-
**What steps did you take and what happened:**
We had a Kubernetes cluster that was recently updated to Kubernetes v1.31.0 and had Trivy Operator v0.22 already running. After the upgrade, I noticed t…
-
## Description:
sbomqs currently lacks a vulnerability scanner, which is essential for identifying potential security risks in the software components. Integrating a Trivy vulnerability scanner can…
-
### Do you have a suggestion for code improvement or tracking existing technical debt? Please describe.
We currently only scan GA LTS versions of our images as part of our security scans and CVE docu…
-
Hey,
I scanned the image with the trivy tool and got a lot of vulnerabilities. Do you intend to remove it in the near future?
[2024-06-18-nextgenhealthcare-connect-4_5_0.trivy.log](https://gith…
-
I have this step in a workflow and it works:
```yaml
- name: "Upload Trivy scan results to GitHub Security tab"
uses: github/codeql-action/upload-sarif@v3
with:
…
-
## Description
since #4786 (https://github.com/aquasecurity/trivy-kubernetes/pull/189) Trivy scan last applied configuration instead of actual Resource state.
## Reason
For scans Trivy prefers i…
-
With sth like https://github.com/marketplace/actions/container-scan ?
see if CVEs increase with new version - compare PR with main
-
[TFSec](https://github.com/aquasecurity/tfsec), which is listed as part of the terraform feature, is being deprecated/merged into their other tool, [Trivy](https://github.com/aquasecurity/trivy):
>…
-
### Description
Enable Trivy security scans for GHA workflows
### Acceptance Criteria
Follow standardized instructions, validate and close per standards
### Design Consideration/Limitations
N…
-
https://github.com/aquasecurity/trivy-action