OSV-Scanner
Last updated
Last updated
is a linter for Security.
You can enable the OSV-Scanner linter with:
OSV-Scanner will be auto-enabled if any Lockfile files are present.
OSV-Scanner supports the following config files:
osv-scanner.toml
You can move these files to .trunk/configs
and trunk check
will still find them. See for more info.
Moving osv-scanner.toml
to .trunk/configs
can cause issues because osv-scanner.toml
is only applied to projects in the root folder by default. This can cause issues with any projects in subfolders, such as in a multi-module repository.
To properly configure OSV scanner if you decide to move its config file, you can specify the path to osv-scanner.toml
using the --config
flag.
Example override to add to trunk.yaml
:
OSV-Scanner Trunk Code Quality
Trunk Code Quality's