Update main.yml

This commit is contained in:
Thomas Laubrock 2023-04-14 20:30:14 +02:00 committed by GitHub
parent d9dccf956c
commit b6e89757d5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -50,7 +50,7 @@ jobs:
- name: Run Aqua scanner - name: Run Aqua scanner
uses: docker://aquasec/aqua-scanner uses: docker://aquasec/aqua-scanner
with: with:
args: trivy fs -d --scanners config,vuln,secret --sast . args: trivy rootfs -d --scanners config,vuln,secret --sast .
# To customize which severities to scan for, add the following flag: --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL # To customize which severities to scan for, add the following flag: --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
# To enable SAST scanning, add: --sast # To enable SAST scanning, add: --sast
# To enable npm/dotnet non-lock file scanning, add: --package-json / --dotnet-proj # To enable npm/dotnet non-lock file scanning, add: --package-json / --dotnet-proj