aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: support for YAML ignore file

Browse Source 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
This commit is contained in:
Nikita Pivkin
2026-02-20 18:04:32 +06:00
parent c1824fd6ed
commit 6476b939ea
8 changed files with 386 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+1 -1
View File
@@ -886,7 +886,7 @@ Following inputs can be used as `step.with` keys:
| `hide-progress` | String | `false` | Suppress progress bar and log output |
| `list-all-pkgs` | String | | Output all packages regardless of vulnerability |
| `scanners` | String | `vuln,secret` | comma-separated list of what security issues to detect (`vuln`,`secret`,`misconfig`,`license`) |
| `trivyignores` | String | | comma-separated list of relative paths in repository to one or more `.trivyignore` files |
| `trivyignores` | String | | comma-separated list of relative paths in repository to one or more `.trivyignore` or `.trivyignore.yaml` files. |
| `trivy-config` | String | | Path to trivy.yaml config |
| `github-pat` | String | | Authentication token to enable sending SBOM scan results to GitHub Dependency Graph. Can be either a GitHub Personal Access Token (PAT) or GITHUB_TOKEN |
| `limit-severities-for-sarif` | Boolean | false | By default *SARIF* format enforces output of all vulnerabilities regardless of configured severities. To override this behavior set this parameter to **true** |