* (fix) Exclude dev dependencies from npm's package-lock.json
* chore(integration) update
* choir(integration) add lib scan names to makefile
* fix(javadb) add schema version only once
* feat: update-trivy
* add v2 parser
* implement v2
* refactor
* feat: add show version to future-vuls
* add test case for v2
* trivy v0.20.0
* support --list-all-pkgs
* fix lint err
* add test case for jar
* add a test case for gemspec in container
* remove v1 parser and change Library struct
* Changed the field name in the model struct LibraryScanner
* add comment
* fix comment
* fix comment
* chore
* add struct tag
* chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves()
* review comment
* chore: go mod update go-cve
* feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN
* add NvdExactVersionMatch andd NvdRoughVersionMatch
* add confidence-over option to report
* sort CveContetens
* fix integration-test
* fix(cpescan): CpeVendorProductMatch not set when Redis Backend
* fix(integration): deprecated CPE URI
* fix(integration-test): add a test case for CpeVendorProductMatch
* fix review
* update deps go-cve-dict v0.6.2
* feat(trivy): go mod update trivy v0.17.2
* wg.Wait
* fix reporting
* fix test case
* add gemfile.lock of redmine to integration test
* fix(test): add Pipfile.lock
* add poetry.lock to integration test
* add composer.lock to integration test
* add integration test case
* fix(oracle): false-positive(handle arch of pkgs)
* fix(oracle): false positive kernel-related CVEs
* add a test case for ksplice1
* fix(scan): handle uek kernel for Oracle linux
* fix(scan): hanlde uek kernel for reboot required
* fix(oracle): false-positive for redis-backend
* fix(report): fill cert alerts from NVD and JVN feeds
* fix import alias cve to cvemodels
* fix import alias cve to cvemodels
* remove unnecessary func
* Change config.toml, Auto-generate UUIDs, change structure of optional field
* Detect processes affected by update using yum-ps (#482)
Detect processes affected by update using yum-ps
* Detect processes needs restart using checkrestart on Debian and Ubuntu.
* pass cpename by args when calling FillCveInfo (#513)
* fix new db (#502)
* Include Version,Revision in JSON
* Include hostname in JSON
* Update goval-dictionary's commit hash in Gopkg.lock
* Remove README.ja.md
* update packages (#596)
* fix: change ControlPath to .vuls of SSH option (#618)
* feat: checkrestart for Ubuntu and Debian (#622)
* feat: checkrestart for Ubuntu and Debian
* fix: dependencies check logic of configtest
* feat: need-restarting on RedHat
* refactor: Process.ProcName to Process.Name
* feat: detect a systemd service name of need-restarting-process
* feat: detect a systemd service name of need-restarting-process on Ubuntu
* feat: fill a service name of need-restarting-process, init-system
* Support NVD JSON and CVSS3 of JVN (#605)
* fix: compile errors
* fix: Show CVSS3 on TUI
* fix: test cases
* fix: Avoid null in JSON
* Fix maxCvssScore (#621)
* Fix maxCvssScore
* Update vulninfos.go
* fix(init): remove unnecessary log initialization
* refactor(nvd): use only json feed if exists json data. if not, use xml feed
* fix(scan): make Confidence slice
* feat(CWE): Display CWE name to TUI
* feat(cwe): import CWE defs in Japanese
* feat(cwe): add OWASP Top 10 ranking to CWE if applicable
* feat(scan): add -fast-root mode, implement scan/amazon.go
* refactor(const): change const name JVN to Jvn
* feat(scan): add -fast-root mode, implement scan/centos.go
* refactor(dep): update deps
* fix(amazon): deps check
* feat(scan): add -fast-root mode, implement scan/rhel.go
* feat(scan): add -fast-root mode, implement scan/oracle.go
* fix complile err
* feat(scan): add -fast-root mode, implement scan/debian.go
* fix testcase
* fix(amazon): scan using yum
* fix(configtest): change error message, status when no scannnable servers
* Fix(scan): detect init process logic
* fix(tui): display cvss as table format
* fix(scan): parse a output of reboot-notifier on CentOS6.9
