Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,490 Commits 6 Branches 121 Tags
227208b60b0d7884a9e404b6d9ebd2c0a21bd7d5
Commit Graph

1490 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
227208b60b chore(deps): bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 (#1949) 
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v1.3.2...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:39 +09:00
dependabot[bot]
949d72d0b7 chore(deps): bump actions/setup-go from 3 to 5 (#1946) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:29 +09:00
dependabot[bot]
2f02918064 chore(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#1948) 
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-version/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:10 +09:00
dependabot[bot]
73917188d5 chore(deps): bump the aws group with 2 updates (#1947) 
Bumps the aws group with 2 updates: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.15 to 1.27.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.15...config/v1.27.16)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.54.2 to 1.54.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.54.2...service/s3/v1.54.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:04:29 +09:00
dependabot[bot]
980c1ff262 chore(deps): bump docker/build-push-action from 2 to 5 (#1945) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:59:59 +09:00
dependabot[bot]
58bb6c7e09 chore(deps): bump actions/checkout from 3 to 4 (#1944) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:59:40 +09:00
dependabot[bot]
977fe0ca49 chore(deps): bump goreleaser/goreleaser-action from 4 to 5 (#1943) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:53:57 +09:00
dependabot[bot]
474c76e7a7 chore(deps): bump docker/login-action from 2 to 3 (#1942) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:53:23 +09:00
MaineK00n
5116a6a23d feat(ci): group aws-sdk-go-v2 updates, check github actions update (#1941) 
* feat(ci): group aws-sdk-go-v2 updates

* faet(ci): add github actions update
 2024-05-28 10:39:13 +09:00
dependabot[bot]
8449f2e295 chore(deps): bump github.com/aws/aws-sdk-go-v2/credentials (#1936) 
Bumps [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) from 1.17.15 to 1.17.16.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.17.15...credentials/v1.17.16)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:27:54 +09:00
MaineK00n
db2c502b4a feat(reporter/s3): support minio (#1930) 
* feat(reporter/s3): support minio

* feat(reporter/s3): disable config/credential: file and some providers
 2024-05-28 10:13:39 +09:00
dependabot[bot]
337eb0b281 chore(deps): bump github.com/aws/aws-sdk-go from 1.53.0 to 1.53.9 (#1934) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.53.0 to 1.53.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.53.0...v1.53.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-24 19:31:37 +09:00
MaineK00n
d8bce94d8c chore(deps): use aws-sdk-go-v2 (#1922) 2024-05-24 19:08:38 +09:00
dependabot[bot]
9107d1b1bc chore(deps): bump github.com/aquasecurity/trivy from 0.51.1 to 0.51.2 (#1928) 
* ---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): go mod tidy

* chore(deps): follow type name change

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shunichi Shinohara <shino.shun@gmail.com>
 2024-05-23 05:13:59 +09:00
MaineK00n
407407d306 fix(contrib/trivy-to-vuls): remove cvss/severity duplicates, list all severities (#1929) 2024-05-22 17:16:02 +09:00
dependabot[bot]
dccdd8a091 chore(deps): bump github.com/package-url/packageurl-go from 0.1.2 to 0.1.3 (#1927) 
updated-dependencies:
- dependency-name: github.com/package-url/packageurl-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-21 15:13:50 +09:00
MaineK00n
878c25bf5a feat(detector, contrib/trivy-to-vuls): collect vendor severity and cvss (#1921) v0.25.4 2024-05-17 19:11:51 +09:00
MaineK00n
e4728e3881 fix(gost/debian): show all severities that appeared (#1914) 2024-05-16 18:01:01 +09:00
MaineK00n
61c39637f2 feat(scanner/redhat): each package has modularitylabel (#1381) 2024-05-16 02:54:02 +09:00
dependabot[bot]
f1c384812a chore(deps): bump github.com/aquasecurity/trivy from 0.50.1 to 0.51.1 (#1912) 
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.50.1 to 0.51.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.50.1...v0.51.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-15 22:37:12 +09:00
dependabot[bot]
0fa09e1517 chore(deps): bump github.com/emersion/go-smtp from 0.21.1 to 0.21.2 (#1918) 
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.21.1...v0.21.2)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-14 10:51:15 +09:00
MaineK00n
ef2be3d6ea feat(detect/redhat): detect unpatched vulnerabilities with oval, stop using gost (#1907) 
* feat(oval/redhat): detect not fixed package

