Replies: 2 comments
-
|
Thanks for the suggestion. I'd like to see how the community responds to get a sense of how much this feature is being requested. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
That would be a nice feature for us...we have also the requirement to use regexes for version matches. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Description
When I perform vulnerability scanning with Trivy, I would like to apply the OWASP-suppressions.
For that purpose, I started implementing a small tool to convert from OWASP-suppressions' format to .trivyignore.yaml. One feature I miss in Trivy is the specification of packageUrl/purl as regexp.
An example of how it might look in a suppressions XML:
I suggest introducing a new field in .trivyignore.yaml
purl_rein regexp format to be used as an alternative topurlswhich is a string array.Target
None
Scanner
Vulnerability
Beta Was this translation helpful? Give feedback.
All reactions