Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Trivy Action is ignore the option severity #1802

Closed
3 tasks done
tschaffter opened this issue Jul 18, 2023 · 0 comments · Fixed by #1803
Closed
3 tasks done

[Bug] Trivy Action is ignore the option severity #1802

tschaffter opened this issue Jul 18, 2023 · 0 comments · Fixed by #1803
Assignees
@tschaffter
Labels
bug Something isn't working security

Comments

@tschaffter
Copy link
Member

Is there an existing issue for this?

  • I have searched the existing issues

What projects are you seeing the problem on?

No response

Current behavior

  • The workflow that scans images should only publish CRITICAL and HIGH vulnerabilities
  • The workflow that scans the Git repo should only publish CRITICAL vulnerabilities

However the GitHub Security tab received reports for MEDIUM and LOW vulnerabilities

This may be because of this issue. A potential solution is described here.

Expected behavior

No response

Anything else?

No response

Commit ID

194b180

Are you developing inside the dev container?

  • I am using the dev container

Code of Conduct

  • I agree to follow this project's Code of Conduct
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tschaffter tschaffter

Labels
bug Something isn't working security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Trivy Action is ignore the option severity tschaffter/sage-monorepo
1 participant
@tschaffter