diff --git a/README.md b/README.md index 3c9e9aa..ee0b383 100644 --- a/README.md +++ b/README.md @@ -886,7 +886,7 @@ Following inputs can be used as `step.with` keys: | `hide-progress` | String | `false` | Suppress progress bar and log output | | `list-all-pkgs` | String | | Output all packages regardless of vulnerability | | `scanners` | String | `vuln,secret` | comma-separated list of what security issues to detect (`vuln`,`secret`,`misconfig`,`license`) | -| `trivyignores` | String | | comma-separated list of relative paths in repository to one or more `.trivyignore` or `.trivyignore.yaml` files. | +| `trivyignores` | String | | comma-separated list of relative paths within the repository to one or more `.trivyignore` files, or a single `.trivyignore.yaml` file. | | `trivy-config` | String | | Path to trivy.yaml config | | `github-pat` | String | | Authentication token to enable sending SBOM scan results to GitHub Dependency Graph. Can be either a GitHub Personal Access Token (PAT) or GITHUB_TOKEN | | `limit-severities-for-sarif` | Boolean | false | By default *SARIF* format enforces output of all vulnerabilities regardless of configured severities. To override this behavior set this parameter to **true** | diff --git a/action.yaml b/action.yaml index 8325960..62d784c 100644 --- a/action.yaml +++ b/action.yaml @@ -77,7 +77,7 @@ inputs: required: false default: '' trivyignores: - description: 'comma-separated list of relative paths in repository to one or more .trivyignore files' + description: 'comma-separated list of relative paths within the repository to one or more .trivyignore files, or a single .trivyignore.yaml file.' required: false default: '' github-pat: