aquasecurity trivy · Discussions · GitHub

Discussions

You must be logged in to vote

Enhancement request | | Support for PEP 723 Inline Script Metadata
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning
yna1 started Apr 1, 2025 in Ideas

2
You must be logged in to vote

Indicate if a CVE is in the CISA KEV catalog
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
kusan-reveur started May 21, 2026 in Ideas

0
You must be logged in to vote

VEX SBOM Reference pointing to a private git repository
triage/support Indicates an issue that is a support question.
rcarre asked May 19, 2026 in Q&A · Unanswered

3
You must be logged in to vote

Expose nested Terraform blocks in terraform-raw input

kuzaxak started May 20, 2026 in Ideas

0
You must be logged in to vote

IaC scan panics on google_container_cluster with unresolved variables (null cty.Value in GKE adapter)
scan/misconfiguration Issues relating to misconfiguration scanning bug
jvliet-synth started May 20, 2026 in Bugs

0
You must be logged in to vote

gitlab.tpl produces trailing comma in links array when last reference(s) fail URL regex
kind/bug Categorizes issue or PR as related to a bug.
markekibbe started May 20, 2026 in Bugs

1
You must be logged in to vote

[Java/Maven] Filesystem scan runs into 429 - Too many requests
scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning
AB-xdev asked May 18, 2026 in Q&A · Closed · Unanswered

2
You must be logged in to vote

Intermittent Installing Trivy 0.70.0
triage/support Indicates an issue that is a support question.
Ryanrek007 started May 20, 2026 in Bugs

5
You must be logged in to vote

feat: make fs cache flock timeout configurable
kind/feature Categorizes issue or PR as related to a new feature.
itayvolo started May 20, 2026 in Ideas

0
You must be logged in to vote

Document CI/CD integration with RWX
kind/documentation Categorizes issue or PR as related to documentation.
robinaugh started May 5, 2026 in Documentation

1
You must be logged in to vote

how to find packagePath while scaning docker image
scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
jainpratik163 asked May 7, 2026 in Q&A · Unanswered

10
You must be logged in to vote

oras attached VEX attestation not found by Trivy
scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
rcarre asked May 13, 2026 in Q&A · Answered

8
You must be logged in to vote

package-lock.json with invalid license array causes the whole file to be skipped
triage/support Indicates an issue that is a support question. scan/license Issues relating to license scanning
silverwind started Feb 2, 2026 in Bugs

21
You must be logged in to vote

trivy should support pom.xml written the CI friendly way with no warning
kind/bug Categorizes issue or PR as related to a bug.
itineric started May 19, 2026 in Bugs

0
You must be logged in to vote

Trivy scanner should detect Chiselled Ubuntu images and installed packages
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
rajesh-payyappilly started Apr 22, 2026 in Ideas

1
You must be logged in to vote

Add analyzer for Chisel manifests
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
zhijie-yang started Mar 29, 2025 in Ideas

8
You must be logged in to vote

GIT-0003 - force to use a deprecated argument
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
felipementel started May 18, 2026 in False Detection · Closed

1
You must be logged in to vote

Support CycloneDX 1.7 SBOMs
kind/bug Categorizes issue or PR as related to a bug.
candrews started Feb 10, 2026 in Bugs · Closed

2
You must be logged in to vote

AI code review for the Trivy repo, would the maintainers be interested?
kind/feature Categorizes issue or PR as related to a new feature.
Chhinna started May 17, 2026 in Ideas

0
You must be logged in to vote

Add support for pixi installations with pixi.lock files and pyproject.toml or pixi.toml
kind/feature Categorizes issue or PR as related to a new feature.
benglewis started Jun 5, 2024 in Ideas

8
You must be logged in to vote

VEX of OS level packages is inconsistent due to how their dependency tree is generated
kind/bug Categorizes issue or PR as related to a bug.
macedogm started May 15, 2026 in Bugs

2
You must be logged in to vote

Different result for VEX between SBOM and image scanning
kind/bug Categorizes issue or PR as related to a bug.
AugustusKling started Apr 1, 2026 in Bugs

1
You must be logged in to vote

Bug regression, file no longer in use. Prefer empty array to null CycloneDX json
kind/bug Categorizes issue or PR as related to a bug.
ctpham started May 12, 2026 in Bugs

1
You must be logged in to vote

[pom] settings.xml <servers> credentials not used when fetching parent POMs
kind/bug Categorizes issue or PR as related to a bug. triage/support Indicates an issue that is a support question.
dmajano started May 6, 2026 in Bugs · Closed

1
You must be logged in to vote

IP allow list blocks gh CLI in CI, preventing release integrity attestation
kind/bug Categorizes issue or PR as related to a bug.
633kh4ck started Mar 24, 2026 in Bugs

13