Trivy "override" database #2261
Assignees
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
priority/backlog
Higher priority than priority/awaiting-more-evidence.
Comments
jerbia
added
the
kind/feature
|
This issue is stale because it has been labeled with inactivity. |
github-actions
bot
added
the
lifecycle/stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We would like to support the concept of an "override" database that will be used as one of Trivy's vulnerability feeds, and will actually get higher priority than all other feeds (basically - will override other feeds data if there is a conflict).
This override database will be managed as a Github repository, similar to how Trivy is managing its vulnerability feeds (file name is the vulnerability name, file contents is the vulnerability details).
Why do we need such an override database? In case there is a false-positive/false negative in one of the vulnerability feeds that Trivy is using, we will be able to use this override database to fix the problem until the maintainers of the OSS security advisor will update their source.
The text was updated successfully, but these errors were encountered: