Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,191 Commits 6 Branches 121 Tags
v0.18.0
Commit Graph

18 Commits

Author SHA1 Message Date
MaineK00n
591786fde6 feat(oval): support new goval-dictionary model (#1280) 
* feat(oval): support new goval-dictionary model

* chore: fix lint err

* chore: set len of slice to 0

* fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks

* fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks

* feat(report): do not add duplicate CveContent

* chore: goval-dictionary update

* chore: go mod tidy

* fix(oval): preload Advisory.Cves for Ubuntu

https://github.com/kotakanbe/goval-dictionary/pull/152

Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
 2021-09-13 10:19:59 +09:00
MaineK00n
96c3592db1 breaking-change(go-cve-dict): support new go-cve-dictionary (#1277) 
* feat(model): change CveContents(map[string]CveContent) to map[string][]CveContent

* fix(cpescan): use CveIDSource

* chore: check Nvd, Jvn data

* chore: go-cve-dictionary update

* chore: add to cveDetails as is, since CveID is embedded in the response
 2021-08-13 18:00:55 +09:00
Kota Kanbe
231c63cf62 fix(libscan): support empty LibraryFixedIn (#1252) 2021-06-16 13:28:12 +09:00
Kota Kanbe
e8e3f4d138 feat(lib): support of Go (go.sum) scan (#1244) 
* chore: update trivy deps

* fix(test): fix sort order in json

* parse go.sum in scanning

* feat(lib): support go.sum
 2021-06-03 11:31:37 +09:00
Kota Kanbe
e553f8b4c5 feat(trivy): go mod update trivy v0.17.2 (#1235) 
* feat(trivy): go mod update trivy v0.17.2

* wg.Wait

* fix reporting

* fix test case

* add gemfile.lock of redmine to integration test

* fix(test): add Pipfile.lock

* add poetry.lock to integration test

* add composer.lock to integration test

* add integration test case
 2021-05-12 18:27:55 +09:00
Kota Kanbe
3f2ac45d71 Refactor logger (#1185) 
* refactor: logger

* refactor: logging

* refactor: rename func

* refactor: logging

* refactor: logging format
 2021-02-26 10:36:58 +09:00
Kota Kanbe
b5506a1368 chore: go mod update (#1125) 2021-01-13 11:56:35 +09:00
Kota Kanbe
0b55f94828 Improve implementation around config (#1122) 
* refactor config

* fix saas config

* feat(config): scanmodule for each server in config.toml

* feat(config): enable to specify containersOnly in config.toml

* add new keys of config.toml to discover.go

* fix summary output, logging
 2021-01-13 08:46:27 +09:00
Kota Kanbe
43ed904db1 fix(deps): update dependencies (#1094) 
* fix(dpes): update dependencies

* update go ver

* update go ver

* update go

* update go
 2020-12-15 04:32:23 +09:00
Kota Kanbe
2fc3462d35 fix(libscan): update trivy deps (#1070) 2020-11-05 15:38:12 +09:00
Kota Kanbe
58cf1f4c8e refactor(typo): fix typos (#1041) 2020-08-24 16:34:32 +09:00
Kota Kanbe
c11ba27509 fix(libscan): include a lockfile path of libs (#1012) 2020-06-24 10:46:00 +09:00
Kota Kanbe
62c9409fe9 add a github actions config (#985) 
* add a github actions config

* fix(log): Don't create a log dir when testing

* remove a meaningless test case

* Thanks for everything, Mr, Travys.

* add golangci

* add goreleaser.yml

* add tidy.yml

* add golang-ci

* fix many lint warnings
 2020-05-27 20:11:24 +09:00
Kota Kanbe
ebe5f858c8 update trivy, and unsupport image scanning feature (#971) 
* update trivy, fanal. unsupport image scanning

* Update models/library.go

Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp>

* add -no-progress flag to report/tui cmd

* Display trivy vuln info to tui/report

* add detection method to vulninfo detected by trivy

* fix(uuid): change uuid lib to go-uuid #929 (#969)

* update trivy, fanal. unsupport image scanning

* Update models/library.go

Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp>

* add -no-progress flag to report/tui cmd

* Display trivy vuln info to tui/report

* add detection method to vulninfo detected by trivy

* unique ref links in TUI

* download trivy DB only when lock file is specified in config.toml

Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp>
 2020-05-08 15:24:39 +09:00
Wagde Zabit
c0ebac305a composer.lock insteaad of composer.json (#973) 
Co-authored-by: Wagde Zabit <wagde@orcasecurity.io>
 2020-05-01 15:20:33 +09:00
Kota Kanbe
b7ca5e5590 feat(scan): add -wordpress-only and -libs-only flag (#898) 2019-09-06 10:33:03 +09:00
Kota Kanbe
1fbd516b83 fix(report): fix too many variables while reporting (#888) 2019-08-25 17:56:47 +09:00
Tomoya Amachi
abcea1a14d add Library Scan (with image scan) (#829) 
* add static container image scan

* server has many staticContainers

* use go module

* for staticContainer

* fix typo

* fix setErrs error

* change name : StaticContainer -> Image

* add scan -images-only flag

* fix makefile

* fix makefile for go module

* use rpmcmd instead of rpm

* add scrutinizer.yml

* change scrutinizer.yml

* fix scrutinizer.yml

* fix scrutinizer.yml

* fix scrutinizer.yml

* fix scrutinizer.yml

* delete scrutinizer

* add report test

* add sourcePackages and Arch

* fix for sider

* fix staticContainer -> image

* init scan library

* add library scan for servers

* fix tui bug

* fix lint error

* divide WpPackageFixStats and LibraryPackageFixedIns

* fix error

* Delete libManager_test.go

* stop use alpine os if err occurred in container

* merge upstream/master

* Delete libManager.go

* update goval-dictionary

* fix go.mod

* update Readme

* add feature : auto detect lockfiles
 2019-06-12 18:50:07 +09:00