Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: logger initialization before flags parsing #7372

Merged
merged 8 commits into from
Sep 2, 2024
Merged

fix: logger initialization before flags parsing #7372

merged 8 commits into from
Sep 2, 2024

Conversation

DmitriyLewen
Copy link
Contributor

@DmitriyLewen DmitriyLewen commented Aug 22, 2024
edited
Loading

Description

We need to init logger before flags parsing to avoid wrong log messages format.

before:

➜  trivy -d image alpine -c config.yaml --vuln-type os 
2024/08/22 14:09:16 WARN '--vuln-type' is deprecated. Use '--pkg-types' instead.
2024/08/22 14:09:16 INFO Loaded file_path=config.yaml
2024-08-22T14:09:16+06:00       DEBUG   Parsed severities       severities=[UNKNOWN LOW MEDIUM HIGH CRITICAL]
...

➜ trivy -q image alpine -c config.yaml --vuln-type os  
2024/08/22 16:22:17 WARN '--vuln-type' is deprecated. Use '--pkg-types' instead.
2024/08/22 16:22:17 INFO Loaded file_path=config.yaml

alpine (alpine 3.20.2)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

after

➜  trivy -d image alpine -c config.yaml --vuln-type os
2024-08-22T14:08:58+06:00       WARN    '--vuln-type' is deprecated. Use '--pkg-types' instead.
2024-08-22T14:08:58+06:00       INFO    Loaded  file_path="config.yaml"
2024-08-22T14:08:58+06:00       DEBUG   Parsed severities       severities=[UNKNOWN LOW MEDIUM HIGH CRITICAL]
...

➜ trivy -q image alpine -c config.yaml --vuln-type os

alpine (alpine 3.20.2)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@DmitriyLewen DmitriyLewen self-assigned this Aug 22, 2024
DmitriyLewen
DmitriyLewen commented Aug 22, 2024
View reviewed changes
pkg/commands/app.go Outdated
// Initialize the logger for `flag` and `app` packages.
// To display logs from these packages in Trivy format.
// We will set the `debug` and `disable` format after parsing the `--debug` and `--quiet` flags.
log.InitLogger(false, false)
Copy link
Contributor Author

@DmitriyLewen DmitriyLewen Aug 22, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I simply added init logger before parsing flags.
But there is a problem logs from app and flags packages:
if the --quiet flag is used - we still show the logs or don't show debug logs:

➜  ./trivy -q image alpine -c config.yaml --vuln-type os
2024-08-22T16:17:11+06:00       WARN    '--vuln-type' is deprecated. Use '--pkg-types' instead.
2024-08-22T16:17:11+06:00       INFO    Loaded  file_path="config.yaml"

alpine (alpine 3.20.2)

As another way - I added DeferredLogger to save log messages and print them on command (in our case after logger initialization)
See 6ad1098

With this solution:

➜  ./trivy -q image alpine -c config.yaml --vuln-type os

alpine (alpine 3.20.2)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

@knqyf263 Can you take a look, when you have time, please?

@DmitriyLewen DmitriyLewen changed the title fix(log): logger initialization before flags parsing log: logger initialization before flags parsing Aug 22, 2024
@DmitriyLewen DmitriyLewen changed the title log: logger initialization before flags parsing fix: logger initialization before flags parsing Aug 22, 2024
DmitriyLewen
DmitriyLewen commented Aug 22, 2024
View reviewed changes
pkg/log/deferred.go Outdated
})
}

func (d *deferredLogger) PrintLogs() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can add this into:

trivy/pkg/log/logger.go

Lines 38 to 42 in 6ad1098

func InitLogger(debug, disable bool) {
level := lo.Ternary(debug, slog.LevelDebug, slog.LevelInfo)
out := lo.Ternary(disable, io.Discard, io.Writer(os.Stderr))
slog.SetDefault(New(NewHandler(out, &Options{Level: level})))
}

But perhaps it won't be entirely obvious

@DmitriyLewen DmitriyLewen marked this pull request as ready for review August 22, 2024 11:16
@DmitriyLewen DmitriyLewen requested a review from knqyf263 as a code owner August 22, 2024 11:16
@knqyf263
revert
c89c05f 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
refactor: add DeferredHandler
b731f78 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
Merge branch 'main' into fix/log-messages-for-app-and-flag-pkgs
da1419d
@knqyf263
revert
c1fb344 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
knqyf263
knqyf263 reviewed Aug 30, 2024
View reviewed changes
Copy link
Collaborator

@knqyf263 knqyf263 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of DeferredLogger, but the current implementation allows us to miss log emissions before logger initialization. For example, although LoadAll() is called before parsing CLI flags, we forgot to replace it with log.DeferredLogger.

trivy/pkg/plugin/manager.go

Line 281 in 88ba460

m.logger.WarnContext(ctx, "Plugin load error", log.Err(err))

Thus, I think we should replace the default logger or handler.

