Closed skuethe closed 2 weeks ago
Damn. Might have to automate a monthly build or something…
Just saw your build - thanks! :)
$ trivy image --severity CRITICAL --ignore-unfixed docker.io/sqitch/sqitch:v1.4.1.2
2024-08-29T16:17:41.943+0200 INFO Need to update DB
2024-08-29T16:17:41.944+0200 INFO DB Repository: ghcr.io/aquasecurity/trivy-db:2
2024-08-29T16:17:41.944+0200 INFO Downloading DB...
52.44 MiB / 52.44 MiB [---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 12.60 MiB p/s 4.4s
2024-08-29T16:17:46.884+0200 INFO Vulnerability scanning is enabled
2024-08-29T16:17:46.884+0200 INFO Secret scanning is enabled
2024-08-29T16:17:46.884+0200 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-29T16:17:46.884+0200 INFO Please see also https://aquasecurity.github.io/trivy/v0.50/docs/scanner/secret/#recommendation for faster secret detection
2024-08-29T16:17:52.562+0200 INFO Detected OS: debian
2024-08-29T16:17:52.562+0200 INFO Detecting Debian vulnerabilities...
2024-08-29T16:17:52.588+0200 INFO Number of language-specific files: 0
docker.io/sqitch/sqitch:v1.4.1.2 (debian 12.6)
Total: 0 (CRITICAL: 0)
Hi there,
similar issue as #66 Could you again create a new release to fix the CVE?
Thanks!