Trivy

Main Features

• Dramatically improve the scan speed on the first run 🎉🎉 🎉 🎉 🎉🎉 🎉 🎉
  • Previous version: ~ 10 min
  • New version: ~ 10 sec (Depending on the network)

Now, you don't need to use a cache in CI/CD. You can see an example. https://github.com/aquasecurity/trivy-ci-test/commit/eb4d393a7178aea0118c6e9017269f258d6b3edf/checks?check_suite_id=311236898

New Features

• --light option
  • The lightweight DB doesn't contain vulnerability detail such as descriptions and references. Because of that, the size of the DB is smaller and the download is faster.
  • This option is useful when you don't need vulnerability details and is suitable for CI/CD. To find the additional information, you can search vulnerability details on the NVD website.
  • e.g. $ trivy --light alpine:3.10
• --download-db-only option (#172)
  • This option simply retrieves the vulnerability database without scanning.
  • Thanks to @miguelbernadi
• Enable environment variables (#220)
  • You can specify the options via environment variables
  • e.g. TRIVY_EXIT_CODE=1 trivy alpine:3.10
  • Thanks to @tboerger

Changelog

e371747 doc(README): fix missing Gitlab CI link section in ToC (#263) 514137e Merge pull request #253 from aquasecurity/remote_db 4f92d29 chore(makefile): add Makefile (#256) 8ea2e8c Add env variables for every flag (#220) d1615bc typo fixed and GitHub Profile link added (#236) 76d920e Grammar (#232) 1f07220 docs: typo correction (#252) f326beb Fixed broken link and some typos in Readme.md (#228) e04e90f add new line at eof (#249) d27eeb2 Add option to only download vulnerability database (#172) 62ea073 Enable shell autocompletion (#234) 187864a Added GitLab YML (#223) a666c4a massage rubygems version to handle platforms (#230) bda4ee0 add echo to CI gofmt step (#231) 63ed4eb Fixed Broken README links (#214)

Docker images

• docker pull docker.io/aquasec/trivy:0.2.0
• docker pull docker.io/aquasec/trivy:latest