Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,417 Commits 6 Branches 121 Tags
bbf53c7639b266e3a658e8f0a8b2ff7bf17e8e62
Commit Graph

1417 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
MaineK00n
bbf53c7639 chore(deps): bump dictionaries (#1815) v0.24.8 2023-12-18 05:41:46 +09:00
MaineK00n
8e497bb938 fix(scanner/redhat): do not make cache when offline of redhat fast (#1814) 2023-12-17 05:21:34 +09:00
hiroka-wada
b2c91175b3 fix(scanner/redhat): make cache before detect dnf modules (#1812) 
Co-authored-by: wadahiroka <wadahiroka@192.168.0.4>
v0.24.7 		2023-12-15 16:16:13 +09:00
MaineK00n
d1224991a0 feat(models/nvd): group by source (#1805) 2023-12-08 19:36:26 +09:00
MaineK00n
7e12e9abc4 chore(deps): bump go-cve-dictionary to 0.10.0 (#1803) 2023-12-07 12:48:14 +09:00
dependabot[bot]
df960cc0f5 chore(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 (#1799) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-29 11:15:40 +09:00
dependabot[bot]
b0489785d0 chore(deps): bump github.com/gosnmp/gosnmp from 1.36.1 to 1.37.0 (#1798) 
Bumps [github.com/gosnmp/gosnmp](https://github.com/gosnmp/gosnmp) from 1.36.1 to 1.37.0.
- [Release notes](https://github.com/gosnmp/gosnmp/releases)
- [Changelog](https://github.com/gosnmp/gosnmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gosnmp/gosnmp/compare/v1.36.1...v1.37.0)

---
updated-dependencies:
- dependency-name: github.com/gosnmp/gosnmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-29 11:14:56 +09:00
MaineK00n
8e9d165e75 feat(os): add FreeBSD 14 (#1797) 2023-11-25 08:29:29 +09:00
MaineK00n
ef29afbf94 feat(scanner/windows): remove unnecessary cab (#1793) v0.24.6 2023-11-20 12:01:03 +09:00
hiroka-wada
cbece1dce1 add: Setenv HTTPS_PROXY for aws sdk (#1794) 
Co-authored-by: wadahiroka <wadahiroka@192.168.0.8>
v0.24.5 		2023-11-20 10:19:18 +09:00
dependabot[bot]
4ffa06770c chore(deps): bump github.com/emersion/go-smtp from 0.18.1 to 0.19.0 (#1790) 
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.18.1 to 0.19.0.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.18.1...v0.19.0)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-15 23:21:21 +09:00
dependabot[bot]
53317ee49b chore(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 (#1789) 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-15 22:16:42 +09:00
dependabot[bot]
fc743569b7 chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#1791) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-15 22:09:59 +09:00
Sinclair
bced16fa9c fix(scanner): parsing apt cache policy for nvidia-container-toolkit (#1786) 
* fix(scanner): parsing apt cache policy for nvidia-container-toolkit

* fix testcase
 2023-11-13 13:49:17 +09:00
dependabot[bot]
f3f8e26ba5 chore(deps): bump github.com/emersion/go-smtp from 0.16.0 to 0.18.1 (#1771) 
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.16.0 to 0.18.1.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.16.0...v0.18.1)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-09 05:24:58 +09:00
MaineK00n
cd8f6e1b8f feat(os): add fedora 39 (#1788) 2023-11-08 23:47:46 +09:00
MaineK00n
323f0aea3d feat(windows): add Windows 11 23H2 (#1751) 2023-11-07 09:27:39 +09:00
dependabot[bot]
5d1c365a42 chore(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 (#1782) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-07 08:14:11 +09:00
dependabot[bot]
d8fa000b01 chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#1785) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-07 08:08:56 +09:00
dependabot[bot]
9f1e090597 chore(deps): bump github.com/docker/docker (#1777) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.4+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.4...v24.0.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 14:30:49 +09:00
dependabot[bot]
8d5765fcb0 chore(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 (#1780) 
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 14:30:11 +09:00
dependabot[bot]
3a5c3326b2 chore(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 (#1781) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 14:29:00 +09:00
hiroka-wada
cef4ce4f9f chore(config):Modification of AmazonLinux 1 maintenance deadline (#1776) 2023-10-27 23:19:16 +09:00
MaineK00n
264a82e2f4 chore(deps): bump github.com/vulsio/gost to v0.4.6-0.20231027050036-c963bd83e7e5 (#1775) 2023-10-27 14:26:05 +09:00
dependabot[bot]
fed731b0f2 chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#1774) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.2 to 1.58.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.2...v1.58.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-26 08:24:29 +09:00
dependabot[bot]
5e2ac5a0c4 chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#1773) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-25 08:20:41 +09:00
MaineK00n
b9db5411cd feat(scanner): revert lsof command for futurevuls users (#1770) v0.24.4 2023-10-20 12:07:20 +09:00
MaineK00n
a1c1f4ce60 fix(scanner): change lsof cmd that should succeed without password (#1769) 2023-10-20 11:48:04 +09:00
MaineK00n
75e9883d8a feat(ubuntu): add ubuntu 23.10(mantic) (#1750) 2023-10-19 02:01:18 +09:00
dependabot[bot]
801b968f89 chore(deps): bump github.com/package-url/packageurl-go (#1754) 
Bumps [github.com/package-url/packageurl-go](https://github.com/package-url/packageurl-go) from 0.1.1-0.20220203205134-d70459300c8a to 0.1.2.
- [Release notes](https://github.com/package-url/packageurl-go/releases)
- [Commits](https://github.com/package-url/packageurl-go/commits/v0.1.2)

