-
QuestionHey 👋🏻 The new feature, with v0.51.0, of detecting vulnerabilities in Go's standard packages is really nice! Thanks for implementing it. However, I've a concern that it might inflate the number of vulnerabilities detected in Go binaries, specially because it's mentioned that:
Some questions:
Thanks! TargetContainer Image ScannerVulnerability Output FormatNone ModeNone Operating SystemNo response VersionVersion: 0.51.0 |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
No. You need to use .trivyignore.
Trivy doesn't detect all possible vulnerabilities, like toolchain vulnerabilities. It detects stdlib vulnerabilities. |
Beta Was this translation helpful? Give feedback.
No. You need to use .trivyignore.
go version -m
doesn't show the standard package names. It shows 3rd party module names, though.Trivy doesn't detect all possible vulnerabilities, like toolchain vulnerabilities. It detects stdlib vulnerab…