Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support non-packaged binaries #2986

Closed
knqyf263 opened this issue Oct 2, 2022 · 0 comments · Fixed by #3019
Closed

Support non-packaged binaries #2986

knqyf263 opened this issue Oct 2, 2022 · 0 comments · Fixed by #3019
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. scan/sbom Issues relating to SBOM
Projects
Roadmap
Milestone
v0.33.0

Comments

@knqyf263
Copy link
Collaborator

knqyf263 commented Oct 2, 2022

Description

Trivy is currently able to discover SBOM attestation in Rekor by a digest of container images. It can be extended to non-packaged binaries. Trivy calculates a digest of binaries, searches for the SBOM attestation in Rekor and scans it for vulnerabilities.

Related
@knqyf263 knqyf263 added kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. scan/sbom Issues relating to SBOM labels Oct 2, 2022
@knqyf263 knqyf263 added this to the v0.33.0 milestone Oct 2, 2022
@knqyf263 knqyf263 added this to In Progress in Roadmap Oct 2, 2022
@knqyf263 knqyf263 mentioned this issue Oct 13, 2022
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. scan/sbom Issues relating to SBOM
Projects
No open projects
Roadmap
In Progress
Milestone
v0.33.0
Development

Successfully merging a pull request may close this issue.

feat(vuln): support non-packaged binaries aquasecurity/trivy
1 participant
@knqyf263