actions/trivy-action
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: actions:0.24.0
Branches Tags
actions:master actions:fix-gh-actions actions:bump-trivy-1751468699 actions:update-default-version actions:use-pinned-version actions:update-to-v0.45.0 actions:update-trivy-v0.43.1 actions:bump-trivy-3 actions:bump-trivy actions:add-support-for-trivy-config actions:fix-golden-files actions:exit-code-test actions:update-tarball-docs actions:volume-mounts actions:update-readme actions:revert-45-fix_sarif_duplicate_rule_id actions:knqyf263-patch-1 actions:artifact_types actions:sarif-support-2
actions:0.33.1 actions:0.33.0 actions:0.32.0 actions:0.31.0 actions:0.30.0 actions:0.29.0 actions:0.28.0 actions:0.27.0 actions:0.26.0 actions:0.25.0 actions:0.24.0 actions:0.23.0 actions:0.22.0 actions:0.21.0 actions:0.20.0 actions:0.19.0 actions:0.18.0 actions:0.17.0 actions:0.16.1 actions:0.16.0 actions:0.15.0 actions:0.14.0 actions:0.13.1 actions:0.13.0 actions:0.12.0 actions:0.11.2 actions:0.11.1 actions:0.11.0 actions:0.10.0 actions:0.9.2 actions:0.9.1 actions:0.9.0 actions:0.8.0 actions:0.7.1 actions:0.7.0 actions:0.6.2 actions:0.6.1 actions:0.6.0 actions:0.5.1 actions:0.5.0 actions:0.4.1 actions:0.4.0 actions:0.3.0 actions:0.2.5 actions:0.2.4 actions:0.2.3 actions:0.2.2 actions:0.2.1 actions:0.2.0 actions:0.1.0 actions:0.0.22 actions:0.0.21 actions:0.0.20 actions:0.0.19 actions:0.0.18 actions:0.0.17 actions:0.0.16 actions:0.0.15 actions:0.0.14 actions:0.0.13 actions:0.0.12 actions:0.0.11 actions:v0.0.10 actions:0.0.10 actions:0.0.9 actions:0.0.8 actions:0.0.7 actions:0.0.6 actions:0.0.5 actions:0.0.4 actions:0.0.3 actions:0.0.2 actions:0.0.1
..
compare: actions:use-pinned-version
Branches Tags
actions:master actions:fix-gh-actions actions:bump-trivy-1751468699 actions:update-default-version actions:use-pinned-version actions:update-to-v0.45.0 actions:update-trivy-v0.43.1 actions:bump-trivy-3 actions:bump-trivy actions:add-support-for-trivy-config actions:fix-golden-files actions:exit-code-test actions:update-tarball-docs actions:volume-mounts actions:update-readme actions:revert-45-fix_sarif_duplicate_rule_id actions:knqyf263-patch-1 actions:artifact_types actions:sarif-support-2
actions:0.33.1 actions:0.33.0 actions:0.32.0 actions:0.31.0 actions:0.30.0 actions:0.29.0 actions:0.28.0 actions:0.27.0 actions:0.26.0 actions:0.25.0 actions:0.24.0 actions:0.23.0 actions:0.22.0 actions:0.21.0 actions:0.20.0 actions:0.19.0 actions:0.18.0 actions:0.17.0 actions:0.16.1 actions:0.16.0 actions:0.15.0 actions:0.14.0 actions:0.13.1 actions:0.13.0 actions:0.12.0 actions:0.11.2 actions:0.11.1 actions:0.11.0 actions:0.10.0 actions:0.9.2 actions:0.9.1 actions:0.9.0 actions:0.8.0 actions:0.7.1 actions:0.7.0 actions:0.6.2 actions:0.6.1 actions:0.6.0 actions:0.5.1 actions:0.5.0 actions:0.4.1 actions:0.4.0 actions:0.3.0 actions:0.2.5 actions:0.2.4 actions:0.2.3 actions:0.2.2 actions:0.2.1 actions:0.2.0 actions:0.1.0 actions:0.0.22 actions:0.0.21 actions:0.0.20 actions:0.0.19 actions:0.0.18 actions:0.0.17 actions:0.0.16 actions:0.0.15 actions:0.0.14 actions:0.0.13 actions:0.0.12 actions:0.0.11 actions:v0.0.10 actions:0.0.10 actions:0.0.9 actions:0.0.8 actions:0.0.7 actions:0.0.6 actions:0.0.5 actions:0.0.4 actions:0.0.3 actions:0.0.2 actions:0.0.1

1 Commits
0.24.0 .. use-pinned-version

Author SHA1 Message Date
simar7
6121515d9d chore(docs): Reference the use of a pinned version 2024-05-08 22:34:45 -06:00
9 changed files with 184 additions and 67 deletions
Expand all files Collapse all files
.github/workflows/test.yaml
Vendored
+1 -1
View File
@@ -6,7 +6,7 @@ on:
workflow_dispatch:
env:
TRIVY_VERSION: 0.53.0
TRIVY_VERSION: 0.51.1
BATS_LIB_PATH: '/usr/lib/'
jobs:
Dockerfile
+1 -1
View File
@@ -1,4 +1,4 @@
FROM ghcr.io/aquasecurity/trivy:0.53.0
FROM ghcr.io/aquasecurity/trivy:0.51.1
COPY entrypoint.sh /
RUN apk --no-cache add bash curl npm
