description | title | layout | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
OSV-Scanner is an open-source tool created by Google to detect vulnerabilities in projects by scanning dependencies against the OSV database. |
Trunk | How to run OSV-Scanner |
|
OSV-Scanner is a linter for Security.
You can enable the OSV-Scanner linter with:
trunk check enable osv-scanner
OSV-Scanner will be auto-enabled if any Lockfile files are present.
OSV-Scanner supports the following config files:
osv-scanner.toml
You can move these files to .trunk/configs
and trunk check
will still find them. See Moving Linter Configs for more info.
- OSV-Scanner site
- OSV-Scanner Trunk Check integration source
- Trunk Check's open source plugins repo