Stage/vuls - vuls - Gitea: Git with a cup of tea

Stage/vuls

Author	SHA1	Message	Date
dependabot[bot]	4ffa06770c	chore(deps): bump github.com/emersion/go-smtp from 0.18.1 to 0.19.0 (#1790 ) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.18.1 to 0.19.0. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](https://github.com/emersion/go-smtp/compare/v0.18.1...v0.19.0) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-15 23:21:21 +09:00
dependabot[bot]	53317ee49b	chore(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 (#1789 ) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0. - [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-15 22:16:42 +09:00
dependabot[bot]	fc743569b7	chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#1791 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.14.0. - [Commits](https://github.com/golang/oauth2/compare/v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-15 22:09:59 +09:00
Sinclair	bced16fa9c	fix(scanner): parsing apt cache policy for nvidia-container-toolkit (#1786 ) * fix(scanner): parsing apt cache policy for nvidia-container-toolkit * fix testcase	2023-11-13 13:49:17 +09:00
dependabot[bot]	f3f8e26ba5	chore(deps): bump github.com/emersion/go-smtp from 0.16.0 to 0.18.1 (#1771 ) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.16.0 to 0.18.1. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](https://github.com/emersion/go-smtp/compare/v0.16.0...v0.18.1) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-09 05:24:58 +09:00
MaineK00n	cd8f6e1b8f	feat(os): add fedora 39 (#1788 )	2023-11-08 23:47:46 +09:00
MaineK00n	323f0aea3d	feat(windows): add Windows 11 23H2 (#1751 )	2023-11-07 09:27:39 +09:00
dependabot[bot]	5d1c365a42	chore(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 (#1782 ) Bumps [golang.org/x/text](https://github.com/golang/text) from 0.13.0 to 0.14.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-07 08:14:11 +09:00
dependabot[bot]	d8fa000b01	chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#1785 ) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-11-07 08:08:56 +09:00
dependabot[bot]	9f1e090597	chore(deps): bump github.com/docker/docker (#1777 ) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.4+incompatible to 24.0.7+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v23.0.4...v24.0.7) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-31 14:30:49 +09:00
dependabot[bot]	8d5765fcb0	chore(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 (#1780 ) Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-31 14:30:11 +09:00
dependabot[bot]	3a5c3326b2	chore(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 (#1781 ) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.4.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-31 14:29:00 +09:00
hiroka-wada	cef4ce4f9f	chore(config):Modification of AmazonLinux 1 maintenance deadline (#1776 )	2023-10-27 23:19:16 +09:00
MaineK00n	264a82e2f4	chore(deps): bump github.com/vulsio/gost to v0.4.6-0.20231027050036-c963bd83e7e5 (#1775 )	2023-10-27 14:26:05 +09:00
dependabot[bot]	fed731b0f2	chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#1774 ) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.2 to 1.58.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.58.2...v1.58.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-26 08:24:29 +09:00
dependabot[bot]	5e2ac5a0c4	chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#1773 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.12.0 to 0.13.0. - [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-25 08:20:41 +09:00
MaineK00n	b9db5411cd	feat(scanner): revert lsof command for futurevuls users (#1770 ) v0.24.4	2023-10-20 12:07:20 +09:00
MaineK00n	a1c1f4ce60	fix(scanner): change lsof cmd that should succeed without password (#1769 )	2023-10-20 11:48:04 +09:00
MaineK00n	75e9883d8a	feat(ubuntu): add ubuntu 23.10(mantic) (#1750 )	2023-10-19 02:01:18 +09:00
dependabot[bot]	801b968f89	chore(deps): bump github.com/package-url/packageurl-go (#1754 ) Bumps [github.com/package-url/packageurl-go](https://github.com/package-url/packageurl-go) from 0.1.1-0.20220203205134-d70459300c8a to 0.1.2. - [Release notes](https://github.com/package-url/packageurl-go/releases) - [Commits](https://github.com/package-url/packageurl-go/commits/v0.1.2) --- updated-dependencies: - dependency-name: github.com/package-url/packageurl-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-17 23:18:36 +09:00