RUN chmod +x /entrypoint.sh
Makefile
+1 -1
View File
@@ -1,4 +1,4 @@
.PHONY: test
test:
BATS_LIB_PATH=/usr/local/lib/ bats --recurisve --timing --verbose-run .
BATS_LIB_PATH=/usr/local/lib/ bats -r .
test/data/config-sarif-report/report.sarif
+10 -4
View File
@@ -205,7 +205,7 @@
"text": "S3 buckets should each define an aws_s3_bucket_public_access_block"
},
"fullDescription": {
"text": "The "block public access" settings in S3 override individual policies that apply to a given bucket, meaning that all public access can be controlled in one central types for that bucket. It is therefore good practice to define these settings for each bucket in order to clearly define the public access that can be allowed for it."
"text": "The \u0026#34;block public access\u0026#34; settings in S3 override individual policies that apply to a given bucket, meaning that all public access can be controlled in one central types for that bucket. It is therefore good practice to define these settings for each bucket in order to clearly define the public access that can be allowed for it."
},
"defaultConfiguration": {
"level": "note"
@@ -252,7 +252,8 @@
]
}
}
]
],
"version": "0.50.0"
}
},
"results": [
@@ -500,7 +501,12 @@
]
}
],
"columnKind": "utf16CodeUnits"
"columnKind": "utf16CodeUnits",
"originalUriBaseIds": {
"ROOTPATH": {
"uri": "file://D:\\projects\\trivy-action\\test\\data\\config-sarif-report/"
}
}
}
]
}
}
test/data/config-scan/report.json
+1
View File
@@ -1,5 +1,6 @@
{
"SchemaVersion": 2,
"CreatedAt": "2024-04-12T16:53:35.5567541+03:00",
"ArtifactName": "test/data/config-scan",
"ArtifactType": "filesystem",
"Metadata": {
test/data/github-dep-snapshot/report.gsbom
+166 -59
View File
@@ -2,18 +2,23 @@
"version": 0,
"detector": {
"name": "trivy",
"version": "0.50.0",
"url": "https://github.com/aquasecurity/trivy"
},
"metadata": {
"aquasecurity:trivy:RepoDigest": "knqyf263/vuln-image@sha256:1e8b199249d6d0ef3419ddc6eda2348d9fbdb10d350d3bb70aa98e87faa227c9",
"aquasecurity:trivy:RepoTag": "knqyf263/vuln-image:1.2.3"
},
"job": {
"correlator": "_"
},
"scanned": "2024-04-12T16:02:51+03:00",
"manifests": {
"knqyf263/vuln-image:1.2.3 (alpine 3.7.1)": {
"name": "alpine",
"resolved": {
".composer-phpext-rundeps": {
"package_url": "pkg:apk/alpine/.composer-phpext-rundeps@0?arch=noarch&distro=3.7.1",
"package_url": "pkg:apk/alpine/.composer-phpext-rundeps@0?arch=noarch\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libsodium@1.0.15-r0",
@@ -23,7 +28,7 @@
"scope": "runtime"
},
".persistent-deps": {
"package_url": "pkg:apk/alpine/.persistent-deps@0?arch=noarch&distro=3.7.1",
"package_url": "pkg:apk/alpine/.persistent-deps@0?arch=noarch\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"ca-certificates@20171114-r0",
@@ -35,7 +40,7 @@
"scope": "runtime"
},
".php-rundeps": {
"package_url": "pkg:apk/alpine/.php-rundeps@0?arch=noarch&distro=3.7.1",
"package_url": "pkg:apk/alpine/.php-rundeps@0?arch=noarch\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libcurl@7.61.1-r0",
@@ -50,7 +55,7 @@
"scope": "runtime"
},
"alpine-baselayout": {
"package_url": "pkg:apk/alpine/alpine-baselayout@3.0.5-r2?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/alpine-baselayout@3.0.5-r2?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"busybox@1.27.2-r11",
@@ -59,12 +64,12 @@
"scope": "runtime"
},
"alpine-keys": {
"package_url": "pkg:apk/alpine/alpine-keys@2.1-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/alpine-keys@2.1-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"scope": "runtime"
},
"apk-tools": {
"package_url": "pkg:apk/alpine/apk-tools@2.10.1-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/apk-tools@2.10.1-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -75,7 +80,7 @@
"scope": "runtime"
},
"apr": {
"package_url": "pkg:apk/alpine/apr@1.6.3-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/apr@1.6.3-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libuuid@2.31-r0",
