-
SNYK
https://docs.snyk.io/products/snyk-code/cli-for-snyk-code/working-with-the-snyk-code-cli-results/exporting-the-test-results-to-a-json-or-sarif-file
TRIVY
https://aquasecurity.github.io/tri…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/6260
Originally posted by **vintury** March 4, 2024
### Description
When the flag '--timeout' is use the scan don't finis…
-
## ➹ New Feature implementation request
### Is your feature request related to a problem?
When we invoke a scan, e.g. Trivy image scan, we pass an `image:tag` to the scanner as a parameter:
htt…
-
## Description
`Buildx` supports creating OCI images - https://docs.docker.com/build/exporters/oci-docker/
By default, images are compressed into `tar` archives.
So we need to add support for scann…
-
### Is your feature request related to a problem? Please describe.
Currently Zarf uses a generic `application/vnd.zarf.layer.v1.blob` to describe every layer in the OCI manifest. This is confusing …
-
To provide the best experience for end users this repository should maintain a high security posture. CVEs should be responded to in a timely manner once notified or made public. Many end users also u…
-
Trivy Vulnerability Scan failed.
URL: https://github.com/pulibrary/dpul-collections/actions/runs/11518726270
Output:
```
```
-
Hello, we have a few questions related to how harbor full scanning.
We have more than 57K images and the global scan is taking more than 12 hours to complete.
In our configuration, we've 450 job ser…
-
As explained in [this discussion](https://github.com/aquasecurity/trivy/discussions/3981), it's not currently possible to run `Trivy >= 0.38.0` in an offline environment without pre-fetching the `java…
-
Hi, can you please add support to specify tfvars in Terraform scanning, similar to the CLI?
CLI example:
`trivy config . --tf-vars ./envs/xxx.tfvars`