---
updated-dependencies:
- dependency-name: github.com/package-url/packageurl-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-17 23:18:36 +09:00
dependabot[bot]
37175066b1 chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2 (#1733) 
Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml)
- [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.7.1...v0.7.2)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-17 23:17:30 +09:00
MaineK00n
1a55cafc91 chore(deps): update dictionary (#1708) 2023-10-17 23:04:27 +09:00
Kota Kanbe
57264e1765 fix(scan): fix nil poiter in needs-restarting (#1767) v0.24.3 2023-10-17 17:58:21 +09:00
dependabot[bot]
48ff5196f4 chore(deps): bump github.com/gosnmp/gosnmp from 1.35.0 to 1.36.1 (#1763) 
Bumps [github.com/gosnmp/gosnmp](https://github.com/gosnmp/gosnmp) from 1.35.0 to 1.36.1.
- [Release notes](https://github.com/gosnmp/gosnmp/releases)
- [Changelog](https://github.com/gosnmp/gosnmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gosnmp/gosnmp/compare/v1.35.0...v1.36.1)

---
updated-dependencies:
- dependency-name: github.com/gosnmp/gosnmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-17 15:25:53 +09:00
hiroka-wada
738f275e50 fix(contrib/fvuls): Add flag to specify snmp community for future-vuls discover (#1762) 
* add: community option for discover command

* fix: README

---------

Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>
v0.24.2 		2023-10-12 15:30:27 +09:00
dependabot[bot]
1c79cc5232 chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#1761) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-12 14:23:25 +09:00
orangekame3
73da85210a chore: remove rand.Seed() (#1756) 
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
 2023-10-12 14:17:34 +09:00
dependabot[bot]
3de546125f chore(deps): bump golang.org/x/sync from 0.2.0 to 0.4.0 (#1757) 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.2.0 to 0.4.0.
- [Commits](https://github.com/golang/sync/compare/v0.2.0...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-12 14:12:32 +09:00
MaineK00n
d2ca56a515 chore(os): update EOL (#1749) 2023-10-03 00:37:16 +09:00
guangwu
27df19f09d chore: remove refs to deprecated io/ioutil (#1748) 
Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>
 2023-10-01 18:51:53 +09:00
Eng Zer Jun
c1854a3a7b refactor: remove redundant len check (#1743) 
`len` returns 0 if the slice is nil. From the Go specification [1]:

  "1. For a nil slice, the number of iterations is 0."

Therefore, an additional `len(v) != 0` check for before the loop is
unnecessary.

[1]: https://go.dev/ref/spec#For_range

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2023-09-26 18:00:05 +09:00
dependabot[bot]
b43c1b9984 chore(deps): bump github.com/c-robinson/iplib from 1.0.6 to 1.0.7 (#1745) 
Bumps [github.com/c-robinson/iplib](https://github.com/c-robinson/iplib) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/c-robinson/iplib/releases)
- [Commits](https://github.com/c-robinson/iplib/compare/v1.0.6...v1.0.7)

---
updated-dependencies:
- dependency-name: github.com/c-robinson/iplib
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-26 17:57:16 +09:00
hiroka-wada
9d8e510c0d add: json tag (#1746) 
Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>
v0.24.1 		2023-09-26 15:50:18 +09:00
MaineK00n
1832b4ee3a feat(macos): support macOS (#1712) v0.24.0 2023-09-25 16:51:09 +09:00
MaineK00n
78b52d6a7f feat(detector/cve): new support for fortinet data feed (#1736) 2023-09-25 16:19:10 +09:00
sadayuki-matsuno
048e204b33 fix(contrib/future-vuls) output detail of loading toml error (#1741) 2023-09-24 21:45:33 +09:00
MaineK00n
70fd968910 fix(server): add filter cves (#1707) v0.23.4 2023-09-22 17:45:45 +09:00
MaineK00n
01441351c3 feat(contrib/snmp2cpe): add other fortinet products (#1636) 2023-09-22 17:43:04 +09:00
MaineK00n
4a28722e4a fix(scanner): fix socket file name length of SSH ControlPath (#1714) 2023-09-22 17:31:26 +09:00
hiroka-wada
dea9ed7709 fix: errorlog future-vuls trivy-to-vuls (#1739) 
Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>
 2023-09-22 17:25:57 +09:00