You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Switch from using allowlist param to built-in .trivyignore file. Advantage: More declarative.
Fewer things in Jenkinsfile. Local trivy scans pick up allowlist as well.
findVulnerabilitiesWithTrivy code can now only parse the new one
findVulnerabilitiesWithTrivy returns the new schema
These are somewhat breaking changes, which will likely not affect anyone. So we dared to make them. Make sure to
not use allowlist, if so migrate to .trivyignore
not pin the trivyVersion, or update to trivy >= 0.20.0
if you parsed the result of findVulnerabilitiesWithTrivy make sure to migrate to new schema,
e.g. VulnerabilityID moved to .Results[].Vulnerabilities[].VulnerabilityID