
Simar 7088d18dcb Revert "fix: 🐛 allow trivy-config and other options to be used together (#338)" 
This reverts commit ee6a4f5af1.
 2024-04-26 01:13:05 -06:00
arairyus ee6a4f5af1 fix: 🐛 allow trivy-config and other options to be used together (#338) 2024-04-25 23:57:46 -06:00
Pedro Freitas b5f4977b78 Bump trivy version to v0.50.2 (#341) 
Co-authored-by: pdefreitas <5927433+pdefreitas@users.noreply.github.com>
 2024-04-22 22:07:09 -06:00
Lukas Gravley 207cd40078 Fix docker host bug (#329) 
* Update entrypoint.sh

should be a value not boolean

* Update action.yaml

add example

* Update README.md
 2024-04-04 22:59:05 -06:00
uridium 840deb4908 Browse scan reports without GitHub Advanced Security license (#328) 2024-04-04 22:58:29 -06:00
Calin Marina 0f287db5d3 feat(image): add --docker-host option for GH Action users (#267) 
* add option to update docker-host via cli parameter

* chore: update test results

---------

Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2024-04-03 17:26:17 -06:00
uridium f72b7e8127 Make 'hide-progress' input working again (#323) 
* Make hide-progress input working again

* Unify 'hide-progress' default value
 2024-03-28 19:06:30 -06:00
simar7 d710430a67 bump trivy version to v0.50.1 (#324) v0.19.0 2024-03-27 16:22:09 -06:00
cococig 062f259268 fix: Refer to scan-ref when scan-type is "sbom" (#314) v0.18.0 2024-02-22 14:28:04 -07:00
Maxime Durand 1f6384b6ce docs(report): improve documentation around Using Trivy to generate SBOM and sending it to Github (#307) 
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan

* formatting

* better name for job
 2024-02-13 15:20:36 -07:00
Kyle Davies 84384bd6e7 Upgraded Trivy from 0.48.1 to v0.49.0 (#304) v0.17.0 2024-02-05 18:54:03 -07:00
Simão Silva f3d98514b0 fix: Fix skip-files and hide-progress options not being applied when using Sarif report format (#297) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
 2024-01-14 14:28:49 -07:00
DmitriyLewen 0b9d17b6b5 docs: add configuration info for flags not supported by inputs (#296) 
* docs: add information about configuration flags not supported by inputs

* docs: add env and config file to Customizing
 2024-01-11 15:13:21 -07:00
Lucas Bickel d43c1f16c0 docs: fix typo in README.md (#293) 
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>
v0.16.1 		2024-01-02 17:53:48 -07:00
Martin Kemp 5f1841df8d Update Trivy to 0.48.1 (#291) 
* Update Trivy to 0.48.1

Signed-off-by: Martin Kemp <me@martinke.mp>

* update tests

---------

Signed-off-by: Martin Kemp <me@martinke.mp>
Co-authored-by: Simar <simar@linux.com>
 2024-01-02 17:51:04 -07:00
Ivan Santos 91713af97d Update to trivy version 0.48.0 (#289) 
* Update to trivy version 0.48.0

 

---------

Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
v0.16.0 		2023-12-08 11:08:35 -07:00
Kyle Davies 22d2755f77 feature(config): add terraform variable files (#285) 
* Action now takes an input for terraform variable filess

* added tf-vars

* updated README.md

* Updated yamlconfig test to latest version of trivy output for that container

* updated for correct cpu type

* test trivy version change to 0.45.0

* run scan with correct parameters

* Added test for terraform tfvars

* Updated output for other tests

* use test data as path and updated tf vars to be relative

* removed quiet
v0.15.0 		2023-12-04 16:27:47 -07:00
Kyle Davies 2b6a709cf9 Add filesystem alias (#269) v0.14.0 2023-11-06 18:35:42 -07:00
Victor Sollerhed 47e481a388 Update to trivy version 0.47.0 in Dockerfile (#280) 
See:
- https://github.com/aquasecurity/trivy/releases/tag/v0.47.0
 2023-11-06 18:35:08 -07:00
Liam MacPherson 7b07fa7d6a fix: set return code after each Trivy call (#247) 
This change moves the return code to outside the trivy call. This fixes
#228 as the return code was not being propagated.
 2023-11-06 18:32:48 -07:00
Witold Ślęczkowski f78e9ecf42 Update Dockerfile to 0.46.1 (#277) 
This update fixes https://github.com/aquasecurity/trivy/issues/5441
v0.13.1 		2023-10-30 18:28:16 -06:00
Brandon Helms b77b85c025 Update Dockerfile to 0.46.0 (#274) 
* Update Dockerfile to 0.46.0

