Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1 (#1885)

Browse Source 
* chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1

Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.49.1 to 0.50.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.49.1...v0.50.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* refactor(cmd/report): use trivy default for trivy-java-db-repository default value

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
This commit is contained in:
dependabot[bot]
2024-03-28 13:09:49 +09:00
committed by GitHub
parent e25ec99968
commit 5d5dcd5f41
9 changed files with 185 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
scanner/base.go
View File

@@ -15,9 +15,9 @@ import (
"sync"
"time"
dio "github.com/aquasecurity/go-dep-parser/pkg/io"
fanal "github.com/aquasecurity/trivy/pkg/fanal/analyzer"
tlog "github.com/aquasecurity/trivy/pkg/log"
xio "github.com/aquasecurity/trivy/pkg/x/io"
debver "github.com/knqyf263/go-deb-version"
"github.com/future-architect/vuls/config"
@@ -764,7 +764,7 @@ func AnalyzeLibrary(ctx context.Context, path string, contents []byte, filemode
"",
path,
info,
func() (dio.ReadSeekCloserAt, error) { return dio.NopCloser(bytes.NewReader(contents)), nil },
func() (xio.ReadSeekCloserAt, error) { return xio.NopCloser(bytes.NewReader(contents)), nil },
nil,
opts,
); err != nil {
@@ -784,7 +784,7 @@ func AnalyzeLibrary(ctx context.Context, path string, contents []byte, filemode
analyzerTypes := ag.RequiredPostAnalyzers(path, info)
if len(analyzerTypes) != 0 {
opener := func() (dio.ReadSeekCloserAt, error) { return dio.NopCloser(bytes.NewReader(contents)), nil }
opener := func() (xio.ReadSeekCloserAt, error) { return xio.NopCloser(bytes.NewReader(contents)), nil }
tmpFilePath, err := composite.CopyFileToTemp(opener, info)
if err != nil {
return nil, xerrors.Errorf("Failed to copy file to temp. err: %w", err)
@@ -858,7 +858,8 @@ var disabledAnalyzers = []fanal.Type{
fanal.TypeHelm,
fanal.TypeKubernetes,
fanal.TypeTerraform,
fanal.TypeTerraformPlan,
fanal.TypeTerraformPlanJSON,
fanal.TypeTerraformPlanSnapshot,
// ========
// License