Discussions

• 1 You must be logged in to vote

  🙏

  Inconsistent results between SBOM generated by syft and direct trivy image scan

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  Sinderella asked Nov 1, 2024 in Q&A · Unanswered

  

  

  1
• 2 You must be logged in to vote

  📢

  v0.57.0

  aqua-bot announced Nov 2, 2024 in Announcements

  

  

  0
• 1 You must be logged in to vote

  🐛

  Non existing --ignorefile breaks pipelines

  kind/bug Categorizes issue or PR as related to a bug.

  EdKingscote started Nov 1, 2024 in Bugs

  

  

  3
• 30 You must be logged in to vote

  🙏

  DS031 is being incorrectly detected in a Dockerfile

  pdrylo asked Oct 30, 2024 in Q&A · Answered

  

  

  

  

  8
• 46 You must be logged in to vote

  💡

  Solve once for all the TOOMANYREQUESTS issues

  nvuillam started Oct 7, 2024 in Ideas

  

  

  

  

  54
• 1 You must be logged in to vote

  📖

  How to use properly use ENVs TRIVY_DB_REPOSITORY and TRIVY_JAVA_DB_REPOSITORY for multiple locations.

  kind/documentation Categorizes issue or PR as related to documentation.

  sbirl started Nov 1, 2024 in Documentation

  

  

  2
• 2 You must be logged in to vote

  🐛

  Missing python packages

  kind/bug Categorizes issue or PR as related to a bug.

  javierfreire started Oct 31, 2024 in Bugs · Closed

  

  

  1
• 2 You must be logged in to vote

  👨‍💻

  Prepare for v0.57.0

  knqyf263 started Oct 29, 2024 in Development

  

  

  0
• 1 You must be logged in to vote

  💡

  Add support for multiple architecture manifests in an image scan

  kind/feature Categorizes issue or PR as related to a new feature. target/container-image Issues relating to container image scanning

  mbrancato started Nov 1, 2024 in Ideas

  

  

  0
• 37 You must be logged in to vote

  🙏

  Trivy update fails

  triage/support Indicates an issue that is a support question.

  gwitsch asked Sep 18, 2024 in Q&A · Unanswered

  

  

  

  

  48
• 1 You must be logged in to vote

  🐛

  Cannot download db for offline use since 0.56.2

  kind/bug Categorizes issue or PR as related to a bug.

  djeanprost started Oct 31, 2024 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  🐛

  unsupported attribute fork error during Trivy vm scan

  kind/bug Categorizes issue or PR as related to a bug. target/vm Issues relating to virtual machine scanning

  tmay-dg started Feb 8, 2024 in Bugs

  

  

  

  

  9
• 1 You must be logged in to vote

  🔎

  False detection of spark-core_2.12:3.4.2 as spark-core_2.12:3.0.1

  Tsuesun started Oct 31, 2024 in False Detection · Closed

  

  

  1
• 1 You must be logged in to vote

  🐛

  Invalid license with the shape text:--*** generating the spdx

  kind/bug Categorizes issue or PR as related to a bug.

  javierfreire started Oct 30, 2024 in Bugs · Closed

  

  

  

  

  5
• 1 You must be logged in to vote

  💡

  Vulnerable DLL and SO files not detected

  matjawor started Oct 30, 2024 in Ideas

  

  

  2
• 2 You must be logged in to vote

  🐛

  0.56.0 init error: DB error: Java DB error: OCI artifact error: failed to download Java DB from any source

  kind/bug Categorizes issue or PR as related to a bug.

  grubjack started Oct 3, 2024 in Bugs · Closed

  

  

  0
• 1 You must be logged in to vote

  🐛

  License exceptions with a plus sign

  kind/bug Categorizes issue or PR as related to a bug.

  javierfreire started Oct 30, 2024 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  🙏

  Inline comment ignore for Dockerfile misconfig checks

  kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning

  tstraley asked Oct 30, 2024 in Q&A · Answered

  

  

  1
• 2 You must be logged in to vote

  🔎

  Latest checks database failing for valid Dockerfiles: Secrets passed via build-args or envs or copied secret files

  peetw started Oct 30, 2024 in False Detection · Closed

  

  

  1
• 1 You must be logged in to vote

  🔎

  Misconfig ds031 Dockerfile check reports many matches when only one exists

  tstraley started Oct 30, 2024 in False Detection · Closed

  

  

  1
• 6 You must be logged in to vote

  🔎

  AVD-DS-0031 (leaked secrets) wrongly check fails for every Dockerfile

  pjungermann started Oct 30, 2024 in False Detection · Closed

  

  

  

  

  4
• 1 You must be logged in to vote

  🐛

  Trivy Dockerfile scanning is reporting multiple instances of DS031 on a near empty Doclerfile

  kind/bug Categorizes issue or PR as related to a bug.

  isuftin started Oct 30, 2024 in Bugs · Closed

  

  

  2
• 1 You must be logged in to vote

  🔎

  Empty dockerfile reports Critical Vulernability

  irbull started Oct 30, 2024 in False Detection · Closed

  

  

  2
• 1 You must be logged in to vote

  📖

  How to download the trivy-checks

  kind/documentation Categorizes issue or PR as related to documentation.

  huntermcd started Oct 15, 2024 in Documentation

  

  

  

  

  4
• 1 You must be logged in to vote

  🐛

  Duplicate SBOM packages in a file scan

  kind/bug Categorizes issue or PR as related to a bug.

  goneall started Oct 25, 2024 in Bugs · Closed

  

  

  9