@@ -84,7 +89,7 @@
"scope": "runtime"
},
"apr-util": {
"package_url": "pkg:apk/alpine/apr-util@1.6.1-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/apr-util@1.6.1-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"apr@1.6.3-r0",
@@ -95,7 +100,7 @@
"scope": "runtime"
},
"bash": {
"package_url": "pkg:apk/alpine/bash@4.4.19-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/bash@4.4.19-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"busybox@1.27.2-r11",
@@ -106,7 +111,7 @@
"scope": "runtime"
},
"busybox": {
"package_url": "pkg:apk/alpine/busybox@1.27.2-r11?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/busybox@1.27.2-r11?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -114,7 +119,7 @@
"scope": "runtime"
},
"ca-certificates": {
"package_url": "pkg:apk/alpine/ca-certificates@20171114-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/ca-certificates@20171114-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"busybox@1.27.2-r11",
@@ -124,7 +129,7 @@
"scope": "runtime"
},
"curl": {
"package_url": "pkg:apk/alpine/curl@7.61.0-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/curl@7.61.0-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"ca-certificates@20171114-r0",
@@ -135,7 +140,7 @@
"scope": "runtime"
},
"db": {
"package_url": "pkg:apk/alpine/db@5.3.28-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/db@5.3.28-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -143,7 +148,7 @@
"scope": "runtime"
},
"expat": {
"package_url": "pkg:apk/alpine/expat@2.2.5-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/expat@2.2.5-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -151,7 +156,7 @@
"scope": "runtime"
},
"gdbm": {
"package_url": "pkg:apk/alpine/gdbm@1.13-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/gdbm@1.13-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -159,7 +164,7 @@
"scope": "runtime"
},
"git": {
"package_url": "pkg:apk/alpine/git@2.15.2-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/git@2.15.2-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"expat@2.2.5-r0",
@@ -171,7 +176,7 @@
"scope": "runtime"
},
"libbz2": {
"package_url": "pkg:apk/alpine/libbz2@1.0.6-r6?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libbz2@1.0.6-r6?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -179,7 +184,7 @@
"scope": "runtime"
},
"libc-utils": {
"package_url": "pkg:apk/alpine/libc-utils@0.7.1-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libc-utils@0.7.1-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl-utils@1.1.18-r3"
@@ -187,7 +192,7 @@
"scope": "runtime"
},
"libcurl": {
"package_url": "pkg:apk/alpine/libcurl@7.61.1-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libcurl@7.61.1-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"ca-certificates@20171114-r0",
@@ -200,7 +205,7 @@
"scope": "runtime"
},
"libedit": {
"package_url": "pkg:apk/alpine/libedit@20170329.3.1-r3?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libedit@20170329.3.1-r3?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -209,7 +214,7 @@
"scope": "runtime"
},
"libffi": {
"package_url": "pkg:apk/alpine/libffi@3.2.1-r4?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libffi@3.2.1-r4?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -217,7 +222,7 @@
"scope": "runtime"
},
"libressl": {
"package_url": "pkg:apk/alpine/libressl@2.6.5-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libressl@2.6.5-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -228,7 +233,7 @@
"scope": "runtime"
},
"libressl2.6-libcrypto": {
"package_url": "pkg:apk/alpine/libressl2.6-libcrypto@2.6.5-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libressl2.6-libcrypto@2.6.5-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -236,7 +241,7 @@
"scope": "runtime"
},
"libressl2.6-libssl": {
