Summary
Add support for scanning Root.io environments in Trivy. Root.io provides security patches for Debian, Ubuntu, and Alpine-based systems with enhanced vulnerability detection using version constraint ranges instead of single fixed versions.
Background
Root.io is a security service that provides patches for vulnerabilities in three base environments:
- Debian/Ubuntu: Packages with
.root.io in version strings (e.g., 2.31-13+deb11u4.root.io)
- Alpine: Packages with
-r\d007\d patterns (e.g., -r10071, -r20072)
Unlike traditional distributions that specify single fixed versions, Root.io uses version constraint ranges (e.g., >= 1.2.0, < 2.0.0) requiring flexible version comparison with five operators: >, <, >=, <=, ==.
Use Cases
- Container image scanning with Root.io patches
- Filesystem scanning of Root.io-patched systems
- SBOM analysis for Root.io environments
Summary
Add support for scanning Root.io environments in Trivy. Root.io provides security patches for Debian, Ubuntu, and Alpine-based systems with enhanced vulnerability detection using version constraint ranges instead of single fixed versions.
Background
Root.io is a security service that provides patches for vulnerabilities in three base environments:
.root.ioin version strings (e.g.,2.31-13+deb11u4.root.io)-r\d007\dpatterns (e.g.,-r10071,-r20072)Unlike traditional distributions that specify single fixed versions, Root.io uses version constraint ranges (e.g.,
>= 1.2.0, < 2.0.0) requiring flexible version comparison with five operators:>,<,>=,<=,==.Use Cases