Skip to content

Commit

Permalink
added .trivyignore file
Browse files Browse the repository at this point in the history
  • Loading branch information
@agg3fe
agg3fe committed Jul 18, 2024
1 parent b6add49 commit 1705d51
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ jobs:
format: "sarif"
output: "trivy-results1.sarif"
severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
args: "--ignorefile .trivyignore"
# ignore-unfixed: true
hide-progress: false
vuln-type: "os,library"
Expand Down Expand Up @@ -88,6 +89,7 @@ jobs:
format: "sarif"
output: "trivy-results-discovery-finder.sarif"
severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
args: "--ignorefile .trivyignore"
# ignore-unfixed: true
hide-progress: false
exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
Expand Down
24 changes: 24 additions & 0 deletions .trivyignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
###############################################################
# Copyright (c) 2024 Robert Bosch Manufacturing Solutions GmbH
# Copyright (c) 2024 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
###############################################################

# List of false positives

# List of resolved findings
CVE-2024-34750

0 comments on commit 1705d51

Please sign in to comment.