"package_url": "pkg:apk/alpine/libressl2.6-libssl@2.6.5-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libressl2.6-libssl@2.6.5-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -245,7 +250,7 @@
"scope": "runtime"
},
"libressl2.6-libtls": {
"package_url": "pkg:apk/alpine/libressl2.6-libtls@2.6.5-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libressl2.6-libtls@2.6.5-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -255,7 +260,7 @@
"scope": "runtime"
},
"libsasl": {
"package_url": "pkg:apk/alpine/libsasl@2.1.26-r11?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libsasl@2.1.26-r11?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"db@5.3.28-r0",
@@ -264,7 +269,7 @@
"scope": "runtime"
},
"libsodium": {
"package_url": "pkg:apk/alpine/libsodium@1.0.15-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libsodium@1.0.15-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -272,7 +277,7 @@
"scope": "runtime"
},
"libssh2": {
"package_url": "pkg:apk/alpine/libssh2@1.8.0-r2?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libssh2@1.8.0-r2?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -282,7 +287,7 @@
"scope": "runtime"
},
"libuuid": {
"package_url": "pkg:apk/alpine/libuuid@2.31-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libuuid@2.31-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -290,7 +295,7 @@
"scope": "runtime"
},
"libxml2": {
"package_url": "pkg:apk/alpine/libxml2@2.9.7-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/libxml2@2.9.7-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -299,7 +304,7 @@
"scope": "runtime"
},
"mercurial": {
"package_url": "pkg:apk/alpine/mercurial@4.5.2-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/mercurial@4.5.2-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -308,12 +313,12 @@
"scope": "runtime"
},
"musl": {
"package_url": "pkg:apk/alpine/musl@1.1.18-r3?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/musl@1.1.18-r3?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"scope": "runtime"
},
"musl-utils": {
"package_url": "pkg:apk/alpine/musl-utils@1.1.18-r3?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/musl-utils@1.1.18-r3?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -322,7 +327,7 @@
"scope": "runtime"
},
"ncurses-libs": {
"package_url": "pkg:apk/alpine/ncurses-libs@6.0_p20171125-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/ncurses-libs@6.0_p20171125-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -332,7 +337,7 @@
"scope": "runtime"
},
"ncurses-terminfo": {
"package_url": "pkg:apk/alpine/ncurses-terminfo@6.0_p20171125-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/ncurses-terminfo@6.0_p20171125-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"ncurses-terminfo-base@6.0_p20171125-r1"
@@ -340,12 +345,12 @@
"scope": "runtime"
},
"ncurses-terminfo-base": {
"package_url": "pkg:apk/alpine/ncurses-terminfo-base@6.0_p20171125-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/ncurses-terminfo-base@6.0_p20171125-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"scope": "runtime"
},
"openssh": {
"package_url": "pkg:apk/alpine/openssh@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -357,7 +362,7 @@
"scope": "runtime"
},
"openssh-client": {
"package_url": "pkg:apk/alpine/openssh-client@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh-client@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -368,7 +373,7 @@
"scope": "runtime"
},
"openssh-keygen": {
"package_url": "pkg:apk/alpine/openssh-keygen@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh-keygen@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -377,7 +382,7 @@
"scope": "runtime"
},
"openssh-server": {
"package_url": "pkg:apk/alpine/openssh-server@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh-server@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libcrypto@2.6.5-r0",
@@ -389,12 +394,12 @@