Also, we need to handle WithPrefix and WithAttrs, but the current implementation doesn't work with them.

trivy/pkg/plugin/manager.go

Line 65 in 88ba460

logger: log.WithPrefix("plugin"),

To resolve these problems, I implemented DeferredHandler. PTAL, @DmitriyLewen.

@DmitriyLewen
Copy link
Contributor Author

Nice upgrade of my idea!
Looks good.

@knqyf263 knqyf263 added this pull request to the merge queue Sep 2, 2024
Merged via the queue into aquasecurity:main with commit c929290 Sep 2, 2024
12 checks passed
@aqua-bot aqua-bot mentioned this pull request Sep 2, 2024
Merged
fhielpos added a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
@fhielpos @yusuke-koyoshi
@knqyf263 @coheigea @DmitriyLewen @afdesk @nikpivkin @albertodonato @simar7 @dependabot @itaysk @aasish-r @orizerah @knrc @bobcallaway @LucasVanHaaren @psibre @aqua-bot @s-reddy1498 @Squiddim @pbaumard @kaplanlior @bloomadcariad @lebauce @msmeissn @sgaist
Update Trivy to version 0.56.2 (#4)
f235523 
* feat(vm): Support direct filesystem (aquasecurity#7058)

Signed-off-by: yusuke.koyoshi <yusuke.koyoshi@bizreach.co.jp>

* feat(cli)!: delete deprecated SBOM flags (aquasecurity#7266)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat(vm): support the Ext2/Ext3 filesystems (aquasecurity#6983)

* fix(plugin): do not call GitHub content API for releases and tags (aquasecurity#7274)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix(java): Return error when trying to find a remote pom to avoid segfault (aquasecurity#7275)

Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>

* fix(flag): incorrect behavior for deprected flag `--clear-cache` (aquasecurity#7281)

* refactor(misconf): remove file filtering from parsers (aquasecurity#7289)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(vuln): Add `--detection-priority` flag for accuracy tuning (aquasecurity#7288)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: add auto-generated config (aquasecurity#7261)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* fix(terraform): add aws_region name to presets (aquasecurity#7184)

* perf(misconf): do not convert contents of a YAML file to string (aquasecurity#7292)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* refactor(misconf): remove unused universal scanner (aquasecurity#7293)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* perf(misconf): use json.Valid to check validity of JSON (aquasecurity#7308)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): load only submodule if it is specified in source (aquasecurity#7112)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): support for policy and bucket grants (aquasecurity#7284)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): do not set default value for default_cache_behavior (aquasecurity#7234)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): iterator argument support for dynamic blocks (aquasecurity#7236)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>

* chore(deps): bump the common group across 1 directory with 7 updates (aquasecurity#7305)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: update client/server docs for misconf and license scanning (aquasecurity#7277)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs: update links to packaging.python.org (aquasecurity#7318)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* perf(misconf): optimize work with context (aquasecurity#6968)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* refactor: replace ftypes.Gradle with packageurl.TypeGradle (aquasecurity#7323)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* docs: update air-gapped docs (aquasecurity#7160)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs(misconf): Update callsites to use correct naming (aquasecurity#7335)

* chore(deps): bump the common group with 9 updates (aquasecurity#7333)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(misconf): change default TLS values for the Azure storage account (aquasecurity#7345)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* refactor(misconf): highlight only affected rows (aquasecurity#7310)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): wrap Azure PortRange in iac types (aquasecurity#7357)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): scanning support for YAML and JSON (aquasecurity#7311)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): variable support for Terraform Plan (aquasecurity#7228)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix: safely check if the directory exists (aquasecurity#7353)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* chore(deps): bump the aws group across 1 directory with 7 updates (aquasecurity#7358)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(server): add internal `--path-prefix` flag for client/server mode (aquasecurity#7321)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* chore(deps): bump trivy-checks (aquasecurity#7350)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* refactor(misconf): use slog (aquasecurity#7295)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): ignore duplicate checks (aquasecurity#7317)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): init frameworks before updating them (aquasecurity#7376)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): support deprecating for Go checks (aquasecurity#7377)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(python): use minimum version for pip packages (aquasecurity#7348)

* docs: add pkg flags to config file page (aquasecurity#7370)

* feat(misconf): Add support for using spec from on-disk bundle (aquasecurity#7179)

* fix(report): escape `Message` field in `asff.tpl` template (aquasecurity#7401)

* fix(misconf): use module to log when metadata retrieval fails (aquasecurity#7405)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): support for ignore by nested attributes (aquasecurity#7205)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): do not filter Terraform plan JSON by name (aquasecurity#7406)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): port and protocol support for EC2 networks (aquasecurity#7146)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* chore: fix allow rule of ignoring test files to make it case insensitive (aquasecurity#7415)

* fix(secret): use only line with secret for long secret lines (aquasecurity#7412)

* chore: update CODEOWNERS (aquasecurity#7398)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat(server): Make Trivy Server Multiplexer Exported (aquasecurity#7389)

* feat(report): export modified findings in JSON (aquasecurity#7383)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix(sbom): use `NOASSERTION` for licenses fields in SPDX formats (aquasecurity#7403)

* fix(misconf): do not register Rego libs in checks registry (aquasecurity#7420)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* chore(deps): Bump trivy-checks (aquasecurity#7417)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): do not recreate filesystem map (aquasecurity#7416)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(secret): use `.eyJ` keyword for JWT secret (aquasecurity#7410)

* fix(misconf): fix infer type for null value (aquasecurity#7424)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(aws): handle ECR repositories in different regions (aquasecurity#6217)

Signed-off-by: Kevin Conner <kev.conner@getupcloud.com>

* fix: logger initialization before flags parsing (aquasecurity#7372)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* fix(nodejs): check all `importers` to detect dev deps from pnpm-lock.yaml file (aquasecurity#7387)

* test: add integration plugin tests (aquasecurity#7299)

* feat(sbom): set User-Agent header on requests to Rekor (aquasecurity#7396)

Signed-off-by: Bob Callaway <bcallaway@google.com>

* fix(helm): explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element (aquasecurity#7362)

* chore(deps): Bump trivy-checks and pin OPA (aquasecurity#7427)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(java): add `test` scope support for `pom.xml` files (aquasecurity#7414)

* fix(license): add license handling to JUnit template (aquasecurity#7409)

* feat(go): use `toolchain` as `stdlib` version for `go.mod` files (aquasecurity#7163)

* release: v0.55.0 [main] (aquasecurity#7271)

* fix(license): stop spliting a long license text (aquasecurity#7336)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (aquasecurity#7451)

* chore(helm): bump up Trivy Helm chart (aquasecurity#7441)

* chore(deps): bump the common group across 1 directory with 19 updates (aquasecurity#7436)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* chore(deps): bump the aws group with 6 updates (aquasecurity#7468)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(oracle): Update EOL date for Oracle 7 (aquasecurity#7480)

* fix(report): change a receiver of MarshalJSON (aquasecurity#7483)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (aquasecurity#7463)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (aquasecurity#7449)

* feat(license): improve license normalization (aquasecurity#7131)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* docs(db): add a manifest example (aquasecurity#7485)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* revert(java): stop supporting of `test` scope for `pom.xml` files (aquasecurity#7488)

* docs: refine go docs (aquasecurity#7442)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* chore(vex): suppress openssl vulnerabilities (aquasecurity#7500)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* chore(deps): bump alpine from 3.20.0 to 3.20.3 (aquasecurity#7508)

* chore(vex): add `CVE-2024-34155`, `CVE-2024-34156` and `CVE-2024-34158` in `trivy.openvex.json` (aquasecurity#7510)

* fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents (aquasecurity#7497)

* refactor: split `.egg` and `packaging` analyzers (aquasecurity#7514)

* feat(misconf): Register checks only when needed (aquasecurity#7435)

* fix(misconf): Fix logging typo (aquasecurity#7473)

* chore(deps): bump go-ebs-file (aquasecurity#7513)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(sbom): parse type `framework` as `library` when unmarshalling `CycloneDX` files (aquasecurity#7527)

* refactor(misconf): pass options to Rego scanner as is (aquasecurity#7529)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(sbom): export bom-ref when converting a package to a component (aquasecurity#7340)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: amf <amf@macbook.local>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* perf(misconf): use port ranges instead of enumeration (aquasecurity#7549)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* fix(misconf): Fixed scope for China Cloud (aquasecurity#7560)

* docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (aquasecurity#7458)

* chore(deps): remove broken replaces for opa and discovery (aquasecurity#7600)

* ci: cache test images for `integration`, `VM` and `module` tests (aquasecurity#7599)

* ci: add `workflow_dispatch` trigger for test workflow. (aquasecurity#7606)

* chore(deps): bump the common group across 1 directory with 20 updates (aquasecurity#7604)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* fix(db): check `DownloadedAt` for `trivy-java-db` (aquasecurity#7592)