dependabot[bot]	37175066b1	chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2 (#1733 ) Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.7.1 to 0.7.2. - [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml) - [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.7.1...v0.7.2) --- updated-dependencies: - dependency-name: github.com/CycloneDX/cyclonedx-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-17 23:17:30 +09:00
MaineK00n	1a55cafc91	chore(deps): update dictionary (#1708 )	2023-10-17 23:04:27 +09:00
Kota Kanbe	57264e1765	fix(scan): fix nil poiter in needs-restarting (#1767 ) v0.24.3	2023-10-17 17:58:21 +09:00
dependabot[bot]	48ff5196f4	chore(deps): bump github.com/gosnmp/gosnmp from 1.35.0 to 1.36.1 (#1763 ) Bumps [github.com/gosnmp/gosnmp](https://github.com/gosnmp/gosnmp) from 1.35.0 to 1.36.1. - [Release notes](https://github.com/gosnmp/gosnmp/releases) - [Changelog](https://github.com/gosnmp/gosnmp/blob/master/CHANGELOG.md) - [Commits](https://github.com/gosnmp/gosnmp/compare/v1.35.0...v1.36.1) --- updated-dependencies: - dependency-name: github.com/gosnmp/gosnmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-17 15:25:53 +09:00
hiroka-wada	738f275e50	fix(contrib/fvuls): Add flag to specify snmp community for future-vuls discover (#1762 ) * add: community option for discover command * fix: README --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> v0.24.2	2023-10-12 15:30:27 +09:00
dependabot[bot]	1c79cc5232	chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#1761 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0. - [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-12 14:23:25 +09:00
orangekame3	73da85210a	chore: remove rand.Seed() (#1756 ) Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>	2023-10-12 14:17:34 +09:00
dependabot[bot]	3de546125f	chore(deps): bump golang.org/x/sync from 0.2.0 to 0.4.0 (#1757 ) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.2.0 to 0.4.0. - [Commits](https://github.com/golang/sync/compare/v0.2.0...v0.4.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-12 14:12:32 +09:00
MaineK00n	d2ca56a515	chore(os): update EOL (#1749 )	2023-10-03 00:37:16 +09:00
guangwu	27df19f09d	chore: remove refs to deprecated io/ioutil (#1748 ) Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>	2023-10-01 18:51:53 +09:00
Eng Zer Jun	c1854a3a7b	refactor: remove redundant `len` check (#1743 ) `len` returns 0 if the slice is nil. From the Go specification [1]: "1. For a nil slice, the number of iterations is 0." Therefore, an additional `len(v) != 0` check for before the loop is unnecessary. [1]: https://go.dev/ref/spec#For_range Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2023-09-26 18:00:05 +09:00
dependabot[bot]	b43c1b9984	chore(deps): bump github.com/c-robinson/iplib from 1.0.6 to 1.0.7 (#1745 ) Bumps [github.com/c-robinson/iplib](https://github.com/c-robinson/iplib) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/c-robinson/iplib/releases) - [Commits](https://github.com/c-robinson/iplib/compare/v1.0.6...v1.0.7) --- updated-dependencies: - dependency-name: github.com/c-robinson/iplib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-26 17:57:16 +09:00
hiroka-wada	9d8e510c0d	add: json tag (#1746 ) Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> v0.24.1	2023-09-26 15:50:18 +09:00
MaineK00n	1832b4ee3a	feat(macos): support macOS (#1712 ) v0.24.0	2023-09-25 16:51:09 +09:00
MaineK00n	78b52d6a7f	feat(detector/cve): new support for fortinet data feed (#1736 )	2023-09-25 16:19:10 +09:00
sadayuki-matsuno	048e204b33	fix(contrib/future-vuls) output detail of loading toml error (#1741 )	2023-09-24 21:45:33 +09:00
MaineK00n	70fd968910	fix(server): add filter cves (#1707 ) v0.23.4	2023-09-22 17:45:45 +09:00
MaineK00n	01441351c3	feat(contrib/snmp2cpe): add other fortinet products (#1636 )	2023-09-22 17:43:04 +09:00
MaineK00n	4a28722e4a	fix(scanner): fix socket file name length of SSH ControlPath (#1714 )	2023-09-22 17:31:26 +09:00
hiroka-wada	dea9ed7709	fix: errorlog future-vuls trivy-to-vuls (#1739 ) Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>	2023-09-22 17:25:57 +09:00
hiroka-wada	f6509a5376	feat(config): Auto-upgrade Windows config.toml from v1 to v2 (#1726 ) * add: README.md * add: commands(discover,add-server,add-cpe) * add: implements(discover,add-server,add-cpe) * fix: changed os.Exit(1) in main.go to return an error * fix: lint error * delete: trivy-to-vuls stdIn * fix: Incomprehesible error logs * fix: according to review * add: function converts old config to latest one * delete: add-server * fix: lint error * fix * fix: remote scan error in Windows * fix: lint error * fix * fix: lint error * fix: lint error * add: scanner/scanner.go test normalizeHomeDirForWindows() * fix * fix * fix * fix: remove pointless assignment * fix --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.4> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.10> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>	2023-09-21 16:48:35 +09:00
hiroka-wada	80b48fcbaa	feat(contrib/fvuls) Add commands to obtained CPE information of network devices by executing snmp2cpe and upload to Fvuls server (#1721 ) * add: README.md * add: commands(discover,add-server,add-cpe) * add: implements(discover,add-server,add-cpe) * fix: changed os.Exit(1) in main.go to return an error * fix: lint error * delete: trivy-to-vuls stdIn * fix: Incomprehesible error logs * fix: according to review * add: function converts old config to latest one * delete: add-server * fix: lint error * fix * fix: remote scan error in Windows * fix: lint error * fix * fix: lint error * fix: lint error * fix: lint error * add: scanner/scanner.go test normalizeHomeDirForWindows() * fix * fix * fix * fix * fix * fix * fix: lint error * fix: error log * fix * refactor(fvuls) * Refactor (#2) refactor --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> * Refactor (#3) fix --------- Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> * fix * fix: lint error * fix --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.4> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.10> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com>	2023-09-21 15:55:05 +09:00
dependabot[bot]	3f2dbe3b6d	chore(deps): bump github.com/aws/aws-sdk-go from 1.44.300 to 1.45.6 (#1730 ) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.300 to 1.45.6. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.300...v1.45.6) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-12 20:54:00 +09:00
dependabot[bot]	5ffd620868	chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.12.0 (#1731 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.8.0 to 0.12.0. - [Commits](https://github.com/golang/oauth2/compare/v0.8.0...v0.12.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-12 20:53:43 +09:00
dependabot[bot]	a23abf48fd	chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 (#1687 ) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.3. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.3) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-22 21:47:35 +09:00
dependabot[bot]	6e14a2dee6	chore(deps): bump github.com/aws/aws-sdk-go from 1.44.263 to 1.44.300 (#1706 ) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.263 to 1.44.300. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.263...v1.44.300) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-22 21:47:19 +09:00
dependabot[bot]	e12fa0ba64	chore(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 (#1699 ) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.52.0 to 1.53.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.53.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-22 21:42:06 +09:00
dependabot[bot]	fa5b875c34	chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.2 (#1692 ) Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.2.1 to 1.3.2. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](https://github.com/BurntSushi/toml/compare/v1.2.1...v1.3.2) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-22 21:38:04 +09:00
sadayuki-matsuno	f9276a7ea8	feat(windows) export DetectKBsFromKernelVersion (#1703 )	2023-07-13 10:14:49 +09:00
MaineK00n	457a3a9627	feat(scanner/windows): update release info (#1696 ) v0.23.3	2023-06-29 14:05:10 +09:00

1 2 3 4 5 ...

1407 Commits