"scope": "runtime"
},
"openssh-server-common": {
"package_url": "pkg:apk/alpine/openssh-server-common@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh-server-common@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"scope": "runtime"
},
"openssh-sftp-server": {
"package_url": "pkg:apk/alpine/openssh-sftp-server@7.5_p1-r9?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/openssh-sftp-server@7.5_p1-r9?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -402,7 +407,7 @@
"scope": "runtime"
},
"patch": {
"package_url": "pkg:apk/alpine/patch@2.7.5-r2?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/patch@2.7.5-r2?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -410,7 +415,7 @@
"scope": "runtime"
},
"pcre2": {
"package_url": "pkg:apk/alpine/pcre2@10.30-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/pcre2@10.30-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -418,7 +423,7 @@
"scope": "runtime"
},
"pkgconf": {
"package_url": "pkg:apk/alpine/pkgconf@1.3.10-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/pkgconf@1.3.10-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -426,7 +431,7 @@
"scope": "runtime"
},
"python2": {
"package_url": "pkg:apk/alpine/python2@2.7.15-r2?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/python2@2.7.15-r2?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"expat@2.2.5-r0",
@@ -444,7 +449,7 @@
"scope": "runtime"
},
"readline": {
"package_url": "pkg:apk/alpine/readline@7.0.003-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/readline@7.0.003-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -453,7 +458,7 @@
"scope": "runtime"
},
"scanelf": {
"package_url": "pkg:apk/alpine/scanelf@1.2.2-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/scanelf@1.2.2-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -461,7 +466,7 @@
"scope": "runtime"
},
"serf": {
"package_url": "pkg:apk/alpine/serf@1.3.9-r3?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/serf@1.3.9-r3?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"apr-util@1.6.1-r1",
@@ -474,7 +479,7 @@
"scope": "runtime"
},
"sqlite-libs": {
"package_url": "pkg:apk/alpine/sqlite-libs@3.21.0-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/sqlite-libs@3.21.0-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -482,7 +487,7 @@
"scope": "runtime"
},
"ssl_client": {
"package_url": "pkg:apk/alpine/ssl_client@1.27.2-r11?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/ssl_client@1.27.2-r11?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"libressl2.6-libtls@2.6.5-r0",
@@ -491,7 +496,7 @@
"scope": "runtime"
},
"subversion": {
"package_url": "pkg:apk/alpine/subversion@1.9.7-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/subversion@1.9.7-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"apr-util@1.6.1-r1",
@@ -504,7 +509,7 @@
"scope": "runtime"
},
"subversion-libs": {
"package_url": "pkg:apk/alpine/subversion-libs@1.9.7-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/subversion-libs@1.9.7-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"apr-util@1.6.1-r1",
@@ -520,7 +525,7 @@
"scope": "runtime"
},
"tar": {
"package_url": "pkg:apk/alpine/tar@1.29-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/tar@1.29-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -528,7 +533,7 @@
"scope": "runtime"
},
"tini": {
"package_url": "pkg:apk/alpine/tini@0.16.1-r0?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/tini@0.16.1-r0?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -536,7 +541,7 @@
"scope": "runtime"
},
"xz": {
"package_url": "pkg:apk/alpine/xz@5.2.3-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/xz@5.2.3-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3",
@@ -545,7 +550,7 @@
"scope": "runtime"
},
"xz-libs": {
"package_url": "pkg:apk/alpine/xz-libs@5.2.3-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/xz-libs@5.2.3-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -553,7 +558,7 @@