* feat(gost/redhat): stop using to detect unpatched vulnerabilities
v0.25.3 		2024-05-10 17:32:40 +09:00
dependabot[bot]
827f2cb8d8 chore(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#1910) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 07:10:05 +09:00
dependabot[bot]
4cb4ec4dda chore(deps): bump golang.org/x/text from 0.14.0 to 0.15.0 (#1909) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 03:04:23 +09:00
dependabot[bot]
81f3d5f3bd chore(deps): bump go.etcd.io/bbolt from 1.3.9 to 1.3.10 (#1908) 
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.9 to 1.3.10.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.9...v1.3.10)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 02:30:02 +09:00
MaineK00n
f3f667138d feat(ubuntu): add 24.04 noble (#1878) 2024-05-02 16:56:42 +09:00
dependabot[bot]
bca59ff85f chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#1903) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-30 15:04:15 +09:00
future-ryunosuketanai
3f98fbc82c style(log) fix trivy scan page link (#1902) 2024-04-25 19:20:42 +09:00
MaineK00n
73dc95f6b9 fix(detector/suse): support when advisory.cves has both NVD and SUSE evaluations (#1899) 2024-04-23 16:30:33 +09:00
dependabot[bot]
04bdaabe6b chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 (#1898) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-21 22:52:03 +09:00
Shunichi Shinohara
8f4025120d (fix) Exclude dev dependencies from npm's package-lock.json and Fix Java DB download endpoint (#1893) 
* (fix) Exclude dev dependencies from npm's package-lock.json

* chore(integration) update

* choir(integration) add lib scan names to makefile

* fix(javadb) add schema version only once
 2024-04-17 17:23:57 +09:00
deferdeter
cfbe47bd99 chore: fix some typos in comments (#1897) 
Signed-off-by: deferdeter <deferdeter@outlook.com>
 2024-04-16 19:14:00 +09:00
future-ryunosuketanai
a6cafabfb8 style(log) config.toml template docs url (#1894) 
* fix: config.toml template url

* applied fixes to other places
 2024-04-16 12:11:28 +09:00
dependabot[bot]
d1137ad1ca chore(deps): bump github.com/emersion/go-smtp from 0.21.0 to 0.21.1 (#1896) 
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.21.0...v0.21.1)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-16 10:35:18 +09:00
dependabot[bot]
6181e1c4bb chore(deps): bump golang.org/x/sync from 0.6.0 to 0.7.0 (#1890) 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.6.0 to 0.7.0.
- [Commits](https://github.com/golang/sync/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-10 18:19:54 +09:00
dependabot[bot]
5f0abc971f chore(deps): bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#1891) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-10 17:56:53 +09:00
dependabot[bot]
3cdd2e10d0 chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to 0.21.0 (#1888) 
* chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to 0.21.0

Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.20.2 to 0.21.0.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.20.2...v0.21.0)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix(reporter/email): use DialStartTLS instead of StartTLS

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-04-05 17:41:41 +09:00
Konstantin Eremin
867bf63bb2 TLS insecure option adding (#1220) 
* TLS InsecureSkipVerify option added to sendMail

* refactor(reporter/email): remove redundant if statement

---------

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-04-05 13:12:47 +09:00
dependabot[bot]
5d5dcd5f41 chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1 (#1885) 
* chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1

Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.49.1 to 0.50.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.49.1...v0.50.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* refactor(cmd/report): use trivy default for trivy-java-db-repository default value

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-03-28 13:09:49 +09:00
dependabot[bot]
e25ec99968 chore(deps): bump github.com/aws/aws-sdk-go from 1.49.21 to 1.51.5 (#1881) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.49.21 to 1.51.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.49.21...v1.51.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
v0.25.2 		2024-03-22 16:27:34 +09:00
future-ryunosuketanai
50580f6e98 feat(wpscan): support enterprise feature (#1875) 
* supported the enterprise version of wpscan

* remove omitempty

* fix struct pointer

* Update detector/wordpress.go

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>

* add exploitdb to wpscan ref

* unexport WpCveInfos, WpCveInfo, and References

* unexport some wpscan struct and fix poc, exploit assign

* change OffensiveSecurityType to wpscan

* Update detector/wordpress.go

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>

---------

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-03-22 16:17:16 +09:00
MaineK00n
472df0e1b6 chore(deps): update dictionary modules (#1877) 2024-03-22 16:10:50 +09:00
dependabot[bot]
7d5a47bc33 chore(deps): bump github.com/docker/docker (#1880) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.1+incompatible to 25.0.5+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.1...v25.0.5)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 13:22:24 +09:00
Shunichi Shinohara
99cf9dbccd feat(detector/library): update JAR-like files' Name/Version in library list (#1874) 
* Update JAR-like files in library list

* Update detector/library.go

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>

* Update detector/library.go

---------

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-03-19 15:17:37 +09:00
MaineK00n
e1df74cbc1 fix(amazon): use major version for checking eol, security advisories (#1873) 2024-03-18 16:13:54 +09:00
dependabot[bot]
426eb53af5 chore(deps): bump github.com/jackc/pgx/v5 from 5.5.1 to 5.5.4 (#1872) 
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.1 to 5.5.4.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.1...v5.5.4)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-15 09:49:26 +09:00
dependabot[bot]
bda089b589 chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#1871) 
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 15:13:37 +09:00
dependabot[bot]
02d1f6f59e chore(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#1868) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-12 04:02:19 +09:00
Shunichi Shinohara
75c1956635 fix(build): Change timeout to 60 minutes (#1867) v0.25.1 2024-03-11 10:08:51 +09:00
MaineK00n
b8320c05d2 fix(scanner): output all results even if all fail (#1866) v0.25.0 2024-03-07 22:07:32 +09:00