simar7
simar7
This is part of a bigger discussion as to if Trivy should support on a global scanner level or not as seen here: https://github.com/aquasecurity/trivy/discussions/4184 ### Discussed in https://github.com/aquasecurity/trivy/discussions/7419 Originally posted...
As announced here https://github.com/aquasecurity/trivy/discussions/7439 we've already migrated the checks from Go to Rego so there's no longer a need to keep the Go ones around. They've already been marked as...
### Discussed in https://github.com/aquasecurity/trivy/discussions/7597 Originally posted by **itaysk** September 25, 2024 ### Description the table format of misconfiguration scanner doesn't show the ID of each finding, which makes it hard...
## Description Until a release happens (unclear when), we can cherry pick the commit that will include our changes upstream. ## Changes desired - https://github.com/open-policy-agent/opa/commit/7cd3fecae72d42bd77318dd9498f77e0d71cc18a - https://github.com/open-policy-agent/opa/commit/76f7038ea2d18f7d543950847260e61e6a80faaf ## Checklist -...
### Discussed in https://github.com/aquasecurity/trivy/discussions/6179 Originally posted by **matej-kaska** February 21, 2024 ### Question Hello, I've encountered an issue where Trivy doesn't seem to detect any misconfigurations in my docker-compose.yml file...
### Discussed in https://github.com/aquasecurity/trivy/discussions/8751 Originally posted by **simar7** April 17, 2025 We should also be able to parse the following: ## Check for specific Policy ARNs ```terraform # Provider configuration...
Annotations in Kubernetes are widely used across many different resources. As seen in https://github.com/aquasecurity/trivy-checks/pull/374 they can be misused. We can write a check that checks all resources and their annotations...
### Discussed in https://github.com/aquasecurity/trivy/discussions/8726 Originally posted by **creste** April 11, 2025 ### IDs AVD-KSV-0033 AVD-KSV-0035 ### Description With this job: ``` apiVersion: batch/v1 kind: Job metadata: name: test namespace: test...
## Description Today trivy supports the ability to load any check, regardless of whether or not it has the ability to actually run it. This is the case for those...
### Discussed in https://github.com/aquasecurity/trivy/discussions/8420 Originally posted by **martinclaus** February 19, 2025 ### Description In an CI Job, I am creating a single trivy misconfiguration scan report in JSON Format and...