* fix: allow access to '..' in mapfs (aquasecurity#7575)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* test: use a local registry for remote scanning (aquasecurity#7607)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix(misconf): escape all special sequences (aquasecurity#7558)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): add ability to disable checks by ID (aquasecurity#7536)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Simar <simar@linux.com>

* feat(suse): added SUSE Linux Enterprise Micro support (aquasecurity#7294)

Signed-off-by: Marcus Meissner <meissner@suse.de>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* fix(misconf): disable DS016 check for image history analyzer (aquasecurity#7540)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* ci: split `save` and `restore` cache actions (aquasecurity#7614)

* refactor: fix auth error handling (aquasecurity#7615)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat(secret): enhance secret scanning for python binary files (aquasecurity#7223)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>

* feat(java): add empty versions if `pom.xml` dependency versions can't be detected (aquasecurity#7520)

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* test: use loaded image names (aquasecurity#7617)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* ci: don't use cache for `setup-go` (aquasecurity#7622)

* feat: support multiple DB repositories for vulnerability and Java DB (aquasecurity#7605)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* feat(misconf): Support `--skip-*` for all included modules  (aquasecurity#7579)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>

* chore: add prefixes to log messages (aquasecurity#7625)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>

* fix(misconf): Disable deprecated checks by default (aquasecurity#7632)

* chore(deps): Bump trivy-checks to v1.1.0 (aquasecurity#7631)

* fix(secret): change grafana token regex to find them without unquoted (aquasecurity#7627)

* feat: support RPM archives (aquasecurity#7628)

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix(misconf): not to warn about missing selectors of libraries (aquasecurity#7638)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>

* release: v0.56.0 [main] (aquasecurity#7447)

* fix(db): fix javadb downloading error handling [backport: release/v0.56] (aquasecurity#7646)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* release: v0.56.1 [release/v0.56] (aquasecurity#7648)

* fix(sbom): add options for DBs in private registries [backport: release/v0.56] (aquasecurity#7691)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (aquasecurity#7702)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>

* release: v0.56.2 [release/v0.56] (aquasecurity#7694)

* Make liveness probe configurable (#3)

---------

Signed-off-by: yusuke.koyoshi <yusuke.koyoshi@bizreach.co.jp>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Kevin Conner <kev.conner@getupcloud.com>
Signed-off-by: Bob Callaway <bcallaway@google.com>
Signed-off-by: Marcus Meissner <meissner@suse.de>
Co-authored-by: yusuke-koyoshi <92022336+yusuke-koyoshi@users.noreply.github.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
Co-authored-by: Aruneko <yuki.fujita@bizreach.co.jp>
Co-authored-by: Colm O hEigeartaigh <coheigea@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: afdesk <work@afdesk.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
Co-authored-by: Alberto Donato <albertodonato@users.noreply.github.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Itay Shakury <itay@itaysk.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: aasish-r <aasishrampalli1997@gmail.com>
Co-authored-by: Ori <59772293+orizerah@users.noreply.github.com>
Co-authored-by: Kevin Conner <kev.conner@gmail.com>
Co-authored-by: Bob Callaway <bobcallaway@users.noreply.github.com>
Co-authored-by: vhash <29121316+LucasVanHaaren@users.noreply.github.com>
Co-authored-by: psibre <psibre@users.noreply.github.com>
Co-authored-by: Aqua Security automated builds <54269356+aqua-bot@users.noreply.github.com>
Co-authored-by: s-reddy1498 <41355782+s-reddy1498@users.noreply.github.com>
Co-authored-by: Squiddim <82903357+Squiddim@users.noreply.github.com>
Co-authored-by: Pierre Baumard <pierre.baumard@cnav.fr>
Co-authored-by: Lior Kaplan <lior@kaplanopensource.co.il>
Co-authored-by: amf <amf@macbook.local>
Co-authored-by: bloomadcariad <adam.bloom@cariad.us>
Co-authored-by: Sylvain Baubeau <lebauce@gmail.com>
Co-authored-by: Simar <simar@linux.com>
Co-authored-by: Marcus Meissner <meissner@suse.de>
Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch>
fhielpos pushed a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
@DmitriyLewen @knqyf263 @fhielpos
fix: logger initialization before flags parsing (aquasecurity#7372)
e9a2fd7 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knqyf263 knqyf263 knqyf263 approved these changes

@simar7 simar7 Awaiting requested review from simar7

@nikpivkin nikpivkin Awaiting requested review from nikpivkin

Assignees

@DmitriyLewen DmitriyLewen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug(log): incorrect log format for flag messages
2 participants
@DmitriyLewen @knqyf263