Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
23.1k
stars
2.28k
forks
source link
bug(scan): `--file-patterns` doesn't work for some `post-analyzers` #6962
Open
DmitriyLewen opened 3 months ago
Description
In most
post-analyzers
we userequired
function inPostAnalyze
. https://github.com/aquasecurity/trivy/blob/3eecfc6b6e1d6cef1497f7ff0044e676da159243/pkg/fanal/analyzer/language/nodejs/npm/npm.go#L49-L51 But we don't have info aboutfile-patterns
inPostAnalyze
function. That is why--file-patterns
flag may not work.We need to update our logic to take into account
file-patterns
forPostAnalyze
Related Issue
6946