14 Commits

Author	SHA1	Message	Date
Shunichi Shinohara	351cf4f712	Update trivy from 0.35.0 to 0.49.1 (#1806) ... * Update trivy 0.35.0->0.48.0 - Specify oras-go 1.2.4 in indirect dependencies docker/docker changes a part of its API at 24.0 - registry: return concrete service type · moby/moby@7b3acdf - 7b3acdff5d (diff-8325eae896b1149bf92c826d07fc29005b1b102000b766ffa5a238d791e0849bR18-R21) oras-go 1.2.3 uses 23.0.1 and trivy transitively depends on docker/docker 24.y.z. There is a build error between oras-go and docker/dockr. - Update disabled analyzers - Update language scanners, enable all of them * move javadb init to scan.go * Add options for java db init() * Update scanner/base.go * Remove unused codes * Add some lock file names * Typo fix * Remove space character (0x20) * Add java-db options for integration scan * Minor fomartting fix * minor fix * conda is NOT supported by Trivy for library scan * Configure trivy log in report command too * Init trivy in scanner * Use trivy's jar.go and replace client which does almost nothing * mv jar.go * Add sha1 hash to result and add filepath for report phase * Undo added 'vuls scan' options * Update oras-go to 1.2.4 * Move Java DB related config items to report side * Add java db search in detect phase * filter top level jar only * Update trivy to 0.49.1 * go mod tidy * Update to newer interface * Refine lock file list, h/t MaineK00n * Avoid else clauses if possible, h/t MaineK00n * Avoid missing word for find and lang types, h/t MaineK00n * Add missing ecosystems, h/t MaineK00n * Add comments why to use custom jar analyzer, h/t MaineK00n * Misc * Misc * Misc * Include go-dep-parser's pares.go for modification * Move digest field from LibraryScanner to Library * Use inner jars sha1 for each * Add Seek to file head before handling zip file entry * Leave Digest feild empty for entries from pom.xml * Don't import python/pkg (don't look into package.json) * Make privete where private is sufficient * Remove duplicate after Java DB lookup * misc * go mod tidy * Comment out ruby/gemspec * misc * Comment out python/packaging * misc * Use custom jar * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/jar.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Missing changes in name change * Update models/github.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/jar.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Don't import fanal/types at github.go * Rewrite code around java db initialization * Add comment * refactor * Close java db client * rename * Let LibraryScanner have java db client * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * inline variable * misc * Fix typo --------- Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>	2024-02-28 14:25:58 +09:00
MaineK00n	5234306ded	feat(cti): add Cyber Threat Intelligence info (#1442) ... * feat(cti): add Cyber Threat Intelligence info * chore: replace io/ioutil as it is deprecated * chore: remove --format-csv in stdout writer * chore(deps): go get go-cti@v0.0.1 * feat(cti): update cti dict(support MITRE ATT&CK v11.1) * chore(deps): go get go-cti@master	2022-06-15 17:08:12 +09:00
MaineK00n	86b60e1478	feat(config): support CIDR (#1415)	2022-06-10 18:24:25 +09:00
MaineK00n	07335617d3	fix(configtest,scan): support SSH config file (#1388) ... * fix(configtest,scan): support SSH config file * chore(subcmds): remove askKeyPassword flag	2022-02-12 21:50:56 +09:00
Kota Kanbe	740781af56	feat(logging): add -log-to-file and don't output to file by default (#1209) ... * feat(logging): add -log-to-file and don't output to file by default * update go-cve-dict * fix lint err	2021-04-05 17:41:07 +09:00
Kota Kanbe	9bfe0627ae	refactor: don't use global Config in private func (#1197) ... * refactor: cve_client.go * refactor: don't use global Config in private func * remove import alias for config * refactor: dbclient * refactor: resultDir * refactor: resultsDir * refactor * refactor: gost * refactor: db client * refactor: cveDB * refactor: cvedb * refactor: exploitDB * refactor: remove detector/dbclient.go * refactor: writer * refactor: syslog writer * refactor: ips * refactor: ensureResultDir * refactor: proxy * fix(db): call CloseDB * add integration test * feat(report): sort array in json * sort func for json diff * add build-int to makefile * add int-rds-redis to makefile * fix: test case, makefile * fix makefile * show cve count after diff * make diff * diff -c * sort exploits in json for diff * sort metasploit, exploit	2021-04-01 13:36:24 +09:00
Kota Kanbe	1ec31d7be9	fix(configtest): all servers in the config if no args #1184 (#1189)	2021-03-03 12:51:07 +09:00
Kota Kanbe	02286b0c59	fix(scan): scan all servers in the config if no args #1184 (#1188)	2021-03-03 12:30:30 +09:00
Kota Kanbe	3f2ac45d71	Refactor logger (#1185) ... * refactor: logger * refactor: logging * refactor: rename func * refactor: logging * refactor: logging format	2021-02-26 10:36:58 +09:00
Kota Kanbe	03579126fd	refactor(config): localize config used like a global variable (#1179) ... * refactor(report): LocalFileWriter * refactor -format-json * refacotr: -format-one-email * refactor: -format-csv * refactor: -gzip * refactor: -format-full-text * refactor: -format-one-line-text * refactor: -format-list * refacotr: remove -to-* from config * refactor: IgnoreGitHubDismissed * refactor: GitHub * refactor: IgnoreUnsocred * refactor: diff * refacotr: lang * refacotr: cacheDBPath * refactor: Remove config references * refactor: ScanResults * refacotr: constant pkg * chore: comment * refactor: scanner * refactor: scanner * refactor: serverapi.go * refactor: serverapi * refactor: change pkg structure * refactor: serverapi.go * chore: remove emtpy file * fix(scan): remove -ssh-native-insecure option * fix(scan): remove the deprecated option `keypassword`	2021-02-25 05:54:17 +09:00
Kota Kanbe	0b55f94828	Improve implementation around config (#1122) ... * refactor config * fix saas config * feat(config): scanmodule for each server in config.toml * feat(config): enable to specify containersOnly in config.toml * add new keys of config.toml to discover.go * fix summary output, logging	2021-01-13 08:46:27 +09:00
Kota Kanbe	6eff6a9329	feat(report): display EOL information to scan summary (#1120) ... * feat(report): display EOL information to scan summary * detect Amazon linux EOL	2021-01-09 07:58:55 +09:00
Kota Kanbe	aaea15e516	refactor(report): remove Integration.apply (#1105) ... * refactor(report): remove Integration.apply * add an err check	2020-12-29 06:59:48 +09:00
Kota Kanbe	5fea4eaef8	feat(nocgo): enable to build with CGO_ENABLED=0 (#1080)	2020-11-27 09:55:09 +09:00