simar7
simar7
## Description Add support for deprecating a check. ## Related issues - Implements: https://github.com/aquasecurity/trivy/issues/6626 ## Related PRs - https://github.com/aquasecurity/trivy/pull/6671 ## Checklist - [x] I've read the [guidelines for contributing](https://aquasecurity.github.io/trivy/latest/community/contribute/pr/) to...
We can ignore deprecated checks if need be by implementing `--ignore-deprecated-checks` option. _Originally posted by @simar7 in https://github.com/aquasecurity/trivy/issues/6626#issuecomment-2099659800_
Sometimes checks are no longer relevant themselves or apply to resources that have been deprecated. For instance AWS has retired [EC2-Classic networking](https://aws.amazon.com/blogs/aws/ec2-classic-is-retiring-heres-how-to-prepare/). In such cases, we should deprecate a check...
## Description Adds a new flag `--disable-causes` to disable cause output on demand. ### Before ``` LOW: container should drop all ════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════ Containers must drop ALL capabilities, and are only...
## Description Adds support for `--include-deprecated-checks`. This is a stacked PR on https://github.com/aquasecurity/trivy/pull/6664 ## Related issues - Closes https://github.com/aquasecurity/trivy/issues/6665 ## Related PRs - [ ] https://github.com/aquasecurity/trivy/pull/6664 ## Checklist - [x]...
Fixes: https://github.com/aquasecurity/trivy/discussions/6680
### Discussed in https://github.com/aquasecurity/trivy/discussions/6689 Originally posted by **mikkoc** May 15, 2024 ### Description We upgraded from 0.50.4 to 0.51.1 and this broke our workflows. ``` $ trivy config --format table...
## Action items - Support additional ebs volume attributes as listed [here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume) - In particular to address this issue we will require: `count`, `tags` and `type` ### Discussed in https://github.com/aquasecurity/trivy/discussions/5444...
Today files are analyzed mostly by file extensions rather than actual content. This sometimes leads to false identification of files that might not have any relevant content but do have...
### Discussed in https://github.com/aquasecurity/trivy/discussions/6772 Originally posted by **nurmukhametov** May 24, 2024 ### IDs yum clean all ### Description ```bash HIGH: 'yum clean all' is missed: if [ "$TBB" == "default"...