trivy
https://github.com/aquasecurity/trivy
Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Go not yet supported6 Subscribers
Add a CodeTriage badge to trivy
Help out
- Issues
- feat(sbom): Add support for CycloneDX 1.7 specification
- feat(alinux): add support for Alibaba Cloud Linux
- feat(purl): add checksum qualifier when package digest is set
- docs: improve guidance for cache lock errors in parallel runs
- bug(k8s): RKE2 commands contain audits referencing incorrect paths
- Upgrade GitHub Actions for Node 24 compatibility
- chore(config): add non-root user
- bug(ansible): invalid playbook YAML causes panic
- fix(azure): improve adaptation of ARM templates to state
- bug: Trivy doesnt remove duplicate `Packages` received from SBOM + from the `Analyzer` interface
- Docs
- Go not yet supported