Add ability to see that Trivy doesn't support detecting vulnerabilities in the found OS for json
format
#6971
DmitriyLewen
started this conversation in
Ideas
Replies: 2 comments
-
We need a "supported" flag both for SBOM and vulnerabilities. |
Beta Was this translation helpful? Give feedback.
0 replies
-
Any chance it will be available in the next release? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Trivy shows information about unsupported OS only in log message (e.g.
2024-05-04T08:27:07Z WARN Unsupported os family="fedora"
).But if log is supressed (
--quiet
flag) - users don't have option to understand that Trivy doesn't support detecting vulnerabilities in the found OS.As solution we can add new
bool
field (e.g.vulnScanningSupported
) into OS struct.Or we can use
string
field (supported
,unsupported
anddisabled
) to avoid confusing users when vuln vulnerability scanning is disabled.Target
Container Image
Scanner
Vulnerability
Beta Was this translation helpful? Give feedback.
All reactions