* fix(tui): don't display score, vector when score is zero
* fix(scan): add -offline mode to suse scanner
* fix(scan): fix help message
* feat(scan): enable to define scan mode for each servers in config.toml #510
* refactor(config): chagne cpeNames to cpeURIs
* refactor(config): change dependencyCheckXMLPath to owaspDCXMLPath
* fix(config): containers -> containersIncluded, Excluded, containerType
* feature(report): enable to define cpeURIs for each contaner
* feature(report): enable to specify owasp dc xml path for each container
* fix(discover): fix a template displayed at the end of discover
* feature(report): add ignorePkgsRegexp #665
* feature(report): enable to define ignoreCves for each container #666
* fix(report): Displayed nothing in TUI detail area when CweID is nil
* Gopkg.toml diet
* feat(server): support server mode (#678)
* feat(server): support server mode
* Lock go version
* Use the latest kernel release among the installed release when the running kernel release is unknown
* Add TestViaHTTP
* Set logger to go-cve-dictionary client
* Add -to-localfile
* Add -to-http option to report
* Load -to-http conf from config.toml
* Support gost (#676)
* feat(gost): Support RedHat API
* feat(gost): Support Debian Security Tracker
* feat(db): display error msg when SQLite3 is locked at the beginning of reporting.
* feat(gost): TUI
* Only use RedHat information of installed packages
* feat(tui): show mitigation on TUI
* feat(gost): support redis backend
* fix test case
* fix nil pointer when db is nil
* fix(gost): detect vulns of src packages for Debian
* feat(gost): implement redis backend for gost redhat api
* feat(report): display fixState of unfixed pkgs
* fix(report): display distincted cweIDs
* feat(slack): display gost info
* feat(slack): display mitigation
* feat(report): display available patch state as fixed/total
* fix(tui): display - if source of reference is empty
* update deps
* fix(report): key in ScanResult JSON be lowerCamelcase.
* some keys to lower camel
* fix(configtest): dep check logic of yum-plugin-ps
* fix(tui): format
* feat(report): add -format-list option
* fix(report): -format-full-text
* fix(report): report -format-full-text
* fix(report): display v3 score detected by gost
* fix(scan): scan in fast mode if not defined in config.toml
* fix(gost): fetch RedHat data for fixed CVEs
* feat(report): show number of cves detected in each database
* fix(report): show new version as `Unknown` in offline and fast scan mode
* fix(report): fix num of upadtable and fixed
* fix(report): set `Not fixed yet` if packageStatus is empty
* refact(gost): make convertToModel public
* fix(test): fix test case
* update deps
* fix(report): include gost score in MaxCvssScore
* [WIP] feat(config): enable to set options in config.toml instead of cmd opt (#690)
* feat(config): enable to set options in config.toml instead of cmd opt
* fix(config): change Conf.Report.Slack to Conf.Slack
* fix(discover): change tempalte
* fix(report): fix config.toml auto-generate with -uuid
* Add endpoint for health check and change endpoint
* refact(cmd): refactor flag set
* fix(report): enable to specify opts with cmd arg and env value
* fix(scan): enable to parse the release version of amazon linux 2
* add(report) add -to-saas option (#695)
* add(report) add -to-saas option
* ignore other writer if -to-saas
* fix(saas) fix bug
* fix(scan): need-restarting needs internet connection
* fix(scan,configtest): check scan mode
* refactor(scan): change func name
* fix(suse): support offline mode, bug fix on AWS, zypper --no-color
* fix(tui): fix nil pointer when no vulns in tui
* feat(report): enable to define CPE FS format in config.toml
* fix(vet): fix warnings of go vet
* fix(travis): go version to 1.11
* update deps
* Add filter options to tui subcommand (#508)
* Capture version of source packages on Debian based linux
* Change makefile, gofmt -s
* Refactoring
* Implement OVAL detection of source packages for Debian, Ubuntu