"scope": "runtime"
},
"zlib": {
"package_url": "pkg:apk/alpine/zlib@1.2.11-r1?arch=x86_64&distro=3.7.1",
"package_url": "pkg:apk/alpine/zlib@1.2.11-r1?arch=x86_64\u0026distro=3.7.1",
"relationship": "direct",
"dependencies": [
"musl@1.1.18-r3"
@@ -562,6 +567,108 @@
}
}
},
"php-app/composer.lock": {
"name": "composer",
"file": {
"source_location": "knqyf263/vuln-image:1.2.3@sha256:1e8b199249d6d0ef3419ddc6eda2348d9fbdb10d350d3bb70aa98e87faa227c9"
},
"resolved": {
"guzzlehttp/guzzle": {
"package_url": "pkg:composer/guzzlehttp/guzzle@6.2.0",
"relationship": "direct",
"dependencies": [
"guzzlehttp/promises@v1.3.1",
"guzzlehttp/psr7@1.5.2"
],
"scope": "runtime"
},
"guzzlehttp/promises": {
"package_url": "pkg:composer/guzzlehttp/promises@v1.3.1",
"relationship": "direct",
"scope": "runtime"
},
"guzzlehttp/psr7": {
"package_url": "pkg:composer/guzzlehttp/psr7@1.5.2",
"relationship": "direct",
"dependencies": [
"psr/http-message@1.0.1",
"ralouphie/getallheaders@2.0.5"
],
"scope": "runtime"
},
"laravel/installer": {
"package_url": "pkg:composer/laravel/installer@v2.0.1",
"relationship": "direct",
"dependencies": [
"guzzlehttp/guzzle@6.2.0",
"symfony/console@v4.2.7",
"symfony/filesystem@v4.2.7",
"symfony/process@v4.2.7"
],
"scope": "runtime"
},
"pear/log": {
"package_url": "pkg:composer/pear/log@1.13.1",
"relationship": "direct",
"dependencies": [
"pear/pear_exception@v1.0.0"
],
"scope": "runtime"
},
"pear/pear_exception": {
"package_url": "pkg:composer/pear/pear_exception@v1.0.0",
"relationship": "direct",
"scope": "runtime"
},
"psr/http-message": {
"package_url": "pkg:composer/psr/http-message@1.0.1",
"relationship": "direct",
"scope": "runtime"
},
"ralouphie/getallheaders": {
"package_url": "pkg:composer/ralouphie/getallheaders@2.0.5",
"relationship": "direct",
"scope": "runtime"
},
"symfony/console": {
"package_url": "pkg:composer/symfony/console@v4.2.7",
"relationship": "direct",
"dependencies": [
"symfony/contracts@v1.0.2",
"symfony/polyfill-mbstring@v1.11.0"
],
"scope": "runtime"
},
"symfony/contracts": {
"package_url": "pkg:composer/symfony/contracts@v1.0.2",
"relationship": "direct",
"scope": "runtime"
},
"symfony/filesystem": {
"package_url": "pkg:composer/symfony/filesystem@v4.2.7",
"relationship": "direct",
"dependencies": [
"symfony/polyfill-ctype@v1.11.0"
],
"scope": "runtime"
},
"symfony/polyfill-ctype": {
"package_url": "pkg:composer/symfony/polyfill-ctype@v1.11.0",
"relationship": "direct",
"scope": "runtime"
},
"symfony/polyfill-mbstring": {
"package_url": "pkg:composer/symfony/polyfill-mbstring@v1.11.0",
"relationship": "direct",
"scope": "runtime"
},
"symfony/process": {
"package_url": "pkg:composer/symfony/process@v4.2.7",
"relationship": "direct",
"scope": "runtime"
}
}
},
"rust-app/Cargo.lock": {
"name": "cargo",
"file": {
@@ -1128,4 +1235,4 @@
}
}
}
}
}
test/data/secret-scan/report.json
+1
View File
@@ -1,5 +1,6 @@
{
"SchemaVersion": 2,
"CreatedAt": "2024-01-02T23:40:04.647712097Z",
"ArtifactName": "https://github.com/krol3/demo-trivy/",
"ArtifactType": "repository",
"Metadata": {
test/data/with-tf-vars/report.json
+1
View File
@@ -1,5 +1,6 @@
{
"SchemaVersion": 2,
"CreatedAt": "2024-04-12T14:09:09.5680191+03:00",
"ArtifactName": "test/data/with-tf-vars/main.tf",
"ArtifactType": "filesystem",
"Metadata": {
test/data/with-trivy-yaml-cfg/report.json
+2 -1
View File
@@ -1,5 +1,6 @@
{
"SchemaVersion": 2,
"CreatedAt": "2024-01-02T23:40:21.039454971Z",
"ArtifactName": "alpine:3.10",
"ArtifactType": "container_image",
"Metadata": {
@@ -63,7 +64,7 @@
"PkgID": "apk-tools@2.10.6-r0",
"PkgName": "apk-tools",
"PkgIdentifier": {
"PURL": "pkg:apk/alpine/apk-tools@2.10.6-r0?arch=x86_64&distro=3.10.9",
"PURL": "pkg:apk/alpine/apk-tools@2.10.6-r0?arch=x86_64\u0026distro=3.10.9",
"UID": "a6adb154870b6380"
},
"InstalledVersion": "2.10.6-r0",