Open pravindahal opened 3 months ago
For trivy scan:
For this, two different ways of invoking trivy scan should be available and configurable.
As of https://github.com/coopnorge/github-workflow-supply-chain-security-validation/pull/87, only the latter is supported even though it is used in PRs everywhere.
potentially related: https://github.com/coopnorge/github-workflow-supply-chain-security-validation/issues/90
AtzeDeVries
commented
3 months ago AtzeDeVries
commented
3 months ago
For trivy scan:
For this, two different ways of invoking trivy scan should be available and configurable.
As of https://github.com/coopnorge/github-workflow-supply-chain-security-validation/pull/87, only the latter is supported even though it is used in PRs everywhere.