This will address bugs before 0.46.0

* updating tests
v0.13.0 		2023-10-25 11:39:02 -06:00
Pavel Kutáč 69cbbc0cbb fix: mark image-ref attribute optional (#261) 2023-09-14 22:32:56 -06:00
simar7 fbd16365eb feat(trivy): Bump to v0.45.0 (#256) v0.12.0 2023-09-01 11:44:50 -06:00
Anais Urlichs 559eb1224e Merge pull request #234 from jdsmithit/patch-1 
Update README.md to change the example to the new default brach name …
 2023-08-07 12:32:05 +01:00
Nikita Pivkin e602665a11 ci: add workflow to bump trivy (#245) 
* ci: add workflow to bump trivy

* update trivy version in tests

* dispatch event workflow_dispatch

* use ORG_REPO_TOKEN secret
 2023-07-25 15:58:10 -06:00
simar7 3dd517d8c9 chore(deps): Update trivy to v0.43.1 (#243) 
* chore(deps): Update trivy to v0.43.1

* fix tests

Signed-off-by: Simar <simar@linux.com>

---------

Signed-off-by: Simar <simar@linux.com>
 2023-07-17 11:07:42 +03:00
Simar 41f05d9ecf Revert "Include args when using trivy config file (#231)" 
Fixes: https://github.com/aquasecurity/trivy-action/issues/238

This reverts commit 82ec0dd604.
v0.11.2 		2023-06-09 16:37:19 -06:00
Daniel Chabr 0cd397afbf bump trivy to v0.42.1 (#240) 
* bump trivy to v0.42.1

* revert formatting
v0.11.1 		2023-06-09 12:01:09 -06:00
Roger Coll b43daad0c3 feat: add exit-code parameter to sarif format (#213) v0.11.0 2023-06-05 11:19:20 -06:00
abriko dedfa59531 Enhance GitHub Dependency Snapshot upload (#233) 2023-06-05 11:12:39 -06:00
Daniel Chabr f96f79aa22 bump trivy to v0.42.0 (#237) 
* chore(deps): update trivy to v0.42.0

* revert formatting

* revert formatting again

* update sarif version in tests
 2023-06-05 11:08:24 -06:00
Herman Wika Horn 82ec0dd604 Include args when using trivy config file (#231) 
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided

Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
 2023-05-31 14:47:20 -06:00
John Smith 463f27e2d8 Update README.md to change the example to the new default brach name main from master. 
Update README.md to change the example to the new default branch name "main" from "master".

I hope this will make the action slightly easier to work with for newer members of the community.
 2023-05-12 10:45:16 +01:00
Bruce Bujon e5f43133f6 chore: Update Trivy to 0.40.0 (#223) 
* chore: Update trivy to 0.39.0

* chore: Update trivy to 0.40.0
v0.10.0 		2023-04-18 17:44:36 -07:00
Guilherme Marz Vazzolla 1a09192c0e docs: improve SBOM documentation (#208) 
* fix: dependency graph name ocurrences

* feat: improve readability and add useful links

* feat: improve readability and instructions 

Improves readability and adds missing information about github_token, another authentication method.

* feat: add github_token instructions

* feat: add github_token to inputs table

* feat: add "what is an SBOM" link

* fix: GitHub dependency graph name ocurrence

* feat: improve SBOM input description

* fix: remove "on pull request" trigger

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>

* fix: outdated input name

---------

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
 2023-03-28 17:48:04 -07:00
Viktor Sadovnikov 1f0aa582c8 Rename security-checks to scanners (#211) 
* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Correcting README
v0.9.2 		2023-03-06 21:00:01 -08:00
DmitriyLewen 43849adf01 bump trivy to v0.38.1 (#215) 2023-03-06 20:58:30 -08:00
Falk Puschner 8bd2f9fbda ⬆️ bump trivy action (#203) v0.9.1 2023-02-10 16:20:50 +09:00
simar7 cff3e9a7f6 feat(trivy): Bump Trivy to v0.37.1 (#199) 
Signed-off-by: Simar <simar@linux.com>
v0.9.0 		2023-02-01 16:40:29 -08:00