DmitriyLewen
DmitriyLewen
added boolean flag `skip-cache` to skip cache when scanning images.
## Description To exclude prefixes for licenses, add a new License structure with types: - file - Name - non-separable This structure will be needed for subsequent analysis of these...
## Description Packages and dependencies in `dependenciesMeta` field have same format. There are case, when we overwrite package names. See more in https://github.com/aquasecurity/trivy/issues/5575
## Description Use image digests and static versions of dependencies in playback instructions. Continuation of #141
### Discussed in https://github.com/aquasecurity/trivy/discussions/6349 Originally posted by **kanton10062006** March 19, 2024 ### Description Hello, With the most recent release, I've noticed that trivy report/output is not empty even if there...
## Description `pnpm` released lockfile v9 (see https://github.com/pnpm/pnpm/pull/7666, https://github.com/pnpm/pnpm/pull/7861). We need to add support for this. ### Discussed in https://github.com/aquasecurity/trivy/discussions/6503
## Description add v9 pnpm lock file support. - `Dev` field used for v9 ## Related issues - Close #6509 ## Checklist - [x] I've read the [guidelines for contributing](https://aquasecurity.github.io/trivy/latest/community/contribute/pr/)...
### Discussed in https://github.com/aquasecurity/trivy/discussions/6658 Originally posted by **kutkopy** May 8, 2024 ### Description The new Conda integration in [v.0.51.1](https://github.com/aquasecurity/trivy/releases/tag/v0.51.1 ) is currently not supporting pip-Dependencies within environment.yml-files, even though this...
## Description We can detect licenses from `/opt/conda/envs/*/conda-meta/*.json` files
## Description We updated logic for repositories from pom files: #6171, #6412. But some snapshot repositories (e.g. `oss`) use `maven-metadata.xml` file to get url of pom file. see more in...