k1nq/TREK
1
0
Fork 0
mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-22 06:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci(security): only fail Docker Scout on fixable CVEs

Browse Source 
Add only-fixed so the scan no longer fails on vulnerabilities with no
upstream fix available (e.g. base-image OS packages), and only flags
actionable, fixable findings.
This commit is contained in:
Maurice
2026-06-15 10:21:39 +02:00
parent 127a92c8f5
commit 8d1e7dded0
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/security.yml
+1
View File
@@ -34,4 +34,5 @@ jobs:
command: cves command: cves
image: trek:scan image: trek:scan
only-severities: critical,high only-severities: critical,high
only-fixed: true
exit-code: true exit-code: true