invisibleninja06
commented
6 months ago Just confirming that i also am experiencing the same behavior. trivy 0.49.1 vs code 1.86.2
No mention of my .trivyignore file in the debug logs
Open gmeans opened 7 months ago
invisibleninja06
commented
6 months ago Just confirming that i also am experiencing the same behavior. trivy 0.49.1 vs code 1.86.2
No mention of my .trivyignore file in the debug logs
maritiren
commented
2 months ago I am experiencing the same. I am using a workspace of several repos where each has a trivyignore file.
version 0.52.2
No mentions of trivyignore here either.
acdha
commented
1 month ago We use things like Terraform modules which have embedded examples which Trivy will flag as security issues even though they're not used or referenced by our code in any way. Our CLI usage uses a trivy.yaml file (along with a .trivyignore file) which I was hoping to be able to configure the extension to use as well.
The extension doesn't seem to find a
.trivyignorefile in the root of the workspace. If I run the extension with DEBUG enabled I don't see a mention that it found the.trivyignore.However if I run the command in the terminal for the same location, it behaves as expected.