-
Hello,
I am trying to use `lcov` to process a lot of coverage data from a big project.
The server I am using has 56 cores available, I am using `--parallel 12` and I see 12 `geninfo` child process…
-
Using trivy in the CICD pipeline to scan the base image, and it's throwing as vulnerable:
```
➜ ~ trivy image mcr.microsoft.com/dotnet/sdk:7.0-alpine
2023-02-24T11:00:13.910+0800 INFO Vulnerabil…
-
As noted in https://github.com/jenkins-infra/jenkins.io/pull/5940#discussion_r1091558214, when a page is removed from the repository, it's not removed from the source website www.origin.jenkins.io cac…
-
Hi guyz,
And first of all, again, thanks a lot for the job done here !
Everything is in the title : would be great to simply flag an outdated scanned image, so that we could take care of its repla…
-
## Description
We need to research existing QA integration tests to understand them and start migrating them to our repository.
Branch: 4.5
This is the list of tests wee need to investigate:
…
-
Working with trivy-operator for a couple of weeks, I already managed to propose changes that introduced bugs. And these bugs were not detected by CI and merged into main. That tells me we need better …
-
# IMPORTANT NOTE
**Updating to Guava 30.0 does not fix this security vulnerability**. The method is merely deprecated. There currently exits no fix for this vulnerability.
https://github.com/go…
-
## Description
Trivy cannot find license files in npm or nuget package.lock files in --license-full filesystem (git repo) scan.
`trivy fs --scanners license --license-full`
Response is ->
…
-
**Describe the Issue**
A continuation to ticket 1601 to add ECR Image Scanning to the Sample Container App. Due to ECR Image is not available for scanning because the problematic Container Sample App…
-
Once the SBOM (Software Bill Of Materials) is available as app resource, we need to match it against a trusted database of known vulnerabilities in Java packages.