Skip to content

Merge pull request #61 from djerfy/dependabot/github_actions/docker/b… #172

Merge pull request #61 from djerfy/dependabot/github_actions/docker/b…

Merge pull request #61 from djerfy/dependabot/github_actions/docker/b… #172

name: Trivy Scan Code
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
on:
push:
jobs:
trivy-code-scan:
name: Vulnerability Scanner
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'table'
ignore-unfixed: 'false'
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'