I'm using the following command to scan docker images and save the result as text file in a CI/CD pipeline. We use this result file to track changes between different scans, resp. see if an updated image version fixes or adds some vulnerabilities.
The issues is that the order of the vulnerabilities is changing each time which makes it impossible to compare the results.
Reproduction steps
Run the command multiple times and compare the resulting content
Expected behavior
It is expected that the result order is consistent. We want to keep the --extended-table format as this is human readable and not use e.g. JSON output with a sorting post processing step (which could be a workaround).
Additionally a CLI option could be provided to control the sorting, but that's not a necessity.
Describe the bug
I'm using the following command to scan docker images and save the result as text file in a CI/CD pipeline. We use this result file to track changes between different scans, resp. see if an updated image version fixes or adds some vulnerabilities.
Current behavior
The issues is that the order of the vulnerabilities is changing each time which makes it impossible to compare the results.
Reproduction steps
Run the command multiple times and compare the resulting content
Expected behavior
It is expected that the result order is consistent. We want to keep the
--extended-table
format as this is human readable and not use e.g. JSON output with a sorting post processing step (which could be a workaround).Additionally a CLI option could be provided to control the sorting, but that's not a necessity.
JFrog CLI version
2.55.0
Operating system type and version
Docker Image, Linux
JFrog Artifactory version
No response
JFrog Xray version
3.87.8