simar7
simar7
We currently don't support line numbers in these results. PRs welcome.
@DanRigby I'm not sure whose the right person to ask but is it possible if we could approve and merge this if it looks good to the team?
Maybe I'm misunderstanding something here but running trivy twice in the same pipeline job doesn't request a DB twice, does it?
@VictorDelCampo thanks for the question, we will get back to you on this.
Looks like we will need to add this in as a feature for Trivy-action as currently there's no possible way from the action to clear the cache.
> How can someone use trivy for *.tofu files that contain terraform currently/now then? We currently don't support OpenTofu in Trivy. This PR aims to address that.
> ## `--misconfig-scanners` > Currently, there are two approaches in my mind > > 1. **Alias to `--enable-analyzer` and `--disable-analyzer`** > For example, using `--misconfig-scanners cloudformation` would effectively be an...
> Automatically enabling the misconfig scanner when running --scanners vuln --enable-analyzer terraform could be a good idea. Actually now that you point it out, I think this may introduce an...
> Hey [@afdesk](https://github.com/afdesk) - so we only have `trivy-checks:0` in our ECR right now - we will mirror the latest 'tag' (it's not clear to me what your cadence for...
PR's welcome!