-
**What steps did you take and what happened:**
Installed trivy-operator 0.22.0 with helm chart version 0.24.1 with the following set in my values.yaml (copy-pasted and uncommented from the [chart's…
-
### Feature id and version
ghcr.io/devcontainers-contrib/features/trivy:1.0.9
### Devcontainer base Image
mcr.microsoft.com/devcontainers/python:latest
### What happened?
Apparently resolved two …
-
Hello,
I think there are various errors when validating a CycloneDX format in version 1.6.
## Requirements:
```
$ trivy --version
Version: 0.56.1
[...]
$ cyclonedx-cli --version
0.27.1+6c0e6c8f45d4…
-
**What steps did you take and what happened:**
We've been trying to understand why the `report.artifact.digest` value doesn't match the actual image digest.
After digging a bit through the code,…
-
Starting today, the job fails with:
```
Bad request - jaxxstorm/action-install-gh-release@v1.10.0 is not allowed to be used in xxx/yyy.
Actions in this workflow must be: within a repository owned b…
-
We have a few options within the misconfiguration scanner that aren't used they are as below:
1. `combined` https://github.com/aquasecurity/trivy/blob/39c80248bcafd296e0bb6712113da3abe70e4ce2/pkg/i…
-
### Feature id and version
ghcr.io/devcontainers-contrib/features/trivy:1
### Devcontainer base Image
mcr.microsoft.com/devcontainers/base:jammy
### What happened?
Trying to install Tri…
-
For the Trivy to evaluate Python, it needs to find a `site-packages` directory.
-
## Description
csaf-poc/csaf_distribution has been moved to https://github.com/gocsaf/csaf. Our go.mod should be updated.
https://github.com/aquasecurity/trivy/blob/63dd3d65a32296eee529c41c41f3221e2…
-
Need to check if 'Checkout of code' or 'creating Jar' steps are required in Trivy scan in all four application.
E.g. https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/main/.github/workflows…