Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

### Description #5579

Closed
1 of 2 tasks
DanielCastronovo opened this issue Nov 14, 2023 · 1 comment
Closed
1 of 2 tasks

### Description #5579

DanielCastronovo opened this issue Nov 14, 2023 · 1 comment

Comments

@DanielCastronovo
Copy link

Description

When i lauch Trivy in fs scanner, no secrets has been found.

Desired Behavior

Found AWS secrets

Actual Behavior

No secret found

Reproduction Steps

1. create a secret.sh with
 Key Id: AKIAIOSFODNN7EXAMPLE
Secret Access Key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
2. trivy fs .

Target

Filesystem

Scanner

Secret

Output Format

Table

Mode

Standalone

Debug Output

2023-11-14T16:11:39.537+0100    DEBUG   Severities: ["UNKNOWN" "LOW" "MEDIUM" "HIGH" "CRITICAL"]
2023-11-14T16:11:39.537+0100    DEBUG   Ignore statuses {"statuses": null}
2023-11-14T16:11:39.552+0100    DEBUG   cache dir:  /home/user/.cache/trivy
2023-11-14T16:11:39.552+0100    DEBUG   DB update was skipped because the local DB is the latest
2023-11-14T16:11:39.552+0100    DEBUG   DB Schema: 2, UpdatedAt: 2023-11-14 12:12:55.648130557 +0000 UTC, NextUpdate: 2023-11-14 18:12:55.648130307 +0000 UTC, DownloadedAt: 2023-11-14 12:49:10.363792751 +0000 UTC
2023-11-14T16:11:39.552+0100    INFO    Vulnerability scanning is enabled
2023-11-14T16:11:39.552+0100    DEBUG   Vulnerability type:  [os library]
2023-11-14T16:11:39.552+0100    INFO    Secret scanning is enabled
2023-11-14T16:11:39.552+0100    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-11-14T16:11:39.552+0100    INFO    Please see also https://aquasecurity.github.io/trivy/v0.47/docs/scanner/secret/#recommendation for faster secret detection
2023-11-14T16:11:39.552+0100    DEBUG   No secret config detected: trivy-secret.yaml
2023-11-14T16:11:39.552+0100    DEBUG   The nuget packages directory couldn't be found. License search disabled
2023-11-14T16:11:39.552+0100    DEBUG   Walk the file tree rooted at '.' in parallel
2023-11-14T16:11:39.579+0100    DEBUG   OS is not detected.
2023-11-14T16:11:39.579+0100    DEBUG   Detected OS: unknown
2023-11-14T16:11:39.579+0100    INFO    Number of language-specific files: 0

Operating System

Linux

Version

Version: 0.47.0
Vulnerability DB:
  Version: 2
  UpdatedAt: 2023-11-14 12:12:55.648130557 +0000 UTC
  NextUpdate: 2023-11-14 18:12:55.648130307 +0000 UTC
  DownloadedAt: 2023-11-14 12:49:10.363792751 +0000 UTC
Policy Bundle:
  Digest: sha256:1df8ade71efc830877ca3b1130f83e0c6368e3a45b0d4c0f0418955501644054
  DownloadedAt: 2023-11-14 08:46:10.514282416 +0000 UTC

Checklist

Originally posted by @DanielCastronovo in #5578
@github-actions GitHub Actions
Copy link

Please see https://aquasecurity.github.io/trivy/latest/community/contribute/issue/

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Nov 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DanielCastronovo