Trivy
Last updated
Last updated
is a linter for Security.
You can enable the Trivy linter with:
Trivy will be auto-enabled if any of its config files are present: trivy.yaml, .trivyignore, .trivyignore.yaml.
Trivy supports the following config files:
trivy.yaml
.trivyignore
.trivyignore.yaml
trivy-secret.yaml
Trivy has the following subcommands:
config
fx-vuln
fs-secret
To enable/disable these, add the subcommands you want enabled in your .trunk/trunk.yaml as such:
You can move these files to .trunk/configs and trunk check will still find them. See for more info.
Runs trivy config ()to scan for misconfigurations in infrastructure-as-code files. Enabled by default
Runs trivy fs --scanners vuln () to scan for security vulnerabilities. Disabled by default.
Runs trivy fs --scanners secret () to scan for secrets. Disabled by default.
Trivy Trunk Code Quality
Trunk Code Quality's
