From 6be6f74d5c1a0d09af58a9fad86d1ce41b83387a Mon Sep 17 00:00:00 2001 From: mycodeself Date: Thu, 30 Jun 2022 09:33:29 +0200 Subject: [PATCH] docs(nodejs): add docs about pnpm support (#2423) --- docs/docs/index.md | 2 +- docs/docs/vulnerability/detection/language.md | 41 ++++++++++--------- docs/getting-started/overview.md | 2 +- 3 files changed, 23 insertions(+), 22 deletions(-) diff --git a/docs/docs/index.md b/docs/docs/index.md index 027bf18809ae..10348975f853 100644 --- a/docs/docs/index.md +++ b/docs/docs/index.md @@ -28,7 +28,7 @@ See [Integrations][integrations] for details. - Comprehensive vulnerability detection - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless) - - [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go) + - [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, pnpm, Cargo, NuGet, Maven, and Go) - Detect IaC misconfigurations - A wide variety of [built-in policies][builtin] are provided **out of the box**: - Kubernetes diff --git a/docs/docs/vulnerability/detection/language.md b/docs/docs/vulnerability/detection/language.md index befb349b46a6..45bd39d12c17 100644 --- a/docs/docs/vulnerability/detection/language.md +++ b/docs/docs/vulnerability/detection/language.md @@ -2,26 +2,27 @@ `Trivy` automatically detects the following files in the container and scans vulnerabilities in the application dependencies. -| Language | File | Image[^8] | Rootfs[^9] | Filesystem[^10] | Repository[^11] |Dev dependencies | -|----------|--------------------------|:---------:|:----------:|:--------------:|:--------------:|-----------------| -| Ruby | Gemfile.lock | - | - | ✅ | ✅ | included | -| | gemspec | ✅ | ✅ | - | - | included | -| Python | Pipfile.lock | - | - | ✅ | ✅ | excluded | -| | poetry.lock | - | - | ✅ | ✅ | included | -| | requirements.txt | - | - | ✅ | ✅ | included | -| | egg package[^1] | ✅ | ✅ | - | - | excluded | -| | wheel package[^2] | ✅ | ✅ | - | - | excluded | -| PHP | composer.lock | ✅ | ✅ | ✅ | ✅ | excluded | -| Node.js | package-lock.json | - | - | ✅ | ✅ | excluded | -| | yarn.lock | - | - | ✅ | ✅ | included | -| | package.json | ✅ | ✅ | - | - | excluded | -| .NET | packages.lock.json | ✅ | ✅ | ✅ | ✅ | included | -| | packages.config | ✅ | ✅ | ✅ | ✅ | excluded | -| Java | JAR/WAR/PAR/EAR[^3][^4] | ✅ | ✅ | - | - | included | -| | pom.xml[^5] | - | - | ✅ | ✅ | excluded | -| Go | Binaries built by Go[^6] | ✅ | ✅ | - | - | excluded | -| | go.mod[^7] | - | - | ✅ | ✅ | included | -| Rust | Cargo.lock | ✅ | ✅ | ✅ | ✅ | included | +| Language | File | Image[^8] | Rootfs[^9] | Filesystem[^10] | Repository[^11] | Dev dependencies | +| -------- | ------------------------ | :-------: | :--------: | :-------------: | :-------------: | ---------------- | +| Ruby | Gemfile.lock | - | - | ✅ | ✅ | included | +| | gemspec | ✅ | ✅ | - | - | included | +| Python | Pipfile.lock | - | - | ✅ | ✅ | excluded | +| | poetry.lock | - | - | ✅ | ✅ | included | +| | requirements.txt | - | - | ✅ | ✅ | included | +| | egg package[^1] | ✅ | ✅ | - | - | excluded | +| | wheel package[^2] | ✅ | ✅ | - | - | excluded | +| PHP | composer.lock | ✅ | ✅ | ✅ | ✅ | excluded | +| Node.js | package-lock.json | - | - | ✅ | ✅ | excluded | +| | yarn.lock | - | - | ✅ | ✅ | included | +| | pnpm-lock.yaml | - | - | ✅ | ✅ | excluded | +| | package.json | ✅ | ✅ | - | - | excluded | +| .NET | packages.lock.json | ✅ | ✅ | ✅ | ✅ | included | +| | packages.config | ✅ | ✅ | ✅ | ✅ | excluded | +| Java | JAR/WAR/PAR/EAR[^3][^4] | ✅ | ✅ | - | - | included | +| | pom.xml[^5] | - | - | ✅ | ✅ | excluded | +| Go | Binaries built by Go[^6] | ✅ | ✅ | - | - | excluded | +| | go.mod[^7] | - | - | ✅ | ✅ | included | +| Rust | Cargo.lock | ✅ | ✅ | ✅ | ✅ | included | The path of these files does not matter. diff --git a/docs/getting-started/overview.md b/docs/getting-started/overview.md index 416d573a464a..e73a39370161 100644 --- a/docs/getting-started/overview.md +++ b/docs/getting-started/overview.md @@ -4,7 +4,7 @@ Trivy detects three types of security issues: - [Vulnerabilities][vuln] - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless) - - [Language-specific packages][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go) + - [Language-specific packages][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, pnpm, Cargo, NuGet, Maven, and Go) - [Misconfigurations][misconf] - Kubernetes - Docker