forked from Mirrors/fusionx
57 lines
945 B
YAML
57 lines
945 B
YAML
# Trivy configuration file
|
|
# https://aquasecurity.github.io/trivy/latest/docs/references/configuration/
|
|
|
|
# Database settings
|
|
db:
|
|
skip-update: false
|
|
|
|
# Vulnerability settings
|
|
vulnerability:
|
|
type:
|
|
- os
|
|
- library
|
|
|
|
# Severity levels to scan for
|
|
severity:
|
|
- UNKNOWN
|
|
- LOW
|
|
- MEDIUM
|
|
- HIGH
|
|
- CRITICAL
|
|
|
|
# Skip files/directories
|
|
skip-files:
|
|
- "**/*.md"
|
|
- "**/LICENSE*"
|
|
- "**/.git/**"
|
|
- "**/node_modules/**"
|
|
- "**/vendor/**"
|
|
- "**/.vscode/**"
|
|
- "**/.idea/**"
|
|
- "**/build/**"
|
|
- "**/dist/**"
|
|
- "**/cache/**"
|
|
- "**/output/**"
|
|
|
|
# Skip specific directories
|
|
skip-dirs:
|
|
- ".git"
|
|
- "node_modules"
|
|
- "vendor"
|
|
- ".vscode"
|
|
- ".idea"
|
|
- "build"
|
|
- "dist"
|
|
- "cache"
|
|
- "output"
|
|
- "frontend/build"
|
|
- "frontend/node_modules"
|
|
|
|
# For faster scanning in CI, ignore unfixed vulnerabilities
|
|
ignore-unfixed: true
|
|
|
|
# Output format (can be overridden by command line)
|
|
format: table
|
|
|
|
# Timeout settings
|
|
timeout: 5m |