-
[copa](https://github.com/project-copacetic/copacetic) is a CLI tool written in Go and based on buildkit that can be used to directly patch container images given the vulnerability scanning results fr…
-
Hello,
I think there are various errors when validating a CycloneDX format in version 1.6.
## Requirements:
```
$ trivy --version
Version: 0.56.1
[...]
$ cyclonedx-cli --version
0.27.1+6c0e6c8f45d4…
-
### Current Behavior
I created a new project and imported an SBOM of an old version of debian-slim. Trivy reports vulnerabilities but dependencyTrack doesn't. I created a Sonatype OSS account and con…
-
Before the last release we could reset the caches by passing an environment variable like:
```
- name: Remove all caches and database of the trivy scanner
uses: aquasecurity/trivy-a…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/7778
Originally posted by **prezha** October 23, 2024
### Description
i think i found a bug in trivy that is causing a `fi…
-
Any time a component is updated is should be subject to a Trivy scan to ensure that no issues are being introduced.
Can likely leverage: https://github.com/aquasecurity/trivy-action
-
As a CSP, I want to continuously scan my container infrastructure for security weaknesses so that I can prevent security gaps in my Kubernetes clusters.
This issue focusses on the **Trivy Operator*…
-
It would be great to scan the whole rootfs of the node (excluding common CRI directories like `/var/lib/containerd`).
This would scan for vulns in systemd, kubeadm, kubelet, ... and any binary loca…
-
Reproduce steps:
1. deploy Harbor with this offline build: https://storage.googleapis.com/harbor-builds/harbor-offline-installer-latest.tgz
2. create replication endpoint DockerHub and create a pull…
zyyw updated
5 months ago
-
### Proposal
Jenkins CI/CD pipeline graph - similar to what GitGraph currently does except:
1. different icons
2. Jenkins parallel stages need to be vertically aligned, whereas GitGraph has com…