Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,516 Commits 6 Branches 121 Tags
9beb5fc9f0b5b9ab5b0170e8346142ef883cb493
Commit Graph

1516 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
9beb5fc9f0 chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 (#1976) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-26 16:01:20 +09:00
dependabot[bot]
0b4dfa0b31 chore(deps): bump the aws group with 5 updates (#1974) 
Bumps the aws group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.27.2` | `1.30.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.18` | `1.27.21` |
| [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.18` | `1.17.21` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.55.1` | `1.56.1` |
| [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.28.12` | `1.29.1` |


Updates `github.com/aws/aws-sdk-go-v2` from 1.27.2 to 1.30.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.27.2...v1.30.0)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.18 to 1.27.21
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.18...config/v1.27.21)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.18 to 1.17.21
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.17.18...credentials/v1.17.21)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.55.1 to 1.56.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.55.1...service/s3/v1.56.1)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.28.12 to 1.29.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/fsx/v1.28.12...service/s3/v1.29.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-26 16:00:52 +09:00
MaineK00n
0a47a26553 chore(deps): update goval-dictionary (#1973) 2024-06-25 17:28:47 +09:00
Shunichi Shinohara
86d3681d8d fix(config/os): Fix EOL date of ubuntu 23.10 (#1972) 
cf. https://lists.ubuntu.com/archives/ubuntu-announce/2024-June/000302.html
v0.26.0 		2024-06-18 16:20:48 +09:00
MaineK00n
436341a4a5 feat: update EOL and Windows KB list (#1971) 
* feat(os): update EOL

* feat(scanner/windows): update kb list
 2024-06-18 16:13:59 +09:00
dependabot[bot]
2cd2d1a9a2 chore(deps): bump github.com/aquasecurity/trivy from 0.52.1 to 0.52.2 (#1969) 
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.52.1 to 0.52.2.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/v0.52.2/CHANGELOG.md)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.52.1...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-18 07:08:39 +09:00
dependabot[bot]
3ba0cea6e3 chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#1970) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-18 07:06:39 +09:00
MaineK00n
52fa3a0e31 refactor(report/s3): remove deprecated method for s3 endpoint (#1967) 2024-06-17 21:43:52 +09:00
future-ryunosuketanai
ad4f66d551 style(log): saas s3 upload error log (#1966) 2024-06-17 17:37:49 +09:00
dependabot[bot]
1e82e04991 chore(deps): bump github.com/aquasecurity/trivy from 0.51.4 to 0.52.1 (#1961) 
* chore(deps): bump github.com/aquasecurity/trivy from 0.51.4 to 0.52.1

Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.51.4 to 0.52.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/v0.52.1/CHANGELOG.md)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.51.4...v0.52.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* test: update integration commit hash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2024-06-13 17:16:17 +09:00
dependabot[bot]
995f57ec0c chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#1964) 
Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.2...sdk/azcore/v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 22:02:50 +09:00
dependabot[bot]
40d2c8ff6a chore(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 (#1962) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.20.0 to 0.21.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 18:57:52 +09:00
dependabot[bot]
8abed7a43c chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.8.0 to 0.9.0 (#1960) 
Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml)
- [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 17:40:22 +09:00
dependabot[bot]
48949237b8 chore(deps): bump golang.org/x/text from 0.15.0 to 0.16.0 (#1959) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 17:35:42 +09:00
dependabot[bot]
3958dde312 chore(deps): bump the aws group with 5 updates (#1958) 
Bumps the aws group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.27.0` | `1.27.2` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.16` | `1.27.18` |
| [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.16` | `1.17.18` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.54.3` | `1.55.1` |
| [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.28.10` | `1.28.12` |


