Update to latest version of vuls #7

VinceMacBuche · 2024-06-11T14:24:06Z

This is just to be able to review changes made between our latest versions

…rchitect#1791) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.14.0. - [Commits](golang/oauth2@v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tect#1789) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0. - [Commits](golang/sync@v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…uture-architect#1790) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.18.1 to 0.19.0. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](emersion/go-smtp@v0.18.1...v0.19.0) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: wadahiroka <wadahiroka@192.168.0.8>

…ure-architect#1798) Bumps [github.com/gosnmp/gosnmp](https://github.com/gosnmp/gosnmp) from 1.36.1 to 1.37.0. - [Release notes](https://github.com/gosnmp/gosnmp/releases) - [Changelog](https://github.com/gosnmp/gosnmp/blob/master/CHANGELOG.md) - [Commits](gosnmp/gosnmp@v1.36.1...v1.37.0) --- updated-dependencies: - dependency-name: github.com/gosnmp/gosnmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…rchitect#1799) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.14.0 to 0.15.0. - [Commits](golang/oauth2@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…hitect#1812) Co-authored-by: wadahiroka <wadahiroka@192.168.0.4>

…uture-architect#1814)

…rchitect#1818) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0. - [Commits](golang/crypto@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ture-architect#1819) Bumps [github.com/c-robinson/iplib](https://github.com/c-robinson/iplib) from 1.0.7 to 1.0.8. - [Release notes](https://github.com/c-robinson/iplib/releases) - [Commits](c-robinson/iplib@v1.0.7...v1.0.8) --- updated-dependencies: - dependency-name: github.com/c-robinson/iplib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…uture-architect#1824) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.19.0 to 0.20.0. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](emersion/go-smtp@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…uture-architect#1826) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.20.0 to 0.20.1. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](emersion/go-smtp@v0.20.0...v0.20.1) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

….0 (future-architect#1829)

…tect#1833) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.5.0 to 0.6.0. - [Commits](golang/sync@v0.5.0...v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…rchitect#1831) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.16.0. - [Commits](golang/oauth2@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…uture-architect#1838) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](emersion/go-smtp@v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…architect#1837) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…1836)

Co-authored-by: wadahiroka <wadahiroka@wadahirokanoMBP.AirPort>

…e-architect#1844)

…rchitect#1849) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.16.0 to 0.17.0. - [Commits](golang/oauth2@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ect#1854) Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.8 to 1.3.9. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](etcd-io/bbolt@v1.3.8...v1.3.9) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update trivy 0.35.0->0.48.0 - Specify oras-go 1.2.4 in indirect dependencies docker/docker changes a part of its API at 24.0 - registry: return concrete service type · moby/moby@7b3acdf - moby/moby@7b3acdf#diff-8325eae896b1149bf92c826d07fc29005b1b102000b766ffa5a238d791e0849bR18-R21 oras-go 1.2.3 uses 23.0.1 and trivy transitively depends on docker/docker 24.y.z. There is a build error between oras-go and docker/dockr. - Update disabled analyzers - Update language scanners, enable all of them * move javadb init to scan.go * Add options for java db init() * Update scanner/base.go * Remove unused codes * Add some lock file names * Typo fix * Remove space character (0x20) * Add java-db options for integration scan * Minor fomartting fix * minor fix * conda is NOT supported by Trivy for library scan * Configure trivy log in report command too * Init trivy in scanner * Use trivy's jar.go and replace client which does almost nothing * mv jar.go * Add sha1 hash to result and add filepath for report phase * Undo added 'vuls scan' options * Update oras-go to 1.2.4 * Move Java DB related config items to report side * Add java db search in detect phase * filter top level jar only * Update trivy to 0.49.1 * go mod tidy * Update to newer interface * Refine lock file list, h/t MaineK00n * Avoid else clauses if possible, h/t MaineK00n * Avoid missing word for find and lang types, h/t MaineK00n * Add missing ecosystems, h/t MaineK00n * Add comments why to use custom jar analyzer, h/t MaineK00n * Misc * Misc * Misc * Include go-dep-parser's pares.go for modification * Move digest field from LibraryScanner to Library * Use inner jars sha1 for each * Add Seek to file head before handling zip file entry * Leave Digest feild empty for entries from pom.xml * Don't import python/pkg (don't look into package.json) * Make privete where private is sufficient * Remove duplicate after Java DB lookup * misc * go mod tidy * Comment out ruby/gemspec * misc * Comment out python/packaging * misc * Use custom jar * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/jar.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/parse.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Missing changes in name change * Update models/github.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update models/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/base.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update scanner/trivy/jar/jar.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Don't import fanal/types at github.go * Rewrite code around java db initialization * Add comment * refactor * Close java db client * rename * Let LibraryScanner have java db client * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * Update detector/library.go Co-authored-by: MaineK00n <mainek00n.1229@gmail.com> * inline variable * misc * Fix typo --------- Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>

