search

goharbor / harbor

An open source trusted cloud native registry project that stores, signs, and scans content.
https://goharbor.io
Apache License 2.0
24.2k stars 4.77k forks source link

Add vulnerability db details in scan result #17015

Open Dentrax opened 2 years ago

Dentrax commented 2 years ago

Is your feature request related to a problem? Please describe. Vulnerability scan result popup does not have a db version. Having just Trivy or Grype app version may not give rich information for us.

Describe the solution you'd like

We @developer-guy thought that it would be great to add scanner DB version/date next to Trivy@v0.24.2 text.

Trivy uses: https://github.com/aquasecurity/trivy-db/releases Grype uses: https://toolbox-data.anchore.io/grype/databases

Screen Shot 2022-06-16 at 13 35 57

Describe the main design/architecture of your solution -

Describe the development plan you've considered -

Additional context -

Should we add this information in the adapters? @danielpacak @zhill

Waiting your thoughts!

zyyw commented 2 years ago

please navigate to Interrogation Services page and then expand Trivy for more details.

Dentrax commented 2 years ago

I think we can't check Interrogation Services at https://demo.goharbor.io since it's only visible to admins?