MyShaarli

History

nodiscc 3b5923b7e1 tools/CI: scan repository with trivy security scanner (yarn.lock, composer.lock) - run scan on each push/pull request update - can be run locally using make test_trivy_repo - exit with error code 0/success when vulnerabilities are found, as not to make the workflow fail, a separate periodic run that exits with code 1 should be added in parallel - update trivy to v0.43.0 - https://github.com/aquasecurity/trivy/releases/tag/v0.43.0 - also consider TRIVY_EXIT_CODE when running trivy on the latest docker image - ref. https://github.com/shaarli/Shaarli/issues/1531	2023-06-30 23:56:09 +02:00
..
workflows	tools/CI: scan repository with trivy security scanner (yarn.lock, composer.lock)	2023-06-30 23:56:09 +02:00
mailmap	Update CHANGELOG and AUTHOR	2020-09-30 11:55:51 +02:00

tools/CI: scan repository with trivy security scanner (yarn.lock, composer.lock)

- run scan on each push/pull request update
- can be run locally using make test_trivy_repo
- exit with error code 0/success when vulnerabilities are found,  as not to make the workflow fail, a separate periodic run that exits with code 1 should be added in parallel
- update trivy to v0.43.0
- https://github.com/aquasecurity/trivy/releases/tag/v0.43.0
- also consider TRIVY_EXIT_CODE when running trivy on the latest docker image
- ref. https://github.com/shaarli/Shaarli/issues/1531

2023-06-30 23:56:09 +02:00

workflows

tools/CI: scan repository with trivy security scanner (yarn.lock, composer.lock)

2023-06-30 23:56:09 +02:00

mailmap

Update CHANGELOG and AUTHOR

2020-09-30 11:55:51 +02:00