…uture-architect#1918) Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.21.1 to 0.21.2. - [Release notes](https://github.com/emersion/go-smtp/releases) - [Commits](emersion/go-smtp@v0.21.1...v0.21.2) --- updated-dependencies: - dependency-name: github.com/emersion/go-smtp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…future-architect#1912) Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.50.1 to 0.51.1. - [Release notes](https://github.com/aquasecurity/trivy/releases) - [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml) - [Commits](aquasecurity/trivy@v0.50.1...v0.51.1) --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ect#1381)

…#1914)

…ss (future-architect#1921)

…0.1.3 (future-architect#1927) updated-dependencies: - dependency-name: github.com/package-url/packageurl-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

… severities (future-architect#1929)

…future-architect#1928) * --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): go mod tidy * chore(deps): follow type name change --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shunichi Shinohara <shino.shun@gmail.com>

…ture-architect#1934) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.53.0 to 1.53.9. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](aws/aws-sdk-go@v1.53.0...v1.53.9) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(reporter/s3): support minio * feat(reporter/s3): disable config/credential: file and some providers

…chitect#1936) Bumps [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) from 1.17.15 to 1.17.16. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.15...credentials/v1.17.16) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…uture-architect#1941) * feat(ci): group aws-sdk-go-v2 updates * faet(ci): add github actions update

) Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…chitect#1943) Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@v4...v5) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ect#1945) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v2...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the aws group with 2 updates: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2). Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.15 to 1.27.16 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.27.15...config/v1.27.16) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.54.2 to 1.54.3 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.54.2...service/s3/v1.54.3) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…future-architect#1948) Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0. - [Release notes](https://github.com/hashicorp/go-version/releases) - [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-version@v1.6.0...v1.7.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-version dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v3...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ure-architect#1949) Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…future-architect#1661)

…future-architect#1938) Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.51.2 to 0.51.4. - [Release notes](https://github.com/aquasecurity/trivy/releases) - [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml) - [Commits](aquasecurity/trivy@v0.51.2...v0.51.4) --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…1951) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…rchitect#1952) Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3 to 6. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@v3...v6) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…t#1953) Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](docker/metadata-action@v4...v5) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ect#1954) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…itect#1955) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot and others added 30 commits November 15, 2023 22:09

add: Setenv HTTPS_PROXY for aws sdk (future-architect#1794)

cbece1d

Co-authored-by: wadahiroka <wadahiroka@192.168.0.8>

feat(scanner/windows): remove unnecessary cab (future-architect#1793)

ef29afb

feat(os): add FreeBSD 14 (future-architect#1797)

8e9d165

chore(deps): bump go-cve-dictionary to 0.10.0 (future-architect#1803)

7e12e9a

feat(models/nvd): group by source (future-architect#1805)

d122499

fix(scanner/redhat): make cache before detect dnf modules (future-arc…

b2c9117

…hitect#1812) Co-authored-by: wadahiroka <wadahiroka@192.168.0.4>

fix(scanner/redhat): do not make cache when offline of redhat fast (f…

8e497bb

…uture-architect#1814)

chore(deps): bump dictionaries (future-architect#1815)

bbf53c7

chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8…

098f308

….0 (future-architect#1829)

fix(scanner/macos): remove unnecessary error check (future-architect#…

ea84385

…1836)

delete: cab validation (future-architect#1843)

76267a5

Co-authored-by: wadahiroka <wadahiroka@wadahirokanoMBP.AirPort>

fix(contrib/trivy): fix convert for src package (future-architect#1842)

7e91f5e

fix(scanner/windows): support when default shell is powershell (futur…

b9ebcf3

…e-architect#1844)

fix(ci): use go version of go.mod (future-architect#1858)

05e0f05

dependabot bot and others added 29 commits May 14, 2024 10:51

feat(scanner/redhat): each package has modularitylabel (future-archit…

61c3963

…ect#1381)

fix(gost/debian): show all severities that appeared (future-architect…

e4728e3

…#1914)

feat(detector, contrib/trivy-to-vuls): collect vendor severity and cv…

878c25b

…ss (future-architect#1921)

fix(contrib/trivy-to-vuls): remove cvss/severity duplicates, list all…

407407d

… severities (future-architect#1929)

chore(deps): use aws-sdk-go-v2 (future-architect#1922)

d8bce94

feat(reporter/s3): support minio (future-architect#1930)

db2c502

* feat(reporter/s3): support minio * feat(reporter/s3): disable config/credential: file and some providers

feat(ci): group aws-sdk-go-v2 updates, check github actions update (f…

5116a6a

…uture-architect#1941) * feat(ci): group aws-sdk-go-v2 updates * faet(ci): add github actions update

chore(deps): use github.com/Azure/azure-sdk-for-go/sdk/storage/azblob (…

cc9734d

…future-architect#1661)

Merge branch 'master' into rudder_20231114

3377c0d

VinceMacBuche closed this Jun 11, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update to latest version of vuls #7

Update to latest version of vuls #7

VinceMacBuche commented Jun 11, 2024

Update to latest version of vuls #7

Update to latest version of vuls #7

Conversation

VinceMacBuche commented Jun 11, 2024