aquasecurity trivy Ideas Discussions
Pinned Discussions
Ideas Discussions
Share ideas for new features
-
You must be logged in to vote Support of SPDX specification 3.0
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Using a dependency graph to evaluate Terraform configuration in static analysis
kind/featureCategorizes issue or PR as related to a new feature. scan/misconfigurationIssues relating to misconfiguration scanning -
You must be logged in to vote detect container image liberica-runtime-container
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Add
kind/featurepartialFingerprintsto SARIF output to aid de-duplicationCategorizes issue or PR as related to a new feature. scan/misconfigurationIssues relating to misconfiguration scanning target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote Enhance
kind/feature--traceflag to support HTTP request/response tracing alongside Rego policy tracingCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Support buildkit SBOM scanning protocol
kind/featureCategorizes issue or PR as related to a new feature. target/container-imageIssues relating to container image scanning -
You must be logged in to vote Can we get vuln-type filtering for licenses as well?
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Support scanning CycloneDX SBOMs with SHA-512 hashes.
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Include fingerprints in SARIF output
kind/featureCategorizes issue or PR as related to a new feature. lifecycle/staleDenotes an issue or PR has remained open with no activity and will be auto-closed. -
You must be logged in to vote Add "via" hierarchy to Sarif output
kind/featureCategorizes issue or PR as related to a new feature. scan/misconfigurationIssues relating to misconfiguration scanning target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote fix(license): Incorrect license suppression for combined licenses with --ignored-licenses
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Option to disable token retrieval for gcr.io images.
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote Support trivy version --server to return server version and vulnerability DB metadata
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Add license scanning for Ruby filesystem
kind/featureCategorizes issue or PR as related to a new feature. target/filesystemIssues relating to filesystem scanning scan/licenseIssues relating to license scanning -
You must be logged in to vote Support environment variables in Maven settings.xml
kind/featureCategorizes issue or PR as related to a new feature. target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote priorityClassName
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote feat: Allow Trivy server to customize the database reload interval
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote Use EUVD database
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote OS package detection for Wolfi apks fails on recent Wolfi images
kind/featureCategorizes issue or PR as related to a new feature. -
You must be logged in to vote Prevent storing secrets in state by flagging these and where possible suggest solutions like ephemeral resources over data sources and write-only attributes over normal attributes
kind/featureCategorizes issue or PR as related to a new feature. scan/secretIssues relating to secret scanning target/cloudIssues relating to cloud account scanning -
You must be logged in to vote Add check to nudge GKE Node Pool to use OSLogin
kind/featureCategorizes issue or PR as related to a new feature. scan/misconfigurationIssues relating to misconfiguration scanning target/kubernetesIssues relating to kubernetes cluster scanning -
You must be logged in to vote Support ostree based ditribution
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote New check for Amazon S3 lifecycle rules if versioning is enabled
kind/featureCategorizes issue or PR as related to a new feature. scan/misconfigurationIssues relating to misconfiguration scanning target/cloudIssues relating to cloud account scanning -
You must be logged in to vote "CVE-2024-40635"
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote Add some (optional) warning about unused ignored vulnerabilities
kind/featureCategorizes issue or PR as related to a new feature.