Updates `github.com/aws/aws-sdk-go-v2` from 1.27.0 to 1.27.2
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.27.0...v1.27.2)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.16 to 1.27.18
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.16...config/v1.27.18)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.16 to 1.17.18
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.17.16...credentials/v1.17.18)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.54.3 to 1.55.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.54.3...service/s3/v1.55.1)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.28.10 to 1.28.12
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/efs/v1.28.10...service/fsx/v1.28.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 17:31:23 +09:00
MaineK00n
7f79b8eadf feat(config/os): add alpine 3.19, 3.20 EOL (#1965) 2024-06-12 17:18:20 +09:00
Shunichi Shinohara
cb26be180a fix(ci): Remove unused files to avoid disk full (#1957) 
cf.
- https://zenn.dev/pinto0309/scraps/c6413eb15a1b2a (in Japanese)
- https://github.com/actions/runner-images/issues/709
v0.26.0-rc2 		2024-06-09 12:32:21 +09:00
MaineK00n
e1fab805af fix(debian,ubuntu): collect running kernel source package (#1935) 2024-06-06 21:20:16 +09:00
MaineK00n
5af1a22733 fix(redhat-based): collect running kernel packages (#1950) 2024-06-06 10:28:40 +09:00
dependabot[bot]
0533069446 chore(deps): bump docker/setup-buildx-action from 2 to 3 (#1955) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-03 18:15:00 +09:00
dependabot[bot]
3e1f2bc88b chore(deps): bump docker/setup-qemu-action from 2 to 3 (#1954) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-03 18:09:09 +09:00
dependabot[bot]
368c496d40 chore(deps): bump docker/metadata-action from 4 to 5 (#1953) 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-03 18:06:18 +09:00
dependabot[bot]
a99e3af3fe chore(deps): bump golangci/golangci-lint-action from 3 to 6 (#1952) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3 to 6.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3...v6)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-03 17:59:19 +09:00
dependabot[bot]
1769107382 chore(deps): bump github/codeql-action from 2 to 3 (#1951) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-03 17:58:27 +09:00
dependabot[bot]
2e5884b9bd chore(deps): bump github.com/aquasecurity/trivy from 0.51.2 to 0.51.4 (#1938) 
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.51.2 to 0.51.4.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.51.2...v0.51.4)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-29 16:41:11 +09:00
MaineK00n
cc9734d5e4 chore(deps): use github.com/Azure/azure-sdk-for-go/sdk/storage/azblob (#1661) 2024-05-28 19:31:21 +09:00
dependabot[bot]
227208b60b chore(deps): bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 (#1949) 
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v1.3.2...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:39 +09:00
dependabot[bot]
949d72d0b7 chore(deps): bump actions/setup-go from 3 to 5 (#1946) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:29 +09:00
dependabot[bot]
2f02918064 chore(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#1948) 
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-version/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:24:10 +09:00
dependabot[bot]
73917188d5 chore(deps): bump the aws group with 2 updates (#1947) 
Bumps the aws group with 2 updates: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.15 to 1.27.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.15...config/v1.27.16)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.54.2 to 1.54.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.54.2...service/s3/v1.54.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 11:04:29 +09:00
dependabot[bot]
980c1ff262 chore(deps): bump docker/build-push-action from 2 to 5 (#1945) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:59:59 +09:00
dependabot[bot]
58bb6c7e09 chore(deps): bump actions/checkout from 3 to 4 (#1944) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:59:40 +09:00
dependabot[bot]
977fe0ca49 chore(deps): bump goreleaser/goreleaser-action from 4 to 5 (#1943) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:53:57 +09:00
dependabot[bot]
474c76e7a7 chore(deps): bump docker/login-action from 2 to 3 (#1942) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:53:23 +09:00
MaineK00n
5116a6a23d feat(ci): group aws-sdk-go-v2 updates, check github actions update (#1941) 
* feat(ci): group aws-sdk-go-v2 updates

* faet(ci): add github actions update
 2024-05-28 10:39:13 +09:00
dependabot[bot]
8449f2e295 chore(deps): bump github.com/aws/aws-sdk-go-v2/credentials (#1936) 
Bumps [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) from 1.17.15 to 1.17.16.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.17.15...credentials/v1.17.16)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:27:54 +09:00
MaineK00n
db2c502b4a feat(reporter/s3): support minio (#1930) 
* feat(reporter/s3): support minio

* feat(reporter/s3): disable config/credential: file and some providers
 2024-05-28 10:13:39 +09:00
dependabot[bot]
337eb0b281 chore(deps): bump github.com/aws/aws-sdk-go from 1.53.0 to 1.53.9 (#1934) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.53.0 to 1.53.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.53.0...v1.53.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-24 19:31:37 +09:00
MaineK00n
d8bce94d8c chore(deps): use aws-sdk-go-v2 (#1922) 2024-05-24 19:08:38 +09:00
dependabot[bot]
9107d1b1bc chore(deps): bump github.com/aquasecurity/trivy from 0.51.1 to 0.51.2 (#1928) 
* ---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): go mod tidy

* chore(deps): follow type name change

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shunichi Shinohara <shino.shun@gmail.com>
 2024-05-23 05:13:59 +09:00
MaineK00n
407407d306 fix(contrib/trivy-to-vuls): remove cvss/severity duplicates, list all severities (#1929) 2024-05-22 17:16:02 +09:00
dependabot[bot]
dccdd8a091 chore(deps): bump github.com/package-url/packageurl-go from 0.1.2 to 0.1.3 (#1927) 
updated-dependencies:
- dependency-name: github.com/package-url/packageurl-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-21 15:13:50 +09:00
MaineK00n
878c25bf5a feat(detector, contrib/trivy-to-vuls): collect vendor severity and cvss (#1921) v0.25.4 2024-05-17 19:11:51 +09:00
MaineK00n
e4728e3881 fix(gost/debian): show all severities that appeared (#1914) 2024-05-16 18:01:01 +09:00
MaineK00n
61c39637f2 feat(scanner/redhat): each package has modularitylabel (#1381) 2024-05-16 02:54:02 +09:00
dependabot[bot]
f1c384812a chore(deps): bump github.com/aquasecurity/trivy from 0.50.1 to 0.51.1 (#1912) 
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.50.1 to 0.51.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.50.1...v0.51.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-15 22:37:12 +09:00
dependabot[bot]
0fa09e1517 chore(deps): bump github.com/emersion/go-smtp from 0.21.1 to 0.21.2 (#1918) 
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.21.1...v0.21.2)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-14 10:51:15 +09:00
MaineK00n
ef2be3d6ea feat(detect/redhat): detect unpatched vulnerabilities with oval, stop using gost (#1907) 
* feat(oval/redhat): detect not fixed package

* feat(gost/redhat): stop using to detect unpatched vulnerabilities
v0.25.3 		2024-05-10 17:32:40 +09:00
dependabot[bot]
827f2cb8d8 chore(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#1910) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 07:10:05 +09:00
dependabot[bot]
4cb4ec4dda chore(deps): bump golang.org/x/text from 0.14.0 to 0.15.0 (#1909) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 03:04:23 +09:00