-
### Please describe the enhancement
Minder can currently enable code scanning for a repo, and make sure that it's continually enabled. However, understanding whether code scanning is on in a repo e…
-
Hi
Our pipeline working fine with trivy-action scanning our docker image. However, in a sudden, it started to throwing below errors. (I've masked the file name)
/xxx.sh: line 212: unexpected EO…
-
In Azure DevOps task using Trivy binary and tag "latest" it's downloading hardcoded 0.38 version. It is not latest anymore, should be fixed:
https://github.com/aquasecurity/trivy-azure-pipelines-ta…
-
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/…
-
### What kind of request is this?
Improvement of existing experience
### What is your request or suggestion?
Trivy allows you to generate an SBOM for a container image and then use the SBOM to prod…
-
With story #103 we want to have security checking to warn users before a tool installation as well as after that if a tool with critical CVEs is used/installed and if detected before installation the …
-
**What steps did you take and what happened:**
I updated docker images from 2.8.0 to 2.8.2 (all docker harbor containers).
I'm now having this error when I launch an analysis from harbor, using tr…
-
## Background
Currently, Trivy can scan Kubernetes clusters and AWS accounts. There are plans to further extend its functionalities, such as adding Azure scanning. It's essential to redefine Trivy's …
-
Following on from https://github.com/kubernetes-sigs/cluster-api/issues/9181 there may be a need in CAPI to find a good way to scan for forbidden licenses in our release artifacts - namely our control…
-
**It does not work when scan java program:**
[Select some runtime containers for vulnerability scanning]
It tell me JAR files found,Downloading the Java DB ... Unable to initialize the Java DB.…