trivy: dependency scanner
trivy
-
a depenency vulnerability scanner
-
does scan multiple sources
-
docker images
-
package.json with my client dependencies
-
gradle.lockfile with my server dependencies
-
..
-
docker pull aquasec/trivy:0.38.3 echo image scanning docker run -v /var/run/docker.sock:/var/run/docker.sock -v D:/_data/projects/freetime/.trivy-cache:/root/.cache/ aquasec/trivy:0.38.3 image traefik docker run -v /var/run/docker.sock:/var/run/docker.sock -v D:/_data/projects/freetime/.trivy-cache:/root/.cache/ aquasec/trivy:0.38.3 image postgres docker run -v /var/run/docker.sock:/var/run/docker.sock -v D:/_data/projects/freetime/.trivy-cache:/root/.cache/ aquasec/trivy:0.38.3 image freetime-ftclient echo file system scanning ./gradlew dependencies --write-locks docker run -v D:/_data/projects/freetime/ftserver:/ftserver -v D:/_data/projects/freetime/.trivy-cache:/root/.cache/ aquasec/trivy:0.38.3 fs --scanners vuln --timeout